Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/fhBwAAAKsFClM1kXSXaAmjf7WA8.roa
File: fhBwAAAKsFClM1kXSXaAmjf7WA8.roa (raw, json)
Hash identifier: ABuKWxwbP2yN2IKq1ZVxmtzpWZDM6jME0HRhZj5X1YU=
Subject key identifier: 7E:10:70:00:00:0A:B0:50:A5:33:59:17:49:76:80:9A:37:FB:58:0F
Certificate issuer: /CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Certificate serial: 019EC52602195F56DC504533AE0CC68CFA08
Authority key identifier: 5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/fhBwAAAKsFClM1kXSXaAmjf7WA8.roa
Signing time: Sun 14 Jun 2026 08:01:02 +0000
ROA not before: Sun 14 Jun 2026 08:01:02 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50049
IP address blocks: 87.232.95.0/24 maxlen: 24
205.234.120.0/22 maxlen: 22
205.234.124.0/23 maxlen: 23
205.234.126.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 17:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c5:26:02:19:5f:56:dc:50:45:33:ae:0c:c6:8c:fa:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Validity
Not Before: Jun 14 08:01:02 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7e107000000ab050a53359174976809a37fb580f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4a:37:a9:b9:4b:15:8b:88:89:5a:2e:ff:a7:
cf:25:f3:bf:12:c3:a8:54:06:60:3d:f1:58:d6:14:
fa:bd:88:0a:dc:a7:f6:18:48:b8:3d:e5:0f:0b:ae:
4c:76:8d:6e:90:1f:6d:13:7f:78:fd:2d:1b:1a:80:
85:58:41:f1:1a:fb:c6:ce:07:1e:02:df:e8:3c:31:
ac:07:d0:5f:eb:5a:d2:a4:47:8f:7e:58:9e:f1:e3:
27:92:76:09:52:12:1f:61:40:c3:f8:27:bf:ba:3b:
66:af:b5:b5:8c:9d:78:80:17:9c:6a:5d:78:f7:2a:
cb:ab:74:f6:c4:e2:24:5c:3a:66:2f:a6:b0:2c:65:
80:e2:a1:37:63:ec:73:f5:8b:95:0e:80:9d:83:36:
17:55:28:cd:55:f3:0e:3c:71:8a:e5:06:82:a7:40:
22:67:f7:81:e7:35:2d:34:45:dd:c6:4a:2d:c6:c8:
15:ad:da:52:7b:62:a9:79:90:c8:9f:a1:1b:d0:7b:
1a:59:26:ef:e8:62:04:d1:3b:7e:c4:cb:ac:15:4c:
e0:69:2c:d3:48:4f:22:e9:9c:6b:0c:a3:58:88:94:
8a:72:6f:d4:83:d7:95:c2:d1:f7:0c:0d:45:99:24:
68:94:a8:e1:49:f8:2e:39:67:80:ef:2b:0c:51:07:
3f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:10:70:00:00:0A:B0:50:A5:33:59:17:49:76:80:9A:37:FB:58:0F
X509v3 Authority Key Identifier:
keyid:5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/fhBwAAAKsFClM1kXSXaAmjf7WA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.232.95.0/24
205.234.120.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:cc:35:cb:2d:1c:00:97:c1:3c:e7:a9:1a:71:c4:bd:e4:d4:
5f:3b:28:a3:bb:10:79:37:c1:ca:9c:c0:e8:4b:a3:f9:4f:bc:
16:d3:97:e9:80:ff:cb:8e:b5:7c:03:94:1e:e8:92:f7:aa:8c:
06:04:be:ab:66:b1:52:7a:40:18:4c:ee:34:4e:c8:06:c3:fe:
db:9b:f8:e2:e9:7d:fa:e1:4c:e5:00:47:3d:d3:78:eb:7d:0c:
a1:3e:d3:7f:3b:00:89:9b:0c:14:18:e5:8e:d9:b4:20:e0:5a:
d0:7c:30:b7:47:97:4e:52:d2:23:4b:15:db:b3:99:01:f5:e2:
6d:ac:56:74:7c:21:21:28:7f:65:be:4c:58:09:6f:d8:77:4d:
3f:06:92:28:01:ca:fe:0a:3b:3b:00:0c:65:77:0d:c7:db:f8:
9e:34:45:ac:f8:63:5c:fe:3a:3c:2a:df:2a:89:b0:ce:f3:ca:
99:6f:87:c6:60:97:f0:6f:4a:e1:4a:f3:4c:58:8d:98:2b:e8:
06:d1:78:7f:10:25:0f:b0:84:f8:b8:6a:3e:90:1a:1b:82:fb:
b6:a9:e2:ff:1a:d9:a3:7e:13:bd:eb:9a:aa:4a:1c:a5:77:a0:
26:56:d2:49:fb:99:24:5f:43:55:fc:b2:14:47:69:c2:05:08:
e1:d8:43:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ7FJgIZX1bcUEUzrgzGjPoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZTUzYzBiZmMzYzhmYjU2YjgxMTkxMzE3MTQ0NDQzZTBl
MjlkMjUwHhcNMjYwNjE0MDgwMTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTEwNzAwMDAwMGFiMDUwYTUzMzU5MTc0OTc2ODA5YTM3ZmI1ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEo3qblLFYuIiVou/6fPJfO/EsOo
VAZgPfFY1hT6vYgK3Kf2GEi4PeUPC65Mdo1ukB9tE394/S0bGoCFWEHxGvvGzgce
At/oPDGsB9Bf61rSpEePflie8eMnknYJUhIfYUDD+Ce/ujtmr7W1jJ14gBecal14
9yrLq3T2xOIkXDpmL6awLGWA4qE3Y+xz9YuVDoCdgzYXVSjNVfMOPHGK5QaCp0Ai
Z/eB5zUtNEXdxkotxsgVrdpSe2KpeZDIn6Eb0HsaWSbv6GIE0Tt+xMusFUzgaSzT
SE8i6ZxrDKNYiJSKcm/Ug9eVwtH3DA1FmSRolKjhSfguOWeA7ysMUQc/BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH4QcAAACrBQpTNZF0l2gJo3+1gPMB8GA1UdIwQY
MBaAFF/lPAv8PI+1a4EZExcUREPg4p0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDct
NWNmNTZlZTQzNWIzLzEvZmhCd0FBQUtzRkNsTTFrWFNYYUFtamY3V0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDctNWNmNTZlZTQzNWIz
LzEvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV+hfAwQD
zep4MA0GCSqGSIb3DQEBCwUAA4IBAQAszDXLLRwAl8E856kaccS95NRfOyijuxB5
N8HKnMDoS6P5T7wW05fpgP/LjrV8A5Qe6JL3qowGBL6rZrFSekAYTO40TsgGw/7b
m/ji6X364UzlAEc903jrfQyhPtN/OwCJmwwUGOWO2bQg4FrQfDC3R5dOUtIjSxXb
s5kB9eJtrFZ0fCEhKH9lvkxYCW/Yd00/BpIoAcr+Cjs7AAxldw3H2/ieNEWs+GNc
/jo8Kt8qibDO88qZb4fGYJfwb0rhSvNMWI2YK+gG0Xh/ECUPsIT4uGo+kBobgvu2
qeL/GtmjfhO965qqShyld6AmVtJJ+5kkX0NV/LIUR2nCBQjh2ENq
-----END CERTIFICATE-----
Generated at Sun Jun 28 01:59:12 2026 by rpki-client