Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/fwpC-n7gDGuT-8L4Js1P4Sv25YQ.roa
File: fwpC-n7gDGuT-8L4Js1P4Sv25YQ.roa (raw, json)
Hash identifier: avug4Ak37fIc17tnbMwAYuR/FDAOWLk63T13pqn5nPE=
Subject key identifier: 7F:0A:42:FA:7E:E0:0C:6B:93:FB:C2:F8:26:CD:4F:E1:2B:F6:E5:84
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019DD9B8A4AD6260C3E55440D5769D299397
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/fwpC-n7gDGuT-8L4Js1P4Sv25YQ.roa
Signing time: Wed 29 Apr 2026 14:50:49 +0000
ROA not before: Wed 29 Apr 2026 14:50:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213459
IP address blocks: 78.17.0.0/24 maxlen: 24
78.17.1.0/24 maxlen: 24
78.17.3.0/24 maxlen: 24
78.17.4.0/24 maxlen: 24
78.17.5.0/24 maxlen: 24
78.17.7.0/24 maxlen: 24
78.17.11.0/24 maxlen: 24
78.17.12.0/24 maxlen: 24
78.17.17.0/24 maxlen: 24
78.17.18.0/24 maxlen: 24
78.17.27.0/24 maxlen: 24
78.17.28.0/24 maxlen: 24
78.17.29.0/24 maxlen: 24
78.17.33.0/24 maxlen: 24
78.17.34.0/24 maxlen: 24
78.17.35.0/24 maxlen: 24
78.17.39.0/24 maxlen: 24
78.17.40.0/24 maxlen: 24
78.17.46.0/24 maxlen: 24
78.17.47.0/24 maxlen: 24
78.17.54.0/24 maxlen: 24
78.17.55.0/24 maxlen: 24
78.17.64.0/24 maxlen: 24
78.17.65.0/24 maxlen: 24
78.17.66.0/24 maxlen: 24
78.17.67.0/24 maxlen: 24
78.17.76.0/24 maxlen: 24
78.17.110.0/24 maxlen: 24
78.17.111.0/24 maxlen: 24
78.17.112.0/24 maxlen: 24
78.17.113.0/24 maxlen: 24
78.17.116.0/24 maxlen: 24
78.17.134.0/24 maxlen: 24
78.17.216.0/24 maxlen: 24
78.17.240.0/24 maxlen: 24
89.44.76.0/24 maxlen: 24
89.125.24.0/24 maxlen: 24
89.125.26.0/24 maxlen: 24
89.125.32.0/24 maxlen: 24
89.125.39.0/24 maxlen: 24
89.125.52.0/24 maxlen: 24
89.125.57.0/24 maxlen: 24
89.125.59.0/24 maxlen: 24
89.125.72.0/24 maxlen: 24
89.125.74.0/24 maxlen: 24
89.125.75.0/24 maxlen: 24
89.125.81.0/24 maxlen: 24
89.125.86.0/24 maxlen: 24
89.125.87.0/24 maxlen: 24
89.125.118.0/24 maxlen: 24
89.125.196.0/24 maxlen: 24
89.125.198.0/24 maxlen: 24
89.125.199.0/24 maxlen: 24
103.245.229.0/24 maxlen: 24
185.141.217.0/24 maxlen: 24
193.124.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d9:b8:a4:ad:62:60:c3:e5:54:40:d5:76:9d:29:93:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 29 14:50:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7f0a42fa7ee00c6b93fbc2f826cd4fe12bf6e584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:aa:b7:df:f2:60:d2:96:9a:01:97:54:e5:11:
79:06:40:63:85:11:9c:76:d5:09:68:8f:ae:c6:b2:
f8:fc:6a:c7:c5:28:09:6d:22:d6:f6:83:80:5c:68:
71:f4:22:4b:a6:28:6b:97:0d:6c:be:59:9d:bb:81:
b7:cd:f7:85:8c:23:70:c8:eb:2b:7e:88:70:8d:a6:
37:b0:77:3d:1a:57:b2:8c:df:40:d1:eb:b0:57:51:
cc:d0:59:ab:0f:b4:77:97:1d:e2:0d:96:1b:3c:ed:
49:39:f8:d0:43:da:2a:ac:f7:b1:2d:8d:ec:c3:ce:
ef:68:df:c4:61:aa:f0:bd:7d:91:93:b7:f4:ba:ff:
5f:1a:6c:0e:b8:5b:c3:69:2e:1a:2c:95:27:3c:44:
fe:2e:50:df:ae:5e:ce:e4:b5:48:ca:0d:67:60:4e:
b1:b3:62:02:a3:9e:a2:f8:70:d3:97:6c:29:ce:1f:
c4:19:49:05:62:f0:33:19:ee:a1:3d:09:cb:b1:e9:
64:a3:b7:ba:53:4b:d4:90:87:c7:bd:b3:33:dc:01:
8d:0a:c5:aa:85:83:84:12:93:82:97:b2:f5:52:d3:
a6:72:47:cf:af:cb:13:d7:31:5c:af:19:64:db:fd:
19:3c:ee:ef:38:a6:bf:76:2c:d9:79:5f:8e:30:9e:
37:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:0A:42:FA:7E:E0:0C:6B:93:FB:C2:F8:26:CD:4F:E1:2B:F6:E5:84
