Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/FSHrqYhJli1tSVyjlj_58RREeXk.roa
File: FSHrqYhJli1tSVyjlj_58RREeXk.roa (raw, json)
Hash identifier: uSCHyOKTAFU7tgMnLJvTfArI/447X68lLDwgFscWtJQ=
Subject key identifier: 15:21:EB:A9:88:49:96:2D:6D:49:5C:A3:96:3F:F9:F1:14:44:79:79
Certificate issuer: /CN=a4338168cd9d5af0604013fc4274126fc581f3cb
Certificate serial: 019CE7A7095141244BC42909598C4D69DC8B
Authority key identifier: A4:33:81:68:CD:9D:5A:F0:60:40:13:FC:42:74:12:6F:C5:81:F3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDOBaM2dWvBgQBP8QnQSb8WB88s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/FSHrqYhJli1tSVyjlj_58RREeXk.roa
Signing time: Fri 13 Mar 2026 14:43:29 +0000
ROA not before: Fri 13 Mar 2026 14:43:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34927
IP address blocks: 185.44.82.0/24 maxlen: 24
185.44.83.0/24 maxlen: 24
194.76.231.0/24 maxlen: 24
2a12:f340::/48 maxlen: 48
2a12:f340:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/pDOBaM2dWvBgQBP8QnQSb8WB88s.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/pDOBaM2dWvBgQBP8QnQSb8WB88s.mft
rsync://rpki.ripe.net/repository/DEFAULT/pDOBaM2dWvBgQBP8QnQSb8WB88s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e7:a7:09:51:41:24:4b:c4:29:09:59:8c:4d:69:dc:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4338168cd9d5af0604013fc4274126fc581f3cb
Validity
Not Before: Mar 13 14:43:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1521eba98849962d6d495ca3963ff9f114447979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fd:43:6b:a3:64:73:17:fd:77:eb:66:8f:6a:
3d:d8:88:63:5c:93:25:0f:50:01:93:95:b3:8d:5d:
d9:f0:a8:d7:c2:9c:80:09:c6:0c:8d:ea:85:9a:64:
3c:c3:75:b9:06:04:c3:be:e9:20:9e:6a:64:b9:1d:
5d:0a:91:60:09:7a:45:e1:42:f2:b7:ff:66:21:4f:
a9:0d:1c:3d:39:60:a3:8d:6e:a9:c2:ba:fc:73:68:
5a:3f:43:24:37:00:d4:b1:d6:2a:41:58:68:74:e0:
80:b3:c4:32:85:15:99:a6:d1:52:8b:b9:33:3c:0d:
47:5c:4d:75:8f:70:12:93:94:b8:2e:70:f6:ac:ab:
19:32:91:bf:ce:c4:89:28:30:6e:40:35:29:eb:e5:
d5:2b:b8:57:d5:df:ad:99:95:0d:57:dd:55:20:c2:
e5:ba:4d:69:73:93:83:dc:f1:b2:a2:47:c8:e0:2c:
a7:4a:a7:25:45:84:14:00:8e:bd:f6:dc:49:9a:90:
d3:70:ec:b0:d8:22:3e:7b:d7:a2:14:9d:14:2d:bc:
75:7d:be:6e:ed:26:b8:75:3f:d9:c7:22:2d:1b:23:
02:c2:91:5a:fa:ff:b2:49:0f:ad:9a:dc:87:6c:ef:
99:3d:04:fa:4b:02:27:34:1f:6f:56:6c:76:df:9f:
5d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:21:EB:A9:88:49:96:2D:6D:49:5C:A3:96:3F:F9:F1:14:44:79:79
X509v3 Authority Key Identifier:
keyid:A4:33:81:68:CD:9D:5A:F0:60:40:13:FC:42:74:12:6F:C5:81:F3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDOBaM2dWvBgQBP8QnQSb8WB88s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/FSHrqYhJli1tSVyjlj_58RREeXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/176f7d-6f0f-45e5-97f2-c9db981a2a2f/1/pDOBaM2dWvBgQBP8QnQSb8WB88s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.82.0/23
