Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/Fa_E9m89fUIJZtCefkFZ2jvyFO8.roa
File: Fa_E9m89fUIJZtCefkFZ2jvyFO8.roa (raw, json)
Hash identifier: ZAwAoX5HJyrrbaR8aOzdSIPtrO8DX2Vvq7HjudQe7SU=
Subject key identifier: 15:AF:C4:F6:6F:3D:7D:42:09:66:D0:9E:7E:41:59:DA:3B:F2:14:EF
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019DB0B330934F8D18F0DC597EFA92D83912
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/Fa_E9m89fUIJZtCefkFZ2jvyFO8.roa
Signing time: Tue 21 Apr 2026 15:40:26 +0000
ROA not before: Tue 21 Apr 2026 15:40:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 222.167.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 23:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:b3:30:93:4f:8d:18:f0:dc:59:7e:fa:92:d8:39:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Apr 21 15:40:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=15afc4f66f3d7d420966d09e7e4159da3bf214ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:f2:f3:9b:be:f3:4c:72:b6:f2:ea:97:b2:
fc:b1:c1:d0:25:44:79:a1:62:f1:c0:9e:d4:41:24:
90:e4:21:41:e9:47:ce:58:0d:96:76:60:e1:4a:6d:
92:82:3c:99:ac:90:d4:0c:05:67:9f:78:42:b0:7e:
ed:19:cc:91:50:5d:ac:d4:a3:84:68:ed:c2:b1:53:
52:05:0b:f0:38:56:a1:2b:67:0c:b5:3c:01:1d:35:
35:50:49:63:ec:b9:f9:09:33:89:f5:8c:95:e4:27:
ac:4e:c2:f5:18:1a:2f:e8:cf:0b:15:0a:78:35:a6:
b9:bf:bf:2f:c1:41:1d:7a:78:76:d0:ac:01:5b:a0:
6c:84:dc:05:5c:c2:d0:b9:bc:8b:e5:0c:77:85:f8:
21:54:3a:e9:5d:bc:77:9f:e4:73:29:2a:72:2d:43:
b6:bb:7d:66:a7:ae:f5:a5:83:74:33:33:56:6c:52:
da:89:40:55:df:56:e7:6b:7e:b4:64:90:52:af:4c:
1d:43:da:66:24:56:1d:43:da:b6:76:41:af:f0:eb:
24:5c:45:3e:26:4a:22:37:5a:58:d0:41:44:29:f2:
5d:17:8e:3d:57:2e:2b:25:50:f4:5c:5b:3e:f1:33:
9a:b6:6e:0e:d3:89:2f:2c:66:75:ad:17:0c:7f:e8:
a2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:AF:C4:F6:6F:3D:7D:42:09:66:D0:9E:7E:41:59:DA:3B:F2:14:EF
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/Fa_E9m89fUIJZtCefkFZ2jvyFO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
222.167.223.0/24
Signature Algorithm: sha256WithRSAEncryption
31:04:3a:88:d3:ed:01:86:5a:97:64:6e:10:da:45:7a:e4:b6:
1a:9c:19:65:d4:7f:5d:08:86:b8:56:d6:e3:e4:cd:22:77:1f:
04:28:57:8b:cc:13:a4:16:4e:14:ec:d4:a2:49:16:4e:2d:72:
5a:d3:43:1f:4d:2b:40:c7:6c:19:a3:23:a9:98:57:ef:e4:24:
9d:35:cb:b9:03:21:a7:0c:c9:f9:10:00:67:ab:39:0c:0e:95:
ad:82:b3:60:fd:72:d7:ce:67:aa:5f:bc:24:12:fc:b2:42:b7:
e6:69:41:cc:b2:9b:ea:ee:1c:07:3d:67:72:a3:71:57:c4:f3:
f0:62:40:72:3e:96:18:9a:99:0d:bc:bc:eb:67:7b:c2:a2:5f:
48:78:bb:eb:a0:bf:44:b4:ce:93:0b:72:8d:5c:fc:0a:dc:0e:
a8:c5:d3:82:71:35:58:24:60:9a:69:a1:37:e0:e2:a2:ac:b3:
e2:3d:ef:a4:0a:41:30:b3:c3:21:77:c5:9f:d7:87:32:3b:88:
30:17:be:ed:00:de:ee:b4:85:18:c4:e0:72:d2:9c:9d:58:73:
1e:68:27:30:8e:c3:d6:ff:cd:42:7d:e1:c6:86:7d:80:cb:1d:
14:b9:cd:d4:05:92:1b:0d:53:ba:14:2b:74:61:2a:7b:26:5d:
59:7b:f5:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2wszCTT40Y8NxZfvqS2DkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwNDIxMTU0MDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWFmYzRmNjZmM2Q3ZDQyMDk2NmQwOWU3ZTQxNTlkYTNiZjIxNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusry85u+80xytvLql7L8scHQJUR5
oWLxwJ7UQSSQ5CFB6UfOWA2WdmDhSm2SgjyZrJDUDAVnn3hCsH7tGcyRUF2s1KOE
aO3CsVNSBQvwOFahK2cMtTwBHTU1UElj7Ln5CTOJ9YyV5CesTsL1GBov6M8LFQp4
Naa5v78vwUEdenh20KwBW6BshNwFXMLQubyL5Qx3hfghVDrpXbx3n+RzKSpyLUO2
u31mp671pYN0MzNWbFLaiUBV31bna360ZJBSr0wdQ9pmJFYdQ9q2dkGv8OskXEU+
JkoiN1pY0EFEKfJdF449Vy4rJVD0XFs+8TOatm4O04kvLGZ1rRcMf+iiUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBWvxPZvPX1CCWbQnn5BWdo78hTvMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvRmFfRTltODlmVUlKWnRDZWZrRloyanZ5Rk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3qffMA0G
CSqGSIb3DQEBCwUAA4IBAQAxBDqI0+0BhlqXZG4Q2kV65LYanBll1H9dCIa4Vtbj
5M0idx8EKFeLzBOkFk4U7NSiSRZOLXJa00MfTStAx2wZoyOpmFfv5CSdNcu5AyGn
DMn5EABnqzkMDpWtgrNg/XLXzmeqX7wkEvyyQrfmaUHMspvq7hwHPWdyo3FXxPPw
YkByPpYYmpkNvLzrZ3vCol9IeLvroL9EtM6TC3KNXPwK3A6oxdOCcTVYJGCaaaE3
4OKirLPiPe+kCkEws8Mhd8Wf14cyO4gwF77tAN7utIUYxOBy0pydWHMeaCcwjsPW
/81CfeHGhn2Ayx0Uuc3UBZIbDVO6FCt0YSp7Jl1Ze/Vh
-----END CERTIFICATE-----
Generated at Mon Apr 27 09:08:32 2026 by rpki-client