Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LHO-K_MYuwBR-jRJx4TTRauVvLA.roa
File: LHO-K_MYuwBR-jRJx4TTRauVvLA.roa (raw, json)
Hash identifier: Kl97RhUTn8nCJ+92aBgjVFtmhNtc2vYTFdyGscVCQGM=
Subject key identifier: 2C:73:BE:2B:F3:18:BB:00:51:FA:34:49:C7:84:D3:45:AB:95:BC:B0
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019759E60D319C5EABB976C62CA5F5370D8C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LHO-K_MYuwBR-jRJx4TTRauVvLA.roa
Signing time: Tue 10 Jun 2025 12:52:18 +0000
ROA not before: Tue 10 Jun 2025 12:52:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216022
IP address blocks: 31.56.241.0/24 maxlen: 24
31.57.40.0/24 maxlen: 24
31.57.115.0/24 maxlen: 24
31.57.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 07:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:e6:0d:31:9c:5e:ab:b9:76:c6:2c:a5:f5:37:0d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 10 12:52:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c73be2bf318bb0051fa3449c784d345ab95bcb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:54:ef:98:95:44:a7:fe:62:b2:7f:e2:69:06:
06:d6:56:c8:78:03:ae:18:57:e6:45:bd:8d:bb:b5:
57:1f:70:2a:10:1c:ae:08:b3:7f:35:80:84:7c:2b:
3f:6c:6f:af:70:4d:1d:4e:ea:92:2b:1f:04:21:c4:
47:31:aa:26:88:3a:f7:a8:32:67:b2:5f:0c:47:f9:
ef:47:ae:7f:f4:70:5b:dc:1e:af:03:e6:77:4c:12:
d4:cd:da:65:60:99:8e:4b:39:50:8b:f7:6e:8c:96:
bb:3d:60:66:88:f8:8f:12:f1:bd:42:c6:e9:83:3a:
8a:d1:14:54:7f:5f:b9:94:dd:5b:2b:df:9b:ac:2f:
38:f6:8f:b0:77:9a:1d:b0:66:8b:7a:aa:63:71:02:
b4:54:ce:2c:66:53:1b:24:8d:1d:8d:9d:e9:c2:bd:
67:6e:a5:d7:66:a4:e3:ef:1f:2b:e6:d2:2a:15:22:
c3:45:0f:a5:19:cd:8b:5e:eb:ba:90:87:58:58:9b:
e8:a9:fa:fa:a5:a2:23:46:0f:10:b5:16:8a:20:74:
f4:42:76:8b:b8:a1:d4:45:a4:16:2e:5e:b5:b6:5e:
cb:06:90:19:a2:60:7d:a6:aa:ed:35:ea:ea:79:07:
35:de:21:51:9c:7a:10:07:85:04:ba:2b:6f:f1:c1:
14:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:73:BE:2B:F3:18:BB:00:51:FA:34:49:C7:84:D3:45:AB:95:BC:B0
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/LHO-K_MYuwBR-jRJx4TTRauVvLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.241.0/24
31.57.40.0/24
31.57.115.0/24
31.57.244.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:7e:73:a5:b7:6d:91:f2:e6:19:30:ab:9a:95:63:d3:71:f7:
7a:8f:33:f1:0f:1d:c7:07:f3:f3:d7:37:1e:a9:6b:be:55:78:
bf:25:86:43:ac:ac:34:78:75:58:30:70:27:f5:df:52:3a:dc:
ac:79:e4:16:36:bb:b1:09:3e:04:31:56:2c:e1:5c:fd:f0:a6:
a0:f6:8e:33:9d:79:b9:ec:45:d7:ba:09:e2:6e:29:0b:bd:c7:
9f:5d:e4:bb:4b:2f:8a:d5:cb:78:13:c9:73:1b:c7:7e:ea:dc:
a2:66:c1:41:a0:7f:9e:3d:38:45:9c:59:57:1a:3f:fc:0b:0d:
53:2d:08:b2:8d:e8:bb:61:30:dd:43:6f:74:aa:3a:92:82:24:
dc:24:f0:12:05:5f:6d:b7:50:91:c6:6c:c2:67:ed:46:62:ab:
2e:00:74:2c:fa:23:9b:3d:13:e4:40:73:ff:f2:03:4b:b1:05:
a4:ec:92:fd:13:ca:1e:07:12:06:a8:74:68:2a:f1:1c:05:f6:
bb:b4:5e:7a:e1:3c:b4:aa:e1:dd:38:f5:a5:09:78:36:b2:41:
74:52:8d:4b:03:26:a3:ac:01:e8:fb:d2:35:7c:43:55:fa:0c:
f0:64:a3:08:35:48:d0:ff:39:f3:96:75:27:7e:c8:5b:16:55:
c1:4b:bd:c1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdZ5g0xnF6ruXbGLKX1Nw2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjEwMTI1MjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzczYmUyYmYzMThiYjAwNTFmYTM0NDljNzg0ZDM0NWFiOTViY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVTvmJVEp/5isn/iaQYG1lbIeAOu
GFfmRb2Nu7VXH3AqEByuCLN/NYCEfCs/bG+vcE0dTuqSKx8EIcRHMaomiDr3qDJn
sl8MR/nvR65/9HBb3B6vA+Z3TBLUzdplYJmOSzlQi/dujJa7PWBmiPiPEvG9Qsbp
gzqK0RRUf1+5lN1bK9+brC849o+wd5odsGaLeqpjcQK0VM4sZlMbJI0djZ3pwr1n
bqXXZqTj7x8r5tIqFSLDRQ+lGc2LXuu6kIdYWJvoqfr6paIjRg8QtRaKIHT0QnaL
uKHURaQWLl61tl7LBpAZomB9pqrtNerqeQc13iFRnHoQB4UEuitv8cEU8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCxzvivzGLsAUfo0SceE00WrlbywMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTEhPLUtfTVl1d0JSLWpSSng0VFRSYXVWdkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzjxAwQA
HzkoAwQAHzlzAwQAHzn0MA0GCSqGSIb3DQEBCwUAA4IBAQBefnOlt22R8uYZMKua
lWPTcfd6jzPxDx3HB/Pz1zceqWu+VXi/JYZDrKw0eHVYMHAn9d9SOtyseeQWNrux
CT4EMVYs4Vz98Kag9o4znXm57EXXugnibikLvcefXeS7Sy+K1ct4E8lzG8d+6tyi
ZsFBoH+ePThFnFlXGj/8Cw1TLQiyjei7YTDdQ290qjqSgiTcJPASBV9tt1CRxmzC
Z+1GYqsuAHQs+iObPRPkQHP/8gNLsQWk7JL9E8oeBxIGqHRoKvEcBfa7tF564Ty0
quHdOPWlCXg2skF0Uo1LAyajrAHo+9I1fENV+gzwZKMINUjQ/znzlnUnfshbFlXB
S73B
-----END CERTIFICATE-----
Generated at Tue Jun 17 12:19:40 2025 by rpki-client