Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/s_LkmOydE-BR39nlqiABZBpNPE8.roa
File: s_LkmOydE-BR39nlqiABZBpNPE8.roa (raw, json)
Hash identifier: 5ERKj0LaSZu63sJz6livBSnWFuT1Rqsvrlj+/MHWB7c=
Subject key identifier: B3:F2:E4:98:EC:9D:13:E0:51:DF:D9:E5:AA:20:01:64:1A:4D:3C:4F
Certificate issuer: /CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Certificate serial: 019E07734A5BB03335A3118E256109CA7FF2
Authority key identifier: 74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/s_LkmOydE-BR39nlqiABZBpNPE8.roa
Signing time: Fri 08 May 2026 11:57:36 +0000
ROA not before: Fri 08 May 2026 11:57:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34740
IP address blocks: 89.38.48.0/24 maxlen: 24
89.38.49.0/24 maxlen: 24
89.38.50.0/24 maxlen: 24
89.38.51.0/24 maxlen: 24
185.69.240.0/24 maxlen: 24
188.215.144.0/20 maxlen: 20
2a03:32e0::/32 maxlen: 48
2a03:32e0::/48 maxlen: 48
2a03:32e0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:07:73:4a:5b:b0:33:35:a3:11:8e:25:61:09:ca:7f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Validity
Not Before: May 8 11:57:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b3f2e498ec9d13e051dfd9e5aa2001641a4d3c4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e8:1e:9e:15:19:12:ff:94:c7:02:08:31:2a:
90:d1:c4:e2:16:b9:ba:a2:29:00:75:6d:ca:38:4f:
d1:7b:96:e1:22:d6:99:9b:6c:ee:19:54:a9:cd:9d:
b1:f1:11:8a:1d:6b:03:a3:06:18:d8:d9:ff:6f:76:
5f:3e:d7:0a:22:47:f1:40:2c:60:a1:4b:a3:f5:35:
1a:f0:be:97:e7:10:ee:ac:e6:7f:52:f0:0d:93:ba:
02:4b:7e:f4:84:ed:ed:e0:68:03:62:0d:58:81:e5:
d8:e8:cb:3d:9d:1d:e8:ef:a0:af:b8:74:5b:78:b5:
5c:24:8f:b5:10:9a:0a:78:ee:40:64:53:c5:e7:9e:
21:f1:58:de:f3:78:04:7d:be:fa:4d:7c:d7:36:dc:
a7:bd:78:a8:d8:d1:d3:3d:db:59:7e:e1:17:0a:78:
6a:92:c0:ec:59:ce:2e:51:11:ab:43:eb:d5:97:c8:
16:08:73:1b:d2:64:50:9e:d1:93:23:cf:10:cf:77:
51:c8:23:e4:ef:37:3b:c9:45:b8:f5:d8:10:f3:bb:
0f:3a:75:3c:01:ea:96:c7:d6:45:4c:51:43:45:e9:
a7:e1:9c:af:36:62:7e:11:d9:d0:39:fe:d1:51:fe:
aa:b1:14:f9:d7:50:1a:62:90:10:11:67:c4:49:2e:
33:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F2:E4:98:EC:9D:13:E0:51:DF:D9:E5:AA:20:01:64:1A:4D:3C:4F
X509v3 Authority Key Identifier:
keyid:74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/s_LkmOydE-BR39nlqiABZBpNPE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.48.0/22
185.69.240.0/24
188.215.144.0/20
IPv6:
2a03:32e0::/32
