Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FlJUY1FFJIQChZWFURnUMAUmdLs.roa
File: FlJUY1FFJIQChZWFURnUMAUmdLs.roa (raw, json)
Hash identifier: AOsDzdjjrNZuJ1Pt4gxF5Ekpepof5iBTQ6TXZqAU59E=
Subject key identifier: 16:52:54:63:51:45:24:84:02:85:95:85:51:19:D4:30:05:26:74:BB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019DD80D192F2140C8821B079D12F26F4F4B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FlJUY1FFJIQChZWFURnUMAUmdLs.roa
Signing time: Wed 29 Apr 2026 07:03:50 +0000
ROA not before: Wed 29 Apr 2026 07:03:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 22427
IP address blocks: 89.213.192.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.225.0/24 maxlen: 24
213.218.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:0d:19:2f:21:40:c8:82:1b:07:9d:12:f2:6f:4f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 29 07:03:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1652546351452484028595855119d430052674bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:03:fa:77:bc:47:a1:ee:7c:37:46:3f:39:06:
81:56:f7:50:03:20:8a:e0:3e:5d:c1:df:e3:3d:b8:
a7:45:2d:34:a2:e8:ac:04:21:3a:70:43:b1:d4:c1:
ff:b4:66:b7:b0:9b:13:56:0b:b6:08:fb:dc:73:d7:
ed:03:6e:bd:b6:8c:b1:97:a6:ac:53:46:36:d0:53:
09:a3:db:5a:f4:19:a6:be:80:b2:8b:cb:7d:5a:51:
37:54:df:55:bd:73:62:43:91:50:52:c7:e0:7c:07:
98:43:15:f3:8e:c4:bb:68:c6:66:11:10:13:76:7e:
65:55:d5:d1:db:ca:f8:86:8a:56:db:52:cb:5a:cb:
da:4b:fb:43:c1:da:b7:3a:1c:98:2a:86:52:d5:e1:
ae:ae:36:41:8a:0a:e6:0e:c8:fa:89:42:25:90:c4:
9d:87:47:40:b7:11:d7:07:87:e2:53:42:0a:4f:fb:
54:29:3f:9f:1f:56:14:70:de:59:43:17:2a:1d:aa:
8c:27:e5:f5:68:38:a6:95:ed:f7:67:07:ab:2e:d2:
43:d7:47:f0:d3:8b:36:91:c5:b0:5c:25:f7:88:1b:
7d:ca:c6:2f:c1:b7:42:f4:29:82:d0:fa:ea:5b:c6:
1c:f2:1a:69:a4:dd:67:b7:a1:b2:d3:30:cb:3e:52:
38:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:52:54:63:51:45:24:84:02:85:95:85:51:19:D4:30:05:26:74:BB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FlJUY1FFJIQChZWFURnUMAUmdLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.192.0/24
213.130.154.0/24
213.210.53.0/24
213.218.225.0-213.218.226.255
Signature Algorithm: sha256WithRSAEncryption
35:c7:c3:f2:53:40:fc:0a:2f:5e:73:16:f1:c7:03:e6:3a:ef:
33:c5:e7:e2:16:f0:f1:00:28:54:b4:73:55:68:69:89:08:2f:
ec:d7:2b:b7:61:69:a4:c2:aa:8c:21:2a:5f:c8:2f:c5:90:0c:
d9:a6:c8:80:e5:f3:f9:02:48:59:ac:27:cd:38:ec:34:fb:52:
33:34:2b:c2:0e:c7:84:ba:1d:22:26:aa:d2:b9:72:9b:ff:5e:
d4:35:ac:2d:8e:fe:b1:6a:10:6c:d0:30:df:d4:10:e8:29:2a:
42:56:c6:fc:e7:bf:92:df:9e:e2:52:c7:50:56:eb:45:06:7f:
2b:5b:69:ca:50:b8:a6:c6:79:31:19:28:52:63:82:3d:20:5d:
8b:a6:d5:a2:8e:18:ea:23:9f:09:39:8e:e6:de:dc:9f:1e:83:
3c:c6:29:2b:54:2e:3b:fc:cd:be:69:10:ef:be:d3:a6:20:30:
e5:08:ee:43:56:6c:29:1a:de:16:ab:50:6d:6b:00:7b:95:8e:
ea:e2:95:35:ce:c1:d4:18:3c:f6:c0:45:11:4b:95:e2:ee:a6:
28:ea:ee:5e:69:a8:6b:8b:c2:64:3a:ee:8c:45:1e:80:6e:b7:
57:7f:6f:c2:94:e9:29:f9:54:c5:ef:89:9a:54:ed:65:63:1d:
4b:12:92:5e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ3YDRkvIUDIghsHnRLyb09LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNDI5MDcwMzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjUyNTQ2MzUxNDUyNDg0MDI4NTk1ODU1MTE5ZDQzMDA1MjY3NGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAP6d7xHoe58N0Y/OQaBVvdQAyCK
4D5dwd/jPbinRS00ouisBCE6cEOx1MH/tGa3sJsTVgu2CPvcc9ftA269toyxl6as
U0Y20FMJo9ta9BmmvoCyi8t9WlE3VN9VvXNiQ5FQUsfgfAeYQxXzjsS7aMZmERAT
dn5lVdXR28r4hopW21LLWsvaS/tDwdq3OhyYKoZS1eGurjZBigrmDsj6iUIlkMSd
h0dAtxHXB4fiU0IKT/tUKT+fH1YUcN5ZQxcqHaqMJ+X1aDimle33ZwerLtJD10fw
04s2kcWwXCX3iBt9ysYvwbdC9CmC0PrqW8Yc8hpppN1nt6Gy0zDLPlI4lwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBZSVGNRRSSEAoWVhVEZ1DAFJnS7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRmxKVVkxRkZKSVFDaFpXRlVSblVNQVVtZExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWdXAAwQA
1YKaAwQA1dI1MAwDBADV2uEDBADV2uIwDQYJKoZIhvcNAQELBQADggEBADXHw/JT
QPwKL15zFvHHA+Y67zPF5+IW8PEAKFS0c1VoaYkIL+zXK7dhaaTCqowhKl/IL8WQ
DNmmyIDl8/kCSFmsJ8047DT7UjM0K8IOx4S6HSImqtK5cpv/XtQ1rC2O/rFqEGzQ
MN/UEOgpKkJWxvznv5LfnuJSx1BW60UGfytbacpQuKbGeTEZKFJjgj0gXYum1aKO
GOojnwk5jube3J8egzzGKStULjv8zb5pEO++06YgMOUI7kNWbCka3harUG1rAHuV
jurilTXOwdQYPPbARRFLleLupijq7l5pqGuLwmQ67oxFHoBut1d/b8KU6Sn5VMXv
iZpU7WVjHUsSkl4=
-----END CERTIFICATE-----
Generated at Tue May 12 21:44:54 2026 by rpki-client