Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/541bf1-5f14-4a1a-829b-f152b0023ec6/1/FWhvq007vWIT52Y2P_iCcJf9WxE.roa
File: FWhvq007vWIT52Y2P_iCcJf9WxE.roa (raw, json)
Hash identifier: pn1LH0exhvuDvjKK7j66janSFiUYE0a7QFtsCdDKTog=
Subject key identifier: 15:68:6F:AB:4D:3B:BD:62:13:E7:66:36:3F:F8:82:70:97:FD:5B:11
Certificate issuer: /CN=86e89a0ac978168a329a30164d9cb8ec439011f1
Certificate serial: 019CE1CEC71EE27A53F0BBFB16E6E505F43F
Authority key identifier: 86:E8:9A:0A:C9:78:16:8A:32:9A:30:16:4D:9C:B8:EC:43:90:11:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/huiaCsl4FooymjAWTZy47EOQEfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/541bf1-5f14-4a1a-829b-f152b0023ec6/1/FWhvq007vWIT52Y2P_iCcJf9WxE.roa
Signing time: Thu 12 Mar 2026 11:29:10 +0000
ROA not before: Thu 12 Mar 2026 11:29:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215704
IP address blocks: 85.132.180.0/22 maxlen: 22
85.132.184.0/22 maxlen: 22
85.132.188.0/22 maxlen: 22
152.114.200.0/24 maxlen: 24
152.114.201.0/24 maxlen: 24
195.190.147.0/24 maxlen: 24
2a02:d5c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/541bf1-5f14-4a1a-829b-f152b0023ec6/1/huiaCsl4FooymjAWTZy47EOQEfE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/541bf1-5f14-4a1a-829b-f152b0023ec6/1/huiaCsl4FooymjAWTZy47EOQEfE.mft
rsync://rpki.ripe.net/repository/DEFAULT/huiaCsl4FooymjAWTZy47EOQEfE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:ce:c7:1e:e2:7a:53:f0:bb:fb:16:e6:e5:05:f4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86e89a0ac978168a329a30164d9cb8ec439011f1
Validity
Not Before: Mar 12 11:29:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=15686fab4d3bbd6213e766363ff8827097fd5b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d5:47:57:07:aa:e7:58:36:19:1c:cb:85:e7:
6a:72:f6:b4:9d:20:ad:78:21:fb:a1:a7:5e:e7:97:
ff:7d:c8:32:b1:56:a5:17:61:a3:f2:39:c2:c6:25:
83:55:1d:cb:64:43:c4:8c:1c:a1:12:18:0c:30:11:
44:f3:cb:7b:63:79:08:3e:37:d1:e0:de:2d:d3:a5:
cd:d2:7c:10:42:00:b4:48:85:49:bd:34:02:da:25:
b2:41:d5:27:55:da:4b:35:f2:b5:78:94:a6:6e:8a:
f3:97:41:88:e6:cc:3a:e7:44:11:36:de:9e:e5:e0:
94:94:3a:c9:42:31:f6:53:38:c6:79:0a:16:26:24:
8a:42:04:b9:d5:3d:c2:6b:3f:c5:73:79:a0:f2:19:
4b:d9:32:d4:0b:8b:94:3f:ef:d7:77:0b:a8:97:91:
37:78:68:f7:59:a9:f9:23:d6:84:09:ff:92:fc:60:
36:4e:0a:a2:0e:0b:69:63:5c:4a:f6:af:36:a3:78:
c3:8b:a8:3d:3b:25:29:16:a1:f4:e0:fa:85:1a:5f:
af:90:96:78:47:20:51:46:c8:d0:66:49:31:a5:6e:
91:f6:7d:8e:75:85:eb:1e:88:05:86:1a:b4:a2:b5:
a0:ea:09:88:62:26:18:ef:26:76:97:68:49:66:9f:
b9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:68:6F:AB:4D:3B:BD:62:13:E7:66:36:3F:F8:82:70:97:FD:5B:11
X509v3 Authority Key Identifier:
