Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/i0EnjrXYXsHTICD0Mc0dsCJDy-g.roa
File: i0EnjrXYXsHTICD0Mc0dsCJDy-g.roa (raw, json)
Hash identifier: egBjpzyqJ8oCYOO/NajI/oGjgUQKFn+3BY74xKSB+OA=
Subject key identifier: 8B:41:27:8E:B5:D8:5E:C1:D3:20:20:F4:31:CD:1D:B0:22:43:CB:E8
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019C46D1B5751867505913170C286D03613C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/i0EnjrXYXsHTICD0Mc0dsCJDy-g.roa
Signing time: Tue 10 Feb 2026 09:11:14 +0000
ROA not before: Tue 10 Feb 2026 09:11:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 31.56.49.0/24 maxlen: 24
31.56.98.0/24 maxlen: 24
31.56.103.0/24 maxlen: 24
31.56.210.0/24 maxlen: 24
31.56.212.0/24 maxlen: 24
31.56.223.0/24 maxlen: 24
31.56.234.0/24 maxlen: 24
31.56.235.0/24 maxlen: 24
31.57.35.0/24 maxlen: 24
31.57.121.0/24 maxlen: 24
31.57.206.0/24 maxlen: 24
31.57.225.0/24 maxlen: 24
31.58.47.0/24 maxlen: 24
31.58.90.0/24 maxlen: 24
31.58.168.0/24 maxlen: 24
31.59.171.0/24 maxlen: 24
31.59.199.0/24 maxlen: 24
31.59.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:46:d1:b5:75:18:67:50:59:13:17:0c:28:6d:03:61:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 10 09:11:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8b41278eb5d85ec1d32020f431cd1db02243cbe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ef:95:19:10:fd:cb:09:f2:95:33:cf:75:a1:
15:92:9e:50:2a:28:a1:ae:70:05:30:90:73:eb:cf:
9a:51:eb:a3:3d:3e:b4:46:42:4f:9c:9a:0b:e0:73:
37:0d:5f:95:52:83:f4:23:24:9b:71:72:9f:e5:5b:
c6:7f:d4:23:4b:23:84:93:93:27:96:cd:9e:88:a9:
62:8a:82:fe:fe:b0:93:7e:f7:98:52:ba:3c:6a:69:
a3:f3:9b:20:4b:b6:1a:e4:88:cd:c1:1f:f1:d6:93:
99:61:8f:0d:db:24:c6:00:0a:2f:a9:e0:37:41:b7:
77:65:63:66:42:ee:fa:bf:af:a5:30:30:0a:26:a6:
a6:e0:da:e1:95:a1:94:d4:21:f3:ee:84:a2:b8:01:
55:fd:3d:8b:e7:dc:cb:c8:d3:a1:2e:b8:10:fd:cc:
17:db:3b:ff:61:bb:8f:f6:bf:da:89:78:6b:81:53:
49:01:a6:25:5b:47:f0:9a:92:d7:00:9a:bb:89:d8:
11:a9:28:a8:4a:ce:c9:bc:6a:ee:dd:6c:13:16:75:
ba:86:0c:70:99:81:5b:5c:ce:f4:42:6c:5c:dd:3d:
a0:a8:b9:23:4b:36:f7:a5:13:e9:fd:ec:d5:d2:fc:
89:e8:31:f7:80:c3:7a:10:c8:0b:61:65:5b:09:52:
1e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:41:27:8E:B5:D8:5E:C1:D3:20:20:F4:31:CD:1D:B0:22:43:CB:E8
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/i0EnjrXYXsHTICD0Mc0dsCJDy-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.49.0/24
31.56.98.0/24
31.56.103.0/24
31.56.210.0/24
31.56.212.0/24
31.56.223.0/24
