Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Fz-tsP-Ims9eVDhH1tnKDleM77M.roa
File: Fz-tsP-Ims9eVDhH1tnKDleM77M.roa (raw, json)
Hash identifier: c64Bq7tNYIu9QFuq3Be96QUvzVwO+GxQkK5a5TmMw/M=
Subject key identifier: 17:3F:AD:B0:FF:88:9A:CF:5E:54:38:47:D6:D9:CA:0E:57:8C:EF:B3
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019DBA8AB9A878035CC0C9C81840AD9FFDE1
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Fz-tsP-Ims9eVDhH1tnKDleM77M.roa
Signing time: Thu 23 Apr 2026 13:32:26 +0000
ROA not before: Thu 23 Apr 2026 13:32:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.145.176.0/22 maxlen: 22
62.106.83.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.242.68.0/23 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.82.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
92.249.25.0/24 maxlen: 24
95.141.251.0/24 maxlen: 24
146.19.228.0/24 maxlen: 24
147.78.20.0/24 maxlen: 24
147.78.21.0/24 maxlen: 24
147.78.22.0/24 maxlen: 24
185.51.120.0/24 maxlen: 24
185.147.48.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
185.218.184.0/24 maxlen: 24
185.252.193.0/24 maxlen: 24
193.84.26.0/24 maxlen: 24
193.109.82.0/24 maxlen: 24
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
194.50.206.0/24 maxlen: 24
195.88.146.0/24 maxlen: 24
195.88.147.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.211.48.0/24 maxlen: 24
195.216.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 07:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ba:8a:b9:a8:78:03:5c:c0:c9:c8:18:40:ad:9f:fd:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 23 13:32:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=173fadb0ff889acf5e543847d6d9ca0e578cefb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:93:e1:4c:da:2c:0d:23:b5:5e:58:c5:f5:34:
74:6e:94:e4:67:b7:51:b8:f4:8c:a1:c0:a8:40:8d:
34:d1:0f:80:91:f0:c6:08:62:dd:78:58:cc:f4:e9:
b6:1d:25:3a:1e:29:d0:c5:3b:c3:b7:fa:ed:00:22:
ed:8b:f4:cf:41:e9:c1:f9:59:31:d0:0f:2f:0d:6f:
3e:af:14:cf:a6:51:69:b9:73:e8:a0:bb:51:d6:91:
d9:e5:6e:7c:be:d1:48:e7:c0:9b:7a:47:ed:e4:04:
24:2a:93:16:01:81:c9:1f:e8:d7:4a:72:3a:67:0e:
2d:d0:c0:56:89:3d:67:58:57:4c:87:ec:b2:2a:f4:
b6:f1:cc:b5:35:4c:27:a8:b6:0a:5f:57:67:72:a7:
e0:44:85:ad:01:f8:55:3f:02:90:36:ca:09:05:c7:
83:00:50:e2:46:5a:09:5e:40:f9:e1:58:bb:ab:2c:
4a:02:fd:7b:9f:aa:20:62:78:f0:27:cd:70:d5:db:
f7:90:81:79:c3:81:24:ee:c4:3c:28:e9:d1:84:14:
ed:20:85:32:01:a9:dc:6b:fb:bd:a2:df:65:ba:1e:
87:ec:51:a4:2f:16:51:20:eb:8a:a7:f6:ec:38:3c:
f7:86:bb:cc:37:52:7e:cf:29:bf:48:37:de:4d:d9:
d2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:3F:AD:B0:FF:88:9A:CF:5E:54:38:47:D6:D9:CA:0E:57:8C:EF:B3
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Fz-tsP-Ims9eVDhH1tnKDleM77M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
45.145.176.0/22
62.106.83.0/24
89.40.161.0/24
91.242.68.0-91.242.70.255
91.242.73.0-91.242.74.255
91.242.82.0/24
