Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/fzZPCo2MgwRNx0jBproZuv-eSHg.roa
File: fzZPCo2MgwRNx0jBproZuv-eSHg.roa (raw, json)
Hash identifier: TUdwZLmcSuUajJ8XwoB2OnQqd7+GFsXBXptVyFTtu7c=
Subject key identifier: 7F:36:4F:0A:8D:8C:83:04:4D:C7:48:C1:A6:BA:19:BA:FF:9E:48:78
Certificate issuer: /CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Certificate serial: 019E16035137CA4C525D75A4CBBC17CAC6DF
Authority key identifier: FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/fzZPCo2MgwRNx0jBproZuv-eSHg.roa
Signing time: Mon 11 May 2026 07:49:36 +0000
ROA not before: Mon 11 May 2026 07:49:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59395
IP address blocks: 5.133.16.0/21 maxlen: 21
46.31.80.0/21 maxlen: 21
46.31.168.0/21 maxlen: 21
46.231.64.0/21 maxlen: 21
82.144.224.0/19 maxlen: 19
82.215.0.0/18 maxlen: 18
87.238.216.0/21 maxlen: 21
89.105.0.0/19 maxlen: 19
89.105.25.0/24 maxlen: 24
109.235.120.0/21 maxlen: 21
109.235.127.0/24 maxlen: 24
185.7.188.0/22 maxlen: 22
185.36.248.0/22 maxlen: 22
185.45.24.0/22 maxlen: 22
185.63.80.0/22 maxlen: 22
185.65.24.0/22 maxlen: 22
185.74.232.0/21 maxlen: 21
185.74.232.0/22 maxlen: 22
185.74.236.0/22 maxlen: 22
185.109.104.0/22 maxlen: 22
185.109.106.0/24 maxlen: 24
185.159.216.0/22 maxlen: 22
185.175.112.0/22 maxlen: 22
217.119.128.0/24 maxlen: 24
217.119.137.0/24 maxlen: 24
2a00:11f0::/32 maxlen: 32
2a02:73c0::/32 maxlen: 32
2a05:4b80::/29 maxlen: 29
2a05:4bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.mft
rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:16:03:51:37:ca:4c:52:5d:75:a4:cb:bc:17:ca:c6:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Validity
Not Before: May 11 07:49:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7f364f0a8d8c83044dc748c1a6ba19baff9e4878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ef:3b:91:c7:e1:5e:c5:8f:16:12:19:aa:bb:
4b:0e:47:87:22:f1:ff:bc:a5:52:32:d2:37:00:3b:
ee:ba:76:9c:f2:69:a0:eb:1e:0a:1b:7a:28:55:9c:
95:03:5c:b2:c3:95:69:7f:e7:4c:b7:df:1a:e7:7c:
c5:23:60:f6:c4:73:8e:a3:98:57:3e:fe:01:e1:f3:
c4:a7:e9:4c:d1:b1:56:6c:14:1f:52:82:f9:38:19:
36:2d:ea:f3:a1:fc:ee:73:db:98:e5:3a:26:8a:b6:
dd:bb:a2:b1:5f:fa:3f:3f:f2:07:80:5b:8f:af:79:
28:e4:f3:c0:1f:98:6f:ba:99:d1:4e:1d:0c:a9:e5:
a9:88:45:7b:15:ce:a8:af:8f:75:2e:6f:88:87:18:
61:6f:2d:69:99:b7:76:18:f5:2b:fa:4f:37:21:15:
f5:28:ef:27:8d:05:3c:13:3b:23:cd:ca:d7:02:3f:
00:46:f5:9e:2d:1c:b3:95:af:69:9e:c2:1c:b1:bd:
07:ba:3f:bc:9d:6b:7e:99:bf:92:b1:fa:ac:ce:a4:
54:2c:1d:ae:86:46:63:7b:78:6f:4a:1b:7a:41:c0:
25:30:b6:0c:b3:f0:b6:83:c3:11:9c:58:59:bf:75:
20:13:23:aa:47:28:6c:5c:df:c0:e3:9b:4e:97:39:
6a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:36:4F:0A:8D:8C:83:04:4D:C7:48:C1:A6:BA:19:BA:FF:9E:48:78
X509v3 Authority Key Identifier:
keyid:FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/fzZPCo2MgwRNx0jBproZuv-eSHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.16.0/21
46.31.80.0/21
