Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/fsSqx-sJOq4vroeEOUGBFgj-qRA.roa
File: fsSqx-sJOq4vroeEOUGBFgj-qRA.roa (raw, json)
Hash identifier: Kj/0WaqJ/9uoPdv4OzfzKC4J1NRIorJtH689BgmJH1c=
Subject key identifier: 7E:C4:AA:C7:EB:09:3A:AE:2F:AE:87:84:39:41:81:16:08:FE:A9:10
Certificate issuer: /CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Certificate serial: 019D2E97478321ED36B4A7520071268E3198
Authority key identifier: BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/fsSqx-sJOq4vroeEOUGBFgj-qRA.roa
Signing time: Fri 27 Mar 2026 09:19:19 +0000
ROA not before: Fri 27 Mar 2026 09:19:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48539
IP address blocks: 109.205.189.0/24 maxlen: 24
146.19.131.0/24 maxlen: 24
178.212.137.0/24 maxlen: 24
194.63.144.0/24 maxlen: 24
194.147.218.0/24 maxlen: 24
213.239.152.0/24 maxlen: 24
213.239.153.0/24 maxlen: 24
217.180.23.0/24 maxlen: 24
2a11:6a00::/48 maxlen: 48
2a12:2780::/48 maxlen: 48
2a12:8200::/48 maxlen: 48
2a12:ab00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2e:97:47:83:21:ed:36:b4:a7:52:00:71:26:8e:31:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Validity
Not Before: Mar 27 09:19:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ec4aac7eb093aae2fae87843941811608fea910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e3:90:b5:9c:de:79:06:49:10:f1:d1:46:cc:
97:f7:47:dd:d9:32:24:97:b9:68:a9:78:75:59:c1:
47:b3:64:6e:1c:05:3d:3c:d0:c1:0e:6b:f1:e3:1c:
04:f5:f9:be:1e:89:0b:5f:ec:66:69:30:c8:cd:bf:
74:c1:40:16:36:65:c6:a1:78:93:0e:b5:e3:b8:e2:
88:62:f4:98:16:8c:09:e5:53:7a:2e:34:f2:1c:af:
b3:78:0e:09:55:ef:dc:75:72:36:29:ea:0d:8e:c4:
09:c5:b7:47:21:b8:d3:34:8b:b2:91:06:c3:74:19:
ba:61:a7:b7:a4:1a:76:48:06:21:e9:d9:c9:c4:3f:
de:32:10:03:6c:7b:0b:7a:6d:2f:7a:ae:ab:25:68:
6f:aa:80:e3:5c:89:89:19:cd:e7:8c:e7:11:4c:0d:
0e:4d:b2:2d:37:09:b4:63:b6:2a:32:18:fa:e9:29:
c4:e6:a9:94:b4:4d:fd:e6:cd:f7:3d:1c:20:4e:fc:
79:e0:46:ac:93:47:5b:3a:d2:cc:98:44:a2:32:ce:
01:95:13:a7:ae:cf:d6:ed:56:aa:37:79:fc:6f:85:
2b:2b:f6:8e:4a:bb:04:c9:61:24:48:1f:3f:73:f6:
a4:fa:37:da:ea:7b:4d:d4:46:4a:d1:60:3d:d9:61:
00:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C4:AA:C7:EB:09:3A:AE:2F:AE:87:84:39:41:81:16:08:FE:A9:10
X509v3 Authority Key Identifier:
keyid:BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/fsSqx-sJOq4vroeEOUGBFgj-qRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.189.0/24
146.19.131.0/24
178.212.137.0/24
194.63.144.0/24
194.147.218.0/24
213.239.152.0/23
217.180.23.0/24
IPv6:
2a11:6a00::/48
