Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/F652PL-8sPuAvdYE_JPXNVSbhdg.roa
File: F652PL-8sPuAvdYE_JPXNVSbhdg.roa (raw, json)
Hash identifier: 27PSs5vNJBOwGdY5FS69zQo6RwK7gLLdbMdZzrvr0zc=
Subject key identifier: 17:AE:76:3C:BF:BC:B0:FB:80:BD:D6:04:FC:93:D7:35:54:9B:85:D8
Certificate issuer: /CN=f88b443e992c665658942e6890d298d68cde6425
Certificate serial: 019CE8CCECB9118109668F85B20D422056DC
Authority key identifier: F8:8B:44:3E:99:2C:66:56:58:94:2E:68:90:D2:98:D6:8C:DE:64:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/F652PL-8sPuAvdYE_JPXNVSbhdg.roa
Signing time: Fri 13 Mar 2026 20:04:29 +0000
ROA not before: Fri 13 Mar 2026 20:04:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 2a12:fdc0::/48 maxlen: 48
2a12:fdc0:1::/48 maxlen: 48
2a12:fdc0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Mar 2026 00:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e8:cc:ec:b9:11:81:09:66:8f:85:b2:0d:42:20:56:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f88b443e992c665658942e6890d298d68cde6425
Validity
Not Before: Mar 13 20:04:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=17ae763cbfbcb0fb80bdd604fc93d735549b85d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:80:48:2c:ff:1c:c9:43:6e:40:0a:dd:18:e1:
3f:d0:6b:c9:09:b8:36:49:65:1e:22:08:3e:1f:f7:
02:11:d6:0f:82:d6:fd:47:1a:88:3a:f2:d7:78:87:
fb:00:f1:ca:e2:ac:4c:2a:f3:b5:bd:8d:b1:4b:ce:
f1:d5:27:4a:c1:ff:b3:11:b2:13:fa:05:0b:49:a3:
89:13:1e:24:30:b6:78:30:7d:37:85:e2:dc:80:be:
1d:b5:3c:62:88:71:e4:a3:56:fa:b4:29:88:6a:90:
9a:77:26:56:ef:fb:5b:26:2a:59:c6:bf:40:26:22:
83:3b:84:59:3f:79:36:71:f0:d2:e2:fd:df:8f:01:
6a:31:ab:e5:2f:24:9f:06:f3:da:e4:d2:58:9d:2d:
7d:9a:17:d2:4e:39:cf:d4:ad:1a:48:80:3e:03:61:
8e:7d:21:37:f5:02:61:96:76:91:27:94:b5:2f:36:
30:e1:cf:0d:45:51:ef:95:d6:41:f5:b3:0a:9a:14:
0b:14:a4:f6:c8:fb:67:7b:85:76:5b:4a:48:3b:14:
62:d7:0f:e3:7f:c9:d7:d0:7c:40:cd:74:8d:58:f1:
c4:3d:4b:92:d5:37:cd:f3:41:60:3a:7c:26:f0:84:
06:e9:b2:4c:25:f7:dd:46:34:e3:0c:48:8f:3d:b3:
58:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AE:76:3C:BF:BC:B0:FB:80:BD:D6:04:FC:93:D7:35:54:9B:85:D8
X509v3 Authority Key Identifier:
keyid:F8:8B:44:3E:99:2C:66:56:58:94:2E:68:90:D2:98:D6:8C:DE:64:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/F652PL-8sPuAvdYE_JPXNVSbhdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:fdc0::-2a12:fdc0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
06:4f:b4:0b:7b:2c:79:8a:13:81:bb:73:70:8a:ce:28:d8:53:
