Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/McsHKJyTUS8n5R-idBMOHhSZpZI.roa
File: McsHKJyTUS8n5R-idBMOHhSZpZI.roa (raw, json)
Hash identifier: PviYcyJsz5jj0f+u05Ztl+o9AGDOeW827NG4ngXcgy4=
Subject key identifier: 31:CB:07:28:9C:93:51:2F:27:E5:1F:A2:74:13:0E:1E:14:99:A5:92
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019D8F8C2BAADC50FD431E1664D68508088B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/McsHKJyTUS8n5R-idBMOHhSZpZI.roa
Signing time: Wed 15 Apr 2026 05:10:21 +0000
ROA not before: Wed 15 Apr 2026 05:10:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.56.182.0/23 maxlen: 23
31.56.184.0/22 maxlen: 24
31.56.188.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/22 maxlen: 22
31.58.92.0/22 maxlen: 24
31.58.92.0/23 maxlen: 23
31.58.180.0/24 maxlen: 24
31.58.184.0/21 maxlen: 24
31.58.192.0/21 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.204.0/22 maxlen: 24
31.58.208.0/23 maxlen: 24
31.58.239.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.44.0/22 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.84.0/22 maxlen: 24
31.59.90.0/23 maxlen: 24
31.59.92.0/22 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/22 maxlen: 24
31.59.164.0/23 maxlen: 24
31.59.176.0/21 maxlen: 24
94.183.151.0/24 maxlen: 24
94.183.159.0/24 maxlen: 24
94.183.167.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
94.183.192.0/19 maxlen: 24
94.183.224.0/21 maxlen: 24
94.183.242.0/24 maxlen: 24
94.183.244.0/24 maxlen: 24
94.183.248.0/21 maxlen: 24
217.60.8.0/22 maxlen: 24
217.60.14.0/24 maxlen: 24
217.60.15.0/24 maxlen: 24
217.60.16.0/21 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.32.0/22 maxlen: 24
217.60.52.0/22 maxlen: 24
217.60.56.0/22 maxlen: 24
217.60.160.0/20 maxlen: 24
217.60.176.0/21 maxlen: 24
217.60.184.0/24 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.192.0/24 maxlen: 24
217.60.193.0/24 maxlen: 24
217.60.195.0/24 maxlen: 24
217.60.198.0/24 maxlen: 24
217.60.200.0/22 maxlen: 24
217.60.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 13:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8f:8c:2b:aa:dc:50:fd:43:1e:16:64:d6:85:08:08:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 15 05:10:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=31cb07289c93512f27e51fa274130e1e1499a592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9d:36:87:c5:c0:a8:2e:08:53:c0:88:01:b5:
05:b4:cd:a0:44:65:e1:fd:93:06:52:ce:21:b4:17:
f4:47:4f:a1:16:1f:9d:95:ad:ee:f0:71:c7:52:2e:
af:6d:a4:6c:ee:51:93:23:57:b1:25:db:38:7a:29:
86:8a:32:57:fb:c0:ea:ab:cd:db:d8:12:43:a0:d8:
51:c2:b8:d0:f0:af:99:3e:80:23:49:bc:82:4d:db:
98:25:14:0c:ce:0b:60:8b:52:8d:11:dd:46:5a:d2:
8a:9c:51:36:29:3d:1c:3b:0d:71:cf:ec:3f:fa:ea:
03:d8:25:7c:18:19:21:07:88:c9:68:55:81:ed:e4:
92:e0:20:5d:96:d4:4f:9b:03:6f:eb:0c:7a:b4:0c:
3e:98:e4:7e:c5:27:3e:bb:d5:38:5a:1f:94:73:7f:
cd:53:67:a2:c8:4b:07:1a:17:ed:25:59:97:81:64:
22:26:4f:e8:32:17:08:7a:06:e5:91:90:ad:e0:8b:
79:ba:84:c4:49:bb:fa:37:52:e4:72:b0:c0:2c:be:
33:49:47:82:fb:37:f8:48:82:1a:f3:46:2a:e6:19:
6c:bf:ad:d3:73:85:74:e1:31:7a:5e:39:9e:9f:f8:
ec:27:ff:0f:a5:e8:8a:87:a5:c8:74:f7:cf:98:a3:
60:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CB:07:28:9C:93:51:2F:27:E5:1F:A2:74:13:0E:1E:14:99:A5:92
