Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/StJ8D1En8Ojr2sSRvBwBk7zK4e0.roa
File: StJ8D1En8Ojr2sSRvBwBk7zK4e0.roa (raw, json)
Hash identifier: s7CkcsKsNQEeiDQ7cH3oQu40IeBV+nuXUmrfwLcnpoM=
Subject key identifier: 4A:D2:7C:0F:51:27:F0:E8:EB:DA:C4:91:BC:1C:01:93:BC:CA:E1:ED
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D9FFBEE6A6194E63F057A16B803DB5886
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/StJ8D1En8Ojr2sSRvBwBk7zK4e0.roa
Signing time: Sat 18 Apr 2026 09:46:20 +0000
ROA not before: Sat 18 Apr 2026 09:46:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 46.102.237.0/24 maxlen: 24
78.17.7.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.125.126.0/24 maxlen: 24
91.132.50.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
103.245.228.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
206.245.152.0/22 maxlen: 22
206.245.156.0/24 maxlen: 24
206.245.158.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9f:fb:ee:6a:61:94:e6:3f:05:7a:16:b8:03:db:58:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 18 09:46:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ad27c0f5127f0e8ebdac491bc1c0193bccae1ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:50:42:af:d8:62:24:15:5d:19:8b:5e:d9:0b:
95:49:ea:be:8e:6b:7b:3d:7a:e8:4e:66:ac:90:7a:
6b:ad:f2:3e:5a:6e:29:76:49:21:97:d8:8c:c1:7c:
0a:1c:48:14:76:19:b3:4a:d0:80:1a:44:fc:91:78:
70:38:ac:13:96:61:ae:1a:fc:74:9d:d2:2f:70:34:
5b:84:e8:4b:ab:7b:99:2b:82:ef:9b:13:80:f5:7d:
5a:c5:ba:07:5a:ed:7e:24:27:09:b0:c8:ec:a3:3e:
32:59:09:40:b0:c8:61:83:f2:c6:4e:18:fe:08:a3:
64:fc:3d:f9:34:a9:f0:2c:0c:92:40:1a:f8:d6:c4:
cc:89:82:61:55:44:93:b6:d5:d0:a8:f8:fd:04:6c:
33:dc:68:b4:d9:d6:b8:72:6d:a1:d4:d1:a8:97:66:
af:07:60:37:89:26:38:e5:38:d7:39:9a:44:44:23:
1b:42:40:09:22:e0:ef:f7:92:b6:54:0e:b4:3e:5f:
7a:3a:d8:1f:4c:b6:96:5a:11:9c:f5:5f:71:94:3f:
56:86:61:d6:9e:88:6f:c6:48:85:24:b9:2e:51:7b:
e8:e5:d7:68:15:89:a3:0d:52:99:b4:c8:2a:b7:09:
3c:07:da:c6:9d:c8:3b:f1:8c:cc:c9:03:0e:f0:7b:
18:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D2:7C:0F:51:27:F0:E8:EB:DA:C4:91:BC:1C:01:93:BC:CA:E1:ED
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/StJ8D1En8Ojr2sSRvBwBk7zK4e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.237.0/24
78.17.7.0/24
89.34.106.0/24
89.125.126.0/24
91.132.50.0/24
93.114.183.0/24
103.245.228.0/24
194.58.47.0/24
206.245.152.0-206.245.156.255
206.245.158.0/24
212.192.7.0-212.192.8.255
212.192.10.0/24
212.192.30.0/24
212.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:34:03:e2:c6:7c:d6:3d:cf:02:58:a6:98:22:75:bf:e3:f6:
64:3b:97:9b:6b:39:42:04:d9:46:73:eb:44:a6:9b:ee:c8:fc:
bb:41:8a:e2:67:9e:8e:3c:b9:8d:37:ba:d0:65:78:29:9f:05:
32:ba:18:ac:c8:2d:3c:55:44:7e:3a:ed:61:32:5e:20:94:df:
79:dd:7a:57:e4:83:d3:3a:44:53:f2:df:2a:34:cb:3f:ac:9b:
ce:fe:1a:80:32:93:9c:72:e3:68:6f:47:8f:c9:b5:f4:59:1d:
2f:72:87:92:3d:df:44:c8:8e:b0:6d:fd:1c:07:63:17:ae:1b:
05:d5:fe:d8:4a:df:57:5f:f5:e7:cb:f2:19:2a:3f:7a:c2:f2:
3b:4a:be:9a:c4:5b:67:c3:fc:94:5f:e4:2e:20:05:e9:7d:6d:
b0:ab:fc:fc:a3:50:e1:58:7e:eb:d4:35:ea:c2:5a:b9:c6:40:
98:89:1c:b0:6b:f4:3a:bc:d3:eb:06:e4:35:7a:d1:a4:f3:4b:
62:1d:8e:92:5b:a6:6a:b5:a7:fa:84:e2:25:cd:de:1d:a7:62:
4d:a8:ec:f4:92:e4:cf:62:24:be:cf:28:d9:d0:81:02:a6:d8:
bc:58:0c:46:b8:8e:7c:b6:2f:7b:de:e9:50:9f:40:25:6f:0e:
bd:2f:eb:8f
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZ2f++5qYZTmPwV6FrgD21iGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNDE4MDk0NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQyN2MwZjUxMjdmMGU4ZWJkYWM0OTFiYzFjMDE5M2JjY2FlMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVBCr9hiJBVdGYte2QuVSeq+jmt7
PXroTmaskHprrfI+Wm4pdkkhl9iMwXwKHEgUdhmzStCAGkT8kXhwOKwTlmGuGvx0
ndIvcDRbhOhLq3uZK4LvmxOA9X1axboHWu1+JCcJsMjsoz4yWQlAsMhhg/LGThj+
CKNk/D35NKnwLAySQBr41sTMiYJhVUSTttXQqPj9BGwz3Gi02da4cm2h1NGol2av
B2A3iSY45TjXOZpERCMbQkAJIuDv95K2VA60Pl96OtgfTLaWWhGc9V9xlD9WhmHW
nohvxkiFJLkuUXvo5ddoFYmjDVKZtMgqtwk8B9rGncg78YzMyQMO8HsYNwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFErSfA9RJ/Do69rEkbwcAZO8yuHtMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvU3RKOEQxRW44T2pyMnNTUnZCd0JrN3pLNGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQALmbtAwQA
ThEHAwQAWSJqAwQAWX1+AwQAW4QyAwQAXXK3AwQAZ/XkAwQAwjovMAwDBAPO9ZgD
BADO9ZwDBADO9Z4wDAMEANTABwMEANTACAMEANTACgMEANTAHgMEANTA0DANBgkq
hkiG9w0BAQsFAAOCAQEAfDQD4sZ81j3PAlimmCJ1v+P2ZDuXm2s5QgTZRnPrRKab
7sj8u0GK4meejjy5jTe60GV4KZ8FMroYrMgtPFVEfjrtYTJeIJTfed16V+SD0zpE
U/LfKjTLP6ybzv4agDKTnHLjaG9Hj8m19FkdL3KHkj3fRMiOsG39HAdjF64bBdX+
2ErfV1/158vyGSo/esLyO0q+msRbZ8P8lF/kLiAF6X1tsKv8/KNQ4Vh+69Q16sJa
ucZAmIkcsGv0OrzT6wbkNXrRpPNLYh2OklumarWn+oTiJc3eHadiTajs9JLkz2Ik
vs8o2dCBAqbYvFgMRriOfLYve97pUJ9AJW8OvS/rjw==
-----END CERTIFICATE-----
Generated at Mon Apr 20 04:46:48 2026 by rpki-client