Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/D6FTe8il_STcQcjdnoeWKiNIPNY.roa
File: D6FTe8il_STcQcjdnoeWKiNIPNY.roa (raw, json)
Hash identifier: rjCidIkCg4djppfjyWFn3LvmyFXURyzLrTJKv3zECuQ=
Subject key identifier: 0F:A1:53:7B:C8:A5:FD:24:DC:41:C8:DD:9E:87:96:2A:23:48:3C:D6
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 019D035A4E9EC06CA08D3A0E0B7A25BE127A
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/D6FTe8il_STcQcjdnoeWKiNIPNY.roa
Signing time: Wed 18 Mar 2026 23:49:03 +0000
ROA not before: Wed 18 Mar 2026 23:49:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204957
IP address blocks: 5.34.176.0/23 maxlen: 23
5.34.178.0/23 maxlen: 23
45.90.56.0/22 maxlen: 22
46.28.67.0/24 maxlen: 24
46.28.70.0/24 maxlen: 24
62.233.57.0/24 maxlen: 24
82.117.252.0/23 maxlen: 23
82.117.254.0/24 maxlen: 24
82.117.255.0/24 maxlen: 24
82.118.20.0/22 maxlen: 22
85.90.196.0/24 maxlen: 24
85.90.199.0/24 maxlen: 24
195.123.232.0/22 maxlen: 22
195.123.236.0/22 maxlen: 22
195.123.240.0/22 maxlen: 22
195.123.244.0/22 maxlen: 22
195.211.96.0/23 maxlen: 23
195.211.98.0/23 maxlen: 23
217.12.206.0/23 maxlen: 23
217.12.215.0/24 maxlen: 24
2a05:9400::/32 maxlen: 32
2a05:9401::/32 maxlen: 32
2a05:9402::/32 maxlen: 32
2a05:9403::/32 maxlen: 32
2a05:9404::/32 maxlen: 32
2a05:9405::/32 maxlen: 32
2a05:9406::/32 maxlen: 32
2a12:6fc0::/32 maxlen: 32
2a12:6fc1::/32 maxlen: 32
2a12:6fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:03:5a:4e:9e:c0:6c:a0:8d:3a:0e:0b:7a:25:be:12:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Mar 18 23:49:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0fa1537bc8a5fd24dc41c8dd9e87962a23483cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:63:3b:18:38:a2:cd:3a:d7:9e:00:aa:4e:29:
2f:ba:81:e4:1f:55:16:75:b5:1e:b5:b2:5b:44:ad:
38:9f:cd:1a:70:68:cf:dc:4a:ef:03:a1:f4:41:3e:
7c:11:ab:41:c9:98:41:39:2e:c0:d0:67:1f:eb:24:
d5:92:65:1e:3d:67:77:21:e8:9d:40:d8:98:ac:d5:
5b:aa:62:fc:00:6f:a5:30:ed:ad:e8:2e:03:7d:27:
ab:f4:ce:21:bc:6d:88:8a:8c:2b:bf:80:b8:cd:3a:
a9:fe:f0:cd:aa:f5:43:6d:82:61:44:4b:bc:3d:6e:
25:b9:b3:35:18:8d:9a:88:4c:ed:7c:85:06:6b:1c:
ef:ab:9e:90:b7:cd:5a:5b:a2:15:76:8f:bc:95:39:
ed:b4:37:13:96:92:13:84:17:bb:5d:d8:ec:0c:61:
5e:ac:10:9b:91:fd:33:c7:1a:72:86:66:ef:f3:90:
3c:1b:19:99:3b:15:27:8c:a2:f9:3b:22:4f:0e:40:
59:1b:08:ee:91:39:44:37:ef:c0:16:e6:1e:7c:c3:
02:f4:c7:d0:21:6f:f0:6f:f9:59:c4:e0:5a:9e:ac:
27:18:51:bd:0e:aa:b4:9e:14:55:7f:93:68:b2:c5:
61:ef:42:5a:b1:d7:92:13:98:44:24:3b:bd:9f:0e:
16:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A1:53:7B:C8:A5:FD:24:DC:41:C8:DD:9E:87:96:2A:23:48:3C:D6
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/D6FTe8il_STcQcjdnoeWKiNIPNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.176.0/22
