Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/fr4aZ8Uu5cjkIPAMz1mEEDth2OQ.roa
File: fr4aZ8Uu5cjkIPAMz1mEEDth2OQ.roa (raw, json)
Hash identifier: u3xz1gSovZyLVFKoLfba+16hM7XAa3x4UM4AaM7LTjw=
Subject key identifier: 7E:BE:1A:67:C5:2E:E5:C8:E4:20:F0:0C:CF:59:84:10:3B:61:D8:E4
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019E17FC3FB4C2B5BBC86E07C7D59BD05261
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/fr4aZ8Uu5cjkIPAMz1mEEDth2OQ.roa
Signing time: Mon 11 May 2026 17:01:07 +0000
ROA not before: Mon 11 May 2026 17:01:07 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397044
IP address blocks: 94.131.52.0/22 maxlen: 24
94.131.52.0/24 maxlen: 24
94.131.56.0/22 maxlen: 24
94.131.56.0/23 maxlen: 24
94.131.57.0/24 maxlen: 24
94.131.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:fc:3f:b4:c2:b5:bb:c8:6e:07:c7:d5:9b:d0:52:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: May 11 17:01:07 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ebe1a67c52ee5c8e420f00ccf5984103b61d8e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4b:d9:b9:28:40:29:3c:69:62:aa:1f:7a:61:
01:c5:0e:6a:9a:30:f6:bf:03:f8:24:79:d5:3a:ac:
04:04:3d:71:a7:9c:60:83:a5:cb:78:57:9a:de:7d:
68:a2:9a:c7:cd:1a:38:a6:03:a5:35:14:ef:1c:b1:
18:ba:e5:59:fc:d7:28:00:1c:9a:87:92:0e:3f:f4:
63:92:ba:79:31:f4:be:9f:48:85:9d:67:06:e1:8b:
99:e2:c5:f0:34:c7:77:15:a3:08:3a:cf:d4:64:af:
44:a9:81:5e:70:75:20:ca:ef:3f:9c:df:c5:7f:9e:
ec:b9:21:e9:db:b1:a2:c8:2c:de:28:cd:69:b4:48:
88:0b:bf:6e:d9:78:70:4f:e9:08:08:e4:5c:9e:97:
10:b1:72:9a:f2:cf:4e:4b:09:8e:1c:ac:12:93:cf:
b4:01:63:c7:43:b4:fe:61:fd:c2:b8:19:93:25:29:
99:5b:1a:b3:0c:5d:51:c3:15:0f:8f:f0:52:05:cf:
55:ab:57:7c:81:f3:ed:01:cf:de:55:04:9a:0d:67:
83:b2:57:5b:eb:da:b5:7b:be:0a:b4:ef:54:0e:66:
21:67:92:e4:ce:4e:01:45:ab:19:78:ac:33:49:ca:
ef:2d:b9:cf:fa:1e:0d:70:d4:6e:2e:03:3f:bc:e8:
c0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:BE:1A:67:C5:2E:E5:C8:E4:20:F0:0C:CF:59:84:10:3B:61:D8:E4
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/fr4aZ8Uu5cjkIPAMz1mEEDth2OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.52.0-94.131.59.255
Signature Algorithm: sha256WithRSAEncryption
a4:15:dd:54:a7:f3:39:e5:12:50:99:22:c3:36:2a:c5:fe:fb:
72:d7:62:35:ee:10:a3:22:28:b5:dd:57:80:18:0c:f7:c0:df:
68:c4:d4:eb:c9:1b:0c:a0:49:7f:77:b1:25:c1:30:60:c7:e9:
e5:a1:06:de:b6:ab:d6:34:6e:0b:86:3d:7e:2d:a6:de:52:39:
55:53:6a:f6:5b:a7:19:1a:35:84:08:16:0d:94:22:97:dc:82:
5a:17:9b:93:c9:4e:2b:a4:7a:db:99:a4:15:76:02:64:42:71:
d1:a2:7b:e3:ee:a3:5b:85:39:78:df:10:02:a2:63:ac:4a:fe:
d0:0e:c0:c8:73:63:32:01:75:b6:5c:82:7e:87:f0:9b:53:e8:
fb:ff:83:dc:bd:d9:3e:f9:f8:a9:dc:d5:21:98:6b:a0:3b:1f:
4b:c3:bf:e9:da:54:27:73:92:97:34:1d:9b:fd:73:99:10:41:
6e:b0:09:3d:28:f2:fe:34:7c:8a:1d:c6:7e:8b:4c:8e:93:7d:
52:f5:8d:54:68:13:c6:6d:9a:04:e5:e7:0b:fc:db:ed:fc:d4:
07:d8:2f:00:e3:1c:ef:04:c3:ca:60:ea:12:a2:3a:58:b0:61:
6c:ae:71:9d:f5:eb:a3:8f:84:5d:8f:7c:0e:6c:7b:3d:cb:97:
15:aa:f0:48
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ4X/D+0wrW7yG4Hx9Wb0FJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjYwNTExMTcwMTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWJlMWE2N2M1MmVlNWM4ZTQyMGYwMGNjZjU5ODQxMDNiNjFkOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUvZuShAKTxpYqofemEBxQ5qmjD2
vwP4JHnVOqwEBD1xp5xgg6XLeFea3n1ooprHzRo4pgOlNRTvHLEYuuVZ/NcoABya
h5IOP/Rjkrp5MfS+n0iFnWcG4YuZ4sXwNMd3FaMIOs/UZK9EqYFecHUgyu8/nN/F
f57suSHp27GiyCzeKM1ptEiIC79u2XhwT+kICORcnpcQsXKa8s9OSwmOHKwSk8+0
AWPHQ7T+Yf3CuBmTJSmZWxqzDF1RwxUPj/BSBc9Vq1d8gfPtAc/eVQSaDWeDsldb
69q1e74KtO9UDmYhZ5Lkzk4BRasZeKwzScrvLbnP+h4NcNRuLgM/vOjAtQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFH6+GmfFLuXI5CDwDM9ZhBA7YdjkMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvZnI0YVo4VXU1Y2prSVBBTXoxbUVFRHRoMk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJegzQD
BAJegzgwDQYJKoZIhvcNAQELBQADggEBAKQV3VSn8znlElCZIsM2KsX++3LXYjXu
EKMiKLXdV4AYDPfA32jE1OvJGwygSX93sSXBMGDH6eWhBt62q9Y0bguGPX4tpt5S
OVVTavZbpxkaNYQIFg2UIpfcgloXm5PJTiuketuZpBV2AmRCcdGie+Puo1uFOXjf
EAKiY6xK/tAOwMhzYzIBdbZcgn6H8JtT6Pv/g9y92T75+Knc1SGYa6A7H0vDv+na
VCdzkpc0HZv9c5kQQW6wCT0o8v40fIodxn6LTI6TfVL1jVRoE8ZtmgTl5wv82+38
1AfYLwDjHO8Ew8pg6hKiOliwYWyucZ3166OPhF2PfA5sez3LlxWq8Eg=
-----END CERTIFICATE-----
Generated at Wed May 13 05:56:12 2026 by rpki-client