keyid:86:E8:9A:0A:C9:78:16:8A:32:9A:30:16:4D:9C:B8:EC:43:90:11:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/huiaCsl4FooymjAWTZy47EOQEfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/541bf1-5f14-4a1a-829b-f152b0023ec6/1/FWhvq007vWIT52Y2P_iCcJf9WxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/541bf1-5f14-4a1a-829b-f152b0023ec6/1/huiaCsl4FooymjAWTZy47EOQEfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.132.180.0-85.132.191.255
152.114.200.0/23
195.190.147.0/24
IPv6:
2a02:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:07:1d:a3:78:63:fb:b2:34:be:fa:9a:a5:97:51:0a:d0:f2:
7a:cb:74:58:92:3d:0d:32:95:50:05:0d:2c:27:7c:18:88:ff:
31:7a:78:43:02:de:10:21:33:1a:4d:d9:13:dc:c0:9c:b9:89:
35:af:c2:91:ed:3e:96:c0:93:c3:a4:bc:39:aa:37:6c:53:bb:
1f:c1:73:a2:cc:73:c1:bd:92:92:44:a5:28:fd:12:bc:9b:9a:
03:39:2c:ee:da:a6:74:99:ad:95:a9:de:bb:29:e4:1c:50:bc:
e5:65:83:3b:cf:65:11:cb:a3:fe:07:f6:8e:60:da:26:89:86:
6f:a0:fe:67:63:e2:61:76:f0:d8:13:71:32:87:ab:97:a1:a7:
cf:10:5d:ea:5a:fb:de:2d:8d:48:4b:3b:d7:08:04:af:60:aa:
43:27:41:97:05:37:ab:82:ba:fc:43:88:87:25:55:e1:1b:82:
13:5f:29:99:b8:2d:bf:a7:21:2e:61:7d:ef:9d:9d:f6:5a:60:
5c:ea:58:3a:c5:0c:b9:6b:e6:9f:10:4f:01:19:ae:02:05:28:
9d:8f:08:2f:0a:8d:90:4e:d9:00:79:8f:b8:c6:fa:dc:58:78:
31:b2:66:38:e0:a9:c0:2b:cf:b7:fb:33:f5:01:b9:4f:9d:a5:
81:78:e4:c7
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZzhzsce4npT8Lv7FublBfQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZTg5YTBhYzk3ODE2OGEzMjlhMzAxNjRkOWNiOGVjNDM5
MDExZjEwHhcNMjYwMzEyMTEyOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTY4NmZhYjRkM2JiZDYyMTNlNzY2MzYzZmY4ODI3MDk3ZmQ1YjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9VHVweq51g2GRzLhedqcva0nSCt
eCH7oade55f/fcgysValF2Gj8jnCxiWDVR3LZEPEjByhEhgMMBFE88t7Y3kIPjfR
4N4t06XN0nwQQgC0SIVJvTQC2iWyQdUnVdpLNfK1eJSmborzl0GI5sw650QRNt6e
5eCUlDrJQjH2UzjGeQoWJiSKQgS51T3Caz/Fc3mg8hlL2TLUC4uUP+/Xdwuol5E3
eGj3Wan5I9aECf+S/GA2TgqiDgtpY1xK9q82o3jDi6g9OyUpFqH04PqFGl+vkJZ4
RyBRRsjQZkkxpW6R9n2OdYXrHogFhhq0orWg6gmIYiYY7yZ2l2hJZp+5wQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBVob6tNO71iE+dmNj/4gnCX/VsRMB8GA1UdIwQY
MBaAFIbomgrJeBaKMpowFk2cuOxDkBHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHVpYUNzbDRGb295bWpBV1RaeTQ3RU9RRWZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81NDFiZjEtNWYxNC00YTFhLTgyOWIt
ZjE1MmIwMDIzZWM2LzEvRldodnEwMDd2V0lUNTJZMlBfaUNjSmY5V3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81NDFiZjEtNWYxNC00YTFhLTgyOWItZjE1MmIwMDIzZWM2
LzEvaHVpYUNzbDRGb295bWpBV1RaeTQ3RU9RRWZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAJVhLQD
BAZVhIADBAGYcsgDBADDvpMwDQQCAAIwBwMFAyoC1cAwDQYJKoZIhvcNAQELBQAD
ggEBAF4HHaN4Y/uyNL76mqWXUQrQ8nrLdFiSPQ0ylVAFDSwnfBiI/zF6eEMC3hAh
MxpN2RPcwJy5iTWvwpHtPpbAk8OkvDmqN2xTux/Bc6LMc8G9kpJEpSj9ErybmgM5
LO7apnSZrZWp3rsp5BxQvOVlgzvPZRHLo/4H9o5g2iaJhm+g/mdj4mF28NgTcTKH
q5ehp88QXepa+94tjUhLO9cIBK9gqkMnQZcFN6uCuvxDiIclVeEbghNfKZm4Lb+n
IS5hfe+dnfZaYFzqWDrFDLlr5p8QTwEZrgIFKJ2PCC8KjZBO2QB5j7jG+txYeDGy
ZjjgqcArz7f7M/UBuU+dpYF45Mc=
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:08:15 2026 by rpki-client