Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zLsrzNpYnEn4861UjnSIA_T6sOI.roa
File: zLsrzNpYnEn4861UjnSIA_T6sOI.roa (raw, json)
Hash identifier: itfrl+9tVqbhQU8acMswLXStRh2J0j11IWnq84WhhAs=
Subject key identifier: CC:BB:2B:CC:DA:58:9C:49:F8:F3:AD:54:8E:74:88:03:F4:FA:B0:E2
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019C28ACFDC6546ECE626BCDC43228CE6F28
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zLsrzNpYnEn4861UjnSIA_T6sOI.roa
Signing time: Wed 04 Feb 2026 12:42:31 +0000
ROA not before: Wed 04 Feb 2026 12:42:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201907
IP address blocks: 31.58.131.0/24 maxlen: 24
31.58.138.0/24 maxlen: 24
31.59.198.0/24 maxlen: 24
31.59.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 20:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:28:ac:fd:c6:54:6e:ce:62:6b:cd:c4:32:28:ce:6f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 4 12:42:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ccbb2bccda589c49f8f3ad548e748803f4fab0e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:74:25:9d:6f:2f:3a:0a:3b:77:4b:67:41:ab:
0e:22:71:54:dd:96:4b:22:26:ac:75:d8:06:0b:5a:
04:64:3d:27:82:29:9c:c2:52:14:5a:2a:62:71:5a:
90:ac:0d:e5:34:aa:8a:2b:19:de:47:09:4f:cd:76:
a9:72:f7:ea:81:22:75:fe:9b:6a:09:21:52:d8:79:
a8:75:a1:ff:96:21:fd:e1:47:af:de:5d:52:ba:59:
68:74:f9:08:59:4b:a1:c5:ad:79:86:4e:71:14:a6:
b0:52:62:00:45:05:a3:9b:23:b8:83:2f:3c:9c:9f:
de:68:5b:5b:dd:c0:46:f7:8a:6a:b0:c7:07:f3:39:
f5:43:03:97:fd:ea:da:77:0b:0a:4c:48:39:dc:35:
d7:84:d2:b4:da:e3:04:11:ff:18:ef:3a:50:ab:2d:
02:19:ff:38:22:4a:4b:97:2b:f2:05:f1:ca:4e:e6:
cd:0b:b6:bd:b4:63:dc:45:32:15:36:5e:b0:30:a6:
84:b6:f0:21:aa:66:60:50:0f:c3:ad:b8:04:ba:0e:
1b:49:ed:02:15:a1:ea:8f:ac:dc:c9:90:74:fd:ef:
e7:6c:fb:ae:79:ba:d9:d6:4a:67:a4:c6:67:d9:14:
18:c4:d6:0c:ab:ba:06:45:4c:3c:72:86:cb:d1:35:
50:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:BB:2B:CC:DA:58:9C:49:F8:F3:AD:54:8E:74:88:03:F4:FA:B0:E2
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zLsrzNpYnEn4861UjnSIA_T6sOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.131.0/24
31.58.138.0/24
31.59.198.0/24
31.59.223.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:21:0b:91:1e:f2:db:1d:f7:3b:6e:55:5f:b3:0c:b6:bf:10:
63:8b:d4:a1:f6:61:a5:33:74:be:f5:98:2f:73:f1:8c:63:5c:
9c:0b:07:46:93:55:c3:91:86:7f:d7:10:20:f6:e3:ba:ac:10:
97:59:93:10:47:af:52:5d:33:09:62:59:43:e4:5f:54:92:01:
51:6d:89:cf:4f:69:3d:b8:0e:f5:64:23:cc:53:e0:a3:6b:a9:
7b:12:94:4e:4c:23:6c:a8:46:45:c2:f4:f0:95:ca:0e:e0:b4:
ce:7f:5e:c5:ac:1f:b2:dc:67:8f:98:dc:8e:2a:2f:b0:f6:4f:
da:30:ed:7f:98:0b:ee:8a:e3:d5:fa:2c:86:7f:4d:77:ee:47:
4b:f2:64:5c:51:80:5a:d3:10:5d:f3:e3:0d:2b:5d:5a:76:ff:
82:70:2d:61:cf:a2:b2:d4:a3:b1:6b:3e:02:11:3b:1a:d8:90:
d5:f3:bf:84:6c:e7:6d:93:c9:da:2a:e2:c4:be:95:a6:9e:6a:
7a:24:82:22:3d:22:ba:0a:cd:5b:ce:6d:86:d0:53:03:32:90:
59:88:ad:8e:4a:df:76:4a:53:82:34:c5:ac:cf:9f:5d:7c:04:
85:b8:28:bb:a4:f9:99:c0:5e:3a:be:f7:8c:f4:5d:f0:e9:62:
93:2b:73:9f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZworP3GVG7OYmvNxDIozm8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMjA0MTI0MjMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2JiMmJjY2RhNTg5YzQ5ZjhmM2FkNTQ4ZTc0ODgwM2Y0ZmFiMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHQlnW8vOgo7d0tnQasOInFU3ZZL
IiasddgGC1oEZD0ngimcwlIUWipicVqQrA3lNKqKKxneRwlPzXapcvfqgSJ1/ptq
CSFS2HmodaH/liH94Uev3l1SullodPkIWUuhxa15hk5xFKawUmIARQWjmyO4gy88
nJ/eaFtb3cBG94pqsMcH8zn1QwOX/eradwsKTEg53DXXhNK02uMEEf8Y7zpQqy0C
Gf84IkpLlyvyBfHKTubNC7a9tGPcRTIVNl6wMKaEtvAhqmZgUA/DrbgEug4bSe0C
FaHqj6zcyZB0/e/nbPuuebrZ1kpnpMZn2RQYxNYMq7oGRUw8cobL0TVQoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMy7K8zaWJxJ+POtVI50iAP0+rDiMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvekxzcnpOcFluRW40ODYxVWpuU0lBX1Q2c09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzqDAwQA
HzqKAwQAHzvGAwQAHzvfMA0GCSqGSIb3DQEBCwUAA4IBAQCcIQuRHvLbHfc7blVf
swy2vxBji9Sh9mGlM3S+9Zgvc/GMY1ycCwdGk1XDkYZ/1xAg9uO6rBCXWZMQR69S
XTMJYllD5F9UkgFRbYnPT2k9uA71ZCPMU+Cja6l7EpROTCNsqEZFwvTwlcoO4LTO
f17FrB+y3GePmNyOKi+w9k/aMO1/mAvuiuPV+iyGf0137kdL8mRcUYBa0xBd8+MN
K11adv+CcC1hz6Ky1KOxaz4CETsa2JDV87+EbOdtk8naKuLEvpWmnmp6JIIiPSK6
Cs1bzm2G0FMDMpBZiK2OSt92SlOCNMWsz59dfASFuCi7pPmZwF46vveM9F3w6WKT
K3Of
-----END CERTIFICATE-----
Generated at Tue Mar 3 05:38:21 2026 by rpki-client