Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/FhskbKXZIncjnAG2H1L_9TxK6BE.roa
File: FhskbKXZIncjnAG2H1L_9TxK6BE.roa (raw, json)
Hash identifier: Sragfkj84y+IUdSKaepdgmlgjMpXL9BU37PIaA7Ug9k=
Subject key identifier: 16:1B:24:6C:A5:D9:22:77:23:9C:01:B6:1F:52:FF:F5:3C:4A:E8:11
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 019E519CC3F264BB4D9962F828FAB0582192
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/FhskbKXZIncjnAG2H1L_9TxK6BE.roa
Signing time: Fri 22 May 2026 21:34:48 +0000
ROA not before: Fri 22 May 2026 21:34:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2856
IP address blocks: 9.151.0.0/19 maxlen: 19
9.151.208.0/20 maxlen: 20
9.151.248.0/21 maxlen: 21
9.237.96.0/19 maxlen: 19
9.237.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:51:9c:c3:f2:64:bb:4d:99:62:f8:28:fa:b0:58:21:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: May 22 21:34:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=161b246ca5d92277239c01b61f52fff53c4ae811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:53:53:f0:ee:38:cf:d7:99:54:0a:5e:74:17:
d2:70:cb:56:d8:8c:21:c7:66:b7:9d:38:e4:40:b0:
21:51:ff:75:74:64:5e:04:eb:07:f7:f0:f3:bc:ea:
55:f0:d9:59:be:19:54:4d:69:f7:d7:30:74:69:93:
ba:0e:1a:ae:9d:ef:1b:b3:c1:80:72:81:d8:4a:83:
4b:45:7a:8a:60:1f:d3:a3:63:57:68:7d:b5:54:71:
f2:d4:3f:32:9f:fc:57:6a:9b:8c:58:ea:79:85:79:
79:13:bd:d7:b7:90:54:09:50:2e:88:b6:01:4a:3b:
10:f2:f1:d1:04:3b:ca:10:21:03:3e:a8:c5:23:05:
b7:7a:f8:55:d6:87:5d:e8:5e:e8:41:f1:58:62:c4:
35:c0:85:45:b4:0a:20:6c:a6:d8:de:8b:08:d7:87:
00:0d:1d:64:58:25:19:ab:cd:52:f6:24:74:10:7e:
2e:35:cd:98:22:c0:4d:53:23:04:77:4d:a8:5f:0e:
2e:6b:89:e4:60:1e:59:c6:38:8a:6f:fb:8f:d5:91:
9e:9d:4c:01:ec:fa:5d:2e:0d:33:a1:1e:6f:8a:11:
d6:2e:3d:19:c8:db:40:b4:df:ee:3a:59:4e:6b:99:
8f:c5:04:83:e3:09:24:09:3d:14:39:43:e5:0b:dd:
7a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:1B:24:6C:A5:D9:22:77:23:9C:01:B6:1F:52:FF:F5:3C:4A:E8:11
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/FhskbKXZIncjnAG2H1L_9TxK6BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
9.151.0.0/19
9.151.208.0/20
9.151.248.0/21
9.237.96.0/19
9.237.192.0/19
Signature Algorithm: sha256WithRSAEncryption
09:59:11:b2:00:3b:a8:52:b8:86:28:80:83:51:85:c0:34:6a:
19:db:0b:85:ad:48:21:8a:8f:86:46:0b:9b:f9:e9:cf:8d:39:
10:d3:df:85:1b:e5:0e:62:72:25:61:d6:9d:ea:20:ee:a7:16:
d9:d8:71:b3:cf:9c:4d:0e:ad:74:3e:f7:fe:eb:81:44:df:75:
d2:56:59:65:d0:7e:f8:08:6c:5a:a8:ea:ef:62:11:6b:f8:6a:
ef:d1:b3:04:f4:43:60:c1:f4:0c:a2:f2:bd:d6:1f:03:9e:56:
45:91:87:2a:31:8f:5e:b7:9f:95:af:23:87:59:23:2a:40:c1:
37:64:b0:93:57:c5:44:58:88:4b:cf:e9:a5:c7:c2:b1:7c:51:
46:0f:21:60:77:43:7c:ba:54:49:cb:26:7d:0a:0c:0b:49:aa:
15:96:93:c4:e6:56:5e:08:9f:ca:5a:e7:43:84:1c:69:3a:5e:
d9:97:37:97:37:fa:95:23:bf:02:d5:59:ae:18:32:98:98:32:
79:82:53:6e:dc:18:a1:0e:45:9f:09:19:f4:57:eb:0b:d4:ef:
63:ff:89:21:8f:5e:9e:5f:0e:20:a6:a8:79:07:80:b5:35:80:
a8:9c:21:5b:97:37:05:10:1d:85:d0:f7:65:e7:97:01:ec:fd:
55:82:90:51
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ5RnMPyZLtNmWL4KPqwWCGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjYwNTIyMjEzNDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjFiMjQ2Y2E1ZDkyMjc3MjM5YzAxYjYxZjUyZmZmNTNjNGFlODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lNT8O44z9eZVApedBfScMtW2Iwh
x2a3nTjkQLAhUf91dGReBOsH9/DzvOpV8NlZvhlUTWn31zB0aZO6Dhqune8bs8GA
coHYSoNLRXqKYB/To2NXaH21VHHy1D8yn/xXapuMWOp5hXl5E73Xt5BUCVAuiLYB
SjsQ8vHRBDvKECEDPqjFIwW3evhV1odd6F7oQfFYYsQ1wIVFtAogbKbY3osI14cA
DR1kWCUZq81S9iR0EH4uNc2YIsBNUyMEd02oXw4ua4nkYB5ZxjiKb/uP1ZGenUwB
7PpdLg0zoR5vihHWLj0ZyNtAtN/uOllOa5mPxQSD4wkkCT0UOUPlC916kwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBYbJGyl2SJ3I5wBth9S//U8SugRMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvRmhza2JLWFpJbmNqbkFHMkgxTF85VHhLNkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFCZcAAwQE
CZfQAwQDCZf4AwQFCe1gAwQFCe3AMA0GCSqGSIb3DQEBCwUAA4IBAQAJWRGyADuo
UriGKICDUYXANGoZ2wuFrUghio+GRgub+enPjTkQ09+FG+UOYnIlYdad6iDupxbZ
2HGzz5xNDq10Pvf+64FE33XSVlll0H74CGxaqOrvYhFr+Grv0bME9ENgwfQMovK9
1h8DnlZFkYcqMY9et5+VryOHWSMqQME3ZLCTV8VEWIhLz+mlx8KxfFFGDyFgd0N8
ulRJyyZ9CgwLSaoVlpPE5lZeCJ/KWudDhBxpOl7ZlzeXN/qVI78C1VmuGDKYmDJ5
glNu3BihDkWfCRn0V+sL1O9j/4khj16eXw4gpqh5B4C1NYConCFblzcFEB2F0Pdl
55cB7P1VgpBR
-----END CERTIFICATE-----
Generated at Sat Jun 6 13:17:00 2026 by rpki-client