Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/RddCbcXGvEWvCnaL6fV2tXhb3x8.roa
File: RddCbcXGvEWvCnaL6fV2tXhb3x8.roa (raw, json)
Hash identifier: 1iVfF2ZpdcvAaPKgVg5ePVRZX15rzhXIEuEMy4OllHo=
Subject key identifier: 45:D7:42:6D:C5:C6:BC:45:AF:0A:76:8B:E9:F5:76:B5:78:5B:DF:1F
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019DAF24F16B8B38CEBEB9EA1D604FA6891C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/RddCbcXGvEWvCnaL6fV2tXhb3x8.roa
Signing time: Tue 21 Apr 2026 08:25:27 +0000
ROA not before: Tue 21 Apr 2026 08:25:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 78.17.70.0/23 maxlen: 23
89.125.50.0/24 maxlen: 24
89.125.66.0/24 maxlen: 24
89.125.69.0/24 maxlen: 24
89.125.187.0/24 maxlen: 24
89.125.209.0/24 maxlen: 24
89.125.255.0/24 maxlen: 24
103.245.231.0/24 maxlen: 24
185.198.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:af:24:f1:6b:8b:38:ce:be:b9:ea:1d:60:4f:a6:89:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 21 08:25:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=45d7426dc5c6bc45af0a768be9f576b5785bdf1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:87:38:84:cc:ed:6e:a8:e9:25:5e:75:6f:98:
c3:0f:bc:db:24:a2:bf:c6:7f:f6:02:d8:e5:43:58:
73:15:24:72:99:ed:57:a2:17:1c:85:f9:8f:b7:83:
09:cf:4a:df:98:59:36:03:23:45:50:2c:8b:7d:49:
5d:40:e8:f4:1c:dd:c4:58:94:08:cb:6a:94:13:c2:
b8:65:1c:55:f6:8d:26:41:d7:ee:22:61:c0:4d:55:
2e:fa:4b:28:9d:1d:cc:77:60:cd:10:a5:fc:41:05:
94:b3:76:16:7e:8d:bf:34:cb:13:6d:6e:89:6f:e7:
d4:7e:b5:31:f3:c5:ff:04:83:0e:97:c3:83:19:26:
e5:27:22:4e:28:95:72:c7:17:1b:e9:be:8f:af:93:
5f:b3:2d:71:97:00:08:b2:7d:7a:aa:0c:97:e5:95:
f6:3a:0a:b8:46:50:c4:a6:98:e3:f8:8b:02:00:28:
8b:d4:8e:89:0e:04:1f:62:6e:a2:94:d7:92:6f:ef:
68:27:cd:c3:e0:43:d9:0f:24:12:36:2e:c1:fd:fd:
81:2d:bb:c8:2f:9e:96:54:1b:36:30:44:a0:0a:25:
e3:75:0f:90:e4:3a:d8:8f:b4:0a:25:15:7d:0b:4a:
49:82:cf:fd:70:5b:b5:eb:44:f3:7a:3e:53:ea:a7:
03:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D7:42:6D:C5:C6:BC:45:AF:0A:76:8B:E9:F5:76:B5:78:5B:DF:1F
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/RddCbcXGvEWvCnaL6fV2tXhb3x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.70.0/23
89.125.50.0/24
89.125.66.0/24
89.125.69.0/24
89.125.187.0/24
89.125.209.0/24
89.125.255.0/24
103.245.231.0/24
185.198.234.0/24
Signature Algorithm: sha256WithRSAEncryption
50:5d:7c:47:b9:14:02:1c:39:d9:07:63:41:50:80:d3:14:5c:
89:2b:b3:34:fe:dd:ad:e0:a0:23:eb:c8:8a:8d:76:d2:bf:23:
fb:f7:52:fa:d3:1e:d6:ba:da:82:1c:00:98:bf:b0:fa:fd:98:
e8:9e:d9:90:ba:23:eb:da:1b:85:23:6c:2b:07:c9:24:5b:0f:
fe:aa:e2:4a:3b:0a:36:de:26:a4:73:4e:51:c3:7d:1c:b9:0b:
50:e6:a2:52:74:f0:78:99:82:29:46:c9:69:d5:53:4b:8f:38:
03:f9:6a:94:ac:36:97:eb:d7:78:50:82:b5:8a:34:32:c7:a6:
81:ad:a3:4f:3b:1d:4f:9b:99:4b:5c:fc:ed:64:b5:ff:a5:ad:
45:ac:92:fe:00:81:98:0f:4f:27:7a:66:3d:f0:8b:0c:bd:bc:
01:dc:db:41:5e:7f:55:8f:3d:0c:86:8c:2a:26:93:47:99:d7:
b4:d0:68:3c:3c:da:d6:4a:5b:9d:08:d8:ad:a5:04:8b:9e:e2:
b5:d5:fb:51:51:42:25:f6:b8:a3:ac:cb:f7:54:f0:3f:a5:07:
95:4e:78:ca:12:11:f5:c2:47:94:a0:93:f1:f4:d5:f8:ac:de:
ab:1e:4a:35:2d:3c:b1:6c:61:32:97:7e:cc:b6:24:92:af:30:
ee:46:19:5d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ2vJPFrizjOvrnqHWBPpokcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNDIxMDgyNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQ3NDI2ZGM1YzZiYzQ1YWYwYTc2OGJlOWY1NzZiNTc4NWJkZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24c4hMztbqjpJV51b5jDD7zbJKK/
xn/2AtjlQ1hzFSRyme1XohcchfmPt4MJz0rfmFk2AyNFUCyLfUldQOj0HN3EWJQI
y2qUE8K4ZRxV9o0mQdfuImHATVUu+ksonR3Md2DNEKX8QQWUs3YWfo2/NMsTbW6J
b+fUfrUx88X/BIMOl8ODGSblJyJOKJVyxxcb6b6Pr5Nfsy1xlwAIsn16qgyX5ZX2
Ogq4RlDEppjj+IsCACiL1I6JDgQfYm6ilNeSb+9oJ83D4EPZDyQSNi7B/f2BLbvI
L56WVBs2MESgCiXjdQ+Q5DrYj7QKJRV9C0pJgs/9cFu160Tzej5T6qcDdQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEXXQm3FxrxFrwp2i+n1drV4W98fMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUmRkQ2JjWEd2RVd2Q25hTDZmVjJ0WGhiM3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBThFGAwQA
WX0yAwQAWX1CAwQAWX1FAwQAWX27AwQAWX3RAwQAWX3/AwQAZ/XnAwQAucbqMA0G
CSqGSIb3DQEBCwUAA4IBAQBQXXxHuRQCHDnZB2NBUIDTFFyJK7M0/t2t4KAj68iK
jXbSvyP791L60x7WutqCHACYv7D6/ZjontmQuiPr2huFI2wrB8kkWw/+quJKOwo2
3iakc05Rw30cuQtQ5qJSdPB4mYIpRslp1VNLjzgD+WqUrDaX69d4UIK1ijQyx6aB
raNPOx1Pm5lLXPztZLX/pa1FrJL+AIGYD08nemY98IsMvbwB3NtBXn9Vjz0Mhowq
JpNHmde00Gg8PNrWSludCNitpQSLnuK11ftRUUIl9rijrMv3VPA/pQeVTnjKEhH1
wkeUoJPx9NX4rN6rHko1LTyxbGEyl37MtiSSrzDuRhld
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:53 2026 by rpki-client