Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/613ee1-cf44-4601-b442-22c3dca13cf2/1/stC61sOedsoSINR65bY2_kcf1sM.roa
File: stC61sOedsoSINR65bY2_kcf1sM.roa (raw, json)
Hash identifier: qNq//nyBD92kkMpXP5fJO6OfkjTQXDaO+/slLPSU6z4=
Subject key identifier: B2:D0:BA:D6:C3:9E:76:CA:12:20:D4:7A:E5:B6:36:FE:47:1F:D6:C3
Certificate issuer: /CN=27b87024db1c69a2d3b972487e50c1976c3f4545
Certificate serial: 019CE6FD60CF2807716277F03F5C1A8B8909
Authority key identifier: 27:B8:70:24:DB:1C:69:A2:D3:B9:72:48:7E:50:C1:97:6C:3F:45:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J7hwJNscaaLTuXJIflDBl2w_RUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/613ee1-cf44-4601-b442-22c3dca13cf2/1/stC61sOedsoSINR65bY2_kcf1sM.roa
Signing time: Fri 13 Mar 2026 11:38:10 +0000
ROA not before: Fri 13 Mar 2026 11:38:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41030
IP address blocks: 31.134.216.0/24 maxlen: 24
31.134.217.0/24 maxlen: 24
31.134.218.0/24 maxlen: 24
31.134.219.0/24 maxlen: 24
31.134.220.0/24 maxlen: 24
31.134.221.0/24 maxlen: 24
31.134.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/613ee1-cf44-4601-b442-22c3dca13cf2/1/J7hwJNscaaLTuXJIflDBl2w_RUU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/613ee1-cf44-4601-b442-22c3dca13cf2/1/J7hwJNscaaLTuXJIflDBl2w_RUU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J7hwJNscaaLTuXJIflDBl2w_RUU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:fd:60:cf:28:07:71:62:77:f0:3f:5c:1a:8b:89:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27b87024db1c69a2d3b972487e50c1976c3f4545
Validity
Not Before: Mar 13 11:38:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b2d0bad6c39e76ca1220d47ae5b636fe471fd6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:49:40:51:db:8f:52:35:1f:4f:de:63:cd:bc:
34:26:40:f8:f5:d7:81:d9:a7:66:1a:3c:11:9b:1f:
d7:a7:7b:e7:01:a2:ac:63:a0:5a:a3:30:9d:af:4d:
e2:4e:92:1e:bf:60:f9:10:58:d7:0e:a7:1e:da:22:
db:fc:54:d6:d2:f8:eb:22:01:05:42:cb:2b:92:0a:
10:cb:74:64:6e:48:03:57:e0:30:3e:b2:fe:3e:b0:
0c:e7:81:cc:80:af:84:7e:46:98:bf:91:f8:fc:55:
f5:d1:74:02:bc:10:70:9a:14:5d:0e:83:4a:a4:37:
7c:5a:50:e7:ec:e3:79:08:a4:12:6b:15:cb:65:28:
26:7e:bf:80:dd:f6:14:64:66:a8:86:22:e5:f5:d5:
c4:11:ef:7c:cb:93:6c:1b:7c:c5:81:95:d7:63:ad:
63:2a:99:7d:09:8d:fe:82:5b:46:a8:ea:ab:f8:c8:
47:d4:33:09:cd:f5:b7:90:52:a2:5a:0b:0d:72:ed:
10:3a:14:95:bf:99:01:b2:f1:33:b7:58:96:f7:d1:
9d:09:3b:f7:42:4d:2f:6d:1e:43:2c:4b:a3:25:f8:
04:47:e6:c8:fb:8b:1a:85:f7:ac:9a:d9:3c:6c:75:
ff:58:1e:54:6b:da:0a:39:f4:a6:fc:32:b8:c5:de:
5b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D0:BA:D6:C3:9E:76:CA:12:20:D4:7A:E5:B6:36:FE:47:1F:D6:C3
X509v3 Authority Key Identifier:
