Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LlH-QMTg6wYHxrSmY0vdnOV6fpE.roa
File: LlH-QMTg6wYHxrSmY0vdnOV6fpE.roa (raw, json)
Hash identifier: 7E92072y9T50907baTKSjCXSna+xIZjmXUR3jkcOPak=
Subject key identifier: 2E:51:FE:40:C4:E0:EB:06:07:C6:B4:A6:63:4B:DD:9C:E5:7A:7E:91
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E17A129D6088822A2AF923E10912C9EDF
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LlH-QMTg6wYHxrSmY0vdnOV6fpE.roa
Signing time: Mon 11 May 2026 15:21:38 +0000
ROA not before: Mon 11 May 2026 15:21:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214159
IP address blocks: 31.57.204.0/24 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.92.0/24 maxlen: 24
31.58.93.0/24 maxlen: 24
31.58.94.0/24 maxlen: 24
31.58.95.0/24 maxlen: 24
31.58.230.0/24 maxlen: 24
217.60.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:a1:29:d6:08:88:22:a2:af:92:3e:10:91:2c:9e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 11 15:21:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2e51fe40c4e0eb0607c6b4a6634bdd9ce57a7e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e4:13:21:34:ed:02:8d:b7:74:f2:2a:b3:2c:
1c:05:1e:0c:68:19:f5:5f:23:a7:b7:7c:d0:b9:55:
5d:98:18:f8:48:5d:84:50:37:4c:14:04:47:b5:8a:
95:02:b5:20:c9:d8:99:54:bb:1b:f5:8c:01:90:51:
b6:c2:11:43:cc:f6:79:00:31:08:ab:ae:04:a9:4c:
14:86:c5:25:a3:d3:14:77:d3:ea:4f:f4:06:d7:4a:
11:f5:5b:e1:fb:e8:ee:86:cb:af:24:a0:b1:19:c7:
e8:e0:63:20:62:aa:71:46:66:2d:99:92:85:d1:49:
6b:02:b8:8c:fc:65:21:11:b7:41:60:ba:ce:ae:6e:
4e:28:e5:9a:ea:1a:46:74:b2:09:0b:a9:6a:18:76:
5d:cf:cd:b8:c0:69:d1:6d:1c:9f:90:1d:55:e5:77:
e2:8f:76:b5:0e:f9:d7:89:1d:33:29:0d:dc:91:00:
62:27:76:bf:64:93:d1:a8:b7:73:d2:2f:42:e1:73:
5d:a1:84:32:c7:88:cc:3e:05:b2:36:00:a9:e9:9c:
92:60:d8:87:bb:a8:1d:8d:39:a0:d4:56:8e:ca:fe:
f7:33:11:14:a7:49:8c:27:b0:c1:cd:e8:f4:ca:39:
da:cd:e3:5f:97:93:72:0a:15:cf:2f:17:c6:68:52:
98:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:51:FE:40:C4:E0:EB:06:07:C6:B4:A6:63:4B:DD:9C:E5:7A:7E:91
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LlH-QMTg6wYHxrSmY0vdnOV6fpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.204.0/24
31.58.92.0/22
31.58.230.0/24
217.60.96.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:f6:58:99:99:d6:4d:b0:d6:b8:4c:78:e0:76:78:23:34:36:
fa:05:26:c0:8c:59:24:be:fe:2b:7b:ef:f7:cd:f0:fe:ee:cc:
17:38:7f:14:f2:57:1b:bc:09:82:2b:fc:66:a8:c0:ee:04:9a:
02:87:fe:66:43:52:9f:da:96:45:da:9f:72:0c:d9:ad:88:3f:
02:d7:b5:84:f0:77:9f:2f:9d:7f:22:b7:8c:c5:91:c6:0b:25:
fe:7f:96:5c:61:2d:2d:43:13:96:9b:63:25:28:b4:81:b5:aa:
b3:50:59:2e:23:75:2d:c8:e1:62:36:6b:c3:84:f9:b5:1d:46:
e8:f8:5c:d4:68:85:15:d6:e1:a9:d7:fd:b7:88:2a:39:dd:3a:
b5:54:39:cb:81:0a:96:9f:fa:cc:91:79:8a:1d:22:34:36:4d:
22:7e:c6:8a:53:36:87:94:da:17:7c:41:34:3d:c7:70:5a:67:
2d:d4:c7:bb:d6:7e:08:6b:af:fb:f4:13:6e:83:58:37:7c:ef:
23:a6:7a:e0:52:ce:59:80:30:48:2b:6a:47:22:f3:7e:d7:42:
e3:7d:5a:78:af:92:a7:95:9b:56:42:7c:34:ad:84:90:e3:bc:
7e:f2:64:e2:a2:3e:90:41:b2:f5:8d:e8:92:5b:dc:bb:db:42:
14:dc:ac:24
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4XoSnWCIgioq+SPhCRLJ7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTExMTUyMTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTUxZmU0MGM0ZTBlYjA2MDdjNmI0YTY2MzRiZGQ5Y2U1N2E3ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruQTITTtAo23dPIqsywcBR4MaBn1
XyOnt3zQuVVdmBj4SF2EUDdMFARHtYqVArUgydiZVLsb9YwBkFG2whFDzPZ5ADEI
q64EqUwUhsUlo9MUd9PqT/QG10oR9Vvh++juhsuvJKCxGcfo4GMgYqpxRmYtmZKF
0UlrAriM/GUhEbdBYLrOrm5OKOWa6hpGdLIJC6lqGHZdz824wGnRbRyfkB1V5Xfi
j3a1DvnXiR0zKQ3ckQBiJ3a/ZJPRqLdz0i9C4XNdoYQyx4jMPgWyNgCp6ZySYNiH
u6gdjTmg1FaOyv73MxEUp0mMJ7DBzej0yjnazeNfl5NyChXPLxfGaFKYvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC5R/kDE4OsGB8a0pmNL3Zzlen6RMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTGxILVFNVGc2d1lIeHJTbVkwdmRuT1Y2ZnBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHznMAwQC
HzpcAwQAHzrmAwQA2TxgMA0GCSqGSIb3DQEBCwUAA4IBAQCO9liZmdZNsNa4THjg
dngjNDb6BSbAjFkkvv4re+/3zfD+7swXOH8U8lcbvAmCK/xmqMDuBJoCh/5mQ1Kf
2pZF2p9yDNmtiD8C17WE8HefL51/IreMxZHGCyX+f5ZcYS0tQxOWm2MlKLSBtaqz
UFkuI3UtyOFiNmvDhPm1HUbo+FzUaIUV1uGp1/23iCo53Tq1VDnLgQqWn/rMkXmK
HSI0Nk0ifsaKUzaHlNoXfEE0PcdwWmct1Me71n4Ia6/79BNug1g3fO8jpnrgUs5Z
gDBIK2pHIvN+10LjfVp4r5KnlZtWQnw0rYSQ47x+8mTioj6QQbL1jeiSW9y720IU
3Kwk
-----END CERTIFICATE-----
Generated at Wed May 13 01:10:22 2026 by rpki-client