Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LBtWEXv9LNGfnb9myyyMUttIYKY.roa
File: LBtWEXv9LNGfnb9myyyMUttIYKY.roa (raw, json)
Hash identifier: 7djJ3KJj4Goz/TZTyc2x23Jmc9bZtWiO7NKjeiuEABA=
Subject key identifier: 2C:1B:56:11:7B:FD:2C:D1:9F:9D:BF:66:CB:2C:8C:52:DB:48:60:A6
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A4A03A1D77F64BEE6257CAEE46729D641
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LBtWEXv9LNGfnb9myyyMUttIYKY.roa
Signing time: Mon 03 Nov 2025 13:59:03 +0000
ROA not before: Mon 03 Nov 2025 13:59:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 31.56.211.0/24 maxlen: 24
31.56.213.0/24 maxlen: 24
31.56.214.0/24 maxlen: 24
31.58.239.0/24 maxlen: 24
31.59.186.0/24 maxlen: 24
94.183.158.0/24 maxlen: 24
94.183.160.0/24 maxlen: 24
94.183.174.0/24 maxlen: 24
94.183.175.0/24 maxlen: 24
94.183.176.0/24 maxlen: 24
94.183.178.0/24 maxlen: 24
94.183.180.0/24 maxlen: 24
94.183.181.0/24 maxlen: 24
217.60.186.0/24 maxlen: 24
217.60.242.0/24 maxlen: 24
217.60.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4a:03:a1:d7:7f:64:be:e6:25:7c:ae:e4:67:29:d6:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 3 13:59:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c1b56117bfd2cd19f9dbf66cb2c8c52db4860a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:e8:af:74:8b:6f:7b:bd:2b:35:ed:36:59:ec:
4f:df:58:13:0a:9e:42:68:80:11:cc:11:ba:8c:97:
84:03:78:66:8e:ab:90:f2:53:19:e7:e9:04:e5:0d:
ac:70:99:f5:50:0d:6a:c6:f2:58:3e:eb:c1:62:d3:
bc:03:6b:a3:f2:08:20:7c:f7:5e:1e:b5:a0:60:5d:
2b:1f:da:de:0a:ca:07:00:07:4f:a4:e2:5b:03:b5:
d6:91:27:7a:1a:de:26:6f:7c:2a:93:13:f3:48:1a:
27:05:91:ed:23:09:e5:3e:2d:92:8a:72:02:66:f2:
ac:96:d1:54:91:f4:76:cb:e8:01:8f:1c:56:e9:c2:
be:9b:17:9b:58:3e:eb:22:e9:9d:16:24:38:b0:79:
b7:d0:1b:32:43:34:b7:3a:73:3d:75:f7:3b:69:d2:
50:3d:84:07:cf:7d:7f:5a:68:c3:d5:40:41:94:84:
d6:6e:fe:bb:b8:f5:68:db:93:ca:f5:d7:31:76:33:
72:a6:9a:ae:9e:12:99:72:a9:a9:c9:cb:71:4a:a4:
cd:22:e9:97:6f:32:61:a5:4f:30:df:0b:29:86:66:
25:d5:b6:11:dc:21:b4:fe:95:8e:f1:06:86:05:2b:
c3:b6:c9:df:6f:0a:f2:f8:5f:8b:78:88:28:af:fa:
72:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1B:56:11:7B:FD:2C:D1:9F:9D:BF:66:CB:2C:8C:52:DB:48:60:A6
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LBtWEXv9LNGfnb9myyyMUttIYKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.211.0/24
31.56.213.0-31.56.214.255
31.58.239.0/24
31.59.186.0/24
