Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jiNvP4gEzReze9-j0ry904VVNsE.roa
File: jiNvP4gEzReze9-j0ry904VVNsE.roa (raw, json)
Hash identifier: lhy4lq2lX2vwX2jiAOkj/UVFnu8A3VdbT4vIvDWmayc=
Subject key identifier: 8E:23:6F:3F:88:04:CD:17:B3:7B:DF:A3:D2:BC:BD:D3:85:55:36:C1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EBD6D88EED42789857B3226E396FEEA0E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jiNvP4gEzReze9-j0ry904VVNsE.roa
Signing time: Fri 12 Jun 2026 20:02:12 +0000
ROA not before: Fri 12 Jun 2026 20:02:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.56.184.0/22 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/22 maxlen: 22
31.57.217.0/24 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.180.0/24 maxlen: 24
31.58.181.0/24 maxlen: 24
31.58.184.0/21 maxlen: 24
31.58.192.0/20 maxlen: 24
31.58.209.0/24 maxlen: 24
31.59.37.0/24 maxlen: 24
31.59.90.0/23 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.162.0/24 maxlen: 24
31.59.176.0/21 maxlen: 24
94.183.152.0/24 maxlen: 24
94.183.169.0/24 maxlen: 24
94.183.224.0/24 maxlen: 24
94.183.236.0/24 maxlen: 24
94.183.241.0/24 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.52.0/22 maxlen: 24
217.60.56.0/22 maxlen: 24
217.60.76.0/22 maxlen: 24
217.60.108.0/22 maxlen: 24
217.60.112.0/22 maxlen: 24
217.60.124.0/22 maxlen: 24
217.60.128.0/22 maxlen: 24
217.60.132.0/22 maxlen: 24
217.60.136.0/22 maxlen: 24
217.60.140.0/22 maxlen: 24
217.60.144.0/22 maxlen: 24
217.60.148.0/22 maxlen: 24
217.60.152.0/22 maxlen: 24
217.60.156.0/22 maxlen: 24
217.60.160.0/20 maxlen: 24
217.60.176.0/21 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.242.0/24 maxlen: 24
2a14:6e40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bd:6d:88:ee:d4:27:89:85:7b:32:26:e3:96:fe:ea:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 12 20:02:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e236f3f8804cd17b37bdfa3d2bcbdd3855536c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:06:7b:66:a4:a3:32:24:e4:b8:79:14:a2:04:
9f:90:13:49:2f:33:b0:c0:5f:e5:af:b2:53:8b:65:
83:d7:12:8d:f5:20:1e:28:5f:3f:a2:39:3d:67:82:
49:41:5e:34:10:44:37:3b:f8:b2:e0:3a:e9:80:a7:
9d:ef:4a:bb:55:ee:41:ce:81:98:7c:59:2d:38:e6:
9c:3a:20:8b:3c:0c:28:47:d9:75:60:69:3e:3e:54:
a9:e9:3e:df:8e:70:5d:25:18:ce:35:5b:49:fb:c8:
33:eb:8c:9e:3b:1b:d0:ab:95:ef:31:d4:63:77:a7:
1f:45:42:71:8a:69:72:b6:b0:13:b7:56:10:51:82:
09:22:69:ef:88:df:d2:29:e6:02:eb:5d:d3:56:f7:
f7:dd:f7:37:33:c7:f1:cb:b1:06:64:a1:dc:cd:4a:
01:91:63:8f:8b:3c:58:ec:42:3f:06:2f:ed:96:60:
0b:d3:3c:52:d1:75:b7:67:9e:41:b1:65:43:f1:fe:
de:d1:89:85:b1:d2:67:ed:9d:20:35:89:2c:d1:1f:
b1:52:a8:6c:94:b9:91:93:21:3a:65:d0:38:62:ce:
9b:0c:78:42:fd:b7:29:dd:cd:8e:a3:98:0b:30:41:
6a:52:56:f5:4a:b6:b6:c7:ec:a7:08:6b:eb:cb:9d:
f7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:23:6F:3F:88:04:CD:17:B3:7B:DF:A3:D2:BC:BD:D3:85:55:36:C1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jiNvP4gEzReze9-j0ry904VVNsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.184.0/22