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/fwpC-n7gDGuT-8L4Js1P4Sv25YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.0.0/23
78.17.3.0-78.17.5.255
78.17.7.0/24
78.17.11.0-78.17.12.255
78.17.17.0-78.17.18.255
78.17.27.0-78.17.29.255
78.17.33.0-78.17.35.255
78.17.39.0-78.17.40.255
78.17.46.0/23
78.17.54.0/23
78.17.64.0/22
78.17.76.0/24
78.17.110.0-78.17.113.255
78.17.116.0/24
78.17.134.0/24
78.17.216.0/24
78.17.240.0/24
89.44.76.0/24
89.125.24.0/24
89.125.26.0/24
89.125.32.0/24
89.125.39.0/24
89.125.52.0/24
89.125.57.0/24
89.125.59.0/24
89.125.72.0/24
89.125.74.0/23
89.125.81.0/24
89.125.86.0/23
89.125.118.0/24
89.125.196.0/24
89.125.198.0/23
103.245.229.0/24
185.141.217.0/24
193.124.224.0/24
Signature Algorithm: sha256WithRSAEncryption
51:d3:3e:73:90:31:09:eb:a6:ae:7c:90:17:4d:c7:4c:1b:21:
03:bd:85:b3:8d:b6:43:66:f5:0c:8c:0b:9e:88:7d:ef:8f:d4:
65:57:77:30:4a:19:3b:4e:cc:ba:cd:98:63:1e:f0:6b:d3:e7:
0e:8e:80:6d:f2:53:d6:b5:20:4a:54:c2:48:dc:22:be:8d:39:
f2:72:d0:07:f7:54:1e:1a:a1:02:78:74:07:bb:4b:9f:4d:b1:
41:da:1b:6c:92:74:0f:96:1e:fd:09:42:19:be:90:1f:2c:7e:
f9:82:9a:4c:6a:68:41:44:48:60:93:ba:66:6c:bc:4e:ab:e7:
31:ab:0e:1a:e1:52:d5:b9:c0:e8:94:a9:34:bd:b3:8a:e7:fd:
63:f2:e1:b3:24:f9:39:50:46:f3:4e:4f:28:b7:b6:5c:43:96:
51:2b:5b:fa:ea:77:6b:e1:68:aa:68:5e:15:3f:70:c8:a4:bb:
b6:32:cc:b8:c9:7f:87:42:6b:ff:ca:4f:bd:2c:32:52:99:da:
a6:47:dc:12:c8:62:6e:b5:8b:73:bb:ae:cf:42:16:0e:f4:28:
90:bb:4a:a3:55:44:65:e6:ff:fc:67:cd:f2:bf:80:d0:08:13:
b0:bf:7f:79:38:f4:77:c8:cf:d3:ff:44:ce:6e:89:fc:27:2b:
18:da:0d:87
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZ3ZuKStYmDD5VRA1XadKZOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNDI5MTQ1MDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjBhNDJmYTdlZTAwYzZiOTNmYmMyZjgyNmNkNGZlMTJiZjZlNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6q33/Jg0paaAZdU5RF5BkBjhRGc
dtUJaI+uxrL4/GrHxSgJbSLW9oOAXGhx9CJLpihrlw1svlmdu4G3zfeFjCNwyOsr
fohwjaY3sHc9GleyjN9A0euwV1HM0FmrD7R3lx3iDZYbPO1JOfjQQ9oqrPexLY3s
w87vaN/EYarwvX2Rk7f0uv9fGmwOuFvDaS4aLJUnPET+LlDfrl7O5LVIyg1nYE6x
s2ICo56i+HDTl2wpzh/EGUkFYvAzGe6hPQnLselko7e6U0vUkIfHvbMz3AGNCsWq
hYOEEpOCl7L1UtOmckfPr8sT1zFcrxlk2/0ZPO7vOKa/dizZeV+OMJ436wIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFH8KQvp+4Axrk/vC+CbNT+Er9uWEMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvZndwQy1uN2dER3VULThMNEpzMVA0U3YyNVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAU4RADAMAwQAThEDAwQBThEEAwQAThEHMAwDBABOEQsDBABOEQwwDAMEAE4R
EQMEAE4REjAMAwQAThEbAwQBThEcMAwDBABOESEDBAJOESAwDAMEAE4RJwMEAE4R
KAMEAU4RLgMEAU4RNgMEAk4RQAMEAE4RTDAMAwQBThFuAwQBThFwAwQAThF0AwQA
ThGGAwQAThHYAwQAThHwAwQAWSxMAwQAWX0YAwQAWX0aAwQAWX0gAwQAWX0nAwQA
WX00AwQAWX05AwQAWX07AwQAWX1IAwQBWX1KAwQAWX1RAwQBWX1WAwQAWX12AwQA
WX3EAwQBWX3GAwQAZ/XlAwQAuY3ZAwQAwXzgMA0GCSqGSIb3DQEBCwUAA4IBAQBR
0z5zkDEJ66aufJAXTcdMGyEDvYWzjbZDZvUMjAueiH3vj9RlV3cwShk7Tsy6zZhj
HvBr0+cOjoBt8lPWtSBKVMJI3CK+jTnyctAH91QeGqECeHQHu0ufTbFB2htsknQP
lh79CUIZvpAfLH75gppMamhBREhgk7pmbLxOq+cxqw4a4VLVucDolKk0vbOK5/1j
8uGzJPk5UEbzTk8ot7ZcQ5ZRK1v66ndr4WiqaF4VP3DIpLu2Msy4yX+HQmv/yk+9
LDJSmdqmR9wSyGJutYtzu67PQhYO9CiQu0qjVURl5v/8Z83yv4DQCBOwv395OPR3
yM/T/0TObon8JysY2g2H
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:55 2026 by rpki-client