Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/FOGBosGtZtXrIIBUEMbGPRMUnSM.roa
File: FOGBosGtZtXrIIBUEMbGPRMUnSM.roa (raw, json)
Hash identifier: 5uENltgcvqTpOLwVKmOle08cC/EenM/q/RZwRZFg1ZU=
Subject key identifier: 14:E1:81:A2:C1:AD:66:D5:EB:20:80:54:10:C6:C6:3D:13:14:9D:23
Certificate issuer: /CN=3e75d49ded20566ca745c28f80cfd9a92f4b7d47
Certificate serial: 019CFAB40CFCBE25A349B4AEDADBA5DD2B9D
Authority key identifier: 3E:75:D4:9D:ED:20:56:6C:A7:45:C2:8F:80:CF:D9:A9:2F:4B:7D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/FOGBosGtZtXrIIBUEMbGPRMUnSM.roa
Signing time: Tue 17 Mar 2026 07:30:29 +0000
ROA not before: Tue 17 Mar 2026 07:30:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6663
IP address blocks: 31.210.8.0/21 maxlen: 21
86.106.122.0/23 maxlen: 23
89.43.132.0/22 maxlen: 22
128.0.4.0/22 maxlen: 22
128.0.5.0/24 maxlen: 24
128.0.6.0/24 maxlen: 24
185.74.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fa:b4:0c:fc:be:25:a3:49:b4:ae:da:db:a5:dd:2b:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e75d49ded20566ca745c28f80cfd9a92f4b7d47
Validity
Not Before: Mar 17 07:30:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=14e181a2c1ad66d5eb20805410c6c63d13149d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9e:f8:3e:99:cc:a5:74:ae:32:9c:25:44:87:
5e:bb:38:0b:d4:0b:a7:0d:9c:6d:7f:a1:65:6c:23:
22:b4:71:1e:8e:20:8a:da:cf:4a:00:f0:1a:35:b9:
bd:a7:57:7c:88:32:70:77:c9:ba:ce:50:45:7c:ec:
e9:6f:dd:b2:a9:38:5f:c4:f0:a9:4e:ac:d1:ab:09:
9d:71:30:5c:e9:4f:95:b2:55:c9:d4:e1:30:f1:72:
e6:0b:4d:5f:60:31:77:11:eb:58:ba:b7:88:36:96:
bb:f3:d7:73:db:96:93:1f:4d:62:14:81:78:eb:48:
0c:26:dd:41:5c:32:cd:ee:48:46:47:27:64:27:9c:
56:47:49:96:49:f1:a9:ae:28:86:a5:07:15:d6:90:
0c:48:6e:18:75:a1:61:4d:af:cd:59:98:52:1c:ae:
6f:6e:09:69:06:11:5b:10:47:62:4b:b0:a0:28:c9:
00:f3:7f:9b:8c:0b:a1:45:fd:28:f4:11:11:be:a3:
66:65:fd:55:b0:37:58:56:14:79:eb:09:32:39:46:
d0:f9:f6:b3:bc:2c:79:ac:a1:92:fe:5b:2f:0c:d5:
59:a8:53:eb:c8:fe:ae:2b:f0:3c:cb:bf:6a:e1:7d:
a0:4c:46:db:35:d3:61:3f:78:32:d8:c3:b1:39:f0:
74:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E1:81:A2:C1:AD:66:D5:EB:20:80:54:10:C6:C6:3D:13:14:9D:23
X509v3 Authority Key Identifier:
keyid:3E:75:D4:9D:ED:20:56:6C:A7:45:C2:8F:80:CF:D9:A9:2F:4B:7D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/FOGBosGtZtXrIIBUEMbGPRMUnSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.8.0/21
86.106.122.0/23
89.43.132.0/22
128.0.4.0/22
185.74.20.0/22
Signature Algorithm: sha256WithRSAEncryption
