Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/FEcwwinFTdGPO_STqT4L6P8zOaA.roa
File: FEcwwinFTdGPO_STqT4L6P8zOaA.roa (raw, json)
Hash identifier: Q0PppXmup94Wh7Z8BQF6maW0cSkLnlDvZmrcL9cllS0=
Subject key identifier: 14:47:30:C2:29:C5:4D:D1:8F:3B:F4:93:A9:3E:0B:E8:FF:33:39:A0
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019E412F92219CFB264BCD52834599F88A93
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/FEcwwinFTdGPO_STqT4L6P8zOaA.roa
Signing time: Tue 19 May 2026 17:01:36 +0000
ROA not before: Tue 19 May 2026 17:01:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
193.31.104.0/22 maxlen: 22
195.138.103.0/24 maxlen: 24
195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:41:2f:92:21:9c:fb:26:4b:cd:52:83:45:99:f8:8a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 19 17:01:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=144730c229c54dd18f3bf493a93e0be8ff3339a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5b:3f:fa:c4:34:6e:b1:ed:27:56:39:95:61:
77:f5:75:93:d4:71:8c:8d:74:01:28:9e:4a:31:50:
84:15:9b:a8:6a:11:be:c5:0a:f6:cb:03:ff:b0:51:
db:f8:cc:49:48:0f:c2:dd:e1:1b:d9:27:42:db:71:
a7:ae:db:e7:bd:36:0e:5f:c6:01:d9:47:7d:bb:c5:
19:98:51:45:1b:56:be:3c:f1:c8:f6:0b:17:80:4f:
c7:50:1f:65:53:33:56:7a:39:20:be:5a:32:1c:62:
eb:86:d2:ab:aa:1f:56:d8:5f:24:da:b9:a7:f1:05:
68:a9:a8:53:52:c5:78:b4:d0:f4:16:a3:d9:c9:d8:
26:1a:5b:73:f4:9a:54:5d:7d:21:d3:62:83:82:09:
fd:eb:cc:a3:05:5f:f0:81:a0:28:45:26:12:08:3e:
d8:4f:9b:e5:4d:16:49:22:a2:88:05:ec:0b:7c:07:
11:1d:e1:92:03:bb:50:ed:9c:d2:62:9c:7d:f5:78:
10:45:50:1e:02:37:ef:41:cf:7b:e5:d3:55:58:81:
9b:9f:bd:2e:70:d2:c3:fb:a1:a8:b1:2d:7f:12:bb:
e7:5e:aa:34:2c:18:df:4b:b1:fd:ac:d0:aa:fc:54:
d3:54:68:80:38:48:ad:0f:bd:6c:f8:2b:d4:b7:93:
46:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:47:30:C2:29:C5:4D:D1:8F:3B:F4:93:A9:3E:0B:E8:FF:33:39:A0
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/FEcwwinFTdGPO_STqT4L6P8zOaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
45.150.168.0/22
45.151.196.0/22
89.40.161.0/24
185.180.145.0/24
193.31.104.0/22
195.138.103.0/24
195.138.109.0-195.138.111.255
195.138.113.0/24
195.138.115.0/24
195.138.120.0/24
195.138.124.0/22
Signature Algorithm: sha256WithRSAEncryption
93:9b:c4:91:6d:54:cd:21:66:e1:be:3b:ca:c6:5b:8e:36:bb:
90:79:79:87:0f:aa:78:83:c1:c6:d4:8d:3d:89:c9:f8:6a:08:
a1:7d:75:ba:63:01:eb:f2:fe:a2:15:fd:1e:42:55:49:10:ea:
47:79:d5:62:f5:9d:8e:bc:af:49:b9:5c:59:9f:f7:6e:ec:fc:
54:91:cb:88:26:e8:e8:1c:0e:dc:b6:f2:93:d6:ba:21:fc:b2:
d0:fb:5a:2d:77:d4:68:32:49:e7:2b:c4:d7:0c:45:4a:a3:c9:
5d:7e:73:df:2d:21:ec:5e:f0:9c:47:b9:3d:72:b2:73:bb:e8:
8c:8f:f0:49:8a:d1:c5:0d:f5:71:29:15:6c:31:01:9f:d4:35:
83:45:ea:54:23:5a:de:92:69:75:6e:66:84:38:d7:c5:b2:32:
f7:1a:5c:71:1f:7f:8e:c9:d1:01:b0:01:78:70:74:54:92:39:
c9:aa:3d:c7:b5:0f:b9:40:d9:db:e9:a5:d3:5d:08:7c:fb:75:
0c:b2:25:ec:8d:4d:28:70:a0:9e:98:7d:24:69:e7:10:52:dc:
0b:54:bd:1e:c8:c3:e4:e2:34:b2:2e:55:7a:02:67:0f:c6:4c:
a1:d3:0f:4a:25:49:89:5e:93:2f:98:b9:c8:a4:8d:47:dc:e4:
e9:70:6e:f2
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZ5BL5IhnPsmS81Sg0WZ+IqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjYwNTE5MTcwMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDQ3MzBjMjI5YzU0ZGQxOGYzYmY0OTNhOTNlMGJlOGZmMzMzOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Vs/+sQ0brHtJ1Y5lWF39XWT1HGM
jXQBKJ5KMVCEFZuoahG+xQr2ywP/sFHb+MxJSA/C3eEb2SdC23GnrtvnvTYOX8YB
2Ud9u8UZmFFFG1a+PPHI9gsXgE/HUB9lUzNWejkgvloyHGLrhtKrqh9W2F8k2rmn
8QVoqahTUsV4tND0FqPZydgmGltz9JpUXX0h02KDggn968yjBV/wgaAoRSYSCD7Y
T5vlTRZJIqKIBewLfAcRHeGSA7tQ7ZzSYpx99XgQRVAeAjfvQc975dNVWIGbn70u
cNLD+6GosS1/ErvnXqo0LBjfS7H9rNCq/FTTVGiAOEitD71s+CvUt5NG0QIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFBRHMMIpxU3Rjzv0k6k+C+j/MzmgMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRkVjd3dpbkZUZEdQT19TVHFUNEw2UDh6T2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCBbYcAwQA
LUN1AwQCLZaoAwQCLZfEAwQAWSihAwQAubSRAwQCwR9oAwQAw4pnMAwDBADDim0D
BATDimADBADDinEDBADDinMDBADDingDBALDinwwDQYJKoZIhvcNAQELBQADggEB
AJObxJFtVM0hZuG+O8rGW442u5B5eYcPqniDwcbUjT2JyfhqCKF9dbpjAevy/qIV
/R5CVUkQ6kd51WL1nY68r0m5XFmf927s/FSRy4gm6OgcDty28pPWuiH8stD7Wi13
1GgySecrxNcMRUqjyV1+c98tIexe8JxHuT1ysnO76IyP8EmK0cUN9XEpFWwxAZ/U
NYNF6lQjWt6SaXVuZoQ418WyMvcaXHEff47J0QGwAXhwdFSSOcmqPce1D7lA2dvp
pdNdCHz7dQyyJeyNTShwoJ6YfSRp5xBS3AtUvR7Iw+TiNLIuVXoCZw/GTKHTD0ol
SYleky+YucikjUfc5OlwbvI=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:24:49 2026 by rpki-client