Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/rLATH_cRU9R2CRUg391jtLBKHvM.roa
File: rLATH_cRU9R2CRUg391jtLBKHvM.roa (raw, json)
Hash identifier: cfLlwKbBsVlo1cSK1agygN0nYq7409jM2xI+56PGyq0=
Subject key identifier: AC:B0:13:1F:F7:11:53:D4:76:09:15:20:DF:DD:63:B4:B0:4A:1E:F3
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 019E039B19521F03BAB1C97DF0F0728793CB
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/rLATH_cRU9R2CRUg391jtLBKHvM.roa
Signing time: Thu 07 May 2026 18:02:36 +0000
ROA not before: Thu 07 May 2026 18:02:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 5.102.38.0/24 maxlen: 24
5.102.39.0/24 maxlen: 24
195.5.125.0/24 maxlen: 24
195.222.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:03:9b:19:52:1f:03:ba:b1:c9:7d:f0:f0:72:87:93:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: May 7 18:02:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=acb0131ff71153d476091520dfdd63b4b04a1ef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6b:b8:6f:8f:c7:be:b9:ad:52:4d:f9:6c:8c:
81:17:0d:35:e8:67:43:44:ed:cb:e0:e7:91:e5:5b:
c3:dd:c2:fd:54:ab:91:38:e9:e3:ff:04:14:d3:ac:
22:b3:77:21:6d:c5:a8:b2:70:a9:b4:da:17:cb:b1:
d4:39:7f:34:01:6b:96:cc:a2:cb:e3:4a:f7:73:4f:
9a:12:04:a9:cc:87:2d:f0:da:43:9a:fe:cf:85:6f:
09:93:01:0f:77:6e:93:6e:cf:6c:cc:c3:4e:35:db:
c4:b0:16:43:fb:6d:73:61:32:fe:a4:e7:f9:90:4d:
90:b8:82:0c:73:84:43:3c:c8:c7:7e:08:0f:3c:78:
ca:a4:19:1f:54:e9:40:f3:30:a0:29:19:c2:d6:ac:
1d:a4:22:a0:d3:c0:2c:22:7d:43:af:20:5d:57:34:
dd:34:cf:5b:06:35:c7:1d:17:af:60:b4:bd:c9:d5:
6c:2e:58:a9:7b:9d:d0:ec:19:b1:9a:12:ac:f2:76:
f5:66:c8:68:1a:b1:46:04:aa:65:bf:f5:9b:c0:d5:
69:4e:b1:cb:3b:07:6e:a2:da:4e:ba:f6:e7:28:85:
21:62:64:a8:21:28:e6:8f:d3:53:3b:48:e6:d8:54:
4d:60:0b:d2:ca:b3:7b:56:11:8d:65:19:1d:95:1c:
70:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B0:13:1F:F7:11:53:D4:76:09:15:20:DF:DD:63:B4:B0:4A:1E:F3
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/rLATH_cRU9R2CRUg391jtLBKHvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.38.0/23
195.5.125.0/24
195.222.127.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:2a:6b:5e:9e:c9:a3:c5:8e:aa:63:ab:41:3c:66:f1:e8:42:
ab:14:1e:80:35:f4:60:8c:86:44:c7:7f:32:c8:9c:24:86:53:
e7:fd:e3:60:b4:08:8d:b5:72:7a:22:42:f7:80:ae:15:6d:7f:
33:27:99:93:f7:6a:a2:4f:48:7d:23:7d:c0:9f:a6:66:f9:5a:
67:65:a2:55:da:10:b0:ab:de:89:fd:27:fc:67:ff:98:6d:07:
b5:65:1d:2d:36:2b:66:40:f8:79:ed:d6:05:6c:7d:a3:27:6c:
be:44:64:7e:1e:e6:cb:d6:41:5b:15:fb:b6:db:db:62:73:59:
a7:a7:06:40:39:62:40:52:52:aa:92:4b:e3:ba:b5:12:4e:a5:
65:62:d2:ae:08:da:89:e5:f9:04:f1:41:d2:4f:60:df:a2:3a:
2f:08:7d:fa:5c:30:4b:b6:b6:56:07:54:db:51:97:16:4d:09:
08:33:20:32:cb:ff:b6:e5:1d:f1:ad:61:02:5c:be:98:95:7a:
ff:1b:03:a1:61:e9:8c:8f:53:83:3e:d0:e9:a1:9d:66:14:3b:
a1:d1:d5:99:3d:73:73:9c:29:2d:da:3f:96:29:9a:ce:9d:96:
2b:3c:4b:f2:df:94:ff:c5:60:9c:6a:63:07:e1:52:be:57:99:
dd:3b:d0:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ4DmxlSHwO6scl98PByh5PLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjYwNTA3MTgwMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2IwMTMxZmY3MTE1M2Q0NzYwOTE1MjBkZmRkNjNiNGIwNGExZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmu4b4/HvrmtUk35bIyBFw016GdD
RO3L4OeR5VvD3cL9VKuROOnj/wQU06wis3chbcWosnCptNoXy7HUOX80AWuWzKLL
40r3c0+aEgSpzIct8NpDmv7PhW8JkwEPd26Tbs9szMNONdvEsBZD+21zYTL+pOf5
kE2QuIIMc4RDPMjHfggPPHjKpBkfVOlA8zCgKRnC1qwdpCKg08AsIn1DryBdVzTd
NM9bBjXHHRevYLS9ydVsLlipe53Q7BmxmhKs8nb1ZshoGrFGBKplv/WbwNVpTrHL
OwduotpOuvbnKIUhYmSoISjmj9NTO0jm2FRNYAvSyrN7VhGNZRkdlRxwxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKywEx/3EVPUdgkVIN/dY7SwSh7zMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvckxBVEhfY1JVOVIyQ1JVZzM5MWp0TEJLSHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBWYmAwQA
wwV9AwQAw95/MA0GCSqGSIb3DQEBCwUAA4IBAQB9KmtensmjxY6qY6tBPGbx6EKr
FB6ANfRgjIZEx38yyJwkhlPn/eNgtAiNtXJ6IkL3gK4VbX8zJ5mT92qiT0h9I33A
n6Zm+VpnZaJV2hCwq96J/Sf8Z/+YbQe1ZR0tNitmQPh57dYFbH2jJ2y+RGR+HubL
1kFbFfu229tic1mnpwZAOWJAUlKqkkvjurUSTqVlYtKuCNqJ5fkE8UHST2Dfojov
CH36XDBLtrZWB1TbUZcWTQkIMyAyy/+25R3xrWECXL6YlXr/GwOhYemMj1ODPtDp
oZ1mFDuh0dWZPXNznCkt2j+WKZrOnZYrPEvy35T/xWCcamMH4VK+V5ndO9Cy
-----END CERTIFICATE-----
Generated at Wed May 13 04:51:22 2026 by rpki-client