Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/fb039wzgKrWTpo9UBKmMxEmU6lg.roa
File: fb039wzgKrWTpo9UBKmMxEmU6lg.roa (raw, json)
Hash identifier: 1FyVtgYEfwkfvwt1Pma9rwhF0rhGjwyuVIeNxqwWhN0=
Subject key identifier: 7D:BD:37:F7:0C:E0:2A:B5:93:A6:8F:54:04:A9:8C:C4:49:94:EA:58
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019CFB27685346027F6E4180D7ED02C818CC
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/fb039wzgKrWTpo9UBKmMxEmU6lg.roa
Signing time: Tue 17 Mar 2026 09:36:29 +0000
ROA not before: Tue 17 Mar 2026 09:36:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50835
IP address blocks: 37.97.121.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
46.173.254.0/23 maxlen: 23
77.36.58.0/24 maxlen: 24
77.36.66.0/23 maxlen: 23
81.161.48.0/22 maxlen: 22
91.193.30.0/23 maxlen: 23
91.233.200.0/24 maxlen: 24
91.236.76.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.246.203.0/24 maxlen: 24
93.120.34.0/23 maxlen: 23
93.120.40.0/23 maxlen: 23
109.207.128.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.115.236.0/22 maxlen: 24
176.116.236.0/24 maxlen: 24
176.121.108.0/23 maxlen: 24
194.33.66.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fb:27:68:53:46:02:7f:6e:41:80:d7:ed:02:c8:18:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 17 09:36:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7dbd37f70ce02ab593a68f5404a98cc44994ea58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:35:55:a5:97:19:08:38:e9:81:24:6d:f1:e2:
3c:72:4a:d1:03:82:26:46:4c:04:f4:fe:df:0e:3c:
9e:f0:dc:8b:64:4d:4e:ae:dc:1f:19:56:24:c5:3a:
55:54:83:54:2f:61:c5:16:49:0c:58:52:1f:8e:d3:
22:22:5f:7c:c2:de:92:7c:55:8b:81:c9:6f:03:c6:
b7:28:77:d3:28:d8:51:8d:27:be:24:0f:31:35:c9:
d7:7d:43:27:2d:32:3c:85:29:a5:33:a8:f8:88:04:
2c:a5:a9:05:77:ca:2a:33:35:69:6f:e4:96:b2:42:
e6:fe:b4:f2:c9:b7:98:eb:67:15:36:c5:7c:63:ad:
9f:94:21:7e:13:6d:39:de:c6:9e:5c:5e:c9:6d:58:
85:e2:bb:a2:f4:89:32:e2:fb:b5:b5:e3:cd:96:19:
b3:b6:8d:72:1e:67:e3:2e:5d:18:80:26:61:60:37:
be:13:80:63:10:39:eb:a0:4e:4e:57:29:63:c8:9c:
d6:ef:64:3e:c5:04:91:d1:8e:16:1b:36:0e:af:12:
2f:45:12:a6:96:05:c3:a7:05:27:9f:88:f2:f1:31:
ae:c7:de:07:46:22:68:c5:8b:76:ca:d6:81:fb:40:
96:a4:00:dd:4b:c3:bb:9d:b7:f2:c8:b4:d3:06:8a:
9c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:BD:37:F7:0C:E0:2A:B5:93:A6:8F:54:04:A9:8C:C4:49:94:EA:58
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/fb039wzgKrWTpo9UBKmMxEmU6lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.121.0/24
46.173.248.0/22
46.173.254.0/23
77.36.58.0/24
77.36.66.0/23
