Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/fvRquGdLskZKWulDnfJMDzpLPQU.roa
File: fvRquGdLskZKWulDnfJMDzpLPQU.roa (raw, json)
Hash identifier: CR6ZcpCz35mtzaAxSqlJ2NEOBSGjyHieJtOAbogUd+0=
Subject key identifier: 7E:F4:6A:B8:67:4B:B2:46:4A:5A:E9:43:9D:F2:4C:0F:3A:4B:3D:05
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 019D1B3F7DBB963A6D3DA2AE63348AB1A54D
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/fvRquGdLskZKWulDnfJMDzpLPQU.roa
Signing time: Mon 23 Mar 2026 15:10:38 +0000
ROA not before: Mon 23 Mar 2026 15:10:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 84.55.8.0/22 maxlen: 24
88.223.44.0/24 maxlen: 24
88.223.46.0/24 maxlen: 24
88.223.169.0/24 maxlen: 24
95.173.49.0/24 maxlen: 24
95.173.51.0/24 maxlen: 24
95.173.58.0/24 maxlen: 24
95.173.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:3f:7d:bb:96:3a:6d:3d:a2:ae:63:34:8a:b1:a5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Mar 23 15:10:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ef46ab8674bb2464a5ae9439df24c0f3a4b3d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:59:5e:a3:ad:d6:a2:05:dc:aa:55:d5:96:49:
31:b8:b9:3e:01:e6:74:aa:24:6f:10:69:91:4a:b3:
38:bd:bc:3e:f8:f4:fd:2b:20:b0:91:fc:45:ed:cd:
20:f5:18:20:b3:5a:77:6f:6c:70:ef:bd:c4:35:8b:
b1:a1:08:48:fc:ba:d9:aa:62:96:e8:0c:c6:fe:a1:
15:34:bf:dc:87:ae:1d:35:9e:ae:70:0c:6a:1b:13:
03:23:48:83:3c:6f:ca:a7:f3:b5:3d:34:e8:8f:53:
5f:7f:de:6e:90:82:9b:8f:46:4e:af:50:c2:bd:29:
b1:79:02:56:1b:fc:d7:86:a1:4c:45:b5:bc:05:bd:
c5:77:11:3a:fe:8f:2e:3f:bd:0e:28:c3:87:37:35:
2b:7e:7c:84:12:c1:c7:89:77:17:a6:23:b4:01:68:
a3:60:7a:55:de:ad:75:8f:9f:8d:de:3e:cf:b0:12:
fc:19:54:6d:f3:05:88:66:10:0e:e1:74:27:6c:9b:
06:9f:30:2e:df:67:8e:2e:38:66:4c:a9:5d:ec:73:
14:c2:93:67:b6:ae:1d:2b:94:ee:7f:4f:74:8c:13:
28:2f:10:d3:bb:63:15:51:d5:79:7f:8c:1e:ae:92:
ea:56:8a:9c:f1:fc:47:aa:2d:ed:13:2d:19:10:18:
65:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F4:6A:B8:67:4B:B2:46:4A:5A:E9:43:9D:F2:4C:0F:3A:4B:3D:05
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/fvRquGdLskZKWulDnfJMDzpLPQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.8.0/22
88.223.44.0/24
88.223.46.0/24
88.223.169.0/24
95.173.49.0/24
95.173.51.0/24
95.173.58.0/24
95.173.60.0/24
Signature Algorithm: sha256WithRSAEncryption
20:59:bd:00:6c:34:ae:78:fa:ae:36:1c:fa:25:41:f9:11:52:
b8:46:44:37:72:26:06:4a:fa:92:7a:47:16:bc:23:47:8d:93:
7c:13:4a:bc:88:fb:80:86:fe:c5:2c:24:a2:44:63:53:e8:9d:
3c:4c:16:c7:23:42:d9:e5:95:40:f2:f2:bd:37:95:e0:3f:74:
43:96:57:36:f1:70:88:85:68:9b:91:d2:a0:c0:8e:56:a3:1b:
2f:7c:1c:5b:17:cc:d0:da:2d:39:30:86:b5:7a:53:bf:b6:e6:
af:35:3a:c6:71:c7:c5:ed:29:54:81:4e:35:0d:8a:ee:bb:b0:
6d:10:5c:c4:3a:cd:71:21:61:8e:a5:9c:d0:5c:ec:05:e4:66:
78:90:21:44:28:40:21:ef:26:c1:ff:cb:bc:9e:b7:d5:51:2a:
20:d1:13:bc:bd:46:55:b5:a6:99:0b:b9:99:79:5e:d3:16:93:
23:48:56:b9:1b:bb:d6:bd:da:55:e1:c6:61:66:b4:bc:44:cf:
11:40:cc:f2:1c:fd:f3:69:0d:bb:2d:b9:d6:8e:9c:dc:d4:70:
0b:50:85:80:9d:38:3e:57:42:3f:42:8d:8b:e8:c7:16:94:74:
7b:94:a2:40:54:79:60:95:80:69:df:d8:6d:09:d1:e8:e2:1c:
1d:2b:50:34
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ0bP327ljptPaKuYzSKsaVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjYwMzIzMTUxMDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWY0NmFiODY3NGJiMjQ2NGE1YWU5NDM5ZGYyNGMwZjNhNGIzZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVleo63WogXcqlXVlkkxuLk+AeZ0
qiRvEGmRSrM4vbw++PT9KyCwkfxF7c0g9Rggs1p3b2xw773ENYuxoQhI/LrZqmKW
6AzG/qEVNL/ch64dNZ6ucAxqGxMDI0iDPG/Kp/O1PTToj1Nff95ukIKbj0ZOr1DC
vSmxeQJWG/zXhqFMRbW8Bb3FdxE6/o8uP70OKMOHNzUrfnyEEsHHiXcXpiO0AWij
YHpV3q11j5+N3j7PsBL8GVRt8wWIZhAO4XQnbJsGnzAu32eOLjhmTKld7HMUwpNn
tq4dK5Tuf090jBMoLxDTu2MVUdV5f4werpLqVoqc8fxHqi3tEy0ZEBhlWQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFH70arhnS7JGSlrpQ53yTA86Sz0FMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvZnZScXVHZExza1pLV3VsRG5mSk1EenBMUFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCVDcIAwQA
WN8sAwQAWN8uAwQAWN+pAwQAX60xAwQAX60zAwQAX606AwQAX608MA0GCSqGSIb3
DQEBCwUAA4IBAQAgWb0AbDSuePquNhz6JUH5EVK4RkQ3ciYGSvqSekcWvCNHjZN8
E0q8iPuAhv7FLCSiRGNT6J08TBbHI0LZ5ZVA8vK9N5XgP3RDllc28XCIhWibkdKg
wI5WoxsvfBxbF8zQ2i05MIa1elO/tuavNTrGccfF7SlUgU41DYruu7BtEFzEOs1x
IWGOpZzQXOwF5GZ4kCFEKEAh7ybB/8u8nrfVUSog0RO8vUZVtaaZC7mZeV7TFpMj
SFa5G7vWvdpV4cZhZrS8RM8RQMzyHP3zaQ27LbnWjpzc1HALUIWAnTg+V0I/Qo2L
6McWlHR7lKJAVHlglYBp39htCdHo4hwdK1A0
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:36:55 2026 by rpki-client