Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/p_zj4OSdAqCR4867NhK0flKlx14.roa
File: p_zj4OSdAqCR4867NhK0flKlx14.roa (raw, json)
Hash identifier: hGOuLTSiLd6M1yp0vU60mwegnSaS4NS/nPDY8Bf3UTw=
Subject key identifier: A7:FC:E3:E0:E4:9D:02:A0:91:E3:CE:BB:36:12:B4:7E:52:A5:C7:5E
Certificate issuer: /CN=ff711054a89446a76f493ce2c127a948eba4a8ff
Certificate serial: 019E0C36C7BCB4D3D60143ED28B64E85419A
Authority key identifier: FF:71:10:54:A8:94:46:A7:6F:49:3C:E2:C1:27:A9:48:EB:A4:A8:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/p_zj4OSdAqCR4867NhK0flKlx14.roa
Signing time: Sat 09 May 2026 10:09:37 +0000
ROA not before: Sat 09 May 2026 10:09:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7488
IP address blocks: 46.33.14.0/24 maxlen: 24
77.73.8.0/24 maxlen: 24
77.73.13.0/24 maxlen: 24
77.73.14.0/24 maxlen: 24
78.109.24.0/22 maxlen: 22
78.109.24.0/24 maxlen: 24
78.109.25.0/24 maxlen: 24
78.109.26.0/24 maxlen: 24
78.109.27.0/24 maxlen: 24
158.94.172.0/23 maxlen: 23
158.94.172.0/24 maxlen: 24
158.94.173.0/24 maxlen: 24
185.13.108.0/22 maxlen: 22
185.34.144.0/22 maxlen: 22
185.61.208.0/24 maxlen: 24
185.61.209.0/24 maxlen: 24
185.61.210.0/24 maxlen: 24
185.61.211.0/24 maxlen: 24
185.92.188.0/22 maxlen: 22
185.93.148.0/22 maxlen: 22
185.170.76.0/22 maxlen: 22
195.34.70.0/24 maxlen: 24
195.34.71.0/24 maxlen: 24
195.242.177.0/24 maxlen: 24
195.242.178.0/24 maxlen: 24
2a14:7a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 19:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:0c:36:c7:bc:b4:d3:d6:01:43:ed:28:b6:4e:85:41:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff711054a89446a76f493ce2c127a948eba4a8ff
Validity
Not Before: May 9 10:09:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a7fce3e0e49d02a091e3cebb3612b47e52a5c75e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:49:de:c7:41:00:a8:d9:6b:c0:db:ff:34:f8:
8c:e6:be:f6:47:22:46:cf:9f:71:90:b9:44:b1:60:
63:d8:0e:6b:b5:89:b6:81:98:c3:fb:4c:c2:3a:32:
d0:92:b5:bf:22:53:6b:88:31:78:c3:6a:f8:ea:fd:
52:6e:08:73:ae:cb:da:12:03:af:e0:e2:4f:44:37:
bd:96:02:9b:9a:49:4f:f4:09:15:d9:16:a9:72:b5:
3d:c7:1c:d6:24:91:62:e2:fd:e6:d6:46:e9:72:9d:
29:60:c7:e0:15:c1:b5:c1:f1:d8:71:61:c5:54:99:
19:70:7d:e8:fe:15:62:55:9e:9a:6b:63:29:cc:37:
22:c0:65:b6:85:27:b8:25:b3:16:9c:cb:b9:69:92:
56:61:d2:aa:50:54:71:48:d8:94:c9:06:4b:68:29:
49:65:5c:53:05:25:c9:0d:90:57:31:13:9c:97:6d:
23:2f:fc:f1:35:fb:18:19:5e:ce:f6:cb:24:bf:2b:
49:c4:d1:a1:91:9e:4a:97:06:9a:61:1c:35:07:78:
cb:da:58:f2:19:f8:16:50:8e:f2:00:af:91:d6:25:
dc:75:73:b4:9b:30:6b:8b:28:6a:db:44:cd:b9:88:
74:e6:8b:a3:b8:10:04:f9:fe:f1:31:98:e0:3d:a5:
41:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:FC:E3:E0:E4:9D:02:A0:91:E3:CE:BB:36:12:B4:7E:52:A5:C7:5E
X509v3 Authority Key Identifier:
keyid:FF:71:10:54:A8:94:46:A7:6F:49:3C:E2:C1:27:A9:48:EB:A4:A8:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/p_zj4OSdAqCR4867NhK0flKlx14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.14.0/24