31.56.234.0/23
31.57.35.0/24
31.57.121.0/24
31.57.206.0/24
31.57.225.0/24
31.58.47.0/24
31.58.90.0/24
31.58.168.0/24
31.59.171.0/24
31.59.199.0/24
31.59.236.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:b9:9c:c4:b1:fb:e2:95:1a:a0:ff:e6:29:52:a2:e4:14:4f:
68:81:cb:e1:9e:eb:e0:1d:d1:89:4a:c1:0e:2b:65:78:b9:c2:
20:a6:a8:cd:ba:02:37:92:d3:97:c7:40:54:41:e6:08:16:3a:
be:55:69:0b:ce:29:55:ca:c2:aa:92:7e:45:61:3b:f6:7f:56:
d4:8c:a1:f7:86:c7:72:42:9e:eb:11:7b:67:e7:c7:87:8f:76:
10:64:b6:d4:89:37:7a:bd:46:0f:81:12:5e:01:a6:ea:c0:82:
be:2f:7c:96:95:f0:79:99:e3:93:16:04:cc:42:5f:d7:da:b7:
b8:18:e5:ef:7e:27:82:4f:b3:6b:a8:fc:97:3a:8b:9c:a2:fa:
74:df:f8:fc:77:30:c4:bf:92:43:cd:ef:41:e7:e1:91:25:ab:
bd:ed:9d:fc:f8:a6:b4:c8:a3:9e:45:09:7e:7c:06:c9:fe:49:
c2:e8:cb:76:6f:1b:3f:e3:f1:b5:fe:a5:1b:d4:22:98:12:1f:
3b:1a:a0:1d:bf:47:a8:b2:60:ed:eb:be:67:7f:45:fe:b2:88:
59:77:d1:0c:39:38:1c:12:1b:ef:fc:90:d2:6a:b4:be:8b:6c:
ec:cd:7c:ba:d3:25:3c:47:82:65:09:a0:18:4c:81:6f:b6:d1:
7b:c9:19:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZxG0bV1GGdQWRMXDChtA2E8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMjEwMDkxMTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQxMjc4ZWI1ZDg1ZWMxZDMyMDIwZjQzMWNkMWRiMDIyNDNjYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3e+VGRD9ywnylTPPdaEVkp5QKiih
rnAFMJBz68+aUeujPT60RkJPnJoL4HM3DV+VUoP0IySbcXKf5VvGf9QjSyOEk5Mn
ls2eiKliioL+/rCTfveYUro8ammj85sgS7Ya5IjNwR/x1pOZYY8N2yTGAAovqeA3
Qbd3ZWNmQu76v6+lMDAKJqam4NrhlaGU1CHz7oSiuAFV/T2L59zLyNOhLrgQ/cwX
2zv/YbuP9r/aiXhrgVNJAaYlW0fwmpLXAJq7idgRqSioSs7JvGru3WwTFnW6hgxw
mYFbXM70Qmxc3T2gqLkjSzb3pRPp/ezV0vyJ6DH3gMN6EMgLYWVbCVIeJwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFItBJ4612F7B0yAg9DHNHbAiQ8voMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaTBFbmpyWFlYc0hUSUNEME1jMGRzQ0pEeS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAHzgxAwQA
HzhiAwQAHzhnAwQAHzjSAwQAHzjUAwQAHzjfAwQBHzjqAwQAHzkjAwQAHzl5AwQA
HznOAwQAHznhAwQAHzovAwQAHzpaAwQAHzqoAwQAHzurAwQAHzvHAwQCHzvsMA0G
CSqGSIb3DQEBCwUAA4IBAQA7uZzEsfvilRqg/+YpUqLkFE9ogcvhnuvgHdGJSsEO
K2V4ucIgpqjNugI3ktOXx0BUQeYIFjq+VWkLzilVysKqkn5FYTv2f1bUjKH3hsdy
Qp7rEXtn58eHj3YQZLbUiTd6vUYPgRJeAabqwIK+L3yWlfB5meOTFgTMQl/X2re4
GOXvfieCT7NrqPyXOoucovp03/j8dzDEv5JDze9B5+GRJau97Z38+Ka0yKOeRQl+
fAbJ/knC6Mt2bxs/4/G1/qUb1CKYEh87GqAdv0eosmDt675nf0X+sohZd9EMOTgc
Ehvv/JDSarS+i2zszXy60yU8R4JlCaAYTIFvttF7yRnb
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:43:00 2026 by rpki-client