Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-zI56l6-DHXMmFu1BUUI5ug-UxA.roa
File: 1-zI56l6-DHXMmFu1BUUI5ug-UxA.roa (raw, json)
Hash identifier: aU93ejVlAILaxGOJiiDMI5TPZXQVA8pMhHywUdPRyFg=
Subject key identifier: FB:32:39:EA:5E:BE:0C:75:CC:98:5B:B5:05:45:08:E6:E8:3E:53:10
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019C6CC01A681A7C8465113315A0D3E8F16B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-zI56l6-DHXMmFu1BUUI5ug-UxA.roa
Signing time: Tue 17 Feb 2026 17:57:34 +0000
ROA not before: Tue 17 Feb 2026 17:57:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213799
IP address blocks: 31.56.214.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6c:c0:1a:68:1a:7c:84:65:11:33:15:a0:d3:e8:f1:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 17 17:57:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fb3239ea5ebe0c75cc985bb5054508e6e83e5310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:7b:37:7d:91:c9:47:05:a0:a9:61:a7:00:c9:
9f:56:71:45:03:e5:9b:25:2d:fc:11:06:66:e5:fb:
54:f9:a9:ac:54:d8:56:bc:f6:c5:44:bb:fa:c2:83:
09:47:f1:b4:a8:6e:ce:05:e7:d1:7d:a9:62:f5:d2:
4c:0d:b4:fb:d8:51:05:d2:9e:c8:fc:cb:9c:c5:23:
50:44:e1:53:d9:57:4b:79:e3:80:07:8d:a4:36:f3:
5e:9c:e4:db:75:59:8c:4c:93:d7:3a:7a:bb:f7:3f:
7f:b2:e3:70:8c:95:7d:fa:89:d6:de:ea:52:54:c6:
a4:11:d2:92:a4:00:a8:45:30:09:de:95:5d:5e:ad:
09:d4:d9:60:7c:6e:3a:08:40:e2:35:19:e4:77:55:
15:29:ff:74:97:9a:a3:60:df:b0:3a:8b:9c:ad:bd:
38:42:e1:41:ac:58:71:97:37:c5:c0:75:82:9a:4c:
1f:24:10:94:1c:70:07:31:80:61:cb:0f:f5:e0:3b:
26:c5:ce:86:c6:d9:3a:f0:0e:3d:dc:8a:34:f9:c7:
38:e0:38:80:79:12:da:06:14:06:a4:0e:8a:fe:82:
d6:5f:3f:b9:a4:c6:83:9c:61:22:e7:51:ee:47:e7:
2c:e4:9c:a0:42:73:1f:c1:e6:93:a0:45:44:11:67:
3b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:32:39:EA:5E:BE:0C:75:CC:98:5B:B5:05:45:08:E6:E8:3E:53:10
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-zI56l6-DHXMmFu1BUUI5ug-UxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.214.0/24
31.58.247.0/24
31.58.249.0-31.58.250.255
Signature Algorithm: sha256WithRSAEncryption
aa:a8:cb:04:1a:7b:0c:b5:e8:c4:78:c0:3b:23:e2:92:29:0d:
09:a3:51:fb:9f:8e:74:6a:f0:97:fc:8c:8f:d2:ad:1d:c8:ae:
a2:7a:6b:a8:26:06:96:91:35:3f:c4:64:52:98:7f:b5:27:00:
86:0c:c1:b5:c8:82:ae:82:04:e6:1f:2e:4e:30:e2:41:3c:7d:
d0:d0:15:fd:6b:66:d7:cb:96:10:e1:b2:1e:ad:48:47:09:3a:
59:6a:db:56:10:2a:b8:65:29:c7:c1:bd:20:70:a8:94:8f:3d:
b8:88:ba:ec:bf:11:f6:fc:f2:0f:64:15:4c:9e:f4:75:6f:f8:
8d:b6:a9:5d:1a:58:a2:cb:d5:59:a9:02:b5:94:e7:ca:73:c9:
fe:eb:52:d8:c4:9b:63:78:10:2a:02:f8:65:06:10:dd:cd:eb:
7a:32:38:1b:6c:33:ea:72:4e:fd:91:0f:45:85:85:5d:1e:30:
86:16:56:ab:fb:91:49:21:e6:90:ee:6f:1e:63:37:06:90:93:
6c:d5:f1:71:2d:7b:4d:4a:22:29:f0:68:d1:ef:b0:70:6d:82:
6b:60:07:ee:1e:72:22:e9:f9:cd:19:bb:b7:53:23:4a:b1:3f:
08:12:35:63:0e:f1:19:79:0f:52:26:bb:e5:c5:c5:e2:72:20:
d1:bf:3c:49
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZxswBpoGnyEZREzFaDT6PFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMjE3MTc1NzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjMyMzllYTVlYmUwYzc1Y2M5ODViYjUwNTQ1MDhlNmU4M2U1MzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ns3fZHJRwWgqWGnAMmfVnFFA+Wb
JS38EQZm5ftU+amsVNhWvPbFRLv6woMJR/G0qG7OBefRfali9dJMDbT72FEF0p7I
/MucxSNQROFT2VdLeeOAB42kNvNenOTbdVmMTJPXOnq79z9/suNwjJV9+onW3upS
VMakEdKSpACoRTAJ3pVdXq0J1NlgfG46CEDiNRnkd1UVKf90l5qjYN+wOoucrb04
QuFBrFhxlzfFwHWCmkwfJBCUHHAHMYBhyw/14Dsmxc6Gxtk68A493Io0+cc44DiA
eRLaBhQGpA6K/oLWXz+5pMaDnGEi51HuR+cs5JygQnMfweaToEVEEWc7uwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPsyOepevgx1zJhbtQVFCOboPlMQMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMS16STU2bDYtREhYTW1GdTFCVVVJNXVnLVV4QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvNTExZjk1LWU0YmYtNDNmMS1hZjJmLWI4MTFjZmNiOWZk
NS8xL1R4c0pYNnRuWXp3Qko5WWY5b1Y0Wk9wckpjVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAB841gME
AB869zAMAwQAHzr5AwQAHzr6MA0GCSqGSIb3DQEBCwUAA4IBAQCqqMsEGnsMtejE
eMA7I+KSKQ0Jo1H7n450avCX/IyP0q0dyK6iemuoJgaWkTU/xGRSmH+1JwCGDMG1
yIKuggTmHy5OMOJBPH3Q0BX9a2bXy5YQ4bIerUhHCTpZattWECq4ZSnHwb0gcKiU
jz24iLrsvxH2/PIPZBVMnvR1b/iNtqldGliiy9VZqQK1lOfKc8n+61LYxJtjeBAq
AvhlBhDdzet6MjgbbDPqck79kQ9FhYVdHjCGFlar+5FJIeaQ7m8eYzcGkJNs1fFx
LXtNSiIp8GjR77BwbYJrYAfuHnIi6fnNGbu3UyNKsT8IEjVjDvEZeQ9SJrvlxcXi
ciDRvzxJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:49:05 2026 by rpki-client