Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/Fexpb8Mm1qldEMdDfjeahWE_FzM.roa
File: Fexpb8Mm1qldEMdDfjeahWE_FzM.roa (raw, json)
Hash identifier: beEp1xMiPmbPcQtZzifL9idgvv0u2YByV9XjHML5QxA=
Subject key identifier: 15:EC:69:6F:C3:26:D6:A9:5D:10:C7:43:7E:37:9A:85:61:3F:17:33
Certificate issuer: /CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Certificate serial: 019CD4ED0D8DF6348BF8638B4010CA17CD07
Authority key identifier: 48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/Fexpb8Mm1qldEMdDfjeahWE_FzM.roa
Signing time: Mon 09 Mar 2026 23:27:10 +0000
ROA not before: Mon 09 Mar 2026 23:27:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208808
IP address blocks: 31.13.210.0/24 maxlen: 24
45.140.196.0/22 maxlen: 22
78.138.18.0/23 maxlen: 23
78.138.26.0/23 maxlen: 23
78.138.28.0/23 maxlen: 23
78.138.42.0/23 maxlen: 23
85.137.192.0/22 maxlen: 22
85.137.196.0/22 maxlen: 22
85.137.200.0/22 maxlen: 22
85.137.204.0/22 maxlen: 22
87.120.80.0/23 maxlen: 23
87.120.203.0/24 maxlen: 24
89.36.232.0/22 maxlen: 22
89.46.132.0/22 maxlen: 22
92.243.68.0/24 maxlen: 24
92.243.71.0/24 maxlen: 24
92.243.86.0/23 maxlen: 23
92.243.90.0/23 maxlen: 23
92.243.94.0/23 maxlen: 23
93.114.92.0/22 maxlen: 22
93.115.48.0/22 maxlen: 22
94.156.26.0/23 maxlen: 23
103.43.40.0/22 maxlen: 22
103.104.108.0/22 maxlen: 22
103.208.72.0/22 maxlen: 22
160.202.156.0/22 maxlen: 22
185.201.76.0/22 maxlen: 22
212.73.152.0/24 maxlen: 24
212.73.153.0/24 maxlen: 24
213.255.210.0/23 maxlen: 23
213.255.216.0/23 maxlen: 23
213.255.224.0/23 maxlen: 23
213.255.244.0/23 maxlen: 23
2a0a:bd40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 02:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d4:ed:0d:8d:f6:34:8b:f8:63:8b:40:10:ca:17:cd:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Validity
Not Before: Mar 9 23:27:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=15ec696fc326d6a95d10c7437e379a85613f1733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8f:e6:6e:c9:87:87:d0:d8:77:be:ad:14:b2:
a3:95:a4:c9:30:3f:3e:db:64:ea:89:29:96:21:1b:
90:d6:d5:6f:b3:58:7d:b2:c4:bf:e0:0e:d6:83:7c:
99:5e:11:5b:c5:b5:2e:f6:59:86:7f:db:6d:82:5f:
cc:e0:d0:b8:43:f5:2f:d1:f0:75:63:1c:78:d3:9c:
f6:f4:aa:be:b0:8b:ca:a6:e8:1f:2a:4a:d8:d2:bd:
08:64:c9:75:b4:2c:89:54:a1:2e:65:af:db:43:98:
bd:50:15:86:de:ac:0e:48:89:7d:ef:97:30:3f:76:
c5:08:d2:87:0e:ac:74:62:f9:b7:3e:73:ec:23:4d:
bb:97:b6:61:d8:50:6d:f3:c6:2f:52:30:11:1a:13:
3d:43:25:32:c5:15:1d:d8:c0:23:a5:80:5e:35:db:
b5:79:a4:34:62:56:4f:34:ba:9d:bf:34:68:79:9f:
a9:89:68:23:e5:9c:69:14:94:37:19:2e:ed:7c:49:
23:89:b5:a7:26:59:c8:3d:d8:43:d0:75:58:2a:b0:
07:83:98:00:f8:39:4a:5b:0e:5f:31:70:9d:cb:d6:
93:b7:51:53:e5:a7:d9:7f:6c:97:2e:7c:51:2b:a1:
1b:52:26:e9:fb:11:fc:a4:91:66:af:9d:99:3c:5d:
50:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:EC:69:6F:C3:26:D6:A9:5D:10:C7:43:7E:37:9A:85:61:3F:17:33
X509v3 Authority Key Identifier:
keyid:48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/Fexpb8Mm1qldEMdDfjeahWE_FzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.210.0/24
45.140.196.0/22
