Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/lVpZAUc7qjcetTd3RGNA9GASrfY.roa
File: lVpZAUc7qjcetTd3RGNA9GASrfY.roa (raw, json)
Hash identifier: MsG+zzzKR9slrtwvP+3tiSHAXUDOrqk0viarDp9CSdo=
Subject key identifier: 95:5A:59:01:47:3B:AA:37:1E:B5:37:77:44:63:40:F4:60:12:AD:F6
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019C5863AC8812BD2DA932B733E0CDC68319
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/lVpZAUc7qjcetTd3RGNA9GASrfY.roa
Signing time: Fri 13 Feb 2026 19:04:12 +0000
ROA not before: Fri 13 Feb 2026 19:04:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198154
IP address blocks: 89.44.242.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
109.122.247.0/24 maxlen: 24
109.122.249.0/24 maxlen: 24
109.122.254.0/23 maxlen: 24
188.212.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:58:63:ac:88:12:bd:2d:a9:32:b7:33:e0:cd:c6:83:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Feb 13 19:04:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=955a5901473baa371eb53777446340f46012adf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e1:9b:d1:4f:97:c4:f8:ca:13:21:be:d0:a9:
75:b4:1e:38:6d:cd:80:94:bd:af:93:8f:11:b6:a3:
74:7c:0c:40:92:67:81:04:f8:42:fe:0a:3a:f0:0a:
18:fc:9c:93:cb:dd:ee:b8:16:f0:38:ec:05:55:21:
6d:f4:45:a5:a1:41:98:c3:af:31:cd:18:50:8c:bb:
ea:75:25:1e:fa:11:91:76:34:0b:c9:ad:1c:b6:0c:
47:aa:b7:1e:26:e1:c7:6c:09:c4:d8:05:e2:37:b1:
c8:11:4f:f7:6a:f4:2f:48:36:65:9b:ec:f6:da:80:
72:53:fa:10:cd:62:67:7e:cd:4b:b5:47:32:36:67:
3a:12:27:5a:a4:0d:c4:85:d1:dd:e3:f6:94:fc:f5:
db:2a:ed:56:59:c7:91:b0:fe:1f:1a:aa:62:8d:16:
5f:c9:bb:17:39:8a:f1:76:bc:1c:62:9f:71:ce:b3:
a3:dc:79:d4:d4:6b:c8:dd:44:55:6a:54:42:2c:71:
84:ed:b8:ff:71:fe:96:0b:2d:70:18:43:5d:93:bf:
ff:11:73:34:5f:9d:61:b9:fc:6e:3e:34:a1:21:29:
40:ca:8e:38:d1:3b:68:84:ab:b8:d6:64:7e:9a:6a:
27:18:15:35:f4:c2:91:8b:3d:8e:c3:4b:d3:f5:bc:
ca:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5A:59:01:47:3B:AA:37:1E:B5:37:77:44:63:40:F4:60:12:AD:F6
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/lVpZAUc7qjcetTd3RGNA9GASrfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.242.0/24
89.46.217.0/24
109.122.247.0/24
109.122.249.0/24
109.122.254.0/23
188.212.99.0/24
Signature Algorithm: sha256WithRSAEncryption
08:9e:1c:91:50:f9:4c:d9:ec:32:9b:06:42:7b:c4:68:64:01:
e5:74:d5:24:75:ac:f0:e8:d2:23:b2:cb:df:73:6e:0a:d4:7c:
d3:8f:70:19:1b:bf:bb:72:55:57:6a:98:cd:2d:37:77:62:98:
a7:c8:62:1e:79:88:40:49:8f:27:46:32:ef:b9:9a:10:c9:d8:
f9:5d:50:1f:02:61:a6:7b:11:d4:d6:a8:4f:60:03:b2:a6:e1:
bb:06:97:f2:80:a1:e1:fc:b3:d9:f9:ae:74:27:0e:7c:15:fb:
2c:3b:cf:b1:c9:6a:41:bf:91:b1:f2:b0:e0:10:a4:18:6c:26:
80:bb:ef:33:78:ea:21:67:b7:39:b5:25:72:ce:35:e4:d2:00:
ad:10:34:53:21:2f:ce:52:43:f9:53:2e:a9:2f:a2:e8:9e:f7:
47:d4:95:b9:7a:30:ac:2c:a1:75:77:c2:14:17:9c:a3:d9:a1:
0f:31:20:89:bd:d4:67:46:d8:a1:96:46:5f:fe:b4:e5:7b:4b:
01:df:10:d7:22:9e:f3:09:2f:48:14:72:b2:76:d8:bd:6b:7a:
4c:9a:ef:9a:61:cd:1a:15:c0:16:ef:0b:ff:77:27:5b:65:b7:
12:c6:b3:d3:c9:53:47:f4:aa:2b:ab:65:61:77:97:dd:3a:8e:
0f:81:14:87
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZxYY6yIEr0tqTK3M+DNxoMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjYwMjEzMTkwNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTVhNTkwMTQ3M2JhYTM3MWViNTM3Nzc0NDYzNDBmNDYwMTJhZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuGb0U+XxPjKEyG+0Kl1tB44bc2A
lL2vk48RtqN0fAxAkmeBBPhC/go68AoY/JyTy93uuBbwOOwFVSFt9EWloUGYw68x
zRhQjLvqdSUe+hGRdjQLya0ctgxHqrceJuHHbAnE2AXiN7HIEU/3avQvSDZlm+z2
2oByU/oQzWJnfs1LtUcyNmc6EidapA3EhdHd4/aU/PXbKu1WWceRsP4fGqpijRZf
ybsXOYrxdrwcYp9xzrOj3HnU1GvI3URValRCLHGE7bj/cf6WCy1wGENdk7//EXM0
X51hufxuPjShISlAyo440TtohKu41mR+mmonGBU19MKRiz2Ow0vT9bzKOwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJVaWQFHO6o3HrU3d0RjQPRgEq32MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvbFZwWkFVYzdxamNldFRkM1JHTkE5R0FTcmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSzyAwQA
WS7ZAwQAbXr3AwQAbXr5AwQBbXr+AwQAvNRjMA0GCSqGSIb3DQEBCwUAA4IBAQAI
nhyRUPlM2ewymwZCe8RoZAHldNUkdazw6NIjssvfc24K1HzTj3AZG7+7clVXapjN
LTd3YpinyGIeeYhASY8nRjLvuZoQydj5XVAfAmGmexHU1qhPYAOypuG7BpfygKHh
/LPZ+a50Jw58FfssO8+xyWpBv5Gx8rDgEKQYbCaAu+8zeOohZ7c5tSVyzjXk0gCt
EDRTIS/OUkP5Uy6pL6LonvdH1JW5ejCsLKF1d8IUF5yj2aEPMSCJvdRnRtihlkZf
/rTle0sB3xDXIp7zCS9IFHKydti9a3pMmu+aYc0aFcAW7wv/dydbZbcSxrPTyVNH
9Korq2Vhd5fdOo4PgRSH
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:16:52 2026 by rpki-client