194.76.231.0/24
IPv6:
2a12:f340::/48
2a12:f340:2::/48
Signature Algorithm: sha256WithRSAEncryption
71:f0:8d:b4:5e:24:06:65:6f:e9:20:3e:e8:d1:0c:83:bf:74:
ef:a0:83:30:7e:23:d7:5a:78:5d:f5:3f:37:30:61:3c:f1:aa:
48:6a:97:6d:c7:e7:a6:e2:89:e1:e2:cf:60:2d:ce:0f:04:92:
99:76:db:0c:63:69:9a:96:f5:7e:c5:9b:d5:b1:35:48:f9:e0:
11:d2:b7:22:c7:df:4f:14:6e:2c:f6:73:d8:39:fe:97:0d:7a:
c5:35:2e:bb:e9:e4:2c:95:28:47:af:7d:f1:d6:ec:46:32:05:
13:d2:f4:32:23:d2:bc:d5:0a:9b:ea:8f:43:63:aa:23:75:21:
0c:80:3f:90:0d:28:10:e1:a4:37:47:92:da:81:b5:a3:43:17:
a8:cd:52:7a:6e:bf:42:86:01:3b:21:c7:76:40:49:11:be:5d:
c3:31:22:64:e7:4b:e9:fa:74:fb:eb:37:ee:60:0d:f5:76:fd:
da:d4:c5:da:b3:8f:f9:ce:69:fc:79:ef:22:58:e0:76:ee:fc:
9f:e5:24:89:6b:7d:83:c6:26:c2:6f:65:43:04:54:7d:d0:84:
f6:4a:50:6f:55:f2:31:7e:33:75:3c:b5:41:48:88:52:f6:11:
d3:e1:79:74:73:5e:b0:b5:32:b7:98:6c:54:e3:f7:14:f6:97:
f2:ab:59:d1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZznpwlRQSRLxCkJWYxNadyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzM4MTY4Y2Q5ZDVhZjA2MDQwMTNmYzQyNzQxMjZmYzU4
MWYzY2IwHhcNMjYwMzEzMTQ0MzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTIxZWJhOTg4NDk5NjJkNmQ0OTVjYTM5NjNmZjlmMTE0NDQ3OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv1Da6Nkcxf9d+tmj2o92IhjXJMl
D1ABk5WzjV3Z8KjXwpyACcYMjeqFmmQ8w3W5BgTDvukgnmpkuR1dCpFgCXpF4ULy
t/9mIU+pDRw9OWCjjW6pwrr8c2haP0MkNwDUsdYqQVhodOCAs8QyhRWZptFSi7kz
PA1HXE11j3ASk5S4LnD2rKsZMpG/zsSJKDBuQDUp6+XVK7hX1d+tmZUNV91VIMLl
uk1pc5OD3PGyokfI4CynSqclRYQUAI699txJmpDTcOyw2CI+e9eiFJ0ULbx1fb5u
7Sa4dT/ZxyItGyMCwpFa+v+ySQ+tmtyHbO+ZPQT6SwInNB9vVmx2359dVwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBUh66mISZYtbUlco5Y/+fEURHl5MB8GA1UdIwQY
MBaAFKQzgWjNnVrwYEAT/EJ0Em/FgfPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERPQmFNMmRXdkJnUUJQOFFuUVNiOFdCODhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xNzZmN2QtNmYwZi00NWU1LTk3ZjIt
YzlkYjk4MWEyYTJmLzEvRlNIcnFZaEpsaTF0U1Z5amxqXzU4UlJFZVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xNzZmN2QtNmYwZi00NWU1LTk3ZjItYzlkYjk4MWEyYTJm
LzEvcERPQmFNMmRXdkJnUUJQOFFuUVNiOFdCODhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBuSxSAwQA
wkznMBgEAgACMBIDBwAqEvNAAAADBwAqEvNAAAIwDQYJKoZIhvcNAQELBQADggEB
AHHwjbReJAZlb+kgPujRDIO/dO+ggzB+I9daeF31PzcwYTzxqkhql23H56biieHi
z2Atzg8Ekpl22wxjaZqW9X7Fm9WxNUj54BHStyLH308Ubiz2c9g5/pcNesU1Lrvp
5CyVKEevffHW7EYyBRPS9DIj0rzVCpvqj0NjqiN1IQyAP5ANKBDhpDdHktqBtaND
F6jNUnpuv0KGATshx3ZASRG+XcMxImTnS+n6dPvrN+5gDfV2/drUxdqzj/nOafx5
7yJY4Hbu/J/lJIlrfYPGJsJvZUMEVH3QhPZKUG9V8jF+M3U8tUFIiFL2EdPheXRz
XrC1MreYbFTj9xT2l/KrWdE=
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:11:38 2026 by rpki-client