78.138.18.0/23
78.138.26.0-78.138.29.255
78.138.42.0/23
85.137.192.0/20
87.120.80.0/23
87.120.203.0/24
89.36.232.0/22
89.46.132.0/22
92.243.68.0/24
92.243.71.0/24
92.243.86.0/23
92.243.90.0/23
92.243.94.0/23
93.114.92.0/22
93.115.48.0/22
94.156.26.0/23
103.43.40.0/22
103.104.108.0/22
103.208.72.0/22
160.202.156.0/22
185.201.76.0/22
212.73.152.0/23
213.255.210.0/23
213.255.216.0/23
213.255.224.0/23
213.255.244.0/23
IPv6:
2a0a:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
2e:a1:d6:74:24:04:3e:2a:07:2a:0a:5c:cb:fd:4f:dc:b6:45:
49:d9:b0:07:c8:73:34:f8:26:74:57:dd:d2:9c:86:39:80:87:
9b:0e:52:ed:a6:c1:56:4c:ac:19:a7:3a:83:71:01:ac:27:f7:
90:97:bc:75:9e:28:b9:32:18:07:fa:14:3e:3a:b9:6b:a8:10:
da:df:b2:0f:b2:57:9a:58:69:16:ba:68:e4:42:cb:e8:84:37:
73:49:9d:e7:a3:2f:95:3a:43:4a:bf:fe:5f:65:6e:83:33:ab:
83:f8:fb:58:44:d2:9b:f7:59:a3:28:d6:6d:42:76:44:9b:5b:
c7:58:c8:9d:cb:d5:6e:36:66:a9:8b:d5:58:bf:de:d2:6e:73:
68:20:07:17:3d:ed:17:6c:62:a1:16:74:3f:f1:87:ab:c9:37:
ef:d0:a5:64:0e:2f:b6:67:86:5f:aa:81:ae:39:0d:83:a5:fc:
82:51:c8:a7:76:af:8d:e7:3e:b0:f5:c5:33:ab:c1:aa:e1:6c:
5d:15:7e:0a:f8:aa:d6:75:50:d6:6e:ae:8d:50:56:e7:a6:d3:
96:ee:6f:eb:9a:70:6c:57:b0:bc:c4:12:ea:2f:dc:22:03:14:
28:54:39:48:ad:95:88:dc:92:74:ad:40:7f:99:ab:c3:0f:42:
14:1a:d6:c9
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAZzU7Q2N9jSL+GOLQBDKF80HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NjZkNDAyN2RlM2MyN2U4OTdkNzJhZGIyYzg2ZDg3YWI3
ZTVhYzIwHhcNMjYwMzA5MjMyNzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWVjNjk2ZmMzMjZkNmE5NWQxMGM3NDM3ZTM3OWE4NTYxM2YxNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4/mbsmHh9DYd76tFLKjlaTJMD8+
22TqiSmWIRuQ1tVvs1h9ssS/4A7Wg3yZXhFbxbUu9lmGf9ttgl/M4NC4Q/Uv0fB1
Yxx405z29Kq+sIvKpugfKkrY0r0IZMl1tCyJVKEuZa/bQ5i9UBWG3qwOSIl975cw
P3bFCNKHDqx0Yvm3PnPsI027l7Zh2FBt88YvUjARGhM9QyUyxRUd2MAjpYBeNdu1
eaQ0YlZPNLqdvzRoeZ+piWgj5ZxpFJQ3GS7tfEkjibWnJlnIPdhD0HVYKrAHg5gA
+DlKWw5fMXCdy9aTt1FT5afZf2yXLnxRK6EbUibp+xH8pJFmr52ZPF1QMwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFBXsaW/DJtapXRDHQ343moVhPxczMB8GA1UdIwQY
MBaAFEhm1AJ948J+iX1yrbLIbYerflrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMt
NjFjOWMyOWMyNzVkLzEvRmV4cGI4TW0xcWxkRU1kRGZqZWFoV0VfRnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMtNjFjOWMyOWMyNzVk
LzEvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBtwQCAAEwgbADBAAf
DdIDBAItjMQDBAFOihIwDAMEAU6KGgMEAU6KHAMEAU6KKgMEBFWJwAMEAVd4UAME
AFd4ywMEAlkk6AMEAlkuhAMEAFzzRAMEAFzzRwMEAVzzVgMEAVzzWgMEAVzzXgME
Al1yXAMEAl1zMAMEAV6cGgMEAmcrKAMEAmdobAMEAmfQSAMEAqDKnAMEArnJTAME
AdRJmAMEAdX/0gMEAdX/2AMEAdX/4AMEAdX/9DANBAIAAjAHAwUDKgq9QDANBgkq
hkiG9w0BAQsFAAOCAQEALqHWdCQEPioHKgpcy/1P3LZFSdmwB8hzNPgmdFfd0pyG
OYCHmw5S7abBVkysGac6g3EBrCf3kJe8dZ4ouTIYB/oUPjq5a6gQ2t+yD7JXmlhp
Frpo5ELL6IQ3c0md56MvlTpDSr/+X2VugzOrg/j7WETSm/dZoyjWbUJ2RJtbx1jI
ncvVbjZmqYvVWL/e0m5zaCAHFz3tF2xioRZ0P/GHq8k379ClZA4vtmeGX6qBrjkN
g6X8glHIp3avjec+sPXFM6vBquFsXRV+Cviq1nVQ1m6ujVBW56bTlu5v65pwbFew
vMQS6i/cIgMUKFQ5SK2ViNySdK1Af5mrww9CFBrWyQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:04:09 2026 by rpki-client