2a12:2780::/48
2a12:8200::/48
2a12:ab00::/48
Signature Algorithm: sha256WithRSAEncryption
b7:3b:bd:c2:f2:e1:89:33:f9:4f:27:da:59:65:ed:91:c8:a2:
51:77:06:8e:e5:e9:ed:ed:54:8b:06:2f:4a:11:96:2a:66:5c:
92:83:12:9d:b7:f5:3d:6e:a4:a1:ac:7c:d2:06:00:dd:89:35:
f4:73:78:bd:ae:cb:47:2c:2f:b3:3f:40:d6:cf:0d:95:0d:f0:
64:a7:b0:5b:50:5b:ec:25:20:d5:d1:b1:8d:8d:4e:a4:e1:d2:
a6:f8:6f:09:0d:a2:cc:66:2e:c9:d2:14:69:99:f9:44:51:f0:
e2:01:0a:04:0b:5d:89:b5:ee:81:f5:9f:d0:92:d5:f9:cc:52:
17:6d:76:40:56:41:59:7d:d4:1d:92:4f:63:0e:e5:cd:ec:a1:
3b:94:84:f8:ca:85:8b:c4:4f:fe:ce:a2:18:31:c9:74:5d:01:
66:e9:19:0b:99:09:cf:cb:fc:27:f9:29:c8:fe:3b:2c:61:40:
a7:53:3e:06:4a:23:de:c6:15:00:66:7a:c0:b5:05:24:eb:22:
14:66:9a:5a:fb:c3:5e:17:23:34:dd:19:c3:12:53:bd:2f:ca:
92:c0:4e:19:de:88:0b:fc:b5:66:8c:3d:77:90:f2:bb:54:5c:
b6:ce:5e:95:c8:e0:47:34:f8:73:86:fd:14:77:dc:59:c9:28:
d9:37:99:33
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZ0ul0eDIe02tKdSAHEmjjGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2NjOGY0YjM3ZDg5MjI4Y2QwMjNkMjUyMWQyOTk2OGRl
MGI5MjUwHhcNMjYwMzI3MDkxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWM0YWFjN2ViMDkzYWFlMmZhZTg3ODQzOTQxODExNjA4ZmVhOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eOQtZzeeQZJEPHRRsyX90fd2TIk
l7loqXh1WcFHs2RuHAU9PNDBDmvx4xwE9fm+HokLX+xmaTDIzb90wUAWNmXGoXiT
DrXjuOKIYvSYFowJ5VN6LjTyHK+zeA4JVe/cdXI2KeoNjsQJxbdHIbjTNIuykQbD
dBm6Yae3pBp2SAYh6dnJxD/eMhADbHsLem0veq6rJWhvqoDjXImJGc3njOcRTA0O
TbItNwm0Y7YqMhj66SnE5qmUtE395s33PRwgTvx54Eask0dbOtLMmESiMs4BlROn
rs/W7VaqN3n8b4UrK/aOSrsEyWEkSB8/c/ak+jfa6ntN1EZK0WA92WEAqwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFH7EqsfrCTquL66HhDlBgRYI/qkQMB8GA1UdIwQY
MBaAFLzMyPSzfYkijNAj0lIdKZaN4LklMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYt
MDIxNWM0ZWFhN2MzLzEvZnNTcXgtc0pPcTR2cm9lRU9VR0JGZ2otcVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYtMDIxNWM0ZWFhN2Mz
LzEvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjAwBAIAATAqAwQAbc29AwQA
khODAwQAstSJAwQAwj+QAwQAwpPaAwQB1e+YAwQA2bQXMCoEAgACMCQDBwAqEWoA
AAADBwAqEieAAAADBwAqEoIAAAADBwAqEqsAAAAwDQYJKoZIhvcNAQELBQADggEB
ALc7vcLy4Ykz+U8n2lll7ZHIolF3Bo7l6e3tVIsGL0oRlipmXJKDEp239T1upKGs
fNIGAN2JNfRzeL2uy0csL7M/QNbPDZUN8GSnsFtQW+wlINXRsY2NTqTh0qb4bwkN
osxmLsnSFGmZ+URR8OIBCgQLXYm17oH1n9CS1fnMUhdtdkBWQVl91B2ST2MO5c3s
oTuUhPjKhYvET/7OohgxyXRdAWbpGQuZCc/L/Cf5Kcj+OyxhQKdTPgZKI97GFQBm
esC1BSTrIhRmmlr7w14XIzTdGcMSU70vypLAThneiAv8tWaMPXeQ8rtUXLbOXpXI
4Ec0+HOG/RR33FnJKNk3mTM=
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:47:11 2026 by rpki-client