Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/F6j-udpyxSiM53qRqgF1OjyCqYA.roa
File: F6j-udpyxSiM53qRqgF1OjyCqYA.roa (raw, json)
Hash identifier: eyZky30xL9+2ioqs8ucqzB8DYytkQbgUrYJfQpNtJ9Q=
Subject key identifier: 17:A8:FE:B9:DA:72:C5:28:8C:E7:7A:91:AA:01:75:3A:3C:82:A9:80
Certificate issuer: /CN=f22bed3f37cd72826511c574560deb55542550e4
Certificate serial: 019DBA91216BBF881CA72BBB180D32C734DA
Authority key identifier: F2:2B:ED:3F:37:CD:72:82:65:11:C5:74:56:0D:EB:55:54:25:50:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/F6j-udpyxSiM53qRqgF1OjyCqYA.roa
Signing time: Thu 23 Apr 2026 13:39:26 +0000
ROA not before: Thu 23 Apr 2026 13:39:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 24586
IP address blocks: 46.22.180.0/22 maxlen: 24
46.22.184.0/21 maxlen: 24
80.95.160.0/21 maxlen: 24
80.95.168.0/22 maxlen: 24
80.95.172.0/22 maxlen: 24
93.92.96.0/22 maxlen: 24
93.92.96.0/23 maxlen: 23
93.92.100.0/22 maxlen: 24
185.39.120.0/22 maxlen: 24
188.66.16.0/21 maxlen: 24
2001:4c10::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ba:91:21:6b:bf:88:1c:a7:2b:bb:18:0d:32:c7:34:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f22bed3f37cd72826511c574560deb55542550e4
Validity
Not Before: Apr 23 13:39:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=17a8feb9da72c5288ce77a91aa01753a3c82a980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2f:7c:4a:f1:69:0f:74:0d:75:6f:55:4a:4a:
56:e0:94:08:a1:56:44:1f:c7:42:42:c4:48:24:53:
3d:a8:67:2b:56:a9:80:05:d7:15:e5:da:e8:09:ee:
5b:7b:32:f7:66:4a:40:f8:c9:55:d4:b6:52:c5:8e:
60:e6:e5:26:e0:fe:de:88:94:c8:ca:b5:0e:b0:16:
16:7b:3f:4b:5b:27:86:cb:66:27:da:b4:61:9c:dc:
c6:c8:4c:9f:ff:73:f4:8c:a3:c1:67:eb:c3:e7:ad:
ac:25:fc:49:b7:6b:62:32:00:c8:54:88:78:75:21:
71:c0:c3:14:8e:b6:8a:11:25:4b:f4:85:47:d7:30:
f3:24:3a:2b:2b:22:1e:69:88:21:0c:95:96:a4:a1:
73:0a:1f:ab:a5:8a:b6:59:2c:b6:de:ab:98:d4:48:
46:74:1e:76:00:39:7f:26:7f:25:39:e4:3d:35:bb:
18:a3:79:61:7e:9a:de:d7:f2:b1:9e:e7:18:fd:89:
ea:e2:56:d5:4a:07:60:f9:94:58:e7:70:61:c7:a6:
e3:b2:b0:48:81:10:0c:a8:5c:5c:c9:26:b2:92:79:
f2:a8:59:a9:b7:69:92:04:24:fd:9f:61:c0:5a:46:
3e:be:67:c1:f6:05:41:be:82:1b:8e:4c:95:b2:62:
27:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A8:FE:B9:DA:72:C5:28:8C:E7:7A:91:AA:01:75:3A:3C:82:A9:80
X509v3 Authority Key Identifier:
keyid:F2:2B:ED:3F:37:CD:72:82:65:11:C5:74:56:0D:EB:55:54:25:50:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/F6j-udpyxSiM53qRqgF1OjyCqYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.180.0-46.22.191.255
80.95.160.0/20
93.92.96.0/21
185.39.120.0/22
188.66.16.0/21
IPv6:
2001:4c10::/32