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/McsHKJyTUS8n5R-idBMOHhSZpZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.182.0-31.56.189.255
31.57.200.0/24
31.57.208.0/22
31.58.92.0/22
31.58.180.0/24
31.58.184.0-31.58.209.255
31.58.239.0/24
31.58.252.0/22
31.59.44.0/22
31.59.64.0/22
31.59.80.0/21
31.59.90.0-31.59.95.255
31.59.140.0/22
31.59.148.0-31.59.165.255
31.59.176.0/21
94.183.151.0/24
94.183.159.0/24
94.183.167.0/24
94.183.170.0/24
94.183.192.0-94.183.231.255
94.183.242.0/24
94.183.244.0/24
94.183.248.0/21
217.60.8.0/22
217.60.14.0-217.60.24.255
217.60.28.0-217.60.35.255
217.60.52.0-217.60.59.255
217.60.160.0-217.60.184.255
217.60.188.0-217.60.193.255
217.60.195.0/24
217.60.198.0/24
217.60.200.0/21
Signature Algorithm: sha256WithRSAEncryption
05:bf:5a:66:c4:ca:ad:9c:13:fb:f6:24:44:85:e9:fc:39:c6:
dc:1b:6c:88:57:e7:9d:75:86:fd:5a:8a:cc:e9:dd:bc:79:33:
ac:ae:40:e3:ac:9c:70:f3:59:cd:31:ed:8a:2b:03:e3:1b:6c:
d2:95:58:87:e6:dd:2d:47:7e:d4:cd:ee:39:6f:74:ba:50:61:
a5:7f:88:81:1f:aa:0c:17:26:d9:9a:c7:31:15:d0:26:1c:79:
6e:a9:d8:81:b1:50:16:71:0c:f4:73:96:96:03:1e:df:9e:89:
2c:f5:57:2c:c3:00:a7:82:47:35:ba:05:94:3c:49:be:37:26:
de:a6:f7:17:21:24:22:63:4f:0d:17:04:0a:5b:58:fe:2a:eb:
48:11:31:cf:7e:f3:dd:d7:44:32:03:64:87:f9:eb:10:62:bf:
48:c6:a8:a2:51:54:a6:9b:47:c4:90:ce:16:99:5f:a5:aa:e5:
ea:b8:39:d6:e9:eb:be:2a:41:4d:7e:11:85:be:4d:29:4f:ba:
a3:5a:2a:a0:71:e9:4d:00:0b:eb:a6:86:7b:62:36:8f:de:cb:
50:e3:bb:6b:4b:62:6d:a8:5a:dc:a9:08:7e:6c:17:0b:73:5e:
31:86:9d:e8:46:68:92:fa:9e:50:2a:12:b4:8b:9a:49:1e:0a:
c4:99:2f:45
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAZ2PjCuq3FD9Qx4WZNaFCAiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDE1MDUxMDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWNiMDcyODljOTM1MTJmMjdlNTFmYTI3NDEzMGUxZTE0OTlhNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ02h8XAqC4IU8CIAbUFtM2gRGXh
/ZMGUs4htBf0R0+hFh+dla3u8HHHUi6vbaRs7lGTI1exJds4eimGijJX+8Dqq83b
2BJDoNhRwrjQ8K+ZPoAjSbyCTduYJRQMzgtgi1KNEd1GWtKKnFE2KT0cOw1xz+w/
+uoD2CV8GBkhB4jJaFWB7eSS4CBdltRPmwNv6wx6tAw+mOR+xSc+u9U4Wh+Uc3/N
U2eiyEsHGhftJVmXgWQiJk/oMhcIegblkZCt4It5uoTESbv6N1LkcrDALL4zSUeC
+zf4SIIa80Yq5hlsv63Tc4V04TF6Xjmen/jsJ/8PpeiKh6XIdPfPmKNgewIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFDHLByick1EvJ+UfonQTDh4UmaWSMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTWNzSEtKeVRVUzhuNVItaWRCTU9IaFNacFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EDAMAwQBHzi2AwQBHzi8AwQAHznIAwQCHznQAwQCHzpcAwQAHzq0MAwDBAMfOrgD
BAEfOtADBAAfOu8DBAIfOvwDBAIfOywDBAIfO0ADBAMfO1AwDAMEAR87WgMEBR87
QAMEAh87jDAMAwQCHzuUAwQBHzukAwQDHzuwAwQAXreXAwQAXrefAwQAXrenAwQA
XreqMAwDBAZet8ADBANet+ADBABet/IDBABet/QDBANet/gDBALZPAgwDAMEAdk8
DgMEANk8GDAMAwQC2TwcAwQC2TwgMAwDBALZPDQDBALZPDgwDAMEBdk8oAMEANk8
uDAMAwQC2Ty8AwQB2TzAAwQA2TzDAwQA2TzGAwQD2TzIMA0GCSqGSIb3DQEBCwUA
A4IBAQAFv1pmxMqtnBP79iREhen8OcbcG2yIV+eddYb9WorM6d28eTOsrkDjrJxw
81nNMe2KKwPjG2zSlViH5t0tR37Uze45b3S6UGGlf4iBH6oMFybZmscxFdAmHHlu
qdiBsVAWcQz0c5aWAx7fnoks9VcswwCngkc1ugWUPEm+NybepvcXISQiY08NFwQK
W1j+KutIETHPfvPd10QyA2SH+esQYr9IxqiiUVSmm0fEkM4WmV+lquXquDnW6eu+
KkFNfhGFvk0pT7qjWiqgcelNAAvrpoZ7YjaP3stQ47trS2JtqFrcqQh+bBcLc14x
hp3oRmiS+p5QKhK0i5pJHgrEmS9F
-----END CERTIFICATE-----
Generated at Thu Apr 16 22:35:52 2026 by rpki-client