Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_cKRaiswVVOXjpS0-RP-buXl_4A.roa
File: _cKRaiswVVOXjpS0-RP-buXl_4A.roa (raw, json)
Hash identifier: xvPEcy/FWhbRl4IKUDNoW0hyFN2afZ9SnDfI+jz8wYY=
Subject key identifier: FD:C2:91:6A:2B:30:55:53:97:8E:94:B4:F9:13:FE:6E:E5:E5:FF:80
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019E833FF6793573F03A321C019221A0D333
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_cKRaiswVVOXjpS0-RP-buXl_4A.roa
Signing time: Mon 01 Jun 2026 12:54:27 +0000
ROA not before: Mon 01 Jun 2026 12:54:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200566
IP address blocks: 46.102.237.0/24 maxlen: 24
72.35.240.0/24 maxlen: 24
72.35.241.0/24 maxlen: 24
72.35.243.0/24 maxlen: 24
72.35.244.0/24 maxlen: 24
78.17.20.0/24 maxlen: 24
78.17.21.0/24 maxlen: 24
78.17.30.0/24 maxlen: 24
78.17.31.0/24 maxlen: 24
78.17.58.0/24 maxlen: 24
78.17.61.0/24 maxlen: 24
78.17.81.0/24 maxlen: 24
89.125.223.0/24 maxlen: 24
89.125.242.0/24 maxlen: 24
89.125.245.0/24 maxlen: 24
104.143.194.0/24 maxlen: 24
104.143.195.0/24 maxlen: 24
104.143.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:83:3f:f6:79:35:73:f0:3a:32:1c:01:92:21:a0:d3:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 1 12:54:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fdc2916a2b305553978e94b4f913fe6ee5e5ff80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:19:9c:cb:a9:24:6e:da:64:4a:1b:d8:c1:1d:
f7:bb:23:b0:70:1e:20:8f:dc:ea:dd:c8:e7:82:3c:
75:d1:79:40:ee:56:fb:9c:b4:cf:3b:10:da:0b:a4:
92:d7:48:c3:64:11:6d:92:e8:d6:78:f3:34:2b:10:
54:d6:53:1e:5e:26:75:aa:5e:d2:94:1a:d9:28:26:
9a:69:19:e5:8b:81:79:ba:f0:71:71:a2:29:2d:78:
38:6b:7c:a8:9a:cc:8b:14:c9:45:74:ee:f0:ec:57:
cb:2b:95:c7:25:82:62:f3:c4:c8:a4:15:c0:87:57:
82:f7:b4:f7:46:e7:9a:ca:88:7d:75:ff:c2:a5:ed:
13:85:f9:b8:cd:5d:86:49:a2:da:38:92:9d:4c:e1:
fb:04:ce:69:37:bb:e0:39:81:25:ff:f1:63:b6:e2:
c5:f5:db:01:d5:7a:17:10:57:16:59:ec:0c:f4:77:
5f:f2:e3:1d:f2:57:6b:86:0b:82:e1:76:2d:db:74:
06:2f:96:8e:0b:00:7f:d7:87:ad:be:4a:68:a2:90:
59:31:41:90:91:35:7d:6a:7f:3f:6a:f6:10:15:70:
b9:ee:0e:3e:b2:8a:0f:5a:d4:a4:28:c9:c8:79:fa:
68:02:09:7d:ab:27:70:d5:d9:8e:e8:6a:bb:5b:0a:
5e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C2:91:6A:2B:30:55:53:97:8E:94:B4:F9:13:FE:6E:E5:E5:FF:80
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_cKRaiswVVOXjpS0-RP-buXl_4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.237.0/24
72.35.240.0/23
