Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/FIjvqv7vKGGbzVFNtVv5jjqocII.roa
File: FIjvqv7vKGGbzVFNtVv5jjqocII.roa (raw, json)
Hash identifier: 51I5PStrHa6TnCXkuXeHj3bPmV7lRXHxPkCLjZRKkdI=
Subject key identifier: 14:88:EF:AA:FE:EF:28:61:9B:CD:51:4D:B5:5B:F9:8E:3A:A8:70:82
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 019E031350D3D00DD779B35414F31778AE23
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/FIjvqv7vKGGbzVFNtVv5jjqocII.roa
Signing time: Thu 07 May 2026 15:34:17 +0000
ROA not before: Thu 07 May 2026 15:34:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21245
IP address blocks: 144.208.204.0/24 maxlen: 24
185.2.176.0/24 maxlen: 24
217.146.6.0/24 maxlen: 24
217.146.7.0/24 maxlen: 24
2a05:8900:36::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:03:13:50:d3:d0:0d:d7:79:b3:54:14:f3:17:78:ae:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: May 7 15:34:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1488efaafeef28619bcd514db55bf98e3aa87082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:15:a7:98:9c:bf:2a:c8:b0:4f:7a:9a:a5:43:
06:87:f8:91:3b:1f:81:c2:01:e5:8c:15:97:85:a0:
50:67:3c:74:6a:0f:b7:cf:0e:75:dc:ed:c9:e2:c3:
1f:16:06:5b:21:a3:23:50:f6:98:c2:e0:9f:50:2c:
cd:20:0a:37:7d:42:25:ca:f6:bd:98:95:33:37:d2:
59:82:fe:e3:f1:73:2b:f1:6e:03:a4:ec:aa:88:a5:
44:6c:68:09:d9:58:a7:b8:22:2a:f6:fd:e8:c3:23:
63:f2:f6:20:02:3d:b9:7f:bd:2e:2c:be:6e:fb:0d:
ca:4a:bc:31:79:9c:9f:cd:89:ba:09:4e:fb:24:d7:
f7:39:38:01:9c:54:69:63:58:8e:8f:ce:48:23:e9:
87:0e:be:04:4b:ae:a3:2f:10:04:a2:1a:e4:38:fc:
65:dc:c9:9a:15:b6:d5:bf:8e:ea:b2:b6:66:22:3a:
30:59:40:e7:bf:dd:53:c2:c5:8c:32:0e:1e:41:a5:
5a:b5:41:e7:1b:75:45:cc:e9:9e:58:15:95:bc:e6:
ac:0f:e8:85:a4:d2:73:07:34:4a:f3:cf:6e:6a:5b:
a3:f0:13:7a:da:ec:4c:c5:c7:2a:f5:67:15:a7:fb:
bf:da:01:e4:1e:ef:98:99:1f:8d:80:54:ce:a0:e4:
3a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:88:EF:AA:FE:EF:28:61:9B:CD:51:4D:B5:5B:F9:8E:3A:A8:70:82
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/FIjvqv7vKGGbzVFNtVv5jjqocII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.204.0/24
185.2.176.0/24
217.146.6.0/23
IPv6:
2a05:8900:36::/48
Signature Algorithm: sha256WithRSAEncryption
a0:0b:28:b5:cc:14:b6:39:8b:5c:2a:85:50:27:c6:a3:5a:c6:
cd:ba:b5:0f:0b:6e:e9:7a:df:cf:2d:7f:a9:c3:f5:41:e5:a0:
c4:37:9e:00:4d:87:1a:49:47:98:c1:99:99:0a:87:27:6f:4a:
f5:5b:bb:8e:dc:ed:05:43:a6:c0:7b:75:4a:c8:76:4e:02:7d:
98:54:dc:ef:08:ea:fc:13:41:af:9a:10:1c:cf:64:44:ba:92:
59:18:15:8f:34:cf:c7:00:12:3c:f4:f8:9c:cd:ea:97:cc:79:
19:81:eb:43:92:32:17:89:52:40:0e:33:e7:fb:93:b6:5c:13:
b5:2a:96:47:29:0a:8d:70:a9:72:3a:81:44:d6:88:22:5a:29:
37:38:5b:92:2c:1c:76:c0:b7:e1:d9:05:a2:1b:80:69:df:1c:
9d:cb:2d:6a:d7:75:83:50:f4:f4:2b:4b:8c:e8:c3:d8:cd:4c:
6a:2c:6d:3c:06:44:9b:0d:25:31:99:27:21:74:cb:03:40:75:
5a:e1:5d:e7:d7:48:ec:76:3e:4d:72:47:64:19:9a:be:48:f6:
67:24:3c:fb:8e:ca:b5:13:e3:d3:a2:39:39:ae:22:4b:76:5c:
d9:ff:e4:a8:ed:c1:7a:9c:36:d4:51:e4:cd:0e:8d:81:01:b8:
9b:b5:c3:ff
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ4DE1DT0A3XebNUFPMXeK4jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjYwNTA3MTUzNDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDg4ZWZhYWZlZWYyODYxOWJjZDUxNGRiNTViZjk4ZTNhYTg3MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRWnmJy/KsiwT3qapUMGh/iROx+B
wgHljBWXhaBQZzx0ag+3zw513O3J4sMfFgZbIaMjUPaYwuCfUCzNIAo3fUIlyva9
mJUzN9JZgv7j8XMr8W4DpOyqiKVEbGgJ2VinuCIq9v3owyNj8vYgAj25f70uLL5u
+w3KSrwxeZyfzYm6CU77JNf3OTgBnFRpY1iOj85II+mHDr4ES66jLxAEohrkOPxl
3MmaFbbVv47qsrZmIjowWUDnv91TwsWMMg4eQaVatUHnG3VFzOmeWBWVvOasD+iF
pNJzBzRK889ualuj8BN62uxMxccq9WcVp/u/2gHkHu+YmR+NgFTOoOQ63QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBSI76r+7yhhm81RTbVb+Y46qHCCMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvRklqdnF2N3ZLR0dielZGTnRWdjVqanFvY0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAkNDMAwQA
uQKwAwQB2ZIGMA8EAgACMAkDBwAqBYkAADYwDQYJKoZIhvcNAQELBQADggEBAKAL
KLXMFLY5i1wqhVAnxqNaxs26tQ8Lbul6388tf6nD9UHloMQ3ngBNhxpJR5jBmZkK
hydvSvVbu47c7QVDpsB7dUrIdk4CfZhU3O8I6vwTQa+aEBzPZES6klkYFY80z8cA
Ejz0+JzN6pfMeRmB60OSMheJUkAOM+f7k7ZcE7UqlkcpCo1wqXI6gUTWiCJaKTc4
W5IsHHbAt+HZBaIbgGnfHJ3LLWrXdYNQ9PQrS4zow9jNTGosbTwGRJsNJTGZJyF0
ywNAdVrhXefXSOx2Pk1yR2QZmr5I9mckPPuOyrUT49OiOTmuIkt2XNn/5KjtwXqc
NtRR5M0OjYEBuJu1w/8=
-----END CERTIFICATE-----
Generated at Wed May 13 12:52:05 2026 by rpki-client