Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/3b6fb4-52e8-44e2-abe8-2c2fbad2f011/1/FRusadGqShBxkpoL2paCp-tYl9I.roa
File: FRusadGqShBxkpoL2paCp-tYl9I.roa (raw, json)
Hash identifier: u0M4J6xRL9yocHk0JRl+kCiGzN5rm3Nwf2AuG18JDLc=
Subject key identifier: 15:1B:AC:69:D1:AA:4A:10:71:92:9A:0B:DA:96:82:A7:EB:58:97:D2
Certificate issuer: /CN=43aeb8ff55bd46500b27db9cf1dec256276b2b6a
Certificate serial: 019CDC5D580E92DD4DAD4B2006303AA7AE76
Authority key identifier: 43:AE:B8:FF:55:BD:46:50:0B:27:DB:9C:F1:DE:C2:56:27:6B:2B:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q664_1W9RlALJ9uc8d7CVidrK2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/3b6fb4-52e8-44e2-abe8-2c2fbad2f011/1/FRusadGqShBxkpoL2paCp-tYl9I.roa
Signing time: Wed 11 Mar 2026 10:07:10 +0000
ROA not before: Wed 11 Mar 2026 10:07:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204589
IP address blocks: 91.212.14.0/24 maxlen: 24
185.246.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/3b6fb4-52e8-44e2-abe8-2c2fbad2f011/1/Q664_1W9RlALJ9uc8d7CVidrK2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/3b6fb4-52e8-44e2-abe8-2c2fbad2f011/1/Q664_1W9RlALJ9uc8d7CVidrK2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q664_1W9RlALJ9uc8d7CVidrK2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:5d:58:0e:92:dd:4d:ad:4b:20:06:30:3a:a7:ae:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43aeb8ff55bd46500b27db9cf1dec256276b2b6a
Validity
Not Before: Mar 11 10:07:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=151bac69d1aa4a1071929a0bda9682a7eb5897d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:59:a2:e0:a8:18:c4:e5:91:1f:97:81:1c:4d:
88:f6:0f:60:c2:84:ea:b4:4c:ee:27:45:81:32:e0:
74:ef:e4:0c:13:af:69:7b:6b:f4:3e:5e:dc:ff:fb:
4a:25:d8:e4:14:3a:1e:70:04:10:5c:7f:b3:e8:02:
d8:5f:0c:8c:25:4f:83:e8:84:b9:0e:21:63:02:e2:
aa:78:ea:e7:26:03:0f:19:35:cd:ed:cf:63:14:34:
cf:ab:45:c8:b0:d0:7e:71:c9:f3:d9:3f:eb:fa:86:
8b:82:c7:07:13:14:7b:c0:eb:37:b2:d6:58:50:86:
57:cd:41:a7:9e:7b:1e:58:87:ee:7c:80:ad:25:cb:
b6:a8:a5:4f:9c:35:dd:e3:f9:4f:5c:9d:d8:38:0b:
bf:9b:13:45:1f:8d:25:2b:8c:47:0e:84:5b:e1:3e:
2c:c1:97:be:37:05:7d:3a:3c:ee:0c:ee:a8:95:d3:
f8:86:64:98:6b:4e:f1:52:15:2d:1b:44:f7:4a:d4:
99:79:59:b3:fa:4b:70:42:a8:b3:b7:8b:30:82:28:
ff:1d:b2:ef:15:c9:af:83:c1:b6:37:6a:fc:1c:d3:
6c:14:f2:b2:ff:fc:92:c6:84:d0:21:d0:4b:0e:16:
93:ff:ca:9e:63:1e:22:62:c8:1b:ce:3a:7f:da:e1:
e2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:1B:AC:69:D1:AA:4A:10:71:92:9A:0B:DA:96:82:A7:EB:58:97:D2
X509v3 Authority Key Identifier:
keyid:43:AE:B8:FF:55:BD:46:50:0B:27:DB:9C:F1:DE:C2:56:27:6B:2B:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q664_1W9RlALJ9uc8d7CVidrK2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/3b6fb4-52e8-44e2-abe8-2c2fbad2f011/1/FRusadGqShBxkpoL2paCp-tYl9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/3b6fb4-52e8-44e2-abe8-2c2fbad2f011/1/Q664_1W9RlALJ9uc8d7CVidrK2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.14.0/24