keyid:27:B8:70:24:DB:1C:69:A2:D3:B9:72:48:7E:50:C1:97:6C:3F:45:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J7hwJNscaaLTuXJIflDBl2w_RUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/613ee1-cf44-4601-b442-22c3dca13cf2/1/stC61sOedsoSINR65bY2_kcf1sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/613ee1-cf44-4601-b442-22c3dca13cf2/1/J7hwJNscaaLTuXJIflDBl2w_RUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.216.0-31.134.222.255
Signature Algorithm: sha256WithRSAEncryption
73:97:b7:f3:69:0b:fe:bf:4c:49:cf:9e:69:f2:86:fc:ee:e0:
98:b0:6a:d6:aa:52:ae:c5:a3:bf:43:56:fb:5d:10:8b:ad:57:
7f:6c:cb:ee:50:ce:18:a4:4e:74:9e:10:08:fc:5c:73:0d:91:
f9:ad:8a:cd:ad:42:bc:78:2d:5b:8d:86:8c:fb:36:7d:d2:ba:
d6:fd:95:dd:8d:91:c1:d8:5b:28:50:b2:ef:32:0e:f5:62:52:
f7:10:5b:40:d4:26:7a:f5:8c:a7:0f:e7:b6:76:8e:ad:41:95:
f2:5d:1d:89:15:8e:4b:8c:1b:46:4e:1f:0a:0b:9f:ed:28:96:
06:68:ea:55:7a:b1:1c:ea:a9:e7:57:4e:f5:ca:b4:ea:11:34:
64:c5:12:81:21:ab:53:78:44:97:09:27:78:92:0c:ab:c3:27:
77:9b:09:87:c6:e2:63:ca:2f:48:4f:98:dd:06:e2:f3:18:86:
2e:4a:db:27:9c:e8:34:16:6f:c7:29:54:bd:cd:52:f0:8e:22:
00:67:8c:26:61:6c:04:c7:50:b6:98:9d:52:3f:10:a9:c6:d2:
c5:4a:a2:f2:9f:54:df:a2:b9:44:ab:c4:8d:20:3f:f6:b4:2c:
1d:b4:c8:85:dd:d7:db:3e:d3:95:d2:1d:8e:40:01:ab:7b:ce:
59:ec:36:22
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZzm/WDPKAdxYnfwP1wai4kJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3Yjg3MDI0ZGIxYzY5YTJkM2I5NzI0ODdlNTBjMTk3NmMz
ZjQ1NDUwHhcNMjYwMzEzMTEzODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQwYmFkNmMzOWU3NmNhMTIyMGQ0N2FlNWI2MzZmZTQ3MWZkNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoklAUduPUjUfT95jzbw0JkD49deB
2admGjwRmx/Xp3vnAaKsY6BaozCdr03iTpIev2D5EFjXDqce2iLb/FTW0vjrIgEF
QssrkgoQy3RkbkgDV+AwPrL+PrAM54HMgK+EfkaYv5H4/FX10XQCvBBwmhRdDoNK
pDd8WlDn7ON5CKQSaxXLZSgmfr+A3fYUZGaohiLl9dXEEe98y5NsG3zFgZXXY61j
Kpl9CY3+gltGqOqr+MhH1DMJzfW3kFKiWgsNcu0QOhSVv5kBsvEzt1iW99GdCTv3
Qk0vbR5DLEujJfgER+bI+4sahfesmtk8bHX/WB5Ua9oKOfSm/DK4xd5bjQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLLQutbDnnbKEiDUeuW2Nv5HH9bDMB8GA1UdIwQY
MBaAFCe4cCTbHGmi07lySH5QwZdsP0VFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjdod0pOc2NhYUxUdVhKSWZsREJsMndfUlVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82MTNlZTEtY2Y0NC00NjAxLWI0NDIt
MjJjM2RjYTEzY2YyLzEvc3RDNjFzT2Vkc29TSU5SNjViWTJfa2NmMXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82MTNlZTEtY2Y0NC00NjAxLWI0NDItMjJjM2RjYTEzY2Yy
LzEvSjdod0pOc2NhYUxUdVhKSWZsREJsMndfUlVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMfhtgD
BAAfht4wDQYJKoZIhvcNAQELBQADggEBAHOXt/NpC/6/TEnPnmnyhvzu4Jiwataq
Uq7Fo79DVvtdEIutV39sy+5QzhikTnSeEAj8XHMNkfmtis2tQrx4LVuNhoz7Nn3S
utb9ld2NkcHYWyhQsu8yDvViUvcQW0DUJnr1jKcP57Z2jq1BlfJdHYkVjkuMG0ZO
HwoLn+0olgZo6lV6sRzqqedXTvXKtOoRNGTFEoEhq1N4RJcJJ3iSDKvDJ3ebCYfG
4mPKL0hPmN0G4vMYhi5K2yec6DQWb8cpVL3NUvCOIgBnjCZhbATHULaYnVI/EKnG
0sVKovKfVN+iuUSrxI0gP/a0LB20yIXd19s+05XSHY5AAat7zlnsNiI=
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:12:51 2026 by rpki-client