17:56:c3:be:0e:64:40:46:76:11:2d:90:e0:2c:e4:b2:57:df:
81:d0:7d:92:f8:16:b6:c4:1a:17:b0:e8:5e:38:3a:08:e9:70:
79:96:25:aa:aa:39:c2:a4:21:78:b9:e9:e1:d8:b7:87:35:5f:
b8:10:7b:b2:cc:33:08:a3:87:10:c9:08:37:79:1b:f1:97:d6:
e3:ef:b6:25:0f:99:0c:b5:1d:c3:64:37:1b:ec:60:f3:bb:91:
df:15:5a:2f:59:4f:5a:cd:9d:e7:7c:9b:a1:bf:db:e5:62:15:
a3:72:0e:05:fa:8e:d7:b5:39:eb:53:84:86:51:a8:87:96:9b:
7d:3a:10:71:01:6b:b8:6b:a8:13:4f:8e:d1:95:0e:3f:7e:a0:
bc:ca:ed:2a:ea:25:85:66:98:23:6d:90:45:04:a9:ac:4d:64:
d9:a2:47:74:23:be:ec:40:6f:5c:cc:29:86:1b:1b:51:9e:91:
f7:ce:af:8a:41:2e:7c:33:55:0f:50:04:a0:7c:b1:8b:1a:a8:
6f:e8:fd:e0:d7:4b:9d:86:e2:47:52:00:44:aa:72:f6:7c:93:
45:0e:b7:91:43:32:da:b9:a4:96:81:5f:f0:5c:7b:4e:02:a2:
99:7d:63:a8:c1:d7:4b:f7:28:e2:b8:3d:3d:29:b3:a5:ca:28:
84:a5:24:66
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZz6tAz8viWjSbSu2tul3SudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzVkNDlkZWQyMDU2NmNhNzQ1YzI4ZjgwY2ZkOWE5MmY0
YjdkNDcwHhcNMjYwMzE3MDczMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGUxODFhMmMxYWQ2NmQ1ZWIyMDgwNTQxMGM2YzYzZDEzMTQ5ZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ74PpnMpXSuMpwlRIdeuzgL1Aun
DZxtf6FlbCMitHEejiCK2s9KAPAaNbm9p1d8iDJwd8m6zlBFfOzpb92yqThfxPCp
TqzRqwmdcTBc6U+VslXJ1OEw8XLmC01fYDF3EetYureINpa789dz25aTH01iFIF4
60gMJt1BXDLN7khGRydkJ5xWR0mWSfGpriiGpQcV1pAMSG4YdaFhTa/NWZhSHK5v
bglpBhFbEEdiS7CgKMkA83+bjAuhRf0o9BERvqNmZf1VsDdYVhR56wkyOUbQ+faz
vCx5rKGS/lsvDNVZqFPryP6uK/A8y79q4X2gTEbbNdNhP3gy2MOxOfB0AQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBThgaLBrWbV6yCAVBDGxj0TFJ0jMB8GA1UdIwQY
MBaAFD511J3tIFZsp0XCj4DP2akvS31HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5YVW5lMGdWbXluUmNLUGdNX1pxUzlMZlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xYzE1YTItZDBlYy00YzNhLTg2Y2Qt
ODM2Mzg0NzVkOGFiLzEvRk9HQm9zR3RadFhySUlCVUVNYkdQUk1VblNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xYzE1YTItZDBlYy00YzNhLTg2Y2QtODM2Mzg0NzVkOGFi
LzEvUG5YVW5lMGdWbXluUmNLUGdNX1pxUzlMZlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDH9IIAwQB
Vmp6AwQCWSuEAwQCgAAEAwQCuUoUMA0GCSqGSIb3DQEBCwUAA4IBAQAXVsO+DmRA
RnYRLZDgLOSyV9+B0H2S+Ba2xBoXsOheODoI6XB5liWqqjnCpCF4uenh2LeHNV+4
EHuyzDMIo4cQyQg3eRvxl9bj77YlD5kMtR3DZDcb7GDzu5HfFVovWU9azZ3nfJuh
v9vlYhWjcg4F+o7XtTnrU4SGUaiHlpt9OhBxAWu4a6gTT47RlQ4/fqC8yu0q6iWF
ZpgjbZBFBKmsTWTZokd0I77sQG9czCmGGxtRnpH3zq+KQS58M1UPUASgfLGLGqhv
6P3g10udhuJHUgBEqnL2fJNFDreRQzLauaSWgV/wXHtOAqKZfWOowddL9yjiuD09
KbOlyiiEpSRm
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:43:50 2026 by rpki-client