72.35.243.0-72.35.244.255
78.17.20.0/23
78.17.30.0/23
78.17.58.0/24
78.17.61.0/24
78.17.81.0/24
89.125.223.0/24
89.125.242.0/24
89.125.245.0/24
104.143.194.0/23
104.143.200.0/24
Signature Algorithm: sha256WithRSAEncryption
85:bf:71:93:c0:1d:ef:50:e0:61:a4:f2:b8:f5:f2:5a:7e:08:
73:ed:2d:47:9d:1d:d6:cb:8f:e1:f6:e8:01:50:65:dd:ca:7a:
59:5e:0f:40:4b:32:dc:97:c1:49:a3:99:21:e6:e8:31:9c:19:
e1:d1:7b:94:6c:20:a1:fc:72:d2:bf:c7:4a:28:73:6b:39:b6:
9f:61:fc:20:cc:07:5f:d9:c7:97:de:85:68:25:15:8a:df:21:
75:1e:d2:c1:68:09:22:7e:7d:1c:35:bd:76:7c:4d:d8:df:7a:
b6:de:ca:70:a9:c8:43:c3:d3:ae:d2:4c:21:c1:a0:de:b9:9c:
01:21:69:57:3f:b4:fc:31:8f:14:ab:d2:63:5f:bb:42:84:b8:
98:05:3d:0b:fb:ad:94:8b:2f:20:ce:85:8d:8e:95:5b:12:cd:
e6:4a:0a:66:5e:3a:d1:b0:f6:a3:19:20:50:56:b3:21:27:8b:
e1:0c:f5:5f:ca:d4:20:ac:21:9f:bb:df:10:6a:55:c4:c7:b3:
65:d7:aa:9a:ae:34:c7:88:be:e0:76:7f:07:fa:f3:3b:7d:9f:
ce:07:a0:bd:de:b6:8d:40:0b:c1:18:df:1a:6c:48:10:6c:6d:
80:7b:cd:cc:06:4f:0d:fb:5a:55:ba:9e:4b:f4:8f:2d:5a:d5:
f2:39:13:e9
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZ6DP/Z5NXPwOjIcAZIhoNMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNjAxMTI1NDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGMyOTE2YTJiMzA1NTUzOTc4ZTk0YjRmOTEzZmU2ZWU1ZTVmZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRmcy6kkbtpkShvYwR33uyOwcB4g
j9zq3cjngjx10XlA7lb7nLTPOxDaC6SS10jDZBFtkujWePM0KxBU1lMeXiZ1ql7S
lBrZKCaaaRnli4F5uvBxcaIpLXg4a3yomsyLFMlFdO7w7FfLK5XHJYJi88TIpBXA
h1eC97T3Rueayoh9df/Cpe0Thfm4zV2GSaLaOJKdTOH7BM5pN7vgOYEl//FjtuLF
9dsB1XoXEFcWWewM9Hdf8uMd8ldrhguC4XYt23QGL5aOCwB/14etvkpoopBZMUGQ
kTV9an8/avYQFXC57g4+sooPWtSkKMnIefpoAgl9qydw1dmO6Gq7WwpekQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFP3CkWorMFVTl46UtPkT/m7l5f+AMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvX2NLUmFpc3dWVk9YanBTMC1SUC1idVhsXzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALmbtAwQB
SCPwMAwDBABII/MDBABII/QDBAFOERQDBAFOER4DBABOEToDBABOET0DBABOEVED
BABZfd8DBABZffIDBABZffUDBAFoj8IDBABoj8gwDQYJKoZIhvcNAQELBQADggEB
AIW/cZPAHe9Q4GGk8rj18lp+CHPtLUedHdbLj+H26AFQZd3KelleD0BLMtyXwUmj
mSHm6DGcGeHRe5RsIKH8ctK/x0ooc2s5tp9h/CDMB1/Zx5fehWglFYrfIXUe0sFo
CSJ+fRw1vXZ8TdjferbeynCpyEPD067STCHBoN65nAEhaVc/tPwxjxSr0mNfu0KE
uJgFPQv7rZSLLyDOhY2OlVsSzeZKCmZeOtGw9qMZIFBWsyEni+EM9V/K1CCsIZ+7
3xBqVcTHs2XXqpquNMeIvuB2fwf68zt9n84HoL3eto1AC8EY3xpsSBBsbYB7zcwG
Tw37WlW6nkv0jy1a1fI5E+k=
-----END CERTIFICATE-----
Generated at Thu Jun 4 06:21:09 2026 by rpki-client