94.183.158.0/24
94.183.160.0/24
94.183.174.0-94.183.176.255
94.183.178.0/24
94.183.180.0/23
217.60.186.0/24
217.60.242.0/24
217.60.250.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ef:8a:67:03:4b:c3:58:5f:ce:0e:16:36:64:62:b1:3c:b5:
e7:79:2c:14:d3:85:4e:b9:28:83:bd:78:bd:9a:fc:0f:a1:6c:
16:e3:df:d2:ab:7c:59:4b:0d:65:db:1d:d7:1c:1a:a2:5a:07:
86:34:e5:53:fa:84:f0:2a:13:1f:c5:b6:b9:c9:2a:5d:2d:5b:
73:01:39:1f:a3:09:60:c1:95:14:4a:78:9a:ba:c3:96:51:41:
96:4b:2d:a1:89:35:fb:2e:ed:8c:42:34:49:6a:16:15:ba:40:
b7:6a:5a:b6:0d:76:2e:00:35:3a:7f:13:ee:20:ed:f1:2c:e3:
2e:0c:2b:b3:3c:ca:6c:3b:f6:4f:dc:cd:41:c7:14:d7:7f:97:
0b:7e:1e:b3:71:92:28:03:f1:ff:ed:5c:30:03:65:84:d6:e1:
33:83:39:e9:32:48:e5:81:d1:17:cf:d5:a8:97:b6:96:5e:ce:
90:6d:89:83:6b:2e:e5:b2:1f:43:a8:15:85:9f:01:63:7e:69:
de:12:99:94:73:72:f2:e0:45:84:52:a8:66:a4:b2:ec:0a:06:
f2:c2:4b:e9:6f:41:c5:2e:2c:da:db:41:c9:1c:07:6a:9c:78:
d8:2c:bc:e0:41:45:db:1f:d8:37:48:f0:b9:52:83:a6:43:6d:
50:9a:ef:bc
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZpKA6HXf2S+5iV8ruRnKdZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTAzMTM1OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzFiNTYxMTdiZmQyY2QxOWY5ZGJmNjZjYjJjOGM1MmRiNDg2MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9+ivdItve70rNe02WexP31gTCp5C
aIARzBG6jJeEA3hmjquQ8lMZ5+kE5Q2scJn1UA1qxvJYPuvBYtO8A2uj8gggfPde
HrWgYF0rH9reCsoHAAdPpOJbA7XWkSd6Gt4mb3wqkxPzSBonBZHtIwnlPi2SinIC
ZvKsltFUkfR2y+gBjxxW6cK+mxebWD7rIumdFiQ4sHm30BsyQzS3OnM9dfc7adJQ
PYQHz31/WmjD1UBBlITWbv67uPVo25PK9dcxdjNyppqunhKZcqmpyctxSqTNIumX
bzJhpU8w3wsphmYl1bYR3CG0/pWO8QaGBSvDtsnfbwry+F+LeIgor/pyPwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFCwbVhF7/SzRn52/ZsssjFLbSGCmMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTEJ0V0VYdjlMTkdmbmI5bXl5eU1VdHRJWUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAHzjTMAwD
BAAfONUDBAAfONYDBAAfOu8DBAAfO7oDBABet54DBABet6AwDAMEAV63rgMEAF63
sAMEAF63sgMEAV63tAMEANk8ugMEANk88gMEANk8+jANBgkqhkiG9w0BAQsFAAOC
AQEAA++KZwNLw1hfzg4WNmRisTy153ksFNOFTrkog714vZr8D6FsFuPf0qt8WUsN
Zdsd1xwaoloHhjTlU/qE8CoTH8W2uckqXS1bcwE5H6MJYMGVFEp4mrrDllFBlkst
oYk1+y7tjEI0SWoWFbpAt2patg12LgA1On8T7iDt8SzjLgwrszzKbDv2T9zNQccU
13+XC34es3GSKAPx/+1cMANlhNbhM4M56TJI5YHRF8/VqJe2ll7OkG2Jg2su5bIf
Q6gVhZ8BY35p3hKZlHNy8uBFhFKoZqSy7AoG8sJL6W9BxS4s2ttByRwHapx42Cy8
4EFF2x/YN0jwuVKDpkNtUJrvvA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:03:09 2025 by rpki-client