Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/LfaiaL--sJjIdGhpPIj_uscZWs0.roa
File: LfaiaL--sJjIdGhpPIj_uscZWs0.roa (raw, json)
Hash identifier: i34lwDVuP1A6i4mr1XTlZdPj3wRYYLGJYSIVia2MdHI=
Subject key identifier: 2D:F6:A2:68:BF:BE:B0:98:C8:74:68:69:3C:88:FF:BA:C7:19:5A:CD
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 019E307CF78B6FCDBED35809DD55E25CBC03
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/LfaiaL--sJjIdGhpPIj_uscZWs0.roa
Signing time: Sat 16 May 2026 11:12:36 +0000
ROA not before: Sat 16 May 2026 11:12:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202468
IP address blocks: 95.38.160.0/21 maxlen: 21
95.38.160.0/23 maxlen: 23
95.38.162.0/23 maxlen: 23
95.38.164.0/23 maxlen: 23
95.38.166.0/23 maxlen: 23
95.38.176.0/20 maxlen: 20
95.38.176.0/23 maxlen: 23
95.38.178.0/23 maxlen: 23
95.38.180.0/23 maxlen: 23
95.38.182.0/23 maxlen: 23
95.38.184.0/23 maxlen: 23
95.38.186.0/23 maxlen: 23
95.38.188.0/23 maxlen: 23
95.38.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 11:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:7c:f7:8b:6f:cd:be:d3:58:09:dd:55:e2:5c:bc:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: May 16 11:12:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2df6a268bfbeb098c87468693c88ffbac7195acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a8:0e:7b:54:85:8b:15:ad:f9:44:4b:9e:35:
94:69:cd:49:68:da:c1:68:54:21:08:c3:48:a2:98:
11:b4:3c:dc:00:49:fe:a5:d0:2e:8f:12:b5:df:78:
9e:02:e0:08:5a:1b:66:b6:98:6e:8d:1a:54:6d:1f:
57:55:55:90:46:80:06:e0:85:1a:32:43:50:2c:8e:
1a:3f:17:1c:31:45:6d:ed:63:1c:0e:5c:3f:49:ad:
a7:4b:d4:02:32:64:3b:2f:44:4d:30:97:59:d2:58:
4a:ec:d9:77:d9:96:46:a3:7a:a6:6a:c4:4a:2d:e4:
3b:9c:bc:23:8a:9b:26:74:f8:ce:5b:50:71:65:b5:
b7:d6:06:0e:eb:d3:1c:01:e3:7e:c1:59:75:c3:a6:
a3:a1:bb:66:3f:7a:a1:02:25:c7:c5:68:f7:5c:80:
20:4e:14:d7:20:ec:39:2c:a0:bb:6b:f6:cb:43:de:
f3:99:af:63:99:d9:3e:e9:e2:93:cf:7c:ff:68:b0:
3a:bc:d7:dc:b7:30:3e:e5:69:34:71:7d:31:eb:7c:
ca:02:be:e5:c6:ca:10:5c:e3:4c:46:41:16:77:3f:
68:84:5e:4f:2f:28:30:66:d4:0c:6a:bb:ab:d5:75:
b9:8e:7b:fe:99:86:3e:88:11:14:b9:a4:4d:cd:42:
36:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F6:A2:68:BF:BE:B0:98:C8:74:68:69:3C:88:FF:BA:C7:19:5A:CD
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/LfaiaL--sJjIdGhpPIj_uscZWs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.160.0/21
95.38.176.0/20
Signature Algorithm: sha256WithRSAEncryption
32:bc:0c:17:3d:01:b4:28:36:d0:9a:16:37:09:a8:7e:30:85:
42:dd:9c:63:8e:83:ef:c8:c8:19:83:0c:d3:63:03:a8:fb:85:
6d:c5:6a:5f:9e:83:f4:0e:65:57:29:c8:87:20:28:67:cc:c4:
bb:14:80:dc:09:28:6c:45:3c:84:4b:6c:46:1e:e5:4e:c3:48:
19:d0:bf:20:a5:67:75:45:40:39:3d:62:76:9b:4b:22:94:19:
0b:66:20:9e:92:18:c0:b7:48:61:a8:45:8c:28:b0:f2:af:69:
19:04:fc:f3:49:2c:db:74:e1:37:b2:8e:c2:8e:bc:79:6e:d9:
52:6b:1b:d0:42:87:13:a0:f4:5f:dc:1e:be:81:94:51:a9:0e:
16:0f:8d:f6:a8:29:9d:9b:0c:c9:1c:b2:77:99:90:8a:52:ea:
c1:2d:0c:1d:66:d8:82:92:a2:75:32:81:bc:d3:24:94:c9:02:
8c:97:f3:32:49:86:ad:f0:96:48:46:77:5d:1d:f9:09:d7:8c:
c2:8b:88:20:e0:7b:0f:05:3a:0d:f6:3e:6b:08:ff:01:22:12:
2c:30:58:ab:28:f2:d5:4e:a1:30:18:e6:d6:1a:82:15:cc:3c:
c3:0b:3c:b9:11:e2:82:08:5f:f5:f7:0b:98:12:67:d7:df:ee:
61:86:0e:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4wfPeLb82+01gJ3VXiXLwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjYwNTE2MTExMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGY2YTI2OGJmYmViMDk4Yzg3NDY4NjkzYzg4ZmZiYWM3MTk1YWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6gOe1SFixWt+URLnjWUac1JaNrB
aFQhCMNIopgRtDzcAEn+pdAujxK133ieAuAIWhtmtphujRpUbR9XVVWQRoAG4IUa
MkNQLI4aPxccMUVt7WMcDlw/Sa2nS9QCMmQ7L0RNMJdZ0lhK7Nl32ZZGo3qmasRK
LeQ7nLwjipsmdPjOW1BxZbW31gYO69McAeN+wVl1w6ajobtmP3qhAiXHxWj3XIAg
ThTXIOw5LKC7a/bLQ97zma9jmdk+6eKTz3z/aLA6vNfctzA+5Wk0cX0x63zKAr7l
xsoQXONMRkEWdz9ohF5PLygwZtQMarur1XW5jnv+mYY+iBEUuaRNzUI2awIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC32omi/vrCYyHRoaTyI/7rHGVrNMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvTGZhaWFMLS1zSmpJZEdocFBJal91c2NaV3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXyagAwQE
XyawMA0GCSqGSIb3DQEBCwUAA4IBAQAyvAwXPQG0KDbQmhY3Cah+MIVC3ZxjjoPv
yMgZgwzTYwOo+4VtxWpfnoP0DmVXKciHIChnzMS7FIDcCShsRTyES2xGHuVOw0gZ
0L8gpWd1RUA5PWJ2m0silBkLZiCekhjAt0hhqEWMKLDyr2kZBPzzSSzbdOE3so7C
jrx5btlSaxvQQocToPRf3B6+gZRRqQ4WD432qCmdmwzJHLJ3mZCKUurBLQwdZtiC
kqJ1MoG80ySUyQKMl/MySYat8JZIRnddHfkJ14zCi4gg4HsPBToN9j5rCP8BIhIs
MFirKPLVTqEwGObWGoIVzDzDCzy5EeKCCF/19wuYEmfX3+5hhg4z
-----END CERTIFICATE-----
Generated at Sat May 16 19:27:57 2026 by rpki-client