81.161.48.0/22
91.193.30.0/23
91.233.200.0/24
91.236.76.0/24
91.239.226.0/24
91.246.203.0/24
93.120.34.0/23
93.120.40.0/23
109.207.128.0/24
109.207.130.0/24
109.207.132.0/24
176.115.236.0/22
176.116.236.0/24
176.121.108.0/23
194.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:d6:f1:6c:c4:6a:8c:27:d7:34:3f:68:96:c8:c7:44:ce:63:
c2:f8:3f:b0:a3:54:40:b5:6e:81:f9:78:c6:88:bf:42:05:d8:
44:0a:b3:c5:1f:8e:99:12:4a:cb:7d:3b:9f:d4:44:02:da:a1:
3a:09:cd:f6:a1:8a:8d:c3:da:a4:d1:19:65:c9:eb:54:39:60:
a1:51:27:b1:99:93:d1:68:a1:a0:f2:73:5f:3a:7c:49:7b:6f:
63:7a:51:a2:a1:a1:7a:c5:d5:48:f9:66:80:47:ec:60:d8:cb:
a6:49:f5:49:55:60:4b:ea:cd:6d:89:a4:31:6e:11:7f:e2:bf:
12:95:fb:2f:b8:50:65:10:74:2f:1d:06:ff:ac:7f:80:3c:d2:
89:e3:13:cd:48:6d:8f:8f:54:9a:bf:72:ea:21:f8:29:91:55:
6d:47:34:70:14:88:ab:d6:ef:64:c3:b6:8a:a6:91:6c:9e:96:
5f:78:d5:5f:69:6c:14:cf:8f:3f:0f:13:a2:cc:e9:65:78:0f:
32:db:69:37:d6:42:4c:dc:5b:39:1e:33:8a:70:af:0d:02:aa:
a0:d7:aa:90:a2:07:bf:4c:40:e7:1b:f2:6d:ab:78:9e:0d:a8:
1e:09:2b:f6:0f:9f:95:f0:57:ba:30:0b:31:02:c1:41:d8:6d:
15:92:6d:b9
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZz7J2hTRgJ/bkGA1+0CyBjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjYwMzE3MDkzNjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGJkMzdmNzBjZTAyYWI1OTNhNjhmNTQwNGE5OGNjNDQ5OTRlYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+jVVpZcZCDjpgSRt8eI8ckrRA4Im
RkwE9P7fDjye8NyLZE1OrtwfGVYkxTpVVINUL2HFFkkMWFIfjtMiIl98wt6SfFWL
gclvA8a3KHfTKNhRjSe+JA8xNcnXfUMnLTI8hSmlM6j4iAQspakFd8oqMzVpb+SW
skLm/rTyybeY62cVNsV8Y62flCF+E2053saeXF7JbViF4rui9Iky4vu1tePNlhmz
to1yHmfjLl0YgCZhYDe+E4BjEDnroE5OVyljyJzW72Q+xQSR0Y4WGzYOrxIvRRKm
lgXDpwUnn4jy8TGux94HRiJoxYt2ytaB+0CWpADdS8O7nbfyyLTTBoqcdwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFH29N/cM4Cq1k6aPVASpjMRJlOpYMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvZmIwMzl3emdLcldUcG85VUJLbU14RW1VNmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAJWF5
AwQCLq34AwQBLq3+AwQATSQ6AwQBTSRCAwQCUaEwAwQBW8EeAwQAW+nIAwQAW+xM
AwQAW+/iAwQAW/bLAwQBXXgiAwQBXXgoAwQAbc+AAwQAbc+CAwQAbc+EAwQCsHPs
AwQAsHTsAwQBsHlsAwQBwiFCMA0GCSqGSIb3DQEBCwUAA4IBAQBP1vFsxGqMJ9c0
P2iWyMdEzmPC+D+wo1RAtW6B+XjGiL9CBdhECrPFH46ZEkrLfTuf1EQC2qE6Cc32
oYqNw9qk0RllyetUOWChUSexmZPRaKGg8nNfOnxJe29jelGioaF6xdVI+WaAR+xg
2MumSfVJVWBL6s1tiaQxbhF/4r8SlfsvuFBlEHQvHQb/rH+APNKJ4xPNSG2Pj1Sa
v3LqIfgpkVVtRzRwFIir1u9kw7aKppFsnpZfeNVfaWwUz48/DxOizOlleA8y22k3
1kJM3Fs5HjOKcK8NAqqg16qQoge/TEDnG/Jtq3ieDageCSv2D5+V8Fe6MAsxAsFB
2G0Vkm25
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:27:25 2026 by rpki-client