31.57.200.0/24
31.57.208.0/22
31.57.217.0/24
31.58.92.0/22
31.58.180.0/23
31.58.184.0-31.58.207.255
31.58.209.0/24
31.59.37.0/24
31.59.90.0/23
31.59.140.0/22
31.59.148.0/22
31.59.162.0/24
31.59.176.0/21
94.183.152.0/24
94.183.169.0/24
94.183.224.0/24
94.183.236.0/24
94.183.241.0/24
217.60.28.0/22
217.60.52.0-217.60.59.255
217.60.76.0/22
217.60.108.0-217.60.115.255
217.60.124.0-217.60.183.255
217.60.188.0/22
217.60.242.0/24
IPv6:
2a14:6e40:1::/48
Signature Algorithm: sha256WithRSAEncryption
a8:49:c2:7c:88:df:1d:8c:3e:26:f9:cc:af:98:1c:b5:1f:f9:
3b:79:30:9f:bf:b4:36:d7:73:a9:19:34:30:0a:04:b4:27:dc:
32:27:84:72:16:bd:fb:1c:c1:d6:f9:ba:eb:36:cd:3c:63:0f:
53:39:12:9f:8a:26:32:c9:71:3b:e4:32:8e:02:3f:76:d1:c1:
d1:56:97:35:a4:60:5d:b5:48:14:06:68:fa:d4:1a:a8:f2:8c:
7a:61:23:0d:ce:7c:50:f4:a0:76:95:18:20:ec:f5:8f:4d:15:
17:4b:10:05:33:1e:77:f7:ec:2e:9d:e8:7f:51:02:d6:95:7a:
d7:59:66:ad:5a:24:43:64:dd:fc:6f:ba:32:98:87:45:20:d5:
a9:d2:f9:5b:11:eb:77:f5:51:77:20:27:85:c7:bb:b5:3c:16:
66:5c:5a:59:d0:28:7e:eb:e3:c1:c9:dd:16:1c:ca:6f:49:28:
cf:81:a1:64:8e:8b:2a:b1:03:39:2b:e9:b3:b7:33:e1:7d:cd:
09:6a:68:a0:26:f6:a4:b3:46:8d:2c:af:38:d5:e0:44:88:c7:
22:22:a9:27:4a:8a:6d:10:71:af:4a:01:51:f0:9a:91:8d:88:
ae:72:c2:10:f4:45:9c:dd:10:2a:64:7e:75:c2:40:f3:83:af:
cd:cb:a5:fc
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAZ69bYju1CeJhXsyJuOW/uoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjEyMjAwMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTIzNmYzZjg4MDRjZDE3YjM3YmRmYTNkMmJjYmRkMzg1NTUzNmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AZ7ZqSjMiTkuHkUogSfkBNJLzOw
wF/lr7JTi2WD1xKN9SAeKF8/ojk9Z4JJQV40EEQ3O/iy4DrpgKed70q7Ve5BzoGY
fFktOOacOiCLPAwoR9l1YGk+PlSp6T7fjnBdJRjONVtJ+8gz64yeOxvQq5XvMdRj
d6cfRUJximlytrATt1YQUYIJImnviN/SKeYC613TVvf33fc3M8fxy7EGZKHczUoB
kWOPizxY7EI/Bi/tlmAL0zxS0XW3Z55BsWVD8f7e0YmFsdJn7Z0gNYks0R+xUqhs
lLmRkyE6ZdA4Ys6bDHhC/bcp3c2Oo5gLMEFqUlb1Sra2x+ynCGvry5339wIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFI4jbz+IBM0Xs3vfo9K8vdOFVTbBMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvamlOdlA0Z0V6UmV6ZTktajByeTkwNFZWTnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBwwQCAAEwgbwDBAIf
OLgDBAAfOcgDBAIfOdADBAAfOdkDBAIfOlwDBAEfOrQwDAMEAx86uAMEBB86wAME
AB860QMEAB87JQMEAR87WgMEAh87jAMEAh87lAMEAB87ogMEAx87sAMEAF63mAME
AF63qQMEAF634AMEAF637AMEAF638QMEAtk8HDAMAwQC2Tw0AwQC2Tw4AwQC2TxM
MAwDBALZPGwDBALZPHAwDAMEAtk8fAMEA9k8sAMEAtk8vAMEANk88jAPBAIAAjAJ
AwcAKhRuQAABMA0GCSqGSIb3DQEBCwUAA4IBAQCoScJ8iN8djD4m+cyvmBy1H/k7
eTCfv7Q213OpGTQwCgS0J9wyJ4RyFr37HMHW+brrNs08Yw9TORKfiiYyyXE75DKO
Aj920cHRVpc1pGBdtUgUBmj61Bqo8ox6YSMNznxQ9KB2lRgg7PWPTRUXSxAFMx53
9+wuneh/UQLWlXrXWWatWiRDZN38b7oymIdFINWp0vlbEet39VF3ICeFx7u1PBZm
XFpZ0Ch+6+PByd0WHMpvSSjPgaFkjosqsQM5K+mztzPhfc0JamigJvaks0aNLK84
1eBEiMciIqknSoptEHGvSgFR8JqRjYiucsIQ9EWc3RAqZH51wkDzg6/Ny6X8
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:49:49 2026 by rpki-client