91.242.105.0/24
91.242.124.0/24
91.242.126.0/24
92.249.25.0/24
95.141.251.0/24
146.19.228.0/24
147.78.20.0-147.78.22.255
185.51.120.0/24
185.147.48.0/24
185.180.145.0/24
185.212.11.0/24
185.218.184.0/24
185.252.193.0/24
193.84.26.0/24
193.109.82.0/24
194.50.200.0/23
194.50.206.0/23
195.88.146.0/23
195.138.103.0-195.138.107.255
195.138.111.0/24
195.138.114.0/24
195.138.120.0/24
195.211.48.0/24
195.216.248.0/24
Signature Algorithm: sha256WithRSAEncryption
07:8a:79:4c:a8:fb:0a:39:6f:0d:c1:41:9c:bd:d7:d1:d1:b2:
d7:22:06:03:b9:dc:7a:e1:5a:c5:a4:22:13:fa:3c:65:c1:41:
29:4b:64:87:27:30:c5:e0:7d:69:09:7d:9e:a6:b6:a6:ec:7c:
08:bd:28:4e:34:16:11:5b:58:f9:f7:66:32:0f:e9:46:fe:cc:
07:0e:84:3d:07:ba:8b:80:43:11:0a:27:9c:70:1f:12:9b:73:
c6:5e:fb:d6:c8:3c:ab:84:fd:b8:54:1d:2d:33:ce:d2:71:8d:
db:cf:8a:fb:56:9b:10:d1:5e:cd:8d:fc:1f:4c:37:44:54:9f:
31:ac:c1:9c:17:18:83:29:c4:10:76:d4:57:a9:81:26:0b:3f:
6a:05:b7:24:2d:06:6d:c1:d1:49:fd:84:8e:13:03:85:6c:38:
9d:b4:0f:3d:54:47:69:9b:41:26:28:ad:a7:f0:a2:69:85:ad:
5a:a5:e8:02:f6:fc:b2:d5:54:2b:b0:d3:6c:5f:e0:b3:e3:b2:
67:16:88:69:a3:f5:a3:18:b0:5a:f4:15:34:7e:25:97:2a:b1:
f4:13:80:4e:49:48:c6:7f:6f:96:c6:3b:63:a0:fb:a0:c9:09:
4b:93:d3:62:48:7d:ef:a8:1d:37:c5:43:9b:a4:5d:d3:80:38:
39:0d:15:f6
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAZ26irmoeANcwMnIGECtn/3hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjYwNDIzMTMzMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzNmYWRiMGZmODg5YWNmNWU1NDM4NDdkNmQ5Y2EwZTU3OGNlZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZPhTNosDSO1XljF9TR0bpTkZ7dR
uPSMocCoQI000Q+AkfDGCGLdeFjM9Om2HSU6HinQxTvDt/rtACLti/TPQenB+Vkx
0A8vDW8+rxTPplFpuXPooLtR1pHZ5W58vtFI58Cbekft5AQkKpMWAYHJH+jXSnI6
Zw4t0MBWiT1nWFdMh+yyKvS28cy1NUwnqLYKX1dncqfgRIWtAfhVPwKQNsoJBceD
AFDiRloJXkD54Vi7qyxKAv17n6ogYnjwJ81w1dv3kIF5w4Ek7sQ8KOnRhBTtIIUy
Aanca/u9ot9luh6H7FGkLxZRIOuKp/bsODz3hrvMN1J+zym/SDfeTdnS1wIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFBc/rbD/iJrPXlQ4R9bZyg5XjO+zMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRnotdHNQLUltczllVkRoSDF0bktEbGVNNzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBAIF
thwDBAAtQ3UDBAItkbADBAA+alMDBABZKKEwDAMEAlvyRAMEAFvyRjAMAwQAW/JJ
AwQAW/JKAwQAW/JSAwQAW/JpAwQAW/J8AwQAW/J+AwQAXPkZAwQAX437AwQAkhPk
MAwDBAKTThQDBACTThYDBAC5M3gDBAC5kzADBAC5tJEDBAC51AsDBAC52rgDBAC5
/MEDBADBVBoDBADBbVIDBAHCMsgDBAHCMs4DBAHDWJIwDAMEAMOKZwMEAsOKaAME
AMOKbwMEAMOKcgMEAMOKeAMEAMPTMAMEAMPY+DANBgkqhkiG9w0BAQsFAAOCAQEA
B4p5TKj7CjlvDcFBnL3X0dGy1yIGA7nceuFaxaQiE/o8ZcFBKUtkhycwxeB9aQl9
nqa2pux8CL0oTjQWEVtY+fdmMg/pRv7MBw6EPQe6i4BDEQonnHAfEptzxl771sg8
q4T9uFQdLTPO0nGN28+K+1abENFezY38H0w3RFSfMazBnBcYgynEEHbUV6mBJgs/
agW3JC0GbcHRSf2EjhMDhWw4nbQPPVRHaZtBJiitp/CiaYWtWqXoAvb8stVUK7DT
bF/gs+OyZxaIaaP1oxiwWvQVNH4llyqx9BOATklIxn9vlsY7Y6D7oMkJS5PTYkh9
76gdN8VDm6Rd04A4OQ0V9g==
-----END CERTIFICATE-----
Generated at Mon Apr 27 18:19:27 2026 by rpki-client