Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/fuJR7zUWaN-TjIyWdm9xILkLpdI.roa
File: fuJR7zUWaN-TjIyWdm9xILkLpdI.roa (raw, json)
Hash identifier: ef1iuASpZIrm7FO3BP7G5P1P8qiWanOfbz6a7iODlcE=
Subject key identifier: 7E:E2:51:EF:35:16:68:DF:93:8C:8C:96:76:6F:71:20:B9:0B:A5:D2
Certificate issuer: /CN=48f47a31172fb549c696132880c6824fb0777b55
Certificate serial: 019D1FE78144D9ED5B4DBFFB988D9DF2F893
Authority key identifier: 48:F4:7A:31:17:2F:B5:49:C6:96:13:28:80:C6:82:4F:B0:77:7B:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SPR6MRcvtUnGlhMogMaCT7B3e1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/fuJR7zUWaN-TjIyWdm9xILkLpdI.roa
Signing time: Tue 24 Mar 2026 12:52:38 +0000
ROA not before: Tue 24 Mar 2026 12:52:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51514
IP address blocks: 46.31.48.0/21 maxlen: 24
185.53.16.0/22 maxlen: 24
185.79.82.0/23 maxlen: 24
2a02:23e8::/32 maxlen: 48
2a02:23ea::/32 maxlen: 48
2a02:23ee::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/SPR6MRcvtUnGlhMogMaCT7B3e1U.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/SPR6MRcvtUnGlhMogMaCT7B3e1U.mft
rsync://rpki.ripe.net/repository/DEFAULT/SPR6MRcvtUnGlhMogMaCT7B3e1U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:e7:81:44:d9:ed:5b:4d:bf:fb:98:8d:9d:f2:f8:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48f47a31172fb549c696132880c6824fb0777b55
Validity
Not Before: Mar 24 12:52:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ee251ef351668df938c8c96766f7120b90ba5d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:88:0a:ff:0e:dc:9e:2b:f9:70:05:ff:18:cf:
5d:a6:91:df:f5:2f:a4:d6:73:46:e0:c2:39:e3:1f:
02:b3:2a:b8:46:02:21:7e:8b:dd:77:6a:6f:da:86:
30:ed:00:b3:fe:a7:9f:95:0b:d1:e2:6b:0c:58:74:
66:6c:42:a6:58:74:c9:6b:0e:b3:55:bd:35:b0:06:
d8:01:6d:b8:31:d9:eb:38:47:74:41:1e:a0:6b:85:
fc:29:d2:db:38:00:c0:f6:d2:37:22:9b:95:73:ec:
d9:d7:99:2f:ca:1a:f7:db:79:1b:5f:4f:91:0e:cc:
1b:d1:1b:c3:9a:b3:e9:d7:34:98:27:82:52:b1:21:
30:e3:f5:46:e8:88:fb:86:4a:23:7e:91:d1:6c:e4:
b2:32:68:b7:5a:28:8c:aa:d7:93:5a:fc:93:22:c3:
17:eb:f6:ba:1a:b5:91:ac:f2:38:60:12:37:39:64:
b3:4e:2a:42:0c:4a:6e:d9:2a:c1:92:95:11:8a:9f:
f8:20:dc:16:38:e4:bf:bc:21:f8:59:b4:8c:1a:2f:
5d:ee:32:f7:b1:42:fa:0b:26:8f:3d:73:7a:f6:df:
c7:09:ea:62:b2:31:33:b5:bf:50:1c:88:bf:ca:55:
6a:e2:47:a2:7d:a6:6e:db:64:f5:cf:2d:46:75:59:
41:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E2:51:EF:35:16:68:DF:93:8C:8C:96:76:6F:71:20:B9:0B:A5:D2
X509v3 Authority Key Identifier:
keyid:48:F4:7A:31:17:2F:B5:49:C6:96:13:28:80:C6:82:4F:B0:77:7B:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SPR6MRcvtUnGlhMogMaCT7B3e1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/fuJR7zUWaN-TjIyWdm9xILkLpdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/090638-8a99-4063-93a0-6e9938972708/1/SPR6MRcvtUnGlhMogMaCT7B3e1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.48.0/21
