Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/of0fId54iwCM9OnYShVKfZGfVoc.roa
File: of0fId54iwCM9OnYShVKfZGfVoc.roa (raw, json)
Hash identifier: kK/JU8fTxFChVItxClCHSTVEZVdQHwheDpwRhI74I5c=
Subject key identifier: A1:FD:1F:21:DE:78:8B:00:8C:F4:E9:D8:4A:15:4A:7D:91:9F:56:87
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019D673D5A657E40E1439DC76AB8D5BA018D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/of0fId54iwCM9OnYShVKfZGfVoc.roa
Signing time: Tue 07 Apr 2026 09:19:27 +0000
ROA not before: Tue 07 Apr 2026 09:19:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214025
IP address blocks: 31.56.46.0/24 maxlen: 24
31.56.77.0/24 maxlen: 24
31.56.79.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.56.190.0/24 maxlen: 24
31.56.231.0/24 maxlen: 24
31.58.57.0/24 maxlen: 24
31.59.52.0/24 maxlen: 24
31.59.211.0/24 maxlen: 24
31.59.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:3d:5a:65:7e:40:e1:43:9d:c7:6a:b8:d5:ba:01:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 7 09:19:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a1fd1f21de788b008cf4e9d84a154a7d919f5687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:76:8e:e9:f7:59:01:ac:9b:86:07:c4:30:9f:
b6:a8:1c:44:94:70:62:68:48:a7:28:02:93:06:05:
ed:63:e5:9f:5b:5f:32:ea:a7:13:26:b6:56:eb:8d:
77:60:88:1e:71:e4:7a:ca:7e:19:93:25:72:26:94:
2c:fc:9a:b9:f5:58:37:a9:81:a9:81:ec:00:12:bd:
12:0b:dd:70:61:15:22:39:45:2d:32:cc:2b:03:57:
a2:71:b0:c0:b6:61:08:34:d1:a5:3f:02:8c:72:c1:
38:fc:9b:94:b7:7e:45:c9:be:f2:a6:ed:33:71:46:
59:2e:7b:88:59:2d:80:0a:fb:01:3c:9a:f0:8b:df:
9d:77:cd:74:4f:66:82:a8:14:aa:94:19:38:ac:5b:
00:c5:b7:a0:92:44:a9:da:18:a0:30:33:b4:78:a8:
39:22:cd:05:95:cd:d5:c7:10:97:57:dd:ee:a6:7c:
41:ef:92:c3:8b:15:21:c3:e0:bb:f3:29:18:d1:ab:
fb:1d:54:ca:1f:23:25:bb:8e:3d:11:aa:19:20:d6:
a8:e7:a3:30:8f:bb:ed:69:36:d7:9e:dc:cd:ae:86:
86:3a:35:fb:20:32:0b:d0:0d:f9:c7:42:e4:0e:cd:
55:93:7c:67:03:88:6a:2d:d2:f6:ce:35:05:61:4a:
8f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:FD:1F:21:DE:78:8B:00:8C:F4:E9:D8:4A:15:4A:7D:91:9F:56:87
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/of0fId54iwCM9OnYShVKfZGfVoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.46.0/24
31.56.77.0/24
31.56.79.0/24
31.56.84.0/24
31.56.190.0/24
31.56.231.0/24
31.58.57.0/24
31.59.52.0/24
31.59.211.0/24
31.59.254.0/24
Signature Algorithm: sha256WithRSAEncryption
be:e7:26:d9:cc:ee:d2:4e:1e:d8:15:0e:31:26:b5:11:56:68:
66:5a:cb:6b:97:c6:08:7b:f9:eb:e0:c2:9b:39:8f:7a:f1:a6:
c6:3e:f5:7e:37:fe:1d:f4:f1:87:f8:3e:04:6b:b5:6c:56:68:
e2:0d:f1:23:07:45:46:66:37:96:e8:17:53:8c:d9:ec:c7:7a:
6b:d2:3e:c0:71:cc:43:f7:72:b5:d5:ce:18:30:6a:c4:89:b3:
21:c9:cd:f5:61:27:95:0b:75:04:c9:5d:53:ff:b5:db:5b:9e:
7a:93:d2:d8:70:cc:c6:36:f4:59:e3:30:50:b1:2f:7e:59:aa:
73:23:31:eb:65:54:d3:5b:1d:e4:59:83:51:d9:db:44:5e:50:
a1:4e:c7:64:73:84:95:f9:fe:71:b0:a5:58:c7:a9:91:48:02:
80:6d:ef:8a:1a:f2:88:51:9b:ef:14:f1:dd:ae:bb:5d:60:4c:
36:53:0a:a8:95:2b:40:b3:9c:12:b1:51:d0:1a:3c:af:c0:a9:
e6:62:db:d1:8a:ea:f2:50:81:bc:1b:aa:b7:8c:e5:27:ef:d6:
05:66:ba:63:05:4b:f8:ac:94:e9:51:74:45:78:28:44:1f:67:
f5:ab:48:61:68:5e:7c:a3:ba:fa:c0:7f:cd:3e:c4:57:e5:d4:
d1:a8:2b:a4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ1nPVplfkDhQ53HarjVugGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDA3MDkxOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWZkMWYyMWRlNzg4YjAwOGNmNGU5ZDg0YTE1NGE3ZDkxOWY1Njg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnaO6fdZAaybhgfEMJ+2qBxElHBi
aEinKAKTBgXtY+WfW18y6qcTJrZW6413YIgeceR6yn4ZkyVyJpQs/Jq59Vg3qYGp
gewAEr0SC91wYRUiOUUtMswrA1eicbDAtmEINNGlPwKMcsE4/JuUt35Fyb7ypu0z
cUZZLnuIWS2ACvsBPJrwi9+dd810T2aCqBSqlBk4rFsAxbegkkSp2higMDO0eKg5
Is0Flc3VxxCXV93upnxB75LDixUhw+C78ykY0av7HVTKHyMlu449EaoZINao56Mw
j7vtaTbXntzNroaGOjX7IDIL0A35x0LkDs1Vk3xnA4hqLdL2zjUFYUqPbQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKH9HyHeeIsAjPTp2EoVSn2Rn1aHMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvb2YwZklkNTRpd0NNOU9uWVNoVktmWkdmVm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAHzguAwQA
HzhNAwQAHzhPAwQAHzhUAwQAHzi+AwQAHzjnAwQAHzo5AwQAHzs0AwQAHzvTAwQA
Hzv+MA0GCSqGSIb3DQEBCwUAA4IBAQC+5ybZzO7STh7YFQ4xJrURVmhmWstrl8YI
e/nr4MKbOY968abGPvV+N/4d9PGH+D4Ea7VsVmjiDfEjB0VGZjeW6BdTjNnsx3pr
0j7AccxD93K11c4YMGrEibMhyc31YSeVC3UEyV1T/7XbW556k9LYcMzGNvRZ4zBQ
sS9+WapzIzHrZVTTWx3kWYNR2dtEXlChTsdkc4SV+f5xsKVYx6mRSAKAbe+KGvKI
UZvvFPHdrrtdYEw2UwqolStAs5wSsVHQGjyvwKnmYtvRiuryUIG8G6q3jOUn79YF
ZrpjBUv4rJTpUXRFeChEH2f1q0hhaF58o7r6wH/NPsRX5dTRqCuk
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:58:10 2026 by rpki-client