Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Kdfh1MqXXBKXYgX721g2Xj9M7tI.roa
File: Kdfh1MqXXBKXYgX721g2Xj9M7tI.roa (raw, json)
Hash identifier: /ubF1MoMfk3duWrrSAIoOE5hucsq4P2qD55LXuAN6cI=
Subject key identifier: 29:D7:E1:D4:CA:97:5C:12:97:62:05:FB:DB:58:36:5E:3F:4C:EE:D2
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019CA89A4473F7632DD01BB2210548BF4FA1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Kdfh1MqXXBKXYgX721g2Xj9M7tI.roa
Signing time: Sun 01 Mar 2026 08:53:28 +0000
ROA not before: Sun 01 Mar 2026 08:53:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 31.56.82.0/24 maxlen: 24
31.56.230.0/24 maxlen: 24
31.58.38.0/24 maxlen: 24
31.58.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a8:9a:44:73:f7:63:2d:d0:1b:b2:21:05:48:bf:4f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 1 08:53:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=29d7e1d4ca975c12976205fbdb58365e3f4ceed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:60:b6:f5:f5:ec:12:c8:ab:78:75:44:7d:32:
ef:77:5d:c7:94:50:15:d9:57:47:ac:7a:7b:15:74:
21:0b:86:02:db:ba:ff:31:ba:bb:87:96:50:34:b6:
51:86:a7:be:50:71:56:e3:37:7d:04:62:d3:c0:01:
d0:95:9a:a1:5d:ea:ea:25:49:7d:7b:98:13:4e:34:
f1:dc:f5:4d:f5:19:ff:aa:98:1d:91:91:ec:e3:d2:
1b:e5:f5:9b:fb:b8:8d:4a:01:3c:a7:a9:b9:0d:15:
78:76:5d:fe:9d:2a:0c:64:51:e2:0c:35:21:67:60:
a9:54:c7:27:a5:06:a2:a9:c7:b1:a4:66:d4:8f:29:
eb:da:c0:5e:22:74:12:71:11:d5:c0:ed:a6:e9:f7:
3c:64:c9:74:ae:fb:c3:65:24:45:d9:9b:e1:db:97:
a8:9f:3a:8c:a4:97:f1:92:66:36:eb:5c:12:08:e6:
e3:d5:ea:8e:e3:63:7f:25:c3:36:5c:61:09:0e:1f:
eb:b9:5d:85:bf:4a:68:e1:4e:ff:96:2d:63:ce:56:
80:56:80:df:d3:93:58:de:da:b4:0b:18:d3:5a:88:
ca:f3:41:a5:4a:08:03:16:02:db:90:e8:c8:41:29:
0a:e9:ab:e6:30:dd:25:92:2f:c9:dc:53:5c:c0:7a:
42:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D7:E1:D4:CA:97:5C:12:97:62:05:FB:DB:58:36:5E:3F:4C:EE:D2
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Kdfh1MqXXBKXYgX721g2Xj9M7tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.82.0/24
31.56.230.0/24
31.58.38.0/24
31.58.130.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:67:40:75:14:aa:da:f9:83:83:85:85:66:3d:1a:85:cd:f7:
95:8e:43:72:13:30:c4:e0:78:86:5e:03:89:78:f3:23:0a:3e:
9c:1c:a6:7e:90:37:b9:13:98:18:89:91:e4:b5:a9:06:6c:2c:
0d:bb:46:d2:26:89:78:98:a3:2b:64:96:20:77:76:46:14:fb:
de:cd:65:be:f0:37:66:8a:8a:1d:c5:8b:f2:12:24:be:4f:03:
fc:77:ec:09:1b:60:4a:f6:3d:fa:be:37:20:22:2d:a6:f5:d8:
b3:c2:f5:d4:fe:e9:43:96:9c:fc:a0:a5:69:28:81:68:bf:7a:
90:28:cc:9e:1b:75:70:2f:3a:d3:7a:e3:d5:64:c7:61:02:53:
35:20:ae:47:0f:1c:1d:5d:ec:ae:10:bf:ac:7f:67:7c:79:f3:
ce:2b:e2:2b:9a:1d:f4:72:70:11:ff:84:51:30:ed:66:e1:63:
84:d4:e6:44:e6:1d:b7:2c:f1:87:65:d7:ec:27:74:99:e1:84:
d6:0b:a1:22:0d:9e:9f:cb:46:56:70:bf:f6:e7:99:c5:74:64:
f4:a5:7e:1e:9f:7d:71:26:ff:02:6d:05:b5:4e:6e:82:2c:ae:
d0:e2:cc:ce:9a:5e:45:8d:d7:9e:ed:7a:32:36:a2:3d:9b:2d:
8f:5d:61:82
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyomkRz92Mt0BuyIQVIv0+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzAxMDg1MzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ3ZTFkNGNhOTc1YzEyOTc2MjA1ZmJkYjU4MzY1ZTNmNGNlZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWC29fXsEsireHVEfTLvd13HlFAV
2VdHrHp7FXQhC4YC27r/Mbq7h5ZQNLZRhqe+UHFW4zd9BGLTwAHQlZqhXerqJUl9
e5gTTjTx3PVN9Rn/qpgdkZHs49Ib5fWb+7iNSgE8p6m5DRV4dl3+nSoMZFHiDDUh
Z2CpVMcnpQaiqcexpGbUjynr2sBeInQScRHVwO2m6fc8ZMl0rvvDZSRF2Zvh25eo
nzqMpJfxkmY261wSCObj1eqO42N/JcM2XGEJDh/ruV2Fv0po4U7/li1jzlaAVoDf
05NY3tq0CxjTWojK80GlSggDFgLbkOjIQSkK6avmMN0lki/J3FNcwHpCtQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCnX4dTKl1wSl2IF+9tYNl4/TO7SMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS2RmaDFNcVhYQktYWWdYNzIxZzJYajlNN3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzhSAwQA
HzjmAwQAHzomAwQAHzqCMA0GCSqGSIb3DQEBCwUAA4IBAQAvZ0B1FKra+YODhYVm
PRqFzfeVjkNyEzDE4HiGXgOJePMjCj6cHKZ+kDe5E5gYiZHktakGbCwNu0bSJol4
mKMrZJYgd3ZGFPvezWW+8DdmioodxYvyEiS+TwP8d+wJG2BK9j36vjcgIi2m9diz
wvXU/ulDlpz8oKVpKIFov3qQKMyeG3VwLzrTeuPVZMdhAlM1IK5HDxwdXeyuEL+s
f2d8efPOK+Irmh30cnAR/4RRMO1m4WOE1OZE5h23LPGHZdfsJ3SZ4YTWC6EiDZ6f
y0ZWcL/255nFdGT0pX4en31xJv8CbQW1Tm6CLK7Q4szOml5Fjdee7XoyNqI9my2P
XWGC
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:30:47 2026 by rpki-client