0d:b0:57:44:c9:e6:52:e1:96:46:28:4c:cc:dc:43:f0:a7:d3:
3e:4e:2c:da:43:0a:d1:59:86:c7:a7:4f:64:16:a8:da:fd:b3:
e4:43:87:78:05:8d:cd:1e:2a:97:7e:9d:4f:29:8e:4d:b4:ff:
bb:13:10:67:fa:73:49:44:4d:52:ed:e0:dc:c6:43:17:ac:78:
43:35:ba:e6:47:5d:27:cc:5b:52:5c:9c:cc:37:1c:bd:88:78:
7f:4a:6b:95:5b:38:7f:66:67:e6:65:5c:ab:40:d1:18:10:21:
89:02:3b:a2:32:67:a6:1a:61:9b:4d:31:94:7b:2b:85:da:3d:
14:f9:c0:ea:6c:bc:7d:ab:62:a1:9c:e9:59:d4:5a:31:83:57:
82:43:4d:fb:d6:75:c5:5b:b3:1c:78:04:96:a5:70:ba:59:10:
46:82:59:08:59:40:46:ae:41:ea:6e:23:f6:5d:64:3c:af:9d:
cf:ff:af:4f:19:6f:93:78:f8:2f:bf:7d:73:fc:cd:5c:5b:b0:
97:1f:d2:51:41:3a:b1:3d:de:82:94:b6:da:3d:62:f2:ad:b4:
87:09:c0:b3:56:25:21:96:db:84:1a:2e:62:8a:2a:bf:75:40:
05:c4:19:1f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZzozOy5EYEJZo+Fsg1CIFbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OGI0NDNlOTkyYzY2NTY1ODk0MmU2ODkwZDI5OGQ2OGNk
ZTY0MjUwHhcNMjYwMzEzMjAwNDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FlNzYzY2JmYmNiMGZiODBiZGQ2MDRmYzkzZDczNTU0OWI4NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIBILP8cyUNuQArdGOE/0GvJCbg2
SWUeIgg+H/cCEdYPgtb9RxqIOvLXeIf7APHK4qxMKvO1vY2xS87x1SdKwf+zEbIT
+gULSaOJEx4kMLZ4MH03heLcgL4dtTxiiHHko1b6tCmIapCadyZW7/tbJipZxr9A
JiKDO4RZP3k2cfDS4v3fjwFqMavlLySfBvPa5NJYnS19mhfSTjnP1K0aSIA+A2GO
fSE39QJhlnaRJ5S1LzYw4c8NRVHvldZB9bMKmhQLFKT2yPtne4V2W0pIOxRi1w/j
f8nX0HxAzXSNWPHEPUuS1TfN80FgOnwm8IQG6bJMJffdRjTjDEiPPbNYuQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBeudjy/vLD7gL3WBPyT1zVUm4XYMB8GA1UdIwQY
MBaAFPiLRD6ZLGZWWJQuaJDSmNaM3mQlMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JdEVQcGtzWmxaWWxDNW9rTktZMW96ZVpDVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvYmZiNTQyLTRmNjctNDZjNS05NzEw
LTY5NDI1MmYwMjlmMS8xL0Y2NTJQTC04c1B1QXZkWUVfSlBYTlZTYmhkZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvYmZiNTQyLTRmNjctNDZjNS05NzEwLTY5NDI1MmYwMjlm
MS8xLzEtSXRFUHBrc1psWllsQzVva05LWTFvemVaQ1UuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgACMBIwEAMFBioS
/cADBwAqEv3AAAIwDQYJKoZIhvcNAQELBQADggEBAAZPtAt7LHmKE4G7c3CKzijY
Uw2wV0TJ5lLhlkYoTMzcQ/Cn0z5OLNpDCtFZhsenT2QWqNr9s+RDh3gFjc0eKpd+
nU8pjk20/7sTEGf6c0lETVLt4NzGQxeseEM1uuZHXSfMW1JcnMw3HL2IeH9Ka5Vb
OH9mZ+ZlXKtA0RgQIYkCO6IyZ6YaYZtNMZR7K4XaPRT5wOpsvH2rYqGc6VnUWjGD
V4JDTfvWdcVbsxx4BJalcLpZEEaCWQhZQEauQepuI/ZdZDyvnc//r08Zb5N4+C+/
fXP8zVxbsJcf0lFBOrE93oKUtto9YvKttIcJwLNWJSGW24QaLmKKKr91QAXEGR8=
-----END CERTIFICATE-----
Generated at Mon Mar 16 09:50:42 2026 by rpki-client