185.246.31.0/24
Signature Algorithm: sha256WithRSAEncryption
22:2d:61:c5:61:e7:56:81:ca:11:a9:41:fc:4d:cc:bb:45:7a:
7e:d6:9e:a4:e4:59:a8:f5:87:ae:0b:f9:62:0d:f3:f3:15:04:
af:25:e0:94:b9:ed:39:5a:68:e2:10:b0:17:88:94:b3:00:4e:
1c:47:b2:70:f3:70:97:b9:c8:c0:03:e3:74:17:56:16:49:0f:
3b:50:39:5d:f7:9f:f9:2b:cf:a1:71:a5:76:c1:0c:8c:b5:44:
f4:29:93:f0:d7:30:ab:7d:ce:c1:d7:67:f8:d5:5e:d5:7d:7c:
53:1e:ac:a1:76:44:29:f6:0e:cc:29:0a:66:eb:06:c2:00:d4:
78:c1:7c:77:fb:23:3b:49:24:1e:7b:ac:4a:f3:89:b0:e8:52:
f4:80:a2:6a:72:3f:69:6a:00:c5:95:1e:0b:81:e8:a0:6d:8c:
f0:44:42:94:a2:18:8a:b1:13:c9:a1:16:3e:4e:52:56:11:f0:
54:d2:93:5b:62:8c:8a:ad:f6:35:88:0a:77:78:39:5e:7a:a0:
8d:16:bc:8c:76:7c:e6:48:81:3d:05:f5:6f:af:2b:b2:60:02:
5e:24:9a:44:aa:2a:ec:41:46:4d:b5:b8:64:c7:4d:f2:fb:3b:
95:bd:17:ac:7e:e9:fd:ec:d4:fd:aa:ae:1e:db:f6:fb:33:35:
4d:f5:99:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZzcXVgOkt1NrUsgBjA6p652MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYWViOGZmNTViZDQ2NTAwYjI3ZGI5Y2YxZGVjMjU2Mjc2
YjJiNmEwHhcNMjYwMzExMTAwNzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTFiYWM2OWQxYWE0YTEwNzE5MjlhMGJkYTk2ODJhN2ViNTg5N2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVmi4KgYxOWRH5eBHE2I9g9gwoTq
tEzuJ0WBMuB07+QME69pe2v0Pl7c//tKJdjkFDoecAQQXH+z6ALYXwyMJU+D6IS5
DiFjAuKqeOrnJgMPGTXN7c9jFDTPq0XIsNB+ccnz2T/r+oaLgscHExR7wOs3stZY
UIZXzUGnnnseWIfufICtJcu2qKVPnDXd4/lPXJ3YOAu/mxNFH40lK4xHDoRb4T4s
wZe+NwV9OjzuDO6oldP4hmSYa07xUhUtG0T3StSZeVmz+ktwQqizt4swgij/HbLv
Fcmvg8G2N2r8HNNsFPKy//ySxoTQIdBLDhaT/8qeYx4iYsgbzjp/2uHiPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBUbrGnRqkoQcZKaC9qWgqfrWJfSMB8GA1UdIwQY
MBaAFEOuuP9VvUZQCyfbnPHewlYnaytqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTY2NF8xVzlSbEFMSjl1YzhkN0NWaWRySzJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8zYjZmYjQtNTJlOC00NGUyLWFiZTgt
MmMyZmJhZDJmMDExLzEvRlJ1c2FkR3FTaEJ4a3BvTDJwYUNwLXRZbDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8zYjZmYjQtNTJlOC00NGUyLWFiZTgtMmMyZmJhZDJmMDEx
LzEvUTY2NF8xVzlSbEFMSjl1YzhkN0NWaWRySzJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9QOAwQA
ufYfMA0GCSqGSIb3DQEBCwUAA4IBAQAiLWHFYedWgcoRqUH8Tcy7RXp+1p6k5Fmo
9YeuC/liDfPzFQSvJeCUue05WmjiELAXiJSzAE4cR7Jw83CXucjAA+N0F1YWSQ87
UDld95/5K8+hcaV2wQyMtUT0KZPw1zCrfc7B12f41V7VfXxTHqyhdkQp9g7MKQpm
6wbCANR4wXx3+yM7SSQee6xK84mw6FL0gKJqcj9pagDFlR4LgeigbYzwREKUohiK
sRPJoRY+TlJWEfBU0pNbYoyKrfY1iAp3eDleeqCNFryMdnzmSIE9BfVvryuyYAJe
JJpEqirsQUZNtbhkx03y+zuVvResfun97NT9qq4e2/b7MzVN9ZnX
-----END CERTIFICATE-----
Generated at Fri Mar 13 10:32:14 2026 by rpki-client