Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ab67z93kjWPWZjeqcEe2jICLEkI.roa
File: ab67z93kjWPWZjeqcEe2jICLEkI.roa (raw, json)
Hash identifier: HaAX/IwaQC4YnM9F3ZLmesiAnTxzjJeVb2Y4ut403ug=
Subject key identifier: 69:BE:BB:CF:DD:E4:8D:63:D6:66:37:AA:70:47:B6:8C:80:8B:12:42
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D10C0487DCADAF05F7F493B5C6AD7ADA9
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ab67z93kjWPWZjeqcEe2jICLEkI.roa
Signing time: Sat 21 Mar 2026 14:15:30 +0000
ROA not before: Sat 21 Mar 2026 14:15:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 45.88.14.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
77.81.182.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
89.125.99.0/24 maxlen: 24
89.125.100.0/24 maxlen: 24
89.125.101.0/24 maxlen: 24
89.125.193.0/24 maxlen: 24
93.115.107.0/24 maxlen: 24
93.118.36.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
185.198.233.0/24 maxlen: 24
188.241.221.0/24 maxlen: 24
193.178.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:10:c0:48:7d:ca:da:f0:5f:7f:49:3b:5c:6a:d7:ad:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 21 14:15:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69bebbcfdde48d63d66637aa7047b68c808b1242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:db:9b:b0:7c:17:1c:50:8c:24:84:e5:78:b3:
47:f5:5c:50:4c:88:e4:a8:c8:5a:f7:aa:e5:fc:5f:
7b:ac:da:d6:d9:66:9b:7e:18:87:db:c2:15:5e:9d:
5b:ec:cc:9b:07:89:21:10:28:69:89:66:a3:78:c6:
70:ea:6b:b4:79:f3:41:39:b7:97:09:b2:46:bd:1d:
a1:fe:b0:9c:af:7b:34:a8:7d:38:36:a3:77:9a:d3:
66:45:08:14:0a:b2:4f:45:49:8f:03:32:df:ac:4a:
d8:04:5a:13:33:20:8d:6a:f0:89:b8:5c:84:2b:a0:
c7:ba:28:2c:bc:fb:3e:0f:f0:7d:60:87:61:7d:0f:
1a:78:01:b8:83:ec:25:9b:a4:5e:d9:54:92:e1:41:
b0:ec:e5:ab:55:a1:1b:48:82:f8:92:53:6e:26:bc:
a0:c4:e6:e9:9d:7e:b4:be:41:8b:90:ca:e1:f8:8b:
6b:f4:a5:1a:cb:91:fa:2c:63:3a:2d:67:89:b6:9b:
7b:8d:11:dc:e3:ae:6e:79:a0:c5:56:6e:f6:29:bd:
58:d5:14:69:98:24:7e:10:26:41:df:5f:37:26:81:
c7:e7:56:13:c0:64:82:7b:b2:12:25:d3:e0:61:91:
05:d1:df:74:93:51:e7:9b:1c:39:42:70:4b:1c:0d:
9b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BE:BB:CF:DD:E4:8D:63:D6:66:37:AA:70:47:B6:8C:80:8B:12:42
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ab67z93kjWPWZjeqcEe2jICLEkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.14.0/24
62.192.152.0/24
77.81.182.0/24
89.34.106.0/24
89.37.192.0/24
89.40.36.0/24
89.40.215.0/24
89.47.36.0/24
