Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/JhcujguVvjcSsRq9f6q_K6k76ko.roa
File: JhcujguVvjcSsRq9f6q_K6k76ko.roa (raw, json)
Hash identifier: liIL24FKFqleBBNdq5HTEc6jy5tNBikabhOPdtAhJLk=
Subject key identifier: 26:17:2E:8E:0B:95:BE:37:12:B1:1A:BD:7F:AA:BF:2B:A9:3B:EA:4A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019C2878CDB824FDC7272217397FD561205C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/JhcujguVvjcSsRq9f6q_K6k76ko.roa
Signing time: Wed 04 Feb 2026 11:45:31 +0000
ROA not before: Wed 04 Feb 2026 11:45:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213385
IP address blocks: 31.59.186.0/24 maxlen: 24
31.59.212.0/24 maxlen: 24
217.60.244.0/24 maxlen: 24
217.60.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:28:78:cd:b8:24:fd:c7:27:22:17:39:7f:d5:61:20:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 4 11:45:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=26172e8e0b95be3712b11abd7faabf2ba93bea4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:99:54:51:5e:a6:55:4a:36:3e:a6:08:7c:6f:
d8:72:23:99:58:82:2b:22:04:61:88:57:40:a8:9a:
51:4b:5c:ff:e3:78:76:a0:27:eb:0d:47:f8:be:2d:
6c:1e:2f:9e:b6:8b:48:23:d9:2a:16:ac:2d:78:1a:
b8:09:de:b1:ec:68:4b:a3:eb:98:5f:07:0c:b3:b8:
64:4c:d6:10:cc:9d:5c:1d:4f:88:f0:d9:5f:00:23:
c7:c0:f6:8b:80:b8:9a:87:ae:07:6a:2d:1a:b5:1a:
33:79:33:16:7b:ed:08:4a:d0:4a:50:76:91:8f:9b:
59:4f:41:60:84:4e:79:27:bf:6a:52:31:d0:a3:cf:
fd:16:4a:a4:d0:d7:39:33:b0:fd:d7:f7:4a:05:50:
dd:ee:f3:2f:d1:6d:b6:04:ee:74:9f:94:27:c6:ef:
df:13:e4:6e:3d:57:1e:54:ad:17:c6:8a:c8:af:20:
2f:8e:79:6f:86:c8:a0:1e:a4:34:f5:53:f1:d5:21:
d9:5d:49:a8:ec:c1:fc:51:ef:74:22:b9:64:17:8a:
82:fe:7f:c4:ca:dd:0b:a1:f6:14:78:85:b9:f0:ca:
30:80:c1:a7:37:27:48:e9:1d:13:95:d4:98:8e:ca:
b5:86:77:8b:12:16:8f:35:0c:e2:ba:d4:36:09:69:
73:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:17:2E:8E:0B:95:BE:37:12:B1:1A:BD:7F:AA:BF:2B:A9:3B:EA:4A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/JhcujguVvjcSsRq9f6q_K6k76ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.59.186.0/24
31.59.212.0/24
217.60.244.0/24
217.60.253.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:da:a7:fd:00:1c:db:83:1e:bf:62:58:c4:f3:c9:b7:54:01:
c6:87:dc:25:ee:a8:54:7f:4f:47:7e:6a:6b:1c:00:d0:80:e6:
09:a4:a7:97:99:25:e0:89:42:e6:5c:48:8e:bc:e8:eb:3f:9a:
11:16:26:c5:49:30:8b:d1:8e:34:4c:63:2a:aa:1d:75:aa:7f:
d6:31:18:97:e1:2a:80:94:22:c0:29:73:70:91:31:0e:7e:e7:
1a:bc:62:bc:fb:c5:78:74:bc:19:07:9f:2d:6a:fc:26:b8:04:
ec:2e:f4:dc:43:48:d3:d7:e9:86:c6:4e:b7:55:6f:1f:fc:d6:
ae:7a:d8:d6:5c:9d:7a:ad:ea:ff:7b:eb:f7:99:3d:b7:8a:5b:
90:85:4f:4c:fd:ea:31:45:7d:be:5d:6b:97:2b:9a:7e:03:8b:
9d:83:e1:3a:dc:27:7b:ea:ef:fd:c0:02:7b:83:ae:ca:6f:19:
16:4f:24:67:c9:c4:41:fb:19:33:a3:fd:06:61:1a:05:3c:be:
6d:77:f8:98:dc:60:02:6b:8c:ba:57:5b:9e:dc:76:9f:25:22:
7e:a5:5e:d5:29:1d:8f:fd:de:a8:19:04:fd:ba:cf:2f:d6:57:
63:b5:82:21:d4:38:ba:8a:2c:e4:51:c6:ed:75:b5:fc:77:32:
24:12:3a:41
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZwoeM24JP3HJyIXOX/VYSBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMjA0MTE0NTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjE3MmU4ZTBiOTViZTM3MTJiMTFhYmQ3ZmFhYmYyYmE5M2JlYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJlUUV6mVUo2PqYIfG/YciOZWIIr
IgRhiFdAqJpRS1z/43h2oCfrDUf4vi1sHi+etotII9kqFqwteBq4Cd6x7GhLo+uY
XwcMs7hkTNYQzJ1cHU+I8NlfACPHwPaLgLiah64Hai0atRozeTMWe+0IStBKUHaR
j5tZT0FghE55J79qUjHQo8/9Fkqk0Nc5M7D91/dKBVDd7vMv0W22BO50n5Qnxu/f
E+RuPVceVK0XxorIryAvjnlvhsigHqQ09VPx1SHZXUmo7MH8Ue90IrlkF4qC/n/E
yt0LofYUeIW58MowgMGnNydI6R0TldSYjsq1hneLEhaPNQziutQ2CWlz+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCYXLo4Llb43ErEavX+qvyupO+pKMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSmhjdWpndVZ2amNTc1JxOWY2cV9LNms3NmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzu6AwQA
HzvUAwQA2Tz0AwQA2Tz9MA0GCSqGSIb3DQEBCwUAA4IBAQA/2qf9ABzbgx6/YljE
88m3VAHGh9wl7qhUf09HfmprHADQgOYJpKeXmSXgiULmXEiOvOjrP5oRFibFSTCL
0Y40TGMqqh11qn/WMRiX4SqAlCLAKXNwkTEOfucavGK8+8V4dLwZB58tavwmuATs
LvTcQ0jT1+mGxk63VW8f/NauetjWXJ16rer/e+v3mT23iluQhU9M/eoxRX2+XWuX
K5p+A4udg+E63Cd76u/9wAJ7g67KbxkWTyRnycRB+xkzo/0GYRoFPL5td/iY3GAC
a4y6V1ue3HafJSJ+pV7VKR2P/d6oGQT9us8v1ldjtYIh1Di6iizkUcbtdbX8dzIk
EjpB
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:21:05 2026 by rpki-client