Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/fyOBmQELZ84jim02chSzhLTUiJg.roa
File: fyOBmQELZ84jim02chSzhLTUiJg.roa (raw, json)
Hash identifier: PVKToPWaEblMOyx0ZJiyuzsLGWJGXRtAynoGPK7HeM8=
Subject key identifier: 7F:23:81:99:01:0B:67:CE:23:8A:6D:36:72:14:B3:84:B4:D4:88:98
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 019BF60A0614549113DE7FCA5512CC95AE0B
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/fyOBmQELZ84jim02chSzhLTUiJg.roa
Signing time: Sun 25 Jan 2026 16:43:30 +0000
ROA not before: Sun 25 Jan 2026 16:43:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215540
IP address blocks: 94.103.0.0/24 maxlen: 24
109.172.54.0/24 maxlen: 24
109.172.55.0/24 maxlen: 24
178.130.46.0/24 maxlen: 24
178.130.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Feb 2026 09:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:f6:0a:06:14:54:91:13:de:7f:ca:55:12:cc:95:ae:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 25 16:43:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7f238199010b67ce238a6d367214b384b4d48898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:16:12:78:62:cf:93:4f:69:9b:9d:24:bc:85:
46:4c:0f:2c:0f:b6:e9:11:3a:a7:c5:72:65:fe:1b:
e2:08:56:2d:3b:cb:4f:71:a7:de:62:5a:a7:8d:21:
82:cb:44:b4:8e:cb:d5:78:8c:a0:92:10:11:59:3b:
6e:2d:19:8a:9d:0c:04:ba:d0:f0:c2:58:f5:08:4c:
26:3c:f8:29:a5:6d:3c:99:25:30:d5:9e:c5:6c:fd:
8c:16:63:c7:b9:22:af:d9:c5:e9:ec:6b:f5:f5:c7:
55:39:88:9e:d0:9a:9f:c6:45:2f:64:b0:d6:29:5a:
7f:6b:77:1f:db:e9:d2:f0:92:f3:b8:27:d1:86:d9:
96:25:16:3a:56:c6:0b:c7:c9:fc:b7:28:98:cf:38:
01:0f:fb:51:80:9b:98:f4:a1:35:44:05:4f:47:17:
02:4c:0f:1a:30:d5:13:26:a1:e6:dd:96:8b:56:64:
5b:71:21:ad:c9:69:4d:d1:cf:27:76:83:12:27:20:
0f:76:51:e0:7a:8d:4a:4d:87:bf:cc:1f:44:53:60:
0f:c1:64:a0:7f:e5:4f:43:3d:79:0d:8e:bf:4e:ba:
d4:31:62:46:58:11:46:7f:24:09:89:b8:00:34:de:
76:a6:70:8a:e2:d5:80:d6:0a:f8:f6:fd:6d:13:91:
21:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:23:81:99:01:0B:67:CE:23:8A:6D:36:72:14:B3:84:B4:D4:88:98
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/fyOBmQELZ84jim02chSzhLTUiJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.0.0/24
109.172.54.0/23
178.130.46.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:59:b1:e5:0a:34:89:b5:bc:f1:51:1c:48:37:69:49:8d:38:
c5:70:e1:64:6f:af:33:d0:48:af:61:0a:c1:13:75:5f:e0:50:
0b:1a:3c:49:0e:61:66:13:8b:8f:8e:5d:d3:c1:d4:ab:59:34:
75:32:17:2b:b5:5f:c6:c4:d0:4f:73:11:91:dc:d3:28:3a:fc:
a8:ee:18:d5:02:28:94:8f:f0:85:b4:17:ab:28:44:d7:c5:ba:
61:ef:45:dc:a5:53:62:e1:b4:87:cf:71:70:56:ce:df:3f:ee:
55:30:38:35:36:5a:12:02:cb:d8:f7:82:cf:9c:64:12:5f:3d:
e4:b9:1e:38:31:68:91:e8:eb:dc:62:eb:20:55:35:04:8d:74:
76:0c:6a:3e:24:98:8a:97:63:9c:ac:5b:8f:16:65:74:59:ae:
3d:c9:d8:50:48:a5:6b:2b:85:8a:c2:37:ff:be:f1:ff:63:4f:
19:8a:a0:e5:a6:5a:41:b7:1e:53:a5:b4:be:45:6f:db:e6:03:
7c:3c:d2:a6:f1:3c:ff:a1:7d:29:18:7d:1f:1d:5d:dd:ad:4f:
30:7c:ad:7a:77:1c:e7:15:0f:34:87:3a:3f:30:b1:4a:09:91:
cd:9f:7d:d3:4d:66:e0:03:63:ab:de:be:2e:01:de:28:40:20:
fd:e5:11:3c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZv2CgYUVJET3n/KVRLMla4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjYwMTI1MTY0MzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjIzODE5OTAxMGI2N2NlMjM4YTZkMzY3MjE0YjM4NGI0ZDQ4ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xYSeGLPk09pm50kvIVGTA8sD7bp
ETqnxXJl/hviCFYtO8tPcafeYlqnjSGCy0S0jsvVeIygkhARWTtuLRmKnQwEutDw
wlj1CEwmPPgppW08mSUw1Z7FbP2MFmPHuSKv2cXp7Gv19cdVOYie0JqfxkUvZLDW
KVp/a3cf2+nS8JLzuCfRhtmWJRY6VsYLx8n8tyiYzzgBD/tRgJuY9KE1RAVPRxcC
TA8aMNUTJqHm3ZaLVmRbcSGtyWlN0c8ndoMSJyAPdlHgeo1KTYe/zB9EU2APwWSg
f+VPQz15DY6/TrrUMWJGWBFGfyQJibgANN52pnCK4tWA1gr49v1tE5EhJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH8jgZkBC2fOI4ptNnIUs4S01IiYMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvZnlPQm1RRUxaODRqaW0wMmNoU3poTFRVaUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXmcAAwQB
baw2AwQBsoIuMA0GCSqGSIb3DQEBCwUAA4IBAQCKWbHlCjSJtbzxURxIN2lJjTjF
cOFkb68z0EivYQrBE3Vf4FALGjxJDmFmE4uPjl3TwdSrWTR1MhcrtV/GxNBPcxGR
3NMoOvyo7hjVAiiUj/CFtBerKETXxbph70XcpVNi4bSHz3FwVs7fP+5VMDg1NloS
AsvY94LPnGQSXz3kuR44MWiR6OvcYusgVTUEjXR2DGo+JJiKl2OcrFuPFmV0Wa49
ydhQSKVrK4WKwjf/vvH/Y08ZiqDlplpBtx5TpbS+RW/b5gN8PNKm8Tz/oX0pGH0f
HV3drU8wfK16dxznFQ80hzo/MLFKCZHNn33TTWbgA2Or3r4uAd4oQCD95RE8
-----END CERTIFICATE-----
Generated at Tue Feb 17 14:02:41 2026 by rpki-client