Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Sws6X2TBAPXMpwO3JvQInbPX0KU.roa
File: Sws6X2TBAPXMpwO3JvQInbPX0KU.roa (raw, json)
Hash identifier: aXw2nTOOcBbfwo8k9b7+BrgnwRYqE/1JVzOiDgJK8Vg=
Subject key identifier: 4B:0B:3A:5F:64:C1:00:F5:CC:A7:03:B7:26:F4:08:9D:B3:D7:D0:A5
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019E8A050D683CA545B29317479FBB74B370
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Sws6X2TBAPXMpwO3JvQInbPX0KU.roa
Signing time: Tue 02 Jun 2026 20:27:27 +0000
ROA not before: Tue 02 Jun 2026 20:27:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 78.17.129.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.125.30.0/24 maxlen: 24
89.125.126.0/24 maxlen: 24
89.125.185.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
103.245.228.0/24 maxlen: 24
140.225.194.0/24 maxlen: 24
140.225.199.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
206.245.144.0/21 maxlen: 21
206.245.156.0/24 maxlen: 24
206.245.158.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8a:05:0d:68:3c:a5:45:b2:93:17:47:9f:bb:74:b3:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 2 20:27:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4b0b3a5f64c100f5cca703b726f4089db3d7d0a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1d:c6:7d:47:d8:62:bb:37:78:dc:3a:84:60:
af:9d:37:a7:98:bd:78:47:12:c7:de:e0:0b:c0:3d:
6b:3a:66:95:87:f9:bd:e3:77:4d:91:c5:ea:65:19:
9c:8b:8d:2b:12:9f:1f:2b:80:8b:b6:ce:63:25:78:
c7:06:d1:46:12:5f:c6:f7:e4:e9:4c:28:5e:88:91:
33:6d:25:23:62:fe:70:58:6d:67:0e:30:b4:63:f5:
25:c4:05:c2:0b:89:08:11:e4:a3:b4:a4:6e:32:43:
b9:32:58:d3:6a:44:f3:96:a7:9f:d6:ef:fb:05:2d:
95:91:7f:2a:a6:a1:3e:8d:3c:d0:4e:36:4f:14:c2:
23:04:d6:33:48:42:ca:9d:68:03:e0:d7:e1:f3:02:
04:f1:b1:a8:88:42:ee:0d:f7:9d:48:6e:cd:14:b9:
bb:3e:e6:45:a5:fd:b8:33:2a:c4:58:d3:c8:2f:44:
1b:74:48:0c:32:3c:f5:aa:ff:6f:bf:a9:36:a9:e1:
31:4f:ab:71:91:56:7b:64:e4:ab:52:40:6f:17:80:
af:66:f7:9a:96:c5:62:e8:8a:8b:54:a8:84:4e:de:
94:77:1a:e8:99:49:ee:a4:2d:21:69:19:f8:41:68:
66:13:72:e0:41:f4:60:81:20:80:6b:3f:72:ce:b7:
86:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0B:3A:5F:64:C1:00:F5:CC:A7:03:B7:26:F4:08:9D:B3:D7:D0:A5
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Sws6X2TBAPXMpwO3JvQInbPX0KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.129.0/24
89.34.106.0/24
89.125.30.0/24
89.125.126.0/24
89.125.185.0/24
93.114.183.0/24
103.245.228.0/24
140.225.194.0/24
140.225.199.0/24