185.53.16.0/22
185.79.82.0/23
IPv6:
2a02:23e8::/32
2a02:23ea::/32
2a02:23ee::/48
Signature Algorithm: sha256WithRSAEncryption
65:2a:64:18:9f:6d:89:dc:af:f6:cb:74:69:2f:7d:45:05:11:
9a:31:71:af:86:d2:79:fc:d9:3b:ed:e9:bb:8e:fa:37:6b:b5:
1d:a3:28:60:a1:cd:77:71:9a:84:1e:60:1e:1d:32:ff:e4:16:
9b:da:f2:65:bb:df:c6:17:45:04:31:60:c1:2b:31:82:bb:0b:
fc:ba:87:54:2b:03:df:28:50:3e:71:b4:29:1a:33:3b:c2:e1:
c9:37:86:a5:38:80:73:5c:12:4f:47:ba:65:7a:94:c5:2a:05:
f9:9b:54:ce:3d:08:cd:80:4c:14:9f:22:a2:e4:4c:dd:45:63:
46:5d:b2:7d:94:0d:00:be:db:ad:74:6f:a2:e2:a2:31:38:d8:
54:04:14:df:be:95:f5:d7:6d:05:fa:7b:57:b7:60:63:0f:fb:
6f:ba:b8:1f:8b:74:2e:0c:70:72:ce:fe:45:fd:e9:d1:88:26:
89:45:a3:27:be:9b:fe:d6:d9:31:04:1e:38:92:44:df:d2:1a:
1c:f2:41:f3:7f:e8:22:e9:07:08:e1:ca:d6:9f:aa:5e:4a:21:
a4:d5:25:0a:ed:01:4d:e3:de:f8:34:97:84:cb:75:0e:71:21:
d9:bb:e6:5c:69:52:0f:31:c8:4e:7e:66:75:09:09:df:97:e5:
4b:f1:21:fb
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZ0f54FE2e1bTb/7mI2d8viTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZjQ3YTMxMTcyZmI1NDljNjk2MTMyODgwYzY4MjRmYjA3
NzdiNTUwHhcNMjYwMzI0MTI1MjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWUyNTFlZjM1MTY2OGRmOTM4YzhjOTY3NjZmNzEyMGI5MGJhNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYgK/w7cniv5cAX/GM9dppHf9S+k
1nNG4MI54x8Csyq4RgIhfovdd2pv2oYw7QCz/qeflQvR4msMWHRmbEKmWHTJaw6z
Vb01sAbYAW24MdnrOEd0QR6ga4X8KdLbOADA9tI3IpuVc+zZ15kvyhr323kbX0+R
Dswb0RvDmrPp1zSYJ4JSsSEw4/VG6Ij7hkojfpHRbOSyMmi3WiiMqteTWvyTIsMX
6/a6GrWRrPI4YBI3OWSzTipCDEpu2SrBkpURip/4INwWOOS/vCH4WbSMGi9d7jL3
sUL6CyaPPXN69t/HCepisjEztb9QHIi/ylVq4keifaZu22T1zy1GdVlBKQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFH7iUe81Fmjfk4yMlnZvcSC5C6XSMB8GA1UdIwQY
MBaAFEj0ejEXL7VJxpYTKIDGgk+wd3tVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1BSNk1SY3Z0VW5HbGhNb2dNYUNUN0IzZTFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wOTA2MzgtOGE5OS00MDYzLTkzYTAt
NmU5OTM4OTcyNzA4LzEvZnVKUjd6VVdhTi1Uakl5V2RtOXhJTGtMcGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wOTA2MzgtOGE5OS00MDYzLTkzYTAtNmU5OTM4OTcyNzA4
LzEvU1BSNk1SY3Z0VW5HbGhNb2dNYUNUN0IzZTFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAYBAIAATASAwQDLh8wAwQC
uTUQAwQBuU9SMB0EAgACMBcDBQAqAiPoAwUAKgIj6gMHACoCI+4AADANBgkqhkiG
9w0BAQsFAAOCAQEAZSpkGJ9tidyv9st0aS99RQURmjFxr4bSefzZO+3pu476N2u1
HaMoYKHNd3GahB5gHh0y/+QWm9ryZbvfxhdFBDFgwSsxgrsL/LqHVCsD3yhQPnG0
KRozO8LhyTeGpTiAc1wST0e6ZXqUxSoF+ZtUzj0IzYBMFJ8iouRM3UVjRl2yfZQN
AL7brXRvouKiMTjYVAQU376V9ddtBfp7V7dgYw/7b7q4H4t0Lgxwcs7+Rf3p0Ygm
iUWjJ76b/tbZMQQeOJJE39IaHPJB83/oIukHCOHK1p+qXkohpNUlCu0BTePe+DSX
hMt1DnEh2bvmXGlSDzHITn5mdQkJ35flS/Eh+w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:07:34 2026 by rpki-client