77.73.8.0/24
77.73.13.0-77.73.14.255
78.109.24.0/22
158.94.172.0/23
185.13.108.0/22
185.34.144.0/22
185.61.208.0/22
185.92.188.0/22
185.93.148.0/22
185.170.76.0/22
195.34.70.0/23
195.242.177.0-195.242.178.255
IPv6:
2a14:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
70:f6:3d:16:ea:d3:60:ea:32:94:89:c2:b6:27:fe:d4:da:4a:
1d:b7:a3:6b:f5:ca:66:48:91:e9:26:75:cf:58:ff:2d:70:9e:
c1:c2:c8:19:ae:43:12:84:3c:f8:97:59:96:5d:1e:37:7e:b4:
be:a7:38:ca:ab:39:55:f3:7b:6f:68:3c:b9:50:77:af:9f:1b:
f7:57:bb:fe:70:0d:b8:f1:2b:7f:60:54:d1:53:f2:27:78:6d:
b0:69:f6:2a:dc:3f:da:8e:eb:d3:cf:05:38:40:a6:9c:ec:69:
75:d7:60:a5:b8:e8:09:2c:c2:6c:05:69:7d:b9:d7:4a:f4:cf:
f7:31:15:21:2c:7e:dc:06:49:09:21:88:a4:52:73:77:88:56:
25:93:56:a2:42:3a:2b:db:df:fd:d6:49:02:d2:53:80:23:b0:
45:d0:a0:1d:74:12:94:6c:3f:2a:6f:b8:30:89:79:ba:9d:6f:
59:45:b2:0c:58:bf:b4:16:5b:d4:b5:66:bb:70:78:4c:e8:f3:
18:ad:34:5c:cc:b9:90:cb:43:f7:eb:6f:9a:b8:7a:5a:31:46:
eb:d4:bb:36:16:5f:52:56:1c:91:00:f8:5c:0b:18:3b:95:53:
62:43:0b:c5:02:8d:95:b0:d5:61:a3:4f:3d:43:4b:df:51:ff:
e0:90:97:26
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZ4MNse8tNPWAUPtKLZOhUGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNzExMDU0YTg5NDQ2YTc2ZjQ5M2NlMmMxMjdhOTQ4ZWJh
NGE4ZmYwHhcNMjYwNTA5MTAwOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2ZjZTNlMGU0OWQwMmEwOTFlM2NlYmIzNjEyYjQ3ZTUyYTVjNzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Enex0EAqNlrwNv/NPiM5r72RyJG
z59xkLlEsWBj2A5rtYm2gZjD+0zCOjLQkrW/IlNriDF4w2r46v1SbghzrsvaEgOv
4OJPRDe9lgKbmklP9AkV2RapcrU9xxzWJJFi4v3m1kbpcp0pYMfgFcG1wfHYcWHF
VJkZcH3o/hViVZ6aa2MpzDciwGW2hSe4JbMWnMu5aZJWYdKqUFRxSNiUyQZLaClJ
ZVxTBSXJDZBXMROcl20jL/zxNfsYGV7O9sskvytJxNGhkZ5KlwaaYRw1B3jL2ljy
GfgWUI7yAK+R1iXcdXO0mzBriyhq20TNuYh05oujuBAE+f7xMZjgPaVBhQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFKf84+DknQKgkePOuzYStH5SpcdeMB8GA1UdIwQY
MBaAFP9xEFSolEanb0k84sEnqUjrpKj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzNFUVZLaVVScWR2U1R6aXdTZXBTT3VrcVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iOGZjNTUtYjRjZC00ZDFmLTk5OTAt
NDdhYzM4OWQzMjYxLzEvcF96ajRPU2RBcUNSNDg2N05oSzBmbEtseDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iOGZjNTUtYjRjZC00ZDFmLTk5OTAtNDdhYzM4OWQzMjYx
LzEvXzNFUVZLaVVScWR2U1R6aXdTZXBTT3VrcVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwZAQCAAEwXgMEAC4hDgME
AE1JCDAMAwQATUkNAwQATUkOAwQCTm0YAwQBnl6sAwQCuQ1sAwQCuSKQAwQCuT3Q
AwQCuVy8AwQCuV2UAwQCuapMAwQBwyJGMAwDBADD8rEDBADD8rIwDQQCAAIwBwMF
AyoUekAwDQYJKoZIhvcNAQELBQADggEBAHD2PRbq02DqMpSJwrYn/tTaSh23o2v1
ymZIkekmdc9Y/y1wnsHCyBmuQxKEPPiXWZZdHjd+tL6nOMqrOVXze29oPLlQd6+f
G/dXu/5wDbjxK39gVNFT8id4bbBp9ircP9qO69PPBThAppzsaXXXYKW46AkswmwF
aX2510r0z/cxFSEsftwGSQkhiKRSc3eIViWTVqJCOivb3/3WSQLSU4AjsEXQoB10
EpRsPypvuDCJebqdb1lFsgxYv7QWW9S1ZrtweEzo8xitNFzMuZDLQ/frb5q4elox
RuvUuzYWX1JWHJEA+FwLGDuVU2JDC8UCjZWw1WGjTz1DS99R/+CQlyY=
-----END CERTIFICATE-----
Generated at Wed May 13 03:59:58 2026 by rpki-client