Signature Algorithm: sha256WithRSAEncryption
3b:a7:d6:f9:4f:7d:c3:9d:49:f9:03:58:cf:25:51:de:35:4c:
b5:32:6c:dc:be:3e:6e:40:8d:6e:c9:8b:06:2d:59:af:e7:16:
63:e8:bb:4d:ee:64:e9:26:56:f3:7b:6d:1d:e0:7d:5b:58:4a:
e7:36:0d:c6:95:ca:aa:07:ce:85:bf:84:d2:cb:82:fd:9a:a6:
f1:fc:63:89:54:5e:f6:a7:47:d5:9a:63:b3:09:61:6c:0f:29:
c1:88:2b:3a:f8:f2:59:71:9e:51:dd:de:3f:c0:ca:3b:a2:6e:
5f:60:c8:45:6a:39:6c:44:1c:98:7c:ac:0e:59:9f:d0:9a:e7:
7e:b0:ee:13:7e:1f:f5:f9:51:37:0b:8c:48:90:ff:93:5c:8d:
f8:c6:9e:08:5c:c6:e2:15:ea:24:82:2b:a0:41:d4:27:24:b0:
18:e2:60:fc:07:38:ef:81:4f:f1:8f:ec:26:d0:a6:73:78:a2:
f4:45:74:d7:f8:61:06:9d:46:bf:f7:7c:75:41:1a:02:37:5d:
15:ce:cc:fe:82:22:1f:e1:de:f6:bd:13:3d:68:02:30:bc:a2:
62:9c:42:91:32:1a:eb:47:0b:43:dd:52:80:c0:8e:bf:61:6f:
88:b3:b8:33:d5:c6:a2:58:81:3c:4e:2d:aa:05:41:59:2d:21:
da:c1:51:0b
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZ26kSFrv4gcpyu7GA0yxzTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMmJlZDNmMzdjZDcyODI2NTExYzU3NDU2MGRlYjU1NTQy
NTUwZTQwHhcNMjYwNDIzMTMzOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2E4ZmViOWRhNzJjNTI4OGNlNzdhOTFhYTAxNzUzYTNjODJhOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy98SvFpD3QNdW9VSkpW4JQIoVZE
H8dCQsRIJFM9qGcrVqmABdcV5droCe5bezL3ZkpA+MlV1LZSxY5g5uUm4P7eiJTI
yrUOsBYWez9LWyeGy2Yn2rRhnNzGyEyf/3P0jKPBZ+vD562sJfxJt2tiMgDIVIh4
dSFxwMMUjraKESVL9IVH1zDzJDorKyIeaYghDJWWpKFzCh+rpYq2WSy23quY1EhG
dB52ADl/Jn8lOeQ9NbsYo3lhfpre1/KxnucY/Ynq4lbVSgdg+ZRY53Bhx6bjsrBI
gRAMqFxcySayknnyqFmpt2mSBCT9n2HAWkY+vmfB9gVBvoIbjkyVsmInvQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFBeo/rnacsUojOd6kaoBdTo8gqmAMB8GA1UdIwQY
MBaAFPIr7T83zXKCZRHFdFYN61VUJVDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGl2dFB6Zk5jb0psRWNWMFZnM3JWVlFsVU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8yOTRmYTEtZTkzOC00Y2QyLTlhODkt
MjkwNjJlODcwYjY0LzEvRjZqLXVkcHl4U2lNNTNxUnFnRjFPanlDcVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8yOTRmYTEtZTkzOC00Y2QyLTlhODktMjkwNjJlODcwYjY0
LzEvOGl2dFB6Zk5jb0psRWNWMFZnM3JWVlFsVU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBAIuFrQD
BAYuFoADBARQX6ADBANdXGADBAK5J3gDBAO8QhAwDQQCAAIwBwMFACABTBAwDQYJ
KoZIhvcNAQELBQADggEBADun1vlPfcOdSfkDWM8lUd41TLUybNy+Pm5AjW7JiwYt
Wa/nFmPou03uZOkmVvN7bR3gfVtYSuc2DcaVyqoHzoW/hNLLgv2apvH8Y4lUXvan
R9WaY7MJYWwPKcGIKzr48llxnlHd3j/Ayjuibl9gyEVqOWxEHJh8rA5Zn9Ca536w
7hN+H/X5UTcLjEiQ/5NcjfjGnghcxuIV6iSCK6BB1CcksBjiYPwHOO+BT/GP7CbQ
pnN4ovRFdNf4YQadRr/3fHVBGgI3XRXOzP6CIh/h3va9Ez1oAjC8omKcQpEyGutH
C0PdUoDAjr9hb4izuDPVxqJYgTxOLaoFQVktIdrBUQs=
-----END CERTIFICATE-----
Generated at Tue May 12 22:33:16 2026 by rpki-client