Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/lNxkCRKz5HSZTu1jBpb_izlrgBw.roa
File: lNxkCRKz5HSZTu1jBpb_izlrgBw.roa (raw, json)
Hash identifier: Z3yO1nJ+l+NCkEcq9beTmVUvxuimuval+7x6hFwPhd4=
Subject key identifier: 94:DC:64:09:12:B3:E4:74:99:4E:ED:63:06:96:FF:8B:39:6B:80:1C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E7DC90D070D5A8502E44FB773735C1C5C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/lNxkCRKz5HSZTu1jBpb_izlrgBw.roa
Signing time: Sun 31 May 2026 11:26:28 +0000
ROA not before: Sun 31 May 2026 11:26:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208185
IP address blocks: 31.58.239.0/24 maxlen: 24
94.183.242.0/24 maxlen: 24
94.183.243.0/24 maxlen: 24
94.183.244.0/24 maxlen: 24
94.183.245.0/24 maxlen: 24
94.183.246.0/24 maxlen: 24
94.183.247.0/24 maxlen: 24
94.183.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 05:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:7d:c9:0d:07:0d:5a:85:02:e4:4f:b7:73:73:5c:1c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 31 11:26:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=94dc640912b3e474994eed630696ff8b396b801c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:08:33:d2:f3:54:3e:9e:16:cd:f3:77:bf:86:
91:9c:b0:b0:20:13:97:12:17:94:89:cf:44:7b:5a:
33:43:a8:59:58:41:03:58:9b:4d:e2:70:79:91:e1:
ac:2d:b7:7f:e9:e3:56:26:ad:80:95:0a:20:32:e4:
5d:42:2f:4d:09:24:25:dd:01:13:cf:3d:34:09:30:
f5:a3:da:60:8a:d3:6f:70:71:00:87:cc:e2:ad:bf:
ea:d5:8a:2d:cf:56:a0:36:85:ae:19:1b:16:63:3c:
8e:d3:42:61:55:44:fb:4e:f4:52:70:21:48:bd:5c:
dc:ee:17:f6:27:29:6d:13:af:99:07:31:70:47:45:
bf:fd:7c:8f:8e:34:05:4e:6e:c1:68:a8:7f:86:5f:
3e:8e:65:c5:1a:20:6e:26:6a:0e:1b:34:5d:06:56:
8c:dc:9e:8b:2b:7c:a0:8a:9b:9f:ec:8d:c8:d4:fc:
eb:b4:18:b5:01:81:d2:23:56:a9:c7:ab:20:d5:1b:
3c:c6:2a:2e:89:68:11:51:ae:3f:63:66:71:e9:2f:
53:ad:6a:7c:e5:fe:26:5d:9a:6b:f2:bd:1c:ac:a9:
32:c9:1e:07:ce:90:40:e9:32:c4:a6:00:7b:f9:98:
26:58:94:7b:94:d8:79:7d:b5:3f:b5:e4:ba:d6:a0:
30:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DC:64:09:12:B3:E4:74:99:4E:ED:63:06:96:FF:8B:39:6B:80:1C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/lNxkCRKz5HSZTu1jBpb_izlrgBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.239.0/24
94.183.242.0-94.183.251.255
Signature Algorithm: sha256WithRSAEncryption
17:fa:47:98:f6:ca:8a:1f:84:e9:11:3e:89:b4:bb:d5:53:62:
d6:31:b1:8e:4d:dc:ec:15:76:58:08:41:7e:fc:28:85:a9:36:
5e:26:60:49:10:5d:64:74:07:7c:1a:7a:dc:c0:09:77:13:d3:
92:5b:c0:0f:d1:4f:cc:b8:42:27:e9:5c:37:96:38:17:fb:5b:
7b:bb:25:6b:02:6e:99:71:e8:e9:b8:dd:12:01:d5:9e:ff:40:
32:cd:7a:1c:29:ad:4b:29:de:d0:40:0b:69:79:f2:6b:06:a8:
df:70:de:18:82:af:90:ae:ac:93:11:ae:fd:82:d8:eb:78:1a:
0d:de:d7:5a:c3:8e:fb:c1:d5:2f:15:07:6a:5f:02:95:40:cc:
26:cd:d1:c6:aa:45:c1:55:4e:fc:39:e7:0a:40:ef:e1:65:24:
ac:74:ef:61:a7:11:0e:96:b6:ce:93:dd:98:3c:e8:11:07:d0:
65:31:2b:84:f7:67:a2:19:da:81:eb:83:58:2c:60:2d:44:aa:
74:c5:30:7f:12:92:f5:b1:85:fd:a3:26:d8:bf:d6:9d:9b:9c:
fe:5a:1f:e4:6e:2f:19:5e:18:b1:33:42:a4:6f:a0:d5:40:e3:
bf:bd:c1:ed:25:cf:b2:f4:61:3e:55:ba:e7:a9:ca:9f:2f:25:
87:a5:68:22
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ59yQ0HDVqFAuRPt3NzXBxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTMxMTEyNjI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGRjNjQwOTEyYjNlNDc0OTk0ZWVkNjMwNjk2ZmY4YjM5NmI4MDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQgz0vNUPp4WzfN3v4aRnLCwIBOX
EheUic9Ee1ozQ6hZWEEDWJtN4nB5keGsLbd/6eNWJq2AlQogMuRdQi9NCSQl3QET
zz00CTD1o9pgitNvcHEAh8zirb/q1Yotz1agNoWuGRsWYzyO00JhVUT7TvRScCFI
vVzc7hf2JyltE6+ZBzFwR0W//XyPjjQFTm7BaKh/hl8+jmXFGiBuJmoOGzRdBlaM
3J6LK3ygipuf7I3I1PzrtBi1AYHSI1apx6sg1Rs8xiouiWgRUa4/Y2Zx6S9TrWp8
5f4mXZpr8r0crKkyyR4HzpBA6TLEpgB7+ZgmWJR7lNh5fbU/teS61qAwVQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJTcZAkSs+R0mU7tYwaW/4s5a4AcMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbE54a0NSS3o1SFNaVHUxakJwYl9pemxyZ0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAHzrvMAwD
BAFet/IDBAJet/gwDQYJKoZIhvcNAQELBQADggEBABf6R5j2yoofhOkRPom0u9VT
YtYxsY5N3OwVdlgIQX78KIWpNl4mYEkQXWR0B3waetzACXcT05JbwA/RT8y4Qifp
XDeWOBf7W3u7JWsCbplx6Om43RIB1Z7/QDLNehwprUsp3tBAC2l58msGqN9w3hiC
r5CurJMRrv2C2Ot4Gg3e11rDjvvB1S8VB2pfApVAzCbN0caqRcFVTvw55wpA7+Fl
JKx072GnEQ6Wts6T3Zg86BEH0GUxK4T3Z6IZ2oHrg1gsYC1EqnTFMH8SkvWxhf2j
Jti/1p2bnP5aH+RuLxleGLEzQqRvoNVA47+9we0lz7L0YT5Vuuepyp8vJYelaCI=
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:55:27 2026 by rpki-client