Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/fAHb0eejBMb6Z35290N3xSKGNF4.roa
File: fAHb0eejBMb6Z35290N3xSKGNF4.roa (raw, json)
Hash identifier: B0F8FdeQQYPKm9gbqKtPBXSYuQMS3I/ACpqTs0u+lto=
Subject key identifier: 7C:01:DB:D1:E7:A3:04:C6:FA:67:7E:76:F7:43:77:C5:22:86:34:5E
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019CC24F10D27AC0421F6A71313DD289DBDB
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/fAHb0eejBMb6Z35290N3xSKGNF4.roa
Signing time: Fri 06 Mar 2026 08:41:27 +0000
ROA not before: Fri 06 Mar 2026 08:41:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39831
IP address blocks: 185.226.192.0/24 maxlen: 24
201.49.191.0/24 maxlen: 24
2a05:4380::/32 maxlen: 32
2a0a:e9c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 06:19:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c2:4f:10:d2:7a:c0:42:1f:6a:71:31:3d:d2:89:db:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 6 08:41:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7c01dbd1e7a304c6fa677e76f74377c52286345e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:56:18:2e:80:a8:bc:ae:52:f0:dc:cc:b3:ad:
18:5e:af:14:b9:8d:7b:1f:b7:ac:24:2f:c0:00:36:
02:ac:11:6d:91:bf:2e:b9:0b:6c:19:40:3d:85:cd:
f2:f0:35:0e:fd:63:54:d3:24:09:ef:99:7a:d0:6c:
00:74:fb:eb:e6:9f:94:f7:63:05:7d:03:68:b7:55:
95:c2:3d:10:b3:03:db:42:cc:0d:07:24:86:34:97:
84:14:79:17:d9:24:cd:99:bd:d0:6a:20:db:12:4f:
4f:c3:0e:5f:90:68:00:4c:23:ea:dc:ec:e9:d4:b4:
0e:59:59:93:87:56:9b:23:5b:ef:f8:4c:2a:ed:15:
81:21:53:82:ad:7d:e3:4a:45:09:cc:bb:71:1f:d0:
3d:d8:16:2a:c6:8b:03:d9:92:ae:42:e8:23:78:79:
6d:9b:56:d7:dc:9d:ef:5d:7f:3e:17:2f:c2:90:fe:
18:67:78:e5:b5:be:af:79:a4:34:73:c5:dd:78:e2:
68:13:0b:8a:76:cc:b8:4e:65:b3:4b:31:16:b9:8f:
2a:2d:72:c5:ef:09:d9:d0:0b:d8:7d:74:28:72:7c:
5b:8e:ed:e6:99:85:ac:35:36:0e:b0:8f:8b:39:c4:
d4:ee:f0:8f:47:64:8c:ad:e4:53:40:87:18:8a:f0:
24:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:01:DB:D1:E7:A3:04:C6:FA:67:7E:76:F7:43:77:C5:22:86:34:5E
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/fAHb0eejBMb6Z35290N3xSKGNF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.192.0/24
201.49.191.0/24
IPv6:
2a05:4380::/32
2a0a:e9c0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:7e:16:c5:2b:49:e9:41:9f:e6:ec:01:3e:30:46:f3:40:12:
42:f0:b0:21:2f:51:48:05:39:f2:ae:b4:b0:2f:62:8e:f6:ba:
12:51:d3:07:2a:86:11:55:6f:df:a9:4e:e0:84:84:35:f1:dc:
c1:7b:0c:e6:06:33:46:33:72:8d:52:fb:27:ab:d6:42:55:df:
79:90:c9:ff:db:5e:9b:14:78:72:29:32:9f:b2:6d:ca:64:dc:
2d:24:b3:d1:46:c9:a2:e3:42:fa:71:4e:0d:4c:20:ee:42:92:
64:00:fc:4e:0a:bb:ba:98:7f:ac:e3:f5:b9:2e:c0:9a:ea:8c:
97:a1:47:fe:70:22:f5:52:37:34:05:a5:cc:ca:39:bc:d1:30:
4e:c3:04:db:2a:1e:e3:01:ad:27:d5:d5:19:17:15:91:32:fe:
b9:1b:a8:b8:eb:35:bc:80:5d:6c:b3:79:3e:2e:5f:95:63:64:
a8:4a:3f:d1:80:69:df:81:43:38:d1:63:ec:f6:25:7b:c0:1d:
fb:2f:4d:ab:7d:d0:af:90:7b:34:70:b5:9f:32:54:72:63:ca:
95:b8:41:49:7a:1e:64:3d:b1:ee:db:86:98:be:cc:06:2a:44:
3d:44:e9:16:cf:b1:42:89:5f:25:8e:42:20:b0:f5:92:62:33:
e9:4d:bf:75
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZzCTxDSesBCH2pxMT3SidvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwMzA2MDg0MTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzAxZGJkMWU3YTMwNGM2ZmE2NzdlNzZmNzQzNzdjNTIyODYzNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VYYLoCovK5S8NzMs60YXq8UuY17
H7esJC/AADYCrBFtkb8uuQtsGUA9hc3y8DUO/WNU0yQJ75l60GwAdPvr5p+U92MF
fQNot1WVwj0QswPbQswNBySGNJeEFHkX2STNmb3QaiDbEk9Pww5fkGgATCPq3Ozp
1LQOWVmTh1abI1vv+Ewq7RWBIVOCrX3jSkUJzLtxH9A92BYqxosD2ZKuQugjeHlt
m1bX3J3vXX8+Fy/CkP4YZ3jltb6veaQ0c8XdeOJoEwuKdsy4TmWzSzEWuY8qLXLF
7wnZ0AvYfXQocnxbju3mmYWsNTYOsI+LOcTU7vCPR2SMreRTQIcYivAkSwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHwB29HnowTG+md+dvdDd8UihjReMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvZkFIYjBlZWpCTWI2WjM1MjkwTjN4U0tHTkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAueLAAwQA
yTG/MBQEAgACMA4DBQAqBUOAAwUAKgrpwDANBgkqhkiG9w0BAQsFAAOCAQEAT34W
xStJ6UGf5uwBPjBG80ASQvCwIS9RSAU58q60sC9ijva6ElHTByqGEVVv36lO4ISE
NfHcwXsM5gYzRjNyjVL7J6vWQlXfeZDJ/9temxR4cikyn7JtymTcLSSz0UbJouNC
+nFODUwg7kKSZAD8Tgq7uph/rOP1uS7AmuqMl6FH/nAi9VI3NAWlzMo5vNEwTsME
2yoe4wGtJ9XVGRcVkTL+uRuouOs1vIBdbLN5Pi5flWNkqEo/0YBp34FDONFj7PYl
e8Ad+y9Nq33Qr5B7NHC1nzJUcmPKlbhBSXoeZD2x7tuGmL7MBipEPUTpFs+xQolf
JY5CILD1kmIz6U2/dQ==
-----END CERTIFICATE-----
Generated at Tue Mar 10 13:57:52 2026 by rpki-client