Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/s8Smh4V7mglAix-rNr6DZyPMnKI.roa
File: s8Smh4V7mglAix-rNr6DZyPMnKI.roa (raw, json)
Hash identifier: MulWaQQ/dP1Qt7xTezRdNgwWpgCrUo1ZxcH7UFXRAK0=
Subject key identifier: B3:C4:A6:87:85:7B:9A:09:40:8B:1F:AB:36:BE:83:67:23:CC:9C:A2
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EBCAC5C3862A13ECEB6725DA228EA6984
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/s8Smh4V7mglAix-rNr6DZyPMnKI.roa
Signing time: Fri 12 Jun 2026 16:31:12 +0000
ROA not before: Fri 12 Jun 2026 16:31:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.214.0/24 maxlen: 24
31.57.135.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
217.60.16.0/24 maxlen: 24
217.60.17.0/24 maxlen: 24
217.60.18.0/24 maxlen: 24
217.60.19.0/24 maxlen: 24
217.60.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bc:ac:5c:38:62:a1:3e:ce:b6:72:5d:a2:28:ea:69:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 12 16:31:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b3c4a687857b9a09408b1fab36be836723cc9ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5a:e4:dc:4b:07:a3:ec:97:0e:1b:08:a0:2f:
68:a5:17:4d:83:88:59:41:f9:b9:e7:f9:7a:c8:62:
62:a8:14:7e:69:3e:43:86:a2:59:5d:b4:6a:ae:47:
09:89:82:49:c0:d6:81:af:d5:f4:5f:4f:04:d9:73:
76:1e:fc:a8:39:4a:5a:be:f5:27:15:f5:13:1d:63:
16:d3:28:9f:c7:d2:9b:88:ac:83:c0:05:85:d9:1e:
16:a1:da:36:57:5b:e3:87:90:db:c3:b1:c4:67:62:
55:a9:e7:73:f2:fa:8a:b7:81:29:f6:af:12:db:90:
e5:2a:13:fd:20:b0:19:89:20:0b:fc:ac:04:a8:13:
b0:cf:26:64:3b:f0:2d:58:26:0a:55:35:45:a4:82:
1a:80:37:bd:40:34:87:9e:cf:b9:d3:6a:4c:8c:b9:
ea:87:d7:c0:46:7c:a7:d9:7a:4c:cb:4a:20:37:02:
e7:5d:8f:02:de:4c:14:66:8b:d5:09:35:ef:c6:31:
fa:70:4b:e2:4d:3a:42:cc:42:8d:da:e4:d7:b3:ec:
dc:75:d8:37:62:81:2e:33:dd:a7:6a:91:f5:0b:5b:
c8:29:fe:db:f2:7d:0e:6c:6f:29:bd:b7:5c:52:4f:
ae:9e:4f:07:b1:83:38:59:db:61:27:ce:ef:ac:da:
99:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C4:A6:87:85:7B:9A:09:40:8B:1F:AB:36:BE:83:67:23:CC:9C:A2
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/s8Smh4V7mglAix-rNr6DZyPMnKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.214.0/24
31.57.135.0/24
31.58.41.0/24
31.58.244.0/23
31.58.247.0/24
31.58.250.0/23
217.60.16.0/22
217.60.187.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:7d:54:9c:82:48:cb:53:c8:af:29:4c:0d:7e:7d:2d:4c:eb:
2c:1e:e1:9b:11:45:be:d3:fd:a8:b7:46:44:e2:11:43:6d:77:
6d:86:1c:e8:0a:64:a2:44:69:3c:c9:eb:50:f5:ef:a4:97:19:
82:a4:0d:de:22:5a:cf:f5:9b:c3:68:b3:74:d5:ac:6e:5f:40:
88:ad:70:d9:86:27:f5:c9:45:f1:ae:5f:fb:a0:15:81:8a:9c:
32:01:4a:67:36:25:ae:4f:e2:c1:0c:da:51:10:ac:db:b4:6c:
46:17:60:dc:4a:6e:51:01:1d:47:a4:89:6f:2a:0e:16:2d:4e:
4e:81:5c:88:ef:ab:2d:a7:31:8c:a5:10:10:18:1c:8e:2b:72:
d9:84:85:b6:5b:96:bf:e4:25:39:b5:3e:69:af:98:9b:08:d9:
ec:43:4e:f7:d9:e0:5c:cd:d5:5a:d7:ca:a8:0e:47:1e:3b:1d:
d8:51:36:12:f0:b3:5f:80:5e:ad:c1:9d:7e:7f:14:05:a2:2c:
17:4a:4d:16:24:62:70:87:58:a6:dd:76:b5:01:15:e8:34:db:
87:3e:59:be:27:ae:83:1b:90:27:d8:53:66:ad:78:63:a5:ec:
ed:19:6f:45:f9:be:47:68:86:4f:8c:0c:de:e0:b1:b7:3d:d2:
0a:01:c8:97
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ68rFw4YqE+zrZyXaIo6mmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjEyMTYzMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M0YTY4Nzg1N2I5YTA5NDA4YjFmYWIzNmJlODM2NzIzY2M5Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Vrk3EsHo+yXDhsIoC9opRdNg4hZ
Qfm55/l6yGJiqBR+aT5DhqJZXbRqrkcJiYJJwNaBr9X0X08E2XN2HvyoOUpavvUn
FfUTHWMW0yifx9KbiKyDwAWF2R4Wodo2V1vjh5Dbw7HEZ2JVqedz8vqKt4Ep9q8S
25DlKhP9ILAZiSAL/KwEqBOwzyZkO/AtWCYKVTVFpIIagDe9QDSHns+502pMjLnq
h9fARnyn2XpMy0ogNwLnXY8C3kwUZovVCTXvxjH6cEviTTpCzEKN2uTXs+zcddg3
YoEuM92napH1C1vIKf7b8n0ObG8pvbdcUk+unk8HsYM4WdthJ87vrNqZJwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLPEpoeFe5oJQIsfqza+g2cjzJyiMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvczhTbWg0VjdtZ2xBaXgtck5yNkRaeVBNbktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHzjWAwQA
HzmHAwQAHzopAwQBHzr0AwQAHzr3AwQBHzr6AwQC2TwQAwQA2Ty7MA0GCSqGSIb3
DQEBCwUAA4IBAQBNfVScgkjLU8ivKUwNfn0tTOssHuGbEUW+0/2ot0ZE4hFDbXdt
hhzoCmSiRGk8yetQ9e+klxmCpA3eIlrP9ZvDaLN01axuX0CIrXDZhif1yUXxrl/7
oBWBipwyAUpnNiWuT+LBDNpREKzbtGxGF2DcSm5RAR1HpIlvKg4WLU5OgVyI76st
pzGMpRAQGByOK3LZhIW2W5a/5CU5tT5pr5ibCNnsQ0732eBczdVa18qoDkceOx3Y
UTYS8LNfgF6twZ1+fxQFoiwXSk0WJGJwh1im3Xa1ARXoNNuHPlm+J66DG5An2FNm
rXhjpeztGW9F+b5HaIZPjAze4LG3PdIKAciX
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:54:39 2026 by rpki-client