Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5ma-fr9Q8TMsfAbG3Hq3TY2pm_E.roa
File: 5ma-fr9Q8TMsfAbG3Hq3TY2pm_E.roa (raw, json)
Hash identifier: kawHIKjgQ294wDdqZpAvzf2R6/LUkCsWomYqWeh6NpI=
Subject key identifier: E6:66:BE:7E:BF:50:F1:33:2C:7C:06:C6:DC:7A:B7:4D:8D:A9:9B:F1
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019DF428374D978BF91BD0922C4C04901CDC
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5ma-fr9Q8TMsfAbG3Hq3TY2pm_E.roa
Signing time: Mon 04 May 2026 18:02:49 +0000
ROA not before: Mon 04 May 2026 18:02:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199412
IP address blocks: 78.17.23.0/24 maxlen: 24
78.17.25.0/24 maxlen: 24
78.17.26.0/24 maxlen: 24
78.17.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f4:28:37:4d:97:8b:f9:1b:d0:92:2c:4c:04:90:1c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 4 18:02:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e666be7ebf50f1332c7c06c6dc7ab74d8da99bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:10:a2:6a:ff:64:0a:02:38:4d:bd:f4:6b:5e:
cf:79:98:d3:bf:49:56:0c:dd:a1:7f:28:4f:b7:11:
f9:4f:25:8e:bc:9a:8f:b6:71:41:06:ba:d7:19:e6:
93:bb:9a:0b:cc:70:5d:a2:af:fd:9e:b7:70:8a:a0:
bf:d4:22:30:f3:05:ac:7f:56:e5:97:bc:99:84:ba:
f3:8f:c0:e0:cb:ac:e3:aa:13:98:fa:3a:45:59:a7:
d1:a2:da:50:a0:1c:97:4c:61:50:19:49:ca:ab:c5:
02:3c:ec:e2:bd:37:31:9d:78:70:98:fd:42:9b:a0:
8a:8e:38:84:10:ec:0c:e8:88:9d:03:e0:3d:20:7c:
5f:26:d1:44:26:f1:be:9e:f5:7d:a0:4d:76:ee:17:
8a:cd:a3:6a:db:36:c4:d5:0f:90:92:68:d3:dd:ee:
87:e2:be:2b:e4:dc:1f:8a:eb:a3:6a:d9:b9:4f:38:
4e:75:09:f7:65:73:bd:98:f9:34:29:fc:cf:a5:d9:
fa:4c:dc:fd:68:7c:e2:8b:e3:3c:80:c1:a8:46:c9:
57:e9:6f:f5:c6:54:86:ac:4f:a2:a0:8a:5c:ab:9d:
bf:6d:19:71:80:fa:90:8b:64:f1:0d:dd:18:f8:ed:
2e:23:42:dc:2a:02:d0:8f:b0:46:1b:8e:7c:31:3d:
95:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:66:BE:7E:BF:50:F1:33:2C:7C:06:C6:DC:7A:B7:4D:8D:A9:9B:F1
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5ma-fr9Q8TMsfAbG3Hq3TY2pm_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.23.0/24
78.17.25.0-78.17.26.255
78.17.69.0/24
Signature Algorithm: sha256WithRSAEncryption
34:89:6f:be:45:60:50:93:54:97:60:33:5b:d9:51:e1:44:66:
75:b7:9c:a9:4f:d4:2e:3f:25:10:b3:54:e4:85:9a:a3:90:2b:
4d:81:67:98:c0:75:db:a8:02:48:78:c8:5e:9d:64:c4:d4:a6:
32:26:76:8a:c2:e7:d4:87:6f:c2:7a:3e:b5:e0:cd:bf:f2:4b:
96:14:4a:99:af:28:92:99:e9:4e:51:2e:c4:0b:8f:dc:ad:db:
fa:74:69:88:a1:14:09:65:4c:27:93:c3:83:20:0c:4e:c4:14:
80:3d:e7:77:af:df:bf:3d:a1:70:fc:b4:79:b0:df:f3:9a:a5:
82:82:a5:86:68:3c:2d:4a:34:b6:0a:85:5e:9d:77:d1:2f:35:
d8:b3:e3:4d:3b:69:8e:f6:64:14:3d:6f:91:45:96:7a:b7:f5:
ed:3d:7c:dc:b0:af:6d:ae:98:b3:86:c4:5b:50:f1:dd:3e:41:
e9:e4:1c:61:cc:36:0c:7c:b7:09:7e:69:3f:e3:0a:30:6c:da:
fa:ff:74:fb:a5:c6:55:ff:87:79:76:e5:09:3e:fa:cf:0a:66:
3a:85:d4:69:7f:97:36:81:2b:f3:b2:b3:dc:89:21:ef:6b:87:
67:0c:18:e9:13:29:7c:97:7e:aa:0d:26:9d:9c:fb:8b:b6:0d:
c5:86:6d:96
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ30KDdNl4v5G9CSLEwEkBzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNTA0MTgwMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjY2YmU3ZWJmNTBmMTMzMmM3YzA2YzZkYzdhYjc0ZDhkYTk5YmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBCiav9kCgI4Tb30a17PeZjTv0lW
DN2hfyhPtxH5TyWOvJqPtnFBBrrXGeaTu5oLzHBdoq/9nrdwiqC/1CIw8wWsf1bl
l7yZhLrzj8Dgy6zjqhOY+jpFWafRotpQoByXTGFQGUnKq8UCPOzivTcxnXhwmP1C
m6CKjjiEEOwM6IidA+A9IHxfJtFEJvG+nvV9oE127heKzaNq2zbE1Q+QkmjT3e6H
4r4r5Nwfiuujatm5TzhOdQn3ZXO9mPk0KfzPpdn6TNz9aHzii+M8gMGoRslX6W/1
xlSGrE+ioIpcq52/bRlxgPqQi2TxDd0Y+O0uI0LcKgLQj7BGG458MT2VywIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOZmvn6/UPEzLHwGxtx6t02NqZvxMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNW1hLWZyOVE4VE1zZkFiRzNIcTNUWTJwbV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAThEXMAwD
BABOERkDBABOERoDBABOEUUwDQYJKoZIhvcNAQELBQADggEBADSJb75FYFCTVJdg
M1vZUeFEZnW3nKlP1C4/JRCzVOSFmqOQK02BZ5jAdduoAkh4yF6dZMTUpjImdorC
59SHb8J6PrXgzb/yS5YUSpmvKJKZ6U5RLsQLj9yt2/p0aYihFAllTCeTw4MgDE7E
FIA953ev3789oXD8tHmw3/OapYKCpYZoPC1KNLYKhV6dd9EvNdiz4007aY72ZBQ9
b5FFlnq39e09fNywr22umLOGxFtQ8d0+QenkHGHMNgx8twl+aT/jCjBs2vr/dPul
xlX/h3l25Qk++s8KZjqF1Gl/lzaBK/Oys9yJIe9rh2cMGOkTKXyXfqoNJp2c+4u2
DcWGbZY=
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:53 2026 by rpki-client