Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2Q6HgSo6apBKWmdf_k1KK6Lhoxw.roa
File: 2Q6HgSo6apBKWmdf_k1KK6Lhoxw.roa (raw, json)
Hash identifier: oQaaMYknv8byTpusjHa2D/47ELc/vzzLl/gecil//5s=
Subject key identifier: D9:0E:87:81:2A:3A:6A:90:4A:5A:67:5F:FE:4D:4A:2B:A2:E1:A3:1C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E98C81B2F662F7D2850A72E8740AEA5B0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2Q6HgSo6apBKWmdf_k1KK6Lhoxw.roa
Signing time: Fri 05 Jun 2026 17:15:11 +0000
ROA not before: Fri 05 Jun 2026 17:15:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205463
IP address blocks: 31.56.214.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:98:c8:1b:2f:66:2f:7d:28:50:a7:2e:87:40:ae:a5:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 5 17:15:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d90e87812a3a6a904a5a675ffe4d4a2ba2e1a31c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:41:0d:44:10:5f:84:22:bf:e1:5c:44:21:1d:
34:24:98:54:25:53:35:ca:cf:a3:ac:e9:b5:b9:9a:
8f:dc:f2:8d:ff:9d:64:46:6c:38:2b:99:47:5a:38:
d2:0d:2f:24:09:e7:db:e9:40:d0:bd:c3:fe:8d:99:
c3:da:de:4b:b2:b8:00:21:6e:f1:9b:f8:89:21:c8:
59:29:95:c3:c3:fa:c6:6b:b0:95:8b:8f:dc:4b:7f:
e8:91:51:f9:c7:50:ca:7c:80:98:79:57:11:ac:c6:
2f:33:41:69:b9:7e:f0:c8:45:ef:9b:63:05:87:f3:
41:67:df:a9:7b:87:f0:31:54:10:1e:17:16:ae:de:
30:a6:24:7c:f8:82:17:86:a2:7c:2c:e8:62:74:c5:
4f:d0:4e:ba:87:2f:81:29:d0:0d:d4:55:d4:4e:fd:
5d:7e:f0:cb:50:1d:18:88:dc:e6:34:e6:0f:8d:c9:
64:fb:30:e7:4c:a6:6a:a6:e9:ef:c2:51:e3:fb:88:
18:55:a2:f4:4a:f9:20:c2:99:d8:16:83:67:c9:77:
d6:4d:93:ea:bd:82:7d:74:f9:27:33:0f:49:66:6c:
6c:6d:77:1c:d1:2f:1a:34:3b:05:81:96:1e:ec:a3:
bb:8b:a5:eb:66:4c:d6:63:c1:ce:7b:34:f9:f2:e9:
f5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0E:87:81:2A:3A:6A:90:4A:5A:67:5F:FE:4D:4A:2B:A2:E1:A3:1C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2Q6HgSo6apBKWmdf_k1KK6Lhoxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.214.0/24
31.58.41.0/24
31.58.236.0/24
31.58.247.0/24
31.58.250.0/23
Signature Algorithm: sha256WithRSAEncryption
11:7e:69:00:4b:42:d3:af:3e:8a:9b:49:5b:11:ea:bb:a0:7f:
c8:4a:95:9e:5f:c6:03:7e:eb:95:4d:aa:a3:a6:ff:b5:a2:63:
ab:de:05:6f:f5:ae:e3:ab:14:0a:ee:f4:03:66:82:db:51:49:
3b:e0:e4:4e:5a:44:19:1d:29:25:81:af:21:39:92:c6:89:55:
13:b6:31:ad:f1:00:06:6f:67:86:69:ee:76:e7:78:68:97:ba:
26:af:d7:c3:47:31:5c:d2:c3:44:dc:92:88:32:5d:2c:3a:7f:
66:a0:95:ea:b1:69:cb:90:e6:41:92:ca:36:db:51:cc:3e:8d:
e4:b8:bd:8b:88:3d:96:dc:9c:19:e3:1a:20:26:67:6d:1c:0f:
60:6d:a2:3d:8b:1d:14:33:af:c8:c8:2f:db:cd:06:cd:1f:7f:
19:e9:11:68:98:14:b1:45:c7:80:d3:4a:62:1f:0e:f3:be:d1:
f1:c6:08:58:0f:96:20:2a:14:c0:8a:f1:d8:9c:f2:a3:28:88:
74:48:5d:10:28:19:05:95:05:fe:97:d9:5c:99:0d:e2:12:8e:
82:8e:7d:da:08:3a:c8:bc:ae:1a:ed:d9:92:f5:d7:3d:6e:0f:
b3:bd:40:88:4f:27:19:1b:54:f7:66:92:0b:aa:4c:a1:8c:7c:
7a:c7:05:6c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6YyBsvZi99KFCnLodArqWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjA1MTcxNTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTBlODc4MTJhM2E2YTkwNGE1YTY3NWZmZTRkNGEyYmEyZTFhMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0ENRBBfhCK/4VxEIR00JJhUJVM1
ys+jrOm1uZqP3PKN/51kRmw4K5lHWjjSDS8kCefb6UDQvcP+jZnD2t5LsrgAIW7x
m/iJIchZKZXDw/rGa7CVi4/cS3/okVH5x1DKfICYeVcRrMYvM0FpuX7wyEXvm2MF
h/NBZ9+pe4fwMVQQHhcWrt4wpiR8+IIXhqJ8LOhidMVP0E66hy+BKdAN1FXUTv1d
fvDLUB0YiNzmNOYPjclk+zDnTKZqpunvwlHj+4gYVaL0SvkgwpnYFoNnyXfWTZPq
vYJ9dPknMw9JZmxsbXcc0S8aNDsFgZYe7KO7i6XrZkzWY8HOezT58un1FwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNkOh4EqOmqQSlpnX/5NSiui4aMcMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMlE2SGdTbzZhcEJLV21kZl9rMUtLNkxob3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzjWAwQA
HzopAwQAHzrsAwQAHzr3AwQBHzr6MA0GCSqGSIb3DQEBCwUAA4IBAQARfmkAS0LT
rz6Km0lbEeq7oH/ISpWeX8YDfuuVTaqjpv+1omOr3gVv9a7jqxQK7vQDZoLbUUk7
4OROWkQZHSklga8hOZLGiVUTtjGt8QAGb2eGae5253hol7omr9fDRzFc0sNE3JKI
Ml0sOn9moJXqsWnLkOZBkso221HMPo3kuL2LiD2W3JwZ4xogJmdtHA9gbaI9ix0U
M6/IyC/bzQbNH38Z6RFomBSxRceA00piHw7zvtHxxghYD5YgKhTAivHYnPKjKIh0
SF0QKBkFlQX+l9lcmQ3iEo6Cjn3aCDrIvK4a7dmS9dc9bg+zvUCITycZG1T3ZpIL
qkyhjHx6xwVs
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:37:53 2026 by rpki-client