Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tU5GerTh2y20VoBh95Rm-2-qG1w.roa
File: tU5GerTh2y20VoBh95Rm-2-qG1w.roa (raw, json)
Hash identifier: gSRb3irexJe7m8dslqTYt3eBrAPwgAsMae6xM3Nmgx0=
Subject key identifier: B5:4E:46:7A:B4:E1:DB:2D:B4:56:80:61:F7:94:66:FB:6F:AA:1B:5C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EBCCD52B48F1F35B6C45DBC995E4ED971
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tU5GerTh2y20VoBh95Rm-2-qG1w.roa
Signing time: Fri 12 Jun 2026 17:07:13 +0000
ROA not before: Fri 12 Jun 2026 17:07:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212743
IP address blocks: 31.58.232.0/23 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.39.0/24 maxlen: 24
31.59.161.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
94.183.206.0/24 maxlen: 24
94.183.226.0/24 maxlen: 24
94.183.238.0/24 maxlen: 24
94.183.239.0/24 maxlen: 24
94.183.254.0/24 maxlen: 24
217.60.8.0/23 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bc:cd:52:b4:8f:1f:35:b6:c4:5d:bc:99:5e:4e:d9:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 12 17:07:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b54e467ab4e1db2db4568061f79466fb6faa1b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c6:1b:4d:d2:a0:b2:5b:4e:d9:f4:56:1a:4f:
b5:0e:32:22:59:97:43:a1:83:ec:58:5f:98:c7:23:
a0:52:14:ac:26:20:8a:c9:19:25:69:cb:ec:c0:63:
6e:74:cf:30:c0:2d:00:d7:7e:db:24:aa:de:86:33:
8e:08:94:25:d3:bf:1f:1d:8f:fd:80:2a:12:0a:8b:
65:f9:36:91:42:79:ef:ff:26:f1:c2:2f:d0:f8:1e:
b8:45:12:ca:45:d3:dc:2b:57:0c:41:d2:50:00:44:
db:10:ac:83:e7:17:31:af:87:89:94:47:10:cf:db:
bc:b0:be:a5:99:d1:ea:8c:37:c2:91:0e:0d:88:1e:
c4:5e:79:80:ea:23:c4:e2:52:d1:80:8f:6b:e6:5c:
e6:f6:d3:c7:4e:87:fa:5a:8b:ec:75:f7:53:54:1b:
6d:3e:f6:7e:b7:a6:46:6b:21:70:e2:e1:ef:85:58:
53:65:bb:f1:00:ee:14:70:0a:f7:47:01:b8:de:c0:
75:ad:20:13:77:aa:a5:2e:ac:71:58:25:15:4e:ce:
82:10:16:14:99:20:d0:73:ff:b3:2b:2c:61:08:06:
4f:94:80:ee:ce:35:b1:98:6e:71:48:c2:ca:9e:10:
be:aa:85:0d:fb:38:f3:30:10:77:a9:45:a7:00:e2:
07:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4E:46:7A:B4:E1:DB:2D:B4:56:80:61:F7:94:66:FB:6F:AA:1B:5C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tU5GerTh2y20VoBh95Rm-2-qG1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.232.0/23
31.59.36.0/24
31.59.39.0/24
31.59.161.0/24
94.183.170.0/24
94.183.206.0/24
94.183.226.0/24
94.183.238.0/23
94.183.254.0/24
217.60.8.0/23
217.60.24.0/24
217.60.99.0/24
Signature Algorithm: sha256WithRSAEncryption
62:a6:39:78:0b:d1:ec:35:ea:56:1a:4e:4f:cc:e8:43:13:24:
e3:33:2b:8f:fd:1d:de:58:17:b5:ae:cf:4d:02:20:12:fb:92:
86:bd:a8:43:c5:84:0b:9a:19:02:ba:5c:82:0e:09:fd:10:f5:
d2:f7:73:57:a2:38:9a:ce:f7:4e:dc:8d:ac:e4:f4:2b:35:ee:
ef:07:63:ec:a8:7e:62:b5:65:f6:5e:d2:8c:59:88:62:3d:16:
03:8d:e8:f3:d1:b6:6e:cf:e0:13:f5:53:0a:5d:c4:8c:bc:82:
c9:08:4d:50:26:8a:ed:de:c1:5a:a3:2b:95:cd:9b:e5:c3:13:
7d:51:d0:e9:9c:94:75:f3:d2:b5:dd:3f:81:66:02:94:3e:57:
8f:40:44:6e:26:a9:a4:c2:2b:6d:87:b1:3e:e4:c0:3a:b0:22:
19:82:f3:f1:93:b8:9e:64:4b:ac:de:56:ba:0d:55:60:43:38:
91:e4:a4:cd:15:ba:dd:cb:6c:96:54:20:fe:03:a0:a2:af:94:
ba:b2:96:19:a1:01:26:90:9e:13:d0:4f:2b:de:a1:6b:f1:90:
6f:fb:0f:df:c6:70:44:67:1b:1c:c7:38:d8:a5:07:7b:95:5e:
74:84:17:9c:51:c9:eb:f4:db:a8:39:6b:da:1f:ab:de:13:ed:
90:f8:32:53
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ68zVK0jx81tsRdvJleTtlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjEyMTcwNzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTRlNDY3YWI0ZTFkYjJkYjQ1NjgwNjFmNzk0NjZmYjZmYWExYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMYbTdKgsltO2fRWGk+1DjIiWZdD
oYPsWF+YxyOgUhSsJiCKyRklacvswGNudM8wwC0A137bJKrehjOOCJQl078fHY/9
gCoSCotl+TaRQnnv/ybxwi/Q+B64RRLKRdPcK1cMQdJQAETbEKyD5xcxr4eJlEcQ
z9u8sL6lmdHqjDfCkQ4NiB7EXnmA6iPE4lLRgI9r5lzm9tPHTof6WovsdfdTVBtt
PvZ+t6ZGayFw4uHvhVhTZbvxAO4UcAr3RwG43sB1rSATd6qlLqxxWCUVTs6CEBYU
mSDQc/+zKyxhCAZPlIDuzjWxmG5xSMLKnhC+qoUN+zjzMBB3qUWnAOIHrwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLVORnq04dsttFaAYfeUZvtvqhtcMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdFU1R2VyVGgyeTIwVm9CaDk1Um0tMi1xRzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBHzroAwQA
HzskAwQAHzsnAwQAHzuhAwQAXreqAwQAXrfOAwQAXrfiAwQBXrfuAwQAXrf+AwQB
2TwIAwQA2TwYAwQA2TxjMA0GCSqGSIb3DQEBCwUAA4IBAQBipjl4C9HsNepWGk5P
zOhDEyTjMyuP/R3eWBe1rs9NAiAS+5KGvahDxYQLmhkCulyCDgn9EPXS93NXojia
zvdO3I2s5PQrNe7vB2PsqH5itWX2XtKMWYhiPRYDjejz0bZuz+AT9VMKXcSMvILJ
CE1QJort3sFaoyuVzZvlwxN9UdDpnJR189K13T+BZgKUPlePQERuJqmkwitth7E+
5MA6sCIZgvPxk7ieZEus3la6DVVgQziR5KTNFbrdy2yWVCD+A6Cir5S6spYZoQEm
kJ4T0E8r3qFr8ZBv+w/fxnBEZxscxzjYpQd7lV50hBecUcnr9NuoOWvaH6veE+2Q
+DJT
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:23:28 2026 by rpki-client