Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_Zxjq3bAn9Ir8EDfc0XaSWXBCI8.roa
File: _Zxjq3bAn9Ir8EDfc0XaSWXBCI8.roa (raw, json)
Hash identifier: zsz9x3J1h4h6N3Rh806ghIzPBUTdiKCztLIkqkYfc04=
Subject key identifier: FD:9C:63:AB:76:C0:9F:D2:2B:F0:40:DF:73:45:DA:49:65:C1:08:8F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019C626AD3F5A1355980372CCA33ED16CA65
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_Zxjq3bAn9Ir8EDfc0XaSWXBCI8.roa
Signing time: Sun 15 Feb 2026 17:48:14 +0000
ROA not before: Sun 15 Feb 2026 17:48:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 64267
IP address blocks: 31.58.54.0/24 maxlen: 24
31.58.162.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.166.0/24 maxlen: 24
31.58.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:62:6a:d3:f5:a1:35:59:80:37:2c:ca:33:ed:16:ca:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 15 17:48:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fd9c63ab76c09fd22bf040df7345da4965c1088f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:54:5f:dd:57:f4:ce:e7:c6:3a:e1:a9:2d:cd:
bd:81:58:1e:b7:1a:b6:39:75:e0:01:ec:1f:16:03:
50:c2:8c:0d:e7:72:44:aa:35:14:1b:f5:59:88:47:
27:62:7a:87:ea:cc:98:38:fb:c2:42:5b:78:cf:ca:
6f:5e:7a:08:a8:9a:d4:44:cf:a8:c3:cd:d7:b3:a7:
e4:8f:0f:69:4f:cb:71:c6:56:c0:43:b5:69:a5:ff:
3d:56:93:37:e1:e8:cb:5c:a1:4b:c1:ae:61:0f:c6:
27:d4:c6:2c:8b:75:6a:4a:64:28:16:74:0e:a8:b9:
7c:d5:26:15:7f:eb:92:31:a4:d5:d4:a3:73:a4:b7:
bf:ba:ee:af:1b:39:bb:d2:6f:68:ec:59:d7:61:d5:
f2:7d:ff:c6:42:1a:61:d9:88:1a:df:a2:53:3a:f7:
ed:70:71:21:f7:f0:75:39:97:58:f3:d6:4d:96:e3:
92:38:64:a4:08:b1:4b:a6:8d:5b:02:2c:87:62:4a:
a0:a6:c7:7d:4e:dc:89:14:37:ef:c1:a4:d6:14:64:
28:c7:59:44:cc:ff:09:a1:25:7f:f9:58:38:e6:be:
cb:c0:4d:6a:1f:75:c7:32:d1:1b:c8:c7:fa:2c:6f:
90:66:52:9c:e2:9f:c0:8a:74:16:d1:8b:08:cc:4e:
b8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9C:63:AB:76:C0:9F:D2:2B:F0:40:DF:73:45:DA:49:65:C1:08:8F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_Zxjq3bAn9Ir8EDfc0XaSWXBCI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.54.0/24
31.58.162.0/23
31.58.166.0/24
31.58.224.0/24
Signature Algorithm: sha256WithRSAEncryption
26:9c:c1:b5:de:81:76:c0:de:3c:2d:c4:47:df:bd:31:1a:f5:
98:6d:64:43:25:c5:76:8d:8e:a5:99:d9:2d:eb:32:3d:f5:92:
8e:48:45:99:72:b8:50:a1:de:23:71:c9:1c:f8:02:0d:4e:17:
4a:c8:09:1a:29:d4:9c:f4:30:95:3c:86:d7:f0:ac:d1:46:5d:
b9:ab:d2:fb:36:56:1b:89:07:c5:03:45:02:7c:57:bb:1a:3d:
4b:93:be:91:67:13:e9:ed:a7:ea:56:a2:66:13:c1:d9:9e:eb:
22:36:cd:47:c4:cf:0d:04:ac:86:ed:05:5f:73:48:9f:19:96:
92:ba:71:c4:7d:bf:4c:ac:66:b3:ae:ed:32:85:be:9d:2f:5c:
69:04:20:79:c1:bd:8c:87:49:c5:22:65:a1:2d:99:b3:3e:ce:
ce:1c:6b:ac:05:0a:ac:22:e4:a3:1e:05:88:ec:00:1f:34:d8:
1a:7f:af:24:a0:18:9b:46:9c:cd:6a:9d:4d:6c:43:44:42:98:
9c:fc:7e:1d:a7:2b:39:9e:11:9f:45:d9:d7:51:cd:6c:3b:78:
03:80:a8:35:9b:33:d8:ef:8f:a4:04:4d:56:7c:a4:ab:d2:4a:
6e:95:72:67:67:76:9c:ac:96:b8:4c:7a:cd:63:b5:ee:ed:09:
12:c9:4d:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZxiatP1oTVZgDcsyjPtFsplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMjE1MTc0ODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDljNjNhYjc2YzA5ZmQyMmJmMDQwZGY3MzQ1ZGE0OTY1YzEwODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFRf3Vf0zufGOuGpLc29gVgetxq2
OXXgAewfFgNQwowN53JEqjUUG/VZiEcnYnqH6syYOPvCQlt4z8pvXnoIqJrURM+o
w83Xs6fkjw9pT8txxlbAQ7Vppf89VpM34ejLXKFLwa5hD8Yn1MYsi3VqSmQoFnQO
qLl81SYVf+uSMaTV1KNzpLe/uu6vGzm70m9o7FnXYdXyff/GQhph2Yga36JTOvft
cHEh9/B1OZdY89ZNluOSOGSkCLFLpo1bAiyHYkqgpsd9TtyJFDfvwaTWFGQox1lE
zP8JoSV/+Vg45r7LwE1qH3XHMtEbyMf6LG+QZlKc4p/AinQW0YsIzE64cQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP2cY6t2wJ/SK/BA33NF2kllwQiPMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvX1p4anEzYkFuOUlyOEVEZmMwWGFTV1hCQ0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzo2AwQB
HzqiAwQAHzqmAwQAHzrgMA0GCSqGSIb3DQEBCwUAA4IBAQAmnMG13oF2wN48LcRH
370xGvWYbWRDJcV2jY6lmdkt6zI99ZKOSEWZcrhQod4jcckc+AINThdKyAkaKdSc
9DCVPIbX8KzRRl25q9L7NlYbiQfFA0UCfFe7Gj1Lk76RZxPp7afqVqJmE8HZnusi
Ns1HxM8NBKyG7QVfc0ifGZaSunHEfb9MrGazru0yhb6dL1xpBCB5wb2Mh0nFImWh
LZmzPs7OHGusBQqsIuSjHgWI7AAfNNgaf68koBibRpzNap1NbENEQpic/H4dpys5
nhGfRdnXUc1sO3gDgKg1mzPY74+kBE1WfKSr0kpulXJnZ3acrJa4THrNY7Xu7QkS
yU1C
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:38:12 2026 by rpki-client