46.31.168.0/21
46.231.64.0/21
82.144.224.0/19
82.215.0.0/18
87.238.216.0/21
89.105.0.0/19
109.235.120.0/21
185.7.188.0/22
185.36.248.0/22
185.45.24.0/22
185.63.80.0/22
185.65.24.0/22
185.74.232.0/21
185.109.104.0/22
185.159.216.0/22
185.175.112.0/22
217.119.128.0/24
217.119.137.0/24
IPv6:
2a00:11f0::/32
2a02:73c0::/32
2a05:4b80::/29
2a05:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
62:be:54:a1:8b:db:07:09:b9:ea:af:dc:92:a2:d4:65:f0:86:
a0:b9:62:c5:80:68:1f:b8:f9:ce:6a:7d:63:35:d7:92:5a:b7:
24:ec:24:f4:ae:38:59:1c:ac:e5:e0:a0:df:8a:5c:8e:1a:35:
cc:5e:f9:76:6c:d4:7f:3a:04:51:2a:3a:2a:d1:dd:76:5a:9b:
8e:65:81:63:5e:22:10:17:14:8a:28:7e:0f:c2:46:21:94:60:
0b:01:4a:38:8c:a3:3f:6e:25:4d:a8:ba:9c:b5:f0:68:7f:31:
ce:ca:37:ec:e3:d7:07:3b:01:a1:06:a2:3c:9e:b6:14:b7:05:
88:55:c5:0a:04:22:f4:2a:fc:80:fb:b6:32:41:6e:9e:0b:86:
d4:f1:46:3c:ea:41:ab:c0:36:e0:f4:91:b1:81:37:66:79:2f:
52:95:eb:2a:8e:7e:ac:f5:f3:e6:cb:83:bc:a1:1d:e8:15:48:
ec:e7:82:85:0f:d5:49:e8:52:91:02:7b:5d:4a:0a:98:0d:66:
ad:41:db:b0:64:fe:00:b2:f5:40:c0:65:0a:81:99:55:b2:4b:
5b:27:dd:a4:f6:3f:6c:a6:5a:0e:f0:99:d9:e4:12:5f:72:bc:
56:b5:98:cd:ac:df:8b:d4:da:de:9a:8c:ed:62:c3:59:06:1f:
e1:1d:5c:47
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZ4WA1E3ykxSXXWky7wXysbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjkxOGM1YTkzMzBkYmJlNmVlZTE3Y2I5YTFkNjJmYmM4
NTViZGUwHhcNMjYwNTExMDc0OTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjM2NGYwYThkOGM4MzA0NGRjNzQ4YzFhNmJhMTliYWZmOWU0ODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze87kcfhXsWPFhIZqrtLDkeHIvH/
vKVSMtI3ADvuunac8mmg6x4KG3ooVZyVA1yyw5Vpf+dMt98a53zFI2D2xHOOo5hX
Pv4B4fPEp+lM0bFWbBQfUoL5OBk2Lerzofzuc9uY5Tomirbdu6KxX/o/P/IHgFuP
r3ko5PPAH5hvupnRTh0MqeWpiEV7Fc6or491Lm+Ihxhhby1pmbd2GPUr+k83IRX1
KO8njQU8EzsjzcrXAj8ARvWeLRyzla9pnsIcsb0Huj+8nWt+mb+SsfqszqRULB2u
hkZje3hvSht6QcAlMLYMs/C2g8MRnFhZv3UgEyOqRyhsXN/A45tOlzlqsQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFH82TwqNjIMETcdIwaa6Gbr/nkh4MB8GA1UdIwQY
MBaAFP75GMWpMw275u7hfLmh1i+8hVveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGIt
YmEyODg5YWZhYWRkLzEvZnpaUENvMk1nd1JOeDBqQnByb1p1di1lU0hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGItYmEyODg5YWZhYWRk
LzEvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDB+BAIAATB4AwQDBYUQ
AwQDLh9QAwQDLh+oAwQDLudAAwQFUpDgAwQGUtcAAwQDV+7YAwQFWWkAAwQDbet4
AwQCuQe8AwQCuST4AwQCuS0YAwQCuT9QAwQCuUEYAwQDuUroAwQCuW1oAwQCuZ/Y
AwQCua9wAwQA2XeAAwQA2XeJMCIEAgACMBwDBQAqABHwAwUAKgJzwAMFAyoFS4AD
BQMqBUvAMA0GCSqGSIb3DQEBCwUAA4IBAQBivlShi9sHCbnqr9ySotRl8IaguWLF
gGgfuPnOan1jNdeSWrck7CT0rjhZHKzl4KDfilyOGjXMXvl2bNR/OgRRKjoq0d12
WpuOZYFjXiIQFxSKKH4PwkYhlGALAUo4jKM/biVNqLqctfBofzHOyjfs49cHOwGh
BqI8nrYUtwWIVcUKBCL0KvyA+7YyQW6eC4bU8UY86kGrwDbg9JGxgTdmeS9Slesq
jn6s9fPmy4O8oR3oFUjs54KFD9VJ6FKRAntdSgqYDWatQduwZP4AsvVAwGUKgZlV
sktbJ92k9j9sploO8JnZ5BJfcrxWtZjNrN+L1NremoztYsNZBh/hHVxH
-----END CERTIFICATE-----
Generated at Wed May 13 01:42:20 2026 by rpki-client