45.90.56.0/22
46.28.67.0/24
46.28.70.0/24
62.233.57.0/24
82.117.252.0/22
82.118.20.0/22
85.90.196.0/24
85.90.199.0/24
195.123.232.0-195.123.247.255
195.211.96.0/22
217.12.206.0/23
217.12.215.0/24
IPv6:
2a05:9400::-2a05:9406:ffff:ffff:ffff:ffff:ffff:ffff
2a12:6fc0::-2a12:6fc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
23:d2:c8:4a:3e:e4:42:c6:41:3f:00:b7:cc:72:a7:fa:fb:00:
02:8f:f9:1f:11:3c:17:b8:93:08:27:f4:61:bd:a5:3d:b8:34:
b6:12:30:67:03:6c:c0:da:6d:39:0d:3c:ea:09:06:63:49:be:
9d:a5:a9:b1:48:fe:03:09:f6:ea:e1:b1:38:92:8c:02:a7:7b:
36:0c:47:db:cd:aa:c7:0e:94:d7:f1:85:50:45:0b:ee:b4:ab:
75:e6:c9:79:92:37:e0:4a:0f:86:8e:9e:dd:d7:0c:17:91:d9:
31:ab:02:5b:cd:b4:37:2a:67:c4:11:ae:bd:9e:8a:9f:66:60:
6c:08:48:ab:f8:07:2a:6c:ab:f9:47:87:d5:0c:8c:17:5b:8c:
27:14:17:8f:4b:90:a6:2c:7d:b7:3a:17:ee:8b:84:d5:0d:28:
57:9f:61:12:6e:be:45:6a:84:14:a6:fc:4d:3c:32:fa:fe:20:
b7:ba:91:e5:92:46:f4:12:15:95:40:cd:4a:a0:ac:40:de:f4:
8f:2e:a5:94:3c:3c:96:9f:27:9c:ae:4f:a2:c2:48:ae:2d:7a:
b6:14:ec:1d:5c:9d:72:7d:4a:17:0a:95:43:5c:80:1b:fc:52:
51:42:07:b2:c1:af:6a:53:37:02:81:f3:f2:d7:09:5f:9a:ef:
b3:df:1c:a4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZ0DWk6ewGygjToOC3olvhJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjYwMzE4MjM0OTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmExNTM3YmM4YTVmZDI0ZGM0MWM4ZGQ5ZTg3OTYyYTIzNDgzY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWM7GDiizTrXngCqTikvuoHkH1UW
dbUetbJbRK04n80acGjP3ErvA6H0QT58EatByZhBOS7A0Gcf6yTVkmUePWd3Ieid
QNiYrNVbqmL8AG+lMO2t6C4DfSer9M4hvG2Iiowrv4C4zTqp/vDNqvVDbYJhREu8
PW4lubM1GI2aiEztfIUGaxzvq56Qt81aW6IVdo+8lTnttDcTlpIThBe7XdjsDGFe
rBCbkf0zxxpyhmbv85A8GxmZOxUnjKL5OyJPDkBZGwjukTlEN+/AFuYefMMC9MfQ
IW/wb/lZxOBanqwnGFG9Dqq0nhRVf5NossVh70JasdeSE5hEJDu9nw4W6QIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFA+hU3vIpf0k3EHI3Z6HliojSDzWMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvRDZGVGU4aWxfU1RjUWNqZG5vZVdLaU5JUE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBcBAIAATBWAwQCBSKw
AwQCLVo4AwQALhxDAwQALhxGAwQAPuk5AwQCUnX8AwQCUnYUAwQAVVrEAwQAVVrH
MAwDBAPDe+gDBAPDe/ADBALD02ADBAHZDM4DBADZDNcwJQQCAAIwHzANAwQCKgWU
AwUAKgWUBjAOAwUGKhJvwAMFACoSb8IwDQYJKoZIhvcNAQELBQADggEBACPSyEo+
5ELGQT8At8xyp/r7AAKP+R8RPBe4kwgn9GG9pT24NLYSMGcDbMDabTkNPOoJBmNJ
vp2lqbFI/gMJ9urhsTiSjAKnezYMR9vNqscOlNfxhVBFC+60q3XmyXmSN+BKD4aO
nt3XDBeR2TGrAlvNtDcqZ8QRrr2eip9mYGwISKv4Bypsq/lHh9UMjBdbjCcUF49L
kKYsfbc6F+6LhNUNKFefYRJuvkVqhBSm/E08Mvr+ILe6keWSRvQSFZVAzUqgrEDe
9I8upZQ8PJafJ5yuT6LCSK4terYU7B1cnXJ9ShcKlUNcgBv8UlFCB7LBr2pTNwKB
8/LXCV+a77PfHKQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:47:03 2026 by rpki-client