Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/snDd9YsSIS7F-z2HS643-TFomCM.roa
File: snDd9YsSIS7F-z2HS643-TFomCM.roa (raw, json)
Hash identifier: m2zsgaHbugb9j/qAFPeQ72FiXj6DrSZ1W3r8b5TI8DQ=
Subject key identifier: B2:70:DD:F5:8B:12:21:2E:C5:FB:3D:87:4B:AE:37:F9:31:68:98:23
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E9707803FDF6D0EECD6EA1E40781AF834
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/snDd9YsSIS7F-z2HS643-TFomCM.roa
Signing time: Fri 05 Jun 2026 09:05:11 +0000
ROA not before: Fri 05 Jun 2026 09:05:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215727
IP address blocks: 31.57.206.0/24 maxlen: 24
31.57.249.0/24 maxlen: 24
31.57.253.0/24 maxlen: 24
31.57.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:97:07:80:3f:df:6d:0e:ec:d6:ea:1e:40:78:1a:f8:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 5 09:05:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b270ddf58b12212ec5fb3d874bae37f931689823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1c:63:bf:7c:d4:79:ec:ea:b1:e5:73:61:32:
4a:80:f0:7a:f9:9f:5c:3e:46:16:e0:8b:74:57:3c:
6c:7f:ce:98:28:05:65:f1:52:19:a3:73:1a:04:33:
d5:9b:d8:ca:7f:a4:40:8a:60:bf:78:cd:5a:cb:b3:
5f:d3:2e:9b:39:4f:5e:80:1f:23:44:6f:24:99:08:
86:d9:01:83:46:e5:be:9e:cb:28:fe:ed:a7:27:c5:
da:ee:0c:d6:c9:31:c7:2c:db:29:ba:3b:e7:53:57:
2e:b8:9e:68:e8:f1:bb:a6:73:67:61:53:2d:32:24:
6c:54:54:7a:2f:f7:0c:02:1d:bc:93:e3:42:34:3f:
82:2c:35:99:50:5d:e6:ca:9e:cd:cc:38:b2:2c:c8:
d6:62:14:f1:91:b0:39:87:b3:da:d0:fa:9e:9c:20:
51:69:34:73:93:f3:69:af:20:71:a8:ef:ac:87:90:
71:32:ef:8f:0f:a1:bf:d3:bf:98:24:43:b0:f8:74:
ee:cb:9b:43:6f:10:7c:f7:78:21:94:b8:4e:70:e1:
00:b1:57:69:32:2f:85:f8:6d:19:e8:40:03:8b:8d:
2a:7c:3c:71:84:12:5b:6a:f0:66:d9:71:2d:9f:5a:
c6:45:93:8a:4b:36:16:33:b9:d1:5c:f8:16:83:48:
ff:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:70:DD:F5:8B:12:21:2E:C5:FB:3D:87:4B:AE:37:F9:31:68:98:23
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/snDd9YsSIS7F-z2HS643-TFomCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.206.0/24
31.57.249.0/24
31.57.253.0/24
31.57.255.0/24
Signature Algorithm: sha256WithRSAEncryption
94:fa:2a:f6:e0:c4:d5:b4:ae:4e:76:d0:53:e5:5c:dc:1d:76:
c1:89:6f:4f:2e:32:41:42:96:f2:3e:32:88:ce:1c:a1:b8:1a:
fe:c7:f5:34:6c:88:cd:73:89:24:cb:b4:fd:4c:85:a2:0f:03:
10:72:6d:f3:d0:ec:2b:65:3d:5e:df:d8:e7:33:ca:27:e8:fd:
57:c2:50:b2:6c:21:45:d5:97:fc:13:8a:b2:cf:9b:b8:ad:88:
d9:13:cd:cf:ad:c9:97:b2:5c:d7:9b:99:46:6e:8b:73:9a:b7:
4a:1c:37:4a:37:ec:d4:77:ef:56:31:20:9b:4b:f4:9f:44:f6:
ec:b8:e0:21:25:06:f6:65:73:93:fd:fb:58:ba:5f:71:a0:77:
35:2c:e8:5f:d0:fa:4f:70:d6:9d:68:d4:b8:9c:a5:2f:ae:60:
b3:3e:27:2e:5e:5c:e8:5b:57:01:e3:18:32:73:8b:08:87:2f:
e0:6f:24:a2:c1:eb:a5:e3:82:4a:d1:48:32:79:eb:e7:66:91:
41:24:20:03:b9:d3:b8:c6:4b:2a:87:59:e2:5f:87:38:03:20:
6f:bd:6e:22:85:9b:0c:ba:63:e2:30:22:66:0f:c4:66:e9:3c:
65:d8:b0:bd:b5:29:21:79:74:7f:6f:2b:bc:ab:3c:1b:17:0c:
4a:06:33:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6XB4A/320O7NbqHkB4Gvg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjA1MDkwNTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjcwZGRmNThiMTIyMTJlYzVmYjNkODc0YmFlMzdmOTMxNjg5ODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Bxjv3zUeezqseVzYTJKgPB6+Z9c
PkYW4It0Vzxsf86YKAVl8VIZo3MaBDPVm9jKf6RAimC/eM1ay7Nf0y6bOU9egB8j
RG8kmQiG2QGDRuW+nsso/u2nJ8Xa7gzWyTHHLNspujvnU1cuuJ5o6PG7pnNnYVMt
MiRsVFR6L/cMAh28k+NCND+CLDWZUF3myp7NzDiyLMjWYhTxkbA5h7Pa0PqenCBR
aTRzk/NpryBxqO+sh5BxMu+PD6G/07+YJEOw+HTuy5tDbxB893ghlLhOcOEAsVdp
Mi+F+G0Z6EADi40qfDxxhBJbavBm2XEtn1rGRZOKSzYWM7nRXPgWg0j/SwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLJw3fWLEiEuxfs9h0uuN/kxaJgjMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvc25EZDlZc1NJUzdGLXoySFM2NDMtVEZvbUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHznOAwQA
Hzn5AwQAHzn9AwQAHzn/MA0GCSqGSIb3DQEBCwUAA4IBAQCU+ir24MTVtK5OdtBT
5VzcHXbBiW9PLjJBQpbyPjKIzhyhuBr+x/U0bIjNc4kky7T9TIWiDwMQcm3z0Owr
ZT1e39jnM8on6P1XwlCybCFF1Zf8E4qyz5u4rYjZE83PrcmXslzXm5lGbotzmrdK
HDdKN+zUd+9WMSCbS/SfRPbsuOAhJQb2ZXOT/ftYul9xoHc1LOhf0PpPcNadaNS4
nKUvrmCzPicuXlzoW1cB4xgyc4sIhy/gbySiweul44JK0UgyeevnZpFBJCADudO4
xksqh1niX4c4AyBvvW4ihZsMumPiMCJmD8Rm6Txl2LC9tSkheXR/byu8qzwbFwxK
BjOD
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:37:21 2026 by rpki-client