Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/F48haJ2H_k3DeYlChLBOz7cW17E.roa
File: F48haJ2H_k3DeYlChLBOz7cW17E.roa (raw, json)
Hash identifier: biY7BtRxv+gbBOGOV7n8I87u8jvEs3wti0HPY5wJoaU=
Subject key identifier: 17:8F:21:68:9D:87:FE:4D:C3:79:89:42:84:B0:4E:CF:B7:16:D7:B1
Certificate issuer: /CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Certificate serial: 019D26007AA3CB1865286A7CF5961CA4BA49
Authority key identifier: 5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/F48haJ2H_k3DeYlChLBOz7cW17E.roa
Signing time: Wed 25 Mar 2026 17:17:38 +0000
ROA not before: Wed 25 Mar 2026 17:17:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49592
IP address blocks: 89.126.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:00:7a:a3:cb:18:65:28:6a:7c:f5:96:1c:a4:ba:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Validity
Not Before: Mar 25 17:17:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=178f21689d87fe4dc379894284b04ecfb716d7b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:47:cb:9d:c4:80:c0:b7:7d:aa:0a:32:aa:ac:
ec:da:5c:5b:8e:82:11:30:a8:43:32:9a:db:42:30:
cc:e6:c0:4f:0b:4b:d9:d6:ab:1a:53:db:4b:7c:0d:
9f:95:0a:7e:6e:1a:e2:1a:9e:5b:fb:7d:8a:e7:87:
b6:d0:5c:e9:ef:96:e4:4d:09:4e:cc:7c:3b:23:bb:
e6:e8:6a:8f:63:9f:ad:15:e7:8e:7a:61:1f:22:46:
7d:5b:1b:24:ae:fd:19:82:8b:40:fb:36:bc:79:9c:
63:40:89:f1:67:e8:df:00:d8:a9:ef:ae:70:0d:e8:
4c:56:b8:60:91:d4:41:9b:16:ec:58:d5:52:cf:8b:
da:fc:b5:62:e6:b7:c6:aa:b8:53:b1:10:3c:b7:04:
4f:f7:42:9e:24:c4:4a:8e:42:4b:5e:7f:ad:f4:33:
9a:e2:87:fd:38:a0:c9:66:ec:61:55:50:a5:30:8b:
31:02:3d:89:e8:2a:4e:13:33:a0:23:f3:7b:c6:33:
1f:3b:86:5d:cd:05:a5:3b:26:57:0e:c9:76:f3:50:
3e:27:f6:cf:a1:1f:b1:cf:07:d5:13:a7:63:72:01:
8a:dd:ce:75:18:e5:99:a8:71:08:c5:48:44:cb:4c:
ec:fc:35:41:1c:65:b3:52:32:5b:0f:a7:04:77:9a:
68:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8F:21:68:9D:87:FE:4D:C3:79:89:42:84:B0:4E:CF:B7:16:D7:B1
X509v3 Authority Key Identifier:
keyid:5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/F48haJ2H_k3DeYlChLBOz7cW17E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.126.227.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:bd:4b:c6:b7:d0:59:7f:2c:a8:9f:98:24:0d:ca:69:2a:19:
13:da:18:b3:78:ef:1f:44:0f:0e:29:d1:32:cf:06:22:3e:fe:
35:77:b8:62:ad:1b:02:8f:e6:24:7b:05:89:e2:ac:8f:15:9f:
b5:a3:c1:49:7d:7f:f5:9d:7f:f7:fa:23:db:cf:31:44:de:f2:
e5:2c:f4:20:40:41:38:57:57:4e:32:7a:b8:30:0b:ff:38:d8:
b4:20:c1:b9:e2:69:57:82:3d:ef:e6:28:67:9b:81:07:28:c3:
9b:42:ca:8a:6b:cc:07:e3:ee:69:d7:02:3f:2b:66:37:bf:2e:
78:71:e5:1e:d5:da:65:d0:57:ad:5f:d0:2d:ec:c4:89:cc:db:
87:74:79:79:7c:7e:ef:96:aa:37:b1:03:86:a7:6b:e4:92:cd:
55:6c:8f:54:f1:82:7b:99:52:51:1f:9a:5a:2a:71:d7:7e:db:
38:7f:3f:95:b4:55:77:ef:79:bc:d3:ca:97:ce:bc:af:20:71:
c0:d5:be:6e:66:cb:6b:52:81:be:71:d9:50:5a:6a:60:ce:6f:
e3:16:cc:1e:24:d4:72:de:d4:0e:56:01:04:3d:b6:48:1e:cc:
72:af:3b:09:af:18:6e:df:df:5f:6a:9d:34:dd:88:83:0d:c1:
1b:21:b6:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0mAHqjyxhlKGp89ZYcpLpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZTUzYzBiZmMzYzhmYjU2YjgxMTkxMzE3MTQ0NDQzZTBl
MjlkMjUwHhcNMjYwMzI1MTcxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzhmMjE2ODlkODdmZTRkYzM3OTg5NDI4NGIwNGVjZmI3MTZkN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0fLncSAwLd9qgoyqqzs2lxbjoIR
MKhDMprbQjDM5sBPC0vZ1qsaU9tLfA2flQp+bhriGp5b+32K54e20Fzp75bkTQlO
zHw7I7vm6GqPY5+tFeeOemEfIkZ9Wxskrv0ZgotA+za8eZxjQInxZ+jfANip765w
DehMVrhgkdRBmxbsWNVSz4va/LVi5rfGqrhTsRA8twRP90KeJMRKjkJLXn+t9DOa
4of9OKDJZuxhVVClMIsxAj2J6CpOEzOgI/N7xjMfO4ZdzQWlOyZXDsl281A+J/bP
oR+xzwfVE6djcgGK3c51GOWZqHEIxUhEy0zs/DVBHGWzUjJbD6cEd5polwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBePIWidh/5Nw3mJQoSwTs+3FtexMB8GA1UdIwQY
MBaAFF/lPAv8PI+1a4EZExcUREPg4p0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDct
NWNmNTZlZTQzNWIzLzEvRjQ4aGFKMkhfazNEZVlsQ2hMQk96N2NXMTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDctNWNmNTZlZTQzNWIz
LzEvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWX7jMA0G
CSqGSIb3DQEBCwUAA4IBAQBtvUvGt9BZfyyon5gkDcppKhkT2hizeO8fRA8OKdEy
zwYiPv41d7hirRsCj+YkewWJ4qyPFZ+1o8FJfX/1nX/3+iPbzzFE3vLlLPQgQEE4
V1dOMnq4MAv/ONi0IMG54mlXgj3v5ihnm4EHKMObQsqKa8wH4+5p1wI/K2Y3vy54
ceUe1dpl0FetX9At7MSJzNuHdHl5fH7vlqo3sQOGp2vkks1VbI9U8YJ7mVJRH5pa
KnHXfts4fz+VtFV373m808qXzryvIHHA1b5uZstrUoG+cdlQWmpgzm/jFsweJNRy
3tQOVgEEPbZIHsxyrzsJrxhu399fap003YiDDcEbIbY3
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:35:15 2026 by rpki-client