194.58.47.0/24
206.245.144.0/21
206.245.156.0/24
206.245.158.0/24
212.192.7.0-212.192.8.255
212.192.10.0/24
212.192.30.0/24
212.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
86:c0:5d:a3:37:56:be:10:7b:dd:82:7b:45:2f:cd:d4:b2:ee:
6b:6e:4b:fb:26:ef:b4:4b:83:f2:c6:03:0d:43:fc:85:73:52:
91:cb:7e:7c:98:1a:d7:9b:6e:19:b9:fa:de:e5:d7:64:19:0c:
71:9f:2f:11:b5:22:5d:32:01:12:51:2c:8c:cd:84:75:d0:3b:
4c:65:3e:42:1d:ef:66:e1:31:88:5a:0d:69:14:1e:c7:48:26:
6d:35:ba:02:e5:e8:4f:d1:50:6d:f2:97:5e:54:85:86:5f:15:
8f:6b:77:b1:f0:f6:da:48:9b:f8:23:8e:c2:14:58:d2:f6:7f:
3b:ba:91:cc:3a:92:d8:45:ba:22:f7:77:20:f5:a0:35:50:55:
fd:92:7f:1b:27:8a:e4:07:7e:e6:94:8d:d1:b7:77:4b:e9:b9:
30:d5:26:9d:c8:51:c4:aa:24:82:97:be:dd:1c:58:04:9a:94:
3c:ae:f7:80:ed:c3:99:7a:b7:dc:21:7c:76:21:a4:b3:f3:e4:
09:a1:0b:cc:d9:bc:02:b9:7a:03:06:97:39:3d:66:fb:35:c5:
5e:a5:c4:a5:df:a4:0f:d0:2b:7a:22:b0:04:b4:51:f9:9b:0f:
9c:fe:bc:44:1e:dc:5c:3b:9b:91:20:1c:f5:18:f0:74:80:40:
9a:96:fb:ce
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZ6KBQ1oPKVFspMXR5+7dLNwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNjAyMjAyNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjBiM2E1ZjY0YzEwMGY1Y2NhNzAzYjcyNmY0MDg5ZGIzZDdkMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2x3GfUfYYrs3eNw6hGCvnTenmL14
RxLH3uALwD1rOmaVh/m943dNkcXqZRmci40rEp8fK4CLts5jJXjHBtFGEl/G9+Tp
TCheiJEzbSUjYv5wWG1nDjC0Y/UlxAXCC4kIEeSjtKRuMkO5MljTakTzlqef1u/7
BS2VkX8qpqE+jTzQTjZPFMIjBNYzSELKnWgD4Nfh8wIE8bGoiELuDfedSG7NFLm7
PuZFpf24MyrEWNPIL0QbdEgMMjz1qv9vv6k2qeExT6txkVZ7ZOSrUkBvF4CvZvea
lsVi6IqLVKiETt6UdxromUnupC0haRn4QWhmE3LgQfRggSCAaz9yzreGMQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFEsLOl9kwQD1zKcDtyb0CJ2z19ClMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvU3dzNlgyVEJBUFhNcHdPM0p2UUluYlBYMEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAE4RgQME
AFkiagMEAFl9HgMEAFl9fgMEAFl9uQMEAF1ytwMEAGf15AMEAIzhwgMEAIzhxwME
AMI6LwMEA871kAMEAM71nAMEAM71njAMAwQA1MAHAwQA1MAIAwQA1MAKAwQA1MAe
AwQA1MDQMA0GCSqGSIb3DQEBCwUAA4IBAQCGwF2jN1a+EHvdgntFL83Usu5rbkv7
Ju+0S4PyxgMNQ/yFc1KRy358mBrXm24Zufre5ddkGQxxny8RtSJdMgESUSyMzYR1
0DtMZT5CHe9m4TGIWg1pFB7HSCZtNboC5ehP0VBt8pdeVIWGXxWPa3ex8PbaSJv4
I47CFFjS9n87upHMOpLYRboi93cg9aA1UFX9kn8bJ4rkB37mlI3Rt3dL6bkw1Sad
yFHEqiSCl77dHFgEmpQ8rveA7cOZerfcIXx2IaSz8+QJoQvM2bwCuXoDBpc5PWb7
NcVepcSl36QP0Ct6IrAEtFH5mw+c/rxEHtxcO5uRIBz1GPB0gECalvvO
-----END CERTIFICATE-----
Generated at Thu Jun 4 06:20:37 2026 by rpki-client