Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ajnhMOVJUaMpzF4MudpoGdKeNx0.roa
File: ajnhMOVJUaMpzF4MudpoGdKeNx0.roa (raw, json)
Hash identifier: bkq3K9On5Q4gyi9cIiYY/2jvnl3njHl7DELJygQdM5g=
Subject key identifier: 6A:39:E1:30:E5:49:51:A3:29:CC:5E:0C:B9:DA:68:19:D2:9E:37:1D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019D7B844E5F826A0EE48BE6F0391D4E04D3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ajnhMOVJUaMpzF4MudpoGdKeNx0.roa
Signing time: Sat 11 Apr 2026 07:49:21 +0000
ROA not before: Sat 11 Apr 2026 07:49:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 31.56.72.0/24 maxlen: 24
31.56.76.0/24 maxlen: 24
31.56.90.0/24 maxlen: 24
31.57.54.0/24 maxlen: 24
31.57.119.0/24 maxlen: 24
31.59.71.0/24 maxlen: 24
31.59.167.0/24 maxlen: 24
31.59.224.0/24 maxlen: 24
31.59.225.0/24 maxlen: 24
31.59.226.0/24 maxlen: 24
31.59.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7b:84:4e:5f:82:6a:0e:e4:8b:e6:f0:39:1d:4e:04:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 11 07:49:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6a39e130e54951a329cc5e0cb9da6819d29e371d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:01:99:fc:14:ea:ff:9a:f3:76:ac:98:fc:a6:
6f:20:ff:f3:5b:49:5b:36:73:4a:65:df:79:20:8a:
98:41:16:ee:a8:46:69:25:51:31:6d:c9:26:a0:b2:
28:8a:94:7c:41:58:24:9a:f7:3c:f9:40:89:17:4d:
b6:4f:f3:02:a8:13:64:56:b0:42:17:85:9a:d0:92:
c9:7f:9e:41:7e:43:4c:2f:e7:d7:d4:04:d8:74:ca:
d1:7f:1f:0b:c9:d0:ce:e0:a8:37:c5:01:69:4a:cd:
6c:99:66:a5:6a:c0:e5:53:e8:87:a3:e9:27:f1:20:
5e:fc:01:7d:e0:19:37:d4:f9:fb:d3:f0:d8:5e:7d:
af:d5:99:cf:19:88:53:8f:fb:6f:bf:07:cf:98:37:
11:b9:51:74:23:15:72:a0:5b:04:e8:8a:ba:51:1f:
33:b9:95:cc:e8:54:19:01:d6:ac:94:67:a0:35:2c:
6a:3b:8f:a4:6e:f4:7a:c1:84:5b:ba:58:b9:5f:b4:
23:9b:93:b6:82:87:7a:b5:7e:f6:d5:8d:f0:37:16:
ee:dd:c6:1b:52:2d:a2:17:03:63:7e:e4:97:a9:72:
06:85:28:64:1c:4b:b4:ca:c8:d3:d5:4d:56:69:62:
2b:25:a2:ff:4f:6c:44:47:2d:70:4d:9a:5d:af:15:
04:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:39:E1:30:E5:49:51:A3:29:CC:5E:0C:B9:DA:68:19:D2:9E:37:1D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ajnhMOVJUaMpzF4MudpoGdKeNx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.72.0/24
31.56.76.0/24
31.56.90.0/24
31.57.54.0/24
31.57.119.0/24
31.59.71.0/24
31.59.167.0/24
31.59.224.0/22
Signature Algorithm: sha256WithRSAEncryption
44:2d:8b:01:c0:4c:09:1f:de:f9:4c:b5:0f:4d:f1:9d:3d:ae:
95:a4:2d:91:1f:88:37:47:01:b1:b5:bb:42:a4:9f:e4:a3:9d:
c4:3e:f6:af:6e:84:79:79:43:cc:c8:e6:66:85:e2:e9:ca:84:
3d:c3:0d:b3:1e:6d:17:9e:d5:af:aa:52:1f:a8:dc:4e:bd:94:
93:6a:32:48:aa:69:cf:62:d7:5f:65:62:4b:13:fc:84:d0:66:
de:f2:2b:f2:36:4a:a5:7c:99:02:7d:72:40:33:a9:b5:c8:1b:
5d:18:38:92:9b:f6:aa:03:72:e9:c9:a9:9f:fb:9a:08:d7:9a:
4b:f2:25:15:71:85:85:65:54:02:b2:53:0f:20:6c:2a:1d:c2:
59:b3:fa:64:10:6e:b4:31:0c:f4:90:88:53:97:25:fc:cb:9d:
e3:5a:e7:b2:9f:80:4b:e6:27:b4:5b:4d:66:fa:de:9e:3e:c8:
28:d5:ed:a4:e0:b5:4b:d4:d8:b3:53:c5:f5:5d:fc:65:39:59:
e8:37:4d:d7:23:f2:bb:10:47:84:42:96:e6:db:f2:56:1d:55:
af:dd:0d:82:27:49:56:60:13:37:89:21:4c:1d:ed:f7:48:be:
a6:a4:03:f4:d0:ca:27:4a:e2:cc:1f:ac:42:a5:2b:c6:97:39:
7b:e3:0c:5e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ17hE5fgmoO5Ivm8DkdTgTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDExMDc0OTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTM5ZTEzMGU1NDk1MWEzMjljYzVlMGNiOWRhNjgxOWQyOWUzNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowGZ/BTq/5rzdqyY/KZvIP/zW0lb
NnNKZd95IIqYQRbuqEZpJVExbckmoLIoipR8QVgkmvc8+UCJF022T/MCqBNkVrBC
F4Wa0JLJf55BfkNML+fX1ATYdMrRfx8LydDO4Kg3xQFpSs1smWalasDlU+iHo+kn
8SBe/AF94Bk31Pn70/DYXn2v1ZnPGYhTj/tvvwfPmDcRuVF0IxVyoFsE6Iq6UR8z
uZXM6FQZAdaslGegNSxqO4+kbvR6wYRbuli5X7Qjm5O2god6tX721Y3wNxbu3cYb
Ui2iFwNjfuSXqXIGhShkHEu0ysjT1U1WaWIrJaL/T2xERy1wTZpdrxUEYQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGo54TDlSVGjKcxeDLnaaBnSnjcdMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYWpuaE1PVkpVYU1wekY0TXVkcG9HZEtlTngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHzhIAwQA
HzhMAwQAHzhaAwQAHzk2AwQAHzl3AwQAHztHAwQAHzunAwQCHzvgMA0GCSqGSIb3
DQEBCwUAA4IBAQBELYsBwEwJH975TLUPTfGdPa6VpC2RH4g3RwGxtbtCpJ/ko53E
PvavboR5eUPMyOZmheLpyoQ9ww2zHm0XntWvqlIfqNxOvZSTajJIqmnPYtdfZWJL
E/yE0Gbe8ivyNkqlfJkCfXJAM6m1yBtdGDiSm/aqA3Lpyamf+5oI15pL8iUVcYWF
ZVQCslMPIGwqHcJZs/pkEG60MQz0kIhTlyX8y53jWueyn4BL5ie0W01m+t6ePsgo
1e2k4LVL1NizU8X1XfxlOVnoN03XI/K7EEeEQpbm2/JWHVWv3Q2CJ0lWYBM3iSFM
He33SL6mpAP00MonSuLMH6xCpSvGlzl74wxe
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:14:14 2026 by rpki-client