Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/LwIJz60fgxevZe7i1nyvQPP5n9U.roa
File: LwIJz60fgxevZe7i1nyvQPP5n9U.roa (raw, json)
Hash identifier: 5qq0hbizZ/cASVqrTD/oc96x4AIZ7SdXB9gs4GuCrHE=
Subject key identifier: 2F:02:09:CF:AD:1F:83:17:AF:65:EE:E2:D6:7C:AF:40:F3:F9:9F:D5
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 019E4FC8CA7446ADB5919605538717249E4E
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/LwIJz60fgxevZe7i1nyvQPP5n9U.roa
Signing time: Fri 22 May 2026 13:03:39 +0000
ROA not before: Fri 22 May 2026 13:03:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49811
IP address blocks: 31.148.16.0/22 maxlen: 24
31.148.244.0/24 maxlen: 24
92.38.44.0/23 maxlen: 24
93.170.48.0/23 maxlen: 24
93.171.236.0/23 maxlen: 24
95.47.52.0/23 maxlen: 24
95.47.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:c8:ca:74:46:ad:b5:91:96:05:53:87:17:24:9e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: May 22 13:03:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f0209cfad1f8317af65eee2d67caf40f3f99fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:da:e1:12:7c:dd:21:8d:79:dd:8a:66:e6:e3:
20:e2:a4:54:80:54:6a:99:13:2f:8a:5b:86:ff:47:
8e:1b:e1:2f:b7:3b:fa:0e:06:a6:d6:3d:3e:fb:78:
47:73:3d:c9:d9:fa:0f:46:54:7d:17:1a:05:df:9a:
0d:0e:bd:f8:6a:60:ff:55:da:5a:7d:e5:90:8d:17:
b9:25:42:18:df:92:83:e6:f0:f1:ee:a3:ce:57:d2:
29:38:c0:ed:96:e2:fa:08:3d:be:21:08:00:5d:95:
bf:e9:b6:4e:ab:8d:40:c6:cd:c5:a8:79:06:bf:1c:
d3:d8:6b:b5:56:a6:f3:31:65:c5:c1:61:31:71:a2:
69:87:7e:5a:f3:21:aa:42:27:33:57:b7:9e:7d:cb:
29:04:f8:11:c1:46:aa:65:ef:29:9e:50:51:74:8c:
c6:ca:8d:c3:cc:c9:12:e0:2a:0a:42:c7:93:6a:b7:
44:b0:84:0e:30:88:1d:aa:c0:5b:10:cd:03:bd:63:
58:ce:32:ae:eb:f5:f5:37:e3:0b:fa:ae:62:94:f3:
7f:30:e9:83:f6:93:d1:c4:53:18:19:77:76:f5:ff:
8e:46:ad:a0:be:6c:2f:d2:f4:e0:37:f3:67:1a:92:
57:d1:d4:c9:0e:5c:61:71:ea:3c:5e:73:dd:c7:44:
75:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:02:09:CF:AD:1F:83:17:AF:65:EE:E2:D6:7C:AF:40:F3:F9:9F:D5
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/LwIJz60fgxevZe7i1nyvQPP5n9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.16.0/22
31.148.244.0/24
92.38.44.0/23
93.170.48.0/23
93.171.236.0/23
95.47.52.0/23
95.47.254.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:83:a2:5a:29:38:8b:a6:74:60:ca:62:67:22:7e:f4:39:ee:
83:25:5b:c1:be:1d:4e:a4:2a:b4:83:e2:c9:32:5f:f1:24:80:
ab:8d:51:40:5b:bb:41:07:41:f7:9b:e0:46:5f:7b:76:9e:a7:
04:c3:cc:d9:f2:ac:69:eb:74:d0:ed:c0:f3:f8:13:52:00:27:
f2:c4:df:c9:64:b8:2c:82:6b:fa:31:b3:99:b6:c5:11:1e:8a:
f2:09:fb:70:c1:3c:54:08:fb:51:1f:b9:64:de:b9:4c:96:de:
b1:fc:0a:e1:32:3c:1a:08:97:92:d5:0f:e4:44:16:49:0b:a3:
b2:71:26:a5:1a:a6:a3:4a:66:ba:71:f8:7b:98:11:b1:33:22:
47:9c:68:b9:14:8a:21:99:0d:24:0a:68:01:cd:48:c9:53:eb:
38:8e:0b:e1:95:3e:fe:24:08:ce:60:f0:9d:4e:e3:ed:7b:3b:
0b:a4:cb:a4:ac:54:80:63:57:13:66:07:1e:7a:98:a2:b5:c4:
fc:7e:df:15:64:64:5b:83:e9:e5:1f:de:bb:5d:bf:b5:0b:d0:
4c:23:63:11:31:75:a2:d0:df:82:50:69:e0:bf:83:5d:a8:21:
83:f9:a3:02:03:a8:24:27:c9:ea:6f:7d:af:3b:f6:0f:83:32:
18:75:eb:1b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ5PyMp0Rq21kZYFU4cXJJ5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjYwNTIyMTMwMzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjAyMDljZmFkMWY4MzE3YWY2NWVlZTJkNjdjYWY0MGYzZjk5ZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutrhEnzdIY153Ypm5uMg4qRUgFRq
mRMviluG/0eOG+Evtzv6Dgam1j0++3hHcz3J2foPRlR9FxoF35oNDr34amD/Vdpa
feWQjRe5JUIY35KD5vDx7qPOV9IpOMDtluL6CD2+IQgAXZW/6bZOq41Axs3FqHkG
vxzT2Gu1VqbzMWXFwWExcaJph35a8yGqQiczV7eefcspBPgRwUaqZe8pnlBRdIzG
yo3DzMkS4CoKQseTardEsIQOMIgdqsBbEM0DvWNYzjKu6/X1N+ML+q5ilPN/MOmD
9pPRxFMYGXd29f+ORq2gvmwv0vTgN/NnGpJX0dTJDlxhceo8XnPdx0R1+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC8CCc+tH4MXr2Xu4tZ8r0Dz+Z/VMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTHdJSno2MGZneGV2WmU3aTFueXZRUFA1bjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCH5QQAwQA
H5T0AwQBXCYsAwQBXaowAwQBXavsAwQBXy80AwQBXy/+MA0GCSqGSIb3DQEBCwUA
A4IBAQBqg6JaKTiLpnRgymJnIn70Oe6DJVvBvh1OpCq0g+LJMl/xJICrjVFAW7tB
B0H3m+BGX3t2nqcEw8zZ8qxp63TQ7cDz+BNSACfyxN/JZLgsgmv6MbOZtsURHory
CftwwTxUCPtRH7lk3rlMlt6x/ArhMjwaCJeS1Q/kRBZJC6OycSalGqajSma6cfh7
mBGxMyJHnGi5FIohmQ0kCmgBzUjJU+s4jgvhlT7+JAjOYPCdTuPtezsLpMukrFSA
Y1cTZgceepiitcT8ft8VZGRbg+nlH967Xb+1C9BMI2MRMXWi0N+CUGngv4NdqCGD
+aMCA6gkJ8nqb32vO/YPgzIYdesb
-----END CERTIFICATE-----
Generated at Thu Jun 11 18:55:19 2026 by rpki-client