Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/lss7U-WUZPSTJyZ4-vVXfXtQZLA.roa
File: lss7U-WUZPSTJyZ4-vVXfXtQZLA.roa (raw, json)
Hash identifier: e/9KnwiXyU926BVZZB7hH9KqGB3helwdDdEkcZgKKcc=
Subject key identifier: 96:CB:3B:53:E5:94:64:F4:93:27:26:78:FA:F5:57:7D:7B:50:64:B0
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019CB82D6281401853CEAC503CE841C4066D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/lss7U-WUZPSTJyZ4-vVXfXtQZLA.roa
Signing time: Wed 04 Mar 2026 09:28:28 +0000
ROA not before: Wed 04 Mar 2026 09:28:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 398704
IP address blocks: 31.56.6.0/24 maxlen: 24
31.56.35.0/24 maxlen: 24
31.57.11.0/24 maxlen: 24
31.57.53.0/24 maxlen: 24
31.57.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b8:2d:62:81:40:18:53:ce:ac:50:3c:e8:41:c4:06:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 4 09:28:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=96cb3b53e59464f493272678faf5577d7b5064b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:18:64:45:68:a3:50:df:44:e6:cd:2f:93:eb:
04:ea:b0:be:ff:2e:be:cf:b7:bd:1a:d4:37:2d:aa:
66:93:05:48:86:01:6b:7a:62:02:4f:d6:39:04:37:
21:74:b1:92:12:cb:85:2d:89:1c:0d:18:aa:f4:fb:
24:ad:34:eb:91:14:e7:57:20:ab:50:b5:ca:9c:8c:
60:b8:63:97:dc:01:10:60:54:bb:1e:94:70:be:17:
fb:83:cf:9c:55:0a:86:33:ed:ff:0f:4f:e6:56:ff:
25:0a:42:26:2c:2d:47:52:6a:40:4a:6c:95:91:ce:
97:24:c3:56:0e:83:69:18:e6:b8:f5:54:b2:ef:81:
66:66:7a:84:0c:f3:3b:f3:a7:3f:c2:2e:32:25:a4:
ba:48:92:9c:cc:73:34:22:a9:04:ac:f6:90:c4:0e:
b8:d2:92:1f:36:f0:68:92:2a:3d:26:41:da:8b:68:
49:ec:07:e7:d6:4e:db:f7:17:1b:c5:64:8f:8d:62:
c3:7e:09:74:60:16:06:f0:dc:ee:72:fc:37:c0:17:
8c:0e:5a:da:ef:64:55:a9:03:4b:f4:e7:d3:a0:35:
ca:38:38:58:0b:39:9b:34:46:83:ae:90:c3:d8:18:
6c:23:3d:64:18:12:e7:51:73:32:87:00:b5:61:81:
6f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:CB:3B:53:E5:94:64:F4:93:27:26:78:FA:F5:57:7D:7B:50:64:B0
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/lss7U-WUZPSTJyZ4-vVXfXtQZLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.6.0/24
31.56.35.0/24
31.57.11.0/24
31.57.53.0/24
31.57.59.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:92:2f:e0:1d:07:a4:66:11:1d:9b:03:f4:0c:22:ee:0d:f4:
cb:a0:c8:af:42:06:1d:0a:ea:0a:2b:2f:7e:d9:28:0c:32:2b:
0a:4d:4c:82:b5:a6:fc:cb:e6:bf:17:d8:33:95:5c:a1:e1:58:
c9:c1:ee:1b:f3:15:37:20:3c:07:0f:a0:cb:36:ce:3e:82:3e:
26:2a:d6:0d:61:39:d3:7f:86:e6:5f:b3:63:28:4d:9c:fd:32:
80:77:40:22:b0:d3:d4:5d:15:4d:78:f0:7f:14:f1:e5:4c:db:
5d:f6:60:54:98:bd:8b:a5:91:fb:42:df:e5:67:7a:0e:cb:17:
9b:7d:78:83:6c:37:de:c4:2f:17:e9:ed:b1:9b:5b:46:37:55:
51:f6:17:fb:5c:ce:2e:e6:40:b2:be:53:06:56:23:9d:5a:b1:
0e:b2:f9:4f:2c:dc:ba:cc:89:05:cd:33:69:57:7d:b9:96:73:
90:00:9b:f7:fb:fd:8a:fe:79:d5:14:97:37:19:ff:e7:c4:5b:
ac:81:d1:f7:7a:af:90:7b:0a:57:45:57:90:45:13:26:31:df:
42:97:49:ba:62:74:03:54:a0:2b:b5:39:d5:7a:33:0f:fc:67:
52:d4:9c:10:11:ff:c9:9e:87:cd:cf:f0:16:6f:3d:03:2d:1b:
f7:ae:49:70
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZy4LWKBQBhTzqxQPOhBxAZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzA0MDkyODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmNiM2I1M2U1OTQ2NGY0OTMyNzI2NzhmYWY1NTc3ZDdiNTA2NGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxhkRWijUN9E5s0vk+sE6rC+/y6+
z7e9GtQ3LapmkwVIhgFremICT9Y5BDchdLGSEsuFLYkcDRiq9PskrTTrkRTnVyCr
ULXKnIxguGOX3AEQYFS7HpRwvhf7g8+cVQqGM+3/D0/mVv8lCkImLC1HUmpASmyV
kc6XJMNWDoNpGOa49VSy74FmZnqEDPM786c/wi4yJaS6SJKczHM0IqkErPaQxA64
0pIfNvBokio9JkHai2hJ7Afn1k7b9xcbxWSPjWLDfgl0YBYG8Nzucvw3wBeMDlra
72RVqQNL9OfToDXKODhYCzmbNEaDrpDD2BhsIz1kGBLnUXMyhwC1YYFvhwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJbLO1PllGT0kycmePr1V317UGSwMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbHNzN1UtV1VaUFNUSnlaNC12VlhmWHRRWkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzgGAwQA
HzgjAwQAHzkLAwQAHzk1AwQAHzk7MA0GCSqGSIb3DQEBCwUAA4IBAQAMki/gHQek
ZhEdmwP0DCLuDfTLoMivQgYdCuoKKy9+2SgMMisKTUyCtab8y+a/F9gzlVyh4VjJ
we4b8xU3IDwHD6DLNs4+gj4mKtYNYTnTf4bmX7NjKE2c/TKAd0AisNPUXRVNePB/
FPHlTNtd9mBUmL2LpZH7Qt/lZ3oOyxebfXiDbDfexC8X6e2xm1tGN1VR9hf7XM4u
5kCyvlMGViOdWrEOsvlPLNy6zIkFzTNpV325lnOQAJv3+/2K/nnVFJc3Gf/nxFus
gdH3eq+QewpXRVeQRRMmMd9Cl0m6YnQDVKArtTnVejMP/GdS1JwQEf/JnofNz/AW
bz0DLRv3rklw
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:16:30 2026 by rpki-client