Signature Algorithm: sha256WithRSAEncryption
05:6c:5f:4c:7c:a4:91:c4:ae:ab:9d:8e:c3:11:31:df:a0:5f:
64:bd:ee:59:ae:87:bd:c1:4b:3e:e5:96:ab:f1:aa:5f:73:12:
50:05:d6:77:c6:f4:47:6f:87:21:53:55:5c:f1:d5:35:0a:5f:
f4:71:34:e9:61:d1:6d:2b:8f:b5:c7:72:2c:1a:4c:bf:fd:c8:
8e:0c:2e:a5:c8:dc:e4:f2:77:bb:24:34:53:93:c7:c6:2e:0f:
db:c5:5d:ef:3e:aa:96:c6:a7:fa:50:6d:2d:aa:0f:17:02:9e:
09:62:e0:29:69:67:d8:a2:74:52:c6:b9:30:cd:e6:59:65:9a:
8f:21:5c:5c:b9:09:f6:3a:6b:e0:de:80:e5:c7:28:0f:36:8d:
0e:20:76:b9:33:c7:a5:cc:3b:47:f5:45:de:d4:58:f3:e9:ec:
9e:67:25:85:fb:47:0e:2c:ad:31:25:18:66:82:70:69:45:b7:
ae:79:71:5d:c9:31:46:90:51:94:21:f4:9d:d2:1d:bf:4f:ce:
ee:8e:bb:bb:77:ec:b4:bd:d1:ff:8c:a6:ec:e7:5a:ba:9d:4a:
c5:19:c8:19:93:b5:37:09:a3:00:43:00:78:99:1b:8a:d1:e3:
76:a0:95:0b:a4:31:50:e0:31:28:4d:fe:8e:55:99:42:84:ea:
d6:01:52:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ4Hc0pbsDM1oxGOJWEJyn/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ODk2YzU0NGI0NjFkOGIwNjJlZmY5ZTNkMmMyOWNkM2Nj
OTYwZWMwHhcNMjYwNTA4MTE1NzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2YyZTQ5OGVjOWQxM2UwNTFkZmQ5ZTVhYTIwMDE2NDFhNGQzYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+genhUZEv+UxwIIMSqQ0cTiFrm6
oikAdW3KOE/Re5bhItaZm2zuGVSpzZ2x8RGKHWsDowYY2Nn/b3ZfPtcKIkfxQCxg
oUuj9TUa8L6X5xDurOZ/UvANk7oCS370hO3t4GgDYg1YgeXY6Ms9nR3o76CvuHRb
eLVcJI+1EJoKeO5AZFPF554h8Vje83gEfb76TXzXNtynvXio2NHTPdtZfuEXCnhq
ksDsWc4uURGrQ+vVl8gWCHMb0mRQntGTI88Qz3dRyCPk7zc7yUW49dgQ87sPOnU8
AeqWx9ZFTFFDRemn4ZyvNmJ+EdnQOf7RUf6qsRT511AaYpAQEWfESS4zuwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLPy5JjsnRPgUd/Z5aogAWQaTTxPMB8GA1UdIwQY
MBaAFHSJbFRLRh2LBi7/nj0sKc08yWDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2Yt
Y2YxNzQwODIzNDAwLzEvc19Ma21PeWRFLUJSMzlubHFpQUJaQnBOUEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2YtY2YxNzQwODIzNDAw
LzEvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCWSYwAwQA
uUXwAwQEvNeQMA0EAgACMAcDBQAqAzLgMA0GCSqGSIb3DQEBCwUAA4IBAQAFbF9M
fKSRxK6rnY7DETHfoF9kve5Zroe9wUs+5Zar8apfcxJQBdZ3xvRHb4chU1Vc8dU1
Cl/0cTTpYdFtK4+1x3IsGky//ciODC6lyNzk8ne7JDRTk8fGLg/bxV3vPqqWxqf6
UG0tqg8XAp4JYuApaWfYonRSxrkwzeZZZZqPIVxcuQn2Omvg3oDlxygPNo0OIHa5
M8elzDtH9UXe1Fjz6eyeZyWF+0cOLK0xJRhmgnBpRbeueXFdyTFGkFGUIfSd0h2/
T87ujru7d+y0vdH/jKbs51q6nUrFGcgZk7U3CaMAQwB4mRuK0eN2oJULpDFQ4DEo
Tf6OVZlChOrWAVJt
-----END CERTIFICATE-----
Generated at Wed May 13 11:51:02 2026 by rpki-client