89.125.99.0-89.125.101.255
89.125.193.0/24
93.115.107.0/24
93.118.36.0/24
128.0.41.0/24
185.198.233.0/24
188.241.221.0/24
193.178.134.0/24
Signature Algorithm: sha256WithRSAEncryption
02:6a:45:5b:17:3d:fc:9c:31:45:f4:14:bb:c1:d9:5e:90:8c:
4a:f4:fc:f6:21:3c:12:d9:77:48:b9:df:10:67:aa:64:1d:04:
38:94:1f:ad:7b:10:da:65:a8:ed:24:67:89:5f:ac:c5:24:20:
77:1d:04:84:e5:65:9c:11:c2:c9:5a:5d:49:e7:de:f9:30:dc:
d1:06:d0:52:f3:c7:ae:41:5b:7a:a9:8e:02:d5:12:29:b2:e3:
78:34:13:42:5f:20:9c:20:3b:bf:2d:e8:05:27:00:d9:21:89:
78:69:02:9f:3f:d1:85:37:31:3f:79:51:11:01:d6:18:08:16:
e7:91:d5:65:ed:a6:3d:9b:75:c0:c9:47:1c:86:ec:6b:ea:3c:
66:12:e9:c3:3b:79:9f:cb:f7:22:76:62:c1:7a:37:31:52:59:
2d:18:43:c5:a7:a9:c7:36:e3:c1:35:5a:39:34:22:a1:39:42:
66:80:e3:83:16:af:f7:5f:ed:ac:8a:4d:30:bc:ab:3f:22:8a:
06:4a:d9:dd:44:4a:b4:54:f5:a5:27:02:cc:84:2f:3e:6e:d0:
c8:bd:c5:e9:45:64:94:93:77:3f:1f:9d:4a:a3:4b:aa:d7:13:
65:10:93:5f:4e:cb:9a:bb:47:e9:fd:f4:6b:d3:0e:1b:6a:13:
b6:45:c2:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZ0QwEh9ytrwX39JO1xq162pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMzIxMTQxNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJlYmJjZmRkZTQ4ZDYzZDY2NjM3YWE3MDQ3YjY4YzgwOGIxMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNubsHwXHFCMJITleLNH9VxQTIjk
qMha96rl/F97rNrW2WabfhiH28IVXp1b7MybB4khEChpiWajeMZw6mu0efNBObeX
CbJGvR2h/rCcr3s0qH04NqN3mtNmRQgUCrJPRUmPAzLfrErYBFoTMyCNavCJuFyE
K6DHuigsvPs+D/B9YIdhfQ8aeAG4g+wlm6Re2VSS4UGw7OWrVaEbSIL4klNuJryg
xObpnX60vkGLkMrh+Itr9KUay5H6LGM6LWeJtpt7jRHc465ueaDFVm72Kb1Y1RRp
mCR+ECZB3183JoHH51YTwGSCe7ISJdPgYZEF0d90k1Hnmxw5QnBLHA2byQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFGm+u8/d5I1j1mY3qnBHtoyAixJCMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYWI2N3o5M2tqV1BXWmplcWNFZTJqSUNMRWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAC1YDgME
AD7AmAMEAE1RtgMEAFkiagMEAFklwAMEAFkoJAMEAFko1wMEAFkvJDAMAwQAWX1j
AwQBWX1kAwQAWX3BAwQAXXNrAwQAXXYkAwQAgAApAwQAucbpAwQAvPHdAwQAwbKG
MA0GCSqGSIb3DQEBCwUAA4IBAQACakVbFz38nDFF9BS7wdlekIxK9Pz2ITwS2XdI
ud8QZ6pkHQQ4lB+texDaZajtJGeJX6zFJCB3HQSE5WWcEcLJWl1J5975MNzRBtBS
88euQVt6qY4C1RIpsuN4NBNCXyCcIDu/LegFJwDZIYl4aQKfP9GFNzE/eVERAdYY
CBbnkdVl7aY9m3XAyUcchuxr6jxmEunDO3mfy/cidmLBejcxUlktGEPFp6nHNuPB
NVo5NCKhOUJmgOODFq/3X+2sik0wvKs/IooGStndREq0VPWlJwLMhC8+btDIvcXp
RWSUk3c/H51Ko0uq1xNlEJNfTsuau0fp/fRr0w4bahO2RcIS
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:36:26 2026 by rpki-client