Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/fa7QQf3mwNaqx6Q9YVB4JOEPT1Y.roa
File: fa7QQf3mwNaqx6Q9YVB4JOEPT1Y.roa (raw, json)
Hash identifier: cuDfOcc4rXjt55ZYwZL2MoLNfkQ/Mx73QisLDCI3qEU=
Subject key identifier: 7D:AE:D0:41:FD:E6:C0:D6:AA:C7:A4:3D:61:50:78:24:E1:0F:4F:56
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 019CF659DB574EE6DD9CBA3B270F68286603
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/fa7QQf3mwNaqx6Q9YVB4JOEPT1Y.roa
Signing time: Mon 16 Mar 2026 11:13:29 +0000
ROA not before: Mon 16 Mar 2026 11:13:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59745
IP address blocks: 45.151.92.0/22 maxlen: 24
45.151.94.0/24 maxlen: 24
80.66.96.0/20 maxlen: 24
80.66.106.0/24 maxlen: 24
80.66.109.0/24 maxlen: 24
185.198.200.0/22 maxlen: 24
185.198.203.0/24 maxlen: 24
195.20.20.0/22 maxlen: 24
217.180.58.0/24 maxlen: 24
2a0a:8ec0::/29 maxlen: 48
2a0a:8ec0:1000::/36 maxlen: 36
2a0a:8ec0:2000::/36 maxlen: 36
2a0a:8ec0:3000::/36 maxlen: 36
2a0a:8ec0:4000::/36 maxlen: 36
2a0a:8ec0:8003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f6:59:db:57:4e:e6:dd:9c:ba:3b:27:0f:68:28:66:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Mar 16 11:13:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7daed041fde6c0d6aac7a43d61507824e10f4f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f5:f7:c8:81:10:38:c4:58:89:df:b5:04:40:
9c:85:8a:e6:a2:fa:08:fb:ca:77:c9:1e:f7:33:d2:
2f:6b:28:5f:99:53:bf:b0:d1:05:29:ca:82:2b:1b:
0d:0d:73:26:06:a1:2b:70:5e:35:73:b7:47:4e:17:
c1:f8:d5:05:c2:93:dc:22:89:6a:cd:b7:b9:e0:d9:
41:26:58:8e:66:e3:20:c9:34:83:33:24:51:22:3f:
e0:44:62:85:02:cb:fb:6f:13:36:8c:1c:66:d9:75:
29:ec:38:e1:78:78:6f:9b:81:fb:0f:cf:fd:82:6b:
1d:94:06:e3:d9:b3:ea:a3:b4:82:47:36:bb:ca:66:
cf:61:26:39:12:71:67:24:7f:a1:ce:2c:8c:95:1b:
ec:5a:47:5f:2a:cb:bb:12:f0:63:85:99:85:41:94:
ca:68:b3:0c:1d:9f:67:d1:5f:e5:b6:c9:83:27:4c:
00:c9:65:90:ec:73:57:39:45:cb:76:8d:54:ba:57:
bc:da:b6:07:72:48:fa:23:00:c0:78:1d:d8:04:f2:
21:26:6f:e5:b2:00:86:d3:b2:56:35:2c:e0:c4:c4:
3f:63:a5:3f:9e:41:50:b9:33:d2:4a:2a:c6:d0:90:
e9:03:17:01:8d:04:46:7c:5c:08:19:f3:14:c0:42:
1d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:AE:D0:41:FD:E6:C0:D6:AA:C7:A4:3D:61:50:78:24:E1:0F:4F:56
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/fa7QQf3mwNaqx6Q9YVB4JOEPT1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.92.0/22
80.66.96.0/20
185.198.200.0/22
195.20.20.0/22
217.180.58.0/24
IPv6:
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:4d:a3:71:a2:5b:87:80:57:85:82:f7:01:dd:c2:f5:05:77:
28:18:22:e9:de:99:be:5f:b1:ec:49:7a:c4:a3:8d:07:70:09:
b9:23:21:16:00:77:6b:a6:cd:4a:2f:dc:6f:fc:45:1c:2d:cb:
19:c6:06:12:6f:f9:ff:5d:f3:e1:60:37:76:38:2b:58:dc:ee:
61:1e:aa:fe:2f:d9:b3:3e:19:80:84:60:5e:e9:e7:7f:76:44:
f0:5f:a0:65:a6:25:5a:8c:8f:13:00:c0:c9:12:a3:0a:f7:15:
28:91:3b:07:ae:5c:9f:f6:37:11:8b:84:a1:9a:7a:37:9b:d2:
5b:78:80:f2:7d:c4:b0:4f:f1:1b:03:4c:98:da:fe:16:6a:ae:
43:71:62:51:a1:59:d0:13:72:48:2a:71:ef:2f:48:de:c5:09:
ad:0c:58:57:cc:ce:16:10:ad:d3:bb:58:65:0c:54:88:0a:be:
b7:21:25:b4:da:14:6a:14:ba:9f:d4:ce:df:c7:b2:17:e5:fe:
69:1d:53:83:87:88:95:78:fa:6a:26:76:a3:53:c3:4f:9d:7d:
16:3e:4c:f9:44:07:c2:c0:93:42:6f:01:19:b4:1c:7e:8c:18:
58:52:92:aa:f5:9e:98:a1:bf:68:d3:41:e3:2d:47:12:45:8f:
1e:8b:59:e5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZz2WdtXTubdnLo7Jw9oKGYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjYwMzE2MTExMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGFlZDA0MWZkZTZjMGQ2YWFjN2E0M2Q2MTUwNzgyNGUxMGY0ZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPX3yIEQOMRYid+1BECchYrmovoI
+8p3yR73M9IvayhfmVO/sNEFKcqCKxsNDXMmBqErcF41c7dHThfB+NUFwpPcIolq
zbe54NlBJliOZuMgyTSDMyRRIj/gRGKFAsv7bxM2jBxm2XUp7DjheHhvm4H7D8/9
gmsdlAbj2bPqo7SCRza7ymbPYSY5EnFnJH+hziyMlRvsWkdfKsu7EvBjhZmFQZTK
aLMMHZ9n0V/ltsmDJ0wAyWWQ7HNXOUXLdo1Uule82rYHckj6IwDAeB3YBPIhJm/l
sgCG07JWNSzgxMQ/Y6U/nkFQuTPSSirG0JDpAxcBjQRGfFwIGfMUwEIdPwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFH2u0EH95sDWqsekPWFQeCThD09WMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvZmE3UVFmM213TmFxeDZROVlWQjRKT0VQVDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLZdcAwQE
UEJgAwQCucbIAwQCwxQUAwQA2bQ6MA0EAgACMAcDBQMqCo7AMA0GCSqGSIb3DQEB
CwUAA4IBAQB8TaNxoluHgFeFgvcB3cL1BXcoGCLp3pm+X7HsSXrEo40HcAm5IyEW
AHdrps1KL9xv/EUcLcsZxgYSb/n/XfPhYDd2OCtY3O5hHqr+L9mzPhmAhGBe6ed/
dkTwX6BlpiVajI8TAMDJEqMK9xUokTsHrlyf9jcRi4Shmno3m9JbeIDyfcSwT/Eb
A0yY2v4Waq5DcWJRoVnQE3JIKnHvL0jexQmtDFhXzM4WEK3Tu1hlDFSICr63ISW0
2hRqFLqf1M7fx7IX5f5pHVODh4iVePpqJnajU8NPnX0WPkz5RAfCwJNCbwEZtBx+
jBhYUpKq9Z6Yob9o00HjLUcSRY8ei1nl
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:01:56 2026 by rpki-client