Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/FX2DCCg10V3NFoD2EofWsgxPL_w.roa
File: FX2DCCg10V3NFoD2EofWsgxPL_w.roa (raw, json)
Hash identifier: /ioz6GFr+RwRswluJ/eZWBAO5Qj0xFKfPkkCX5XVsoY=
Subject key identifier: 15:7D:83:08:28:35:D1:5D:CD:16:80:F6:12:87:D6:B2:0C:4F:2F:FC
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CB2C42F02A9BCADC6B9262DCC3935B87B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/FX2DCCg10V3NFoD2EofWsgxPL_w.roa
Signing time: Tue 03 Mar 2026 08:15:27 +0000
ROA not before: Tue 03 Mar 2026 08:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 45.87.243.0/24 maxlen: 24
45.146.128.0/24 maxlen: 24
2a09:17c0:1000::/48 maxlen: 48
2a0a:2d07:24::/48 maxlen: 48
2a0e:c785:1::/48 maxlen: 48
2a0f:e6c7::/32 maxlen: 32
2a12:ac43:baca::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 10:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b2:c4:2f:02:a9:bc:ad:c6:b9:26:2d:cc:39:35:b8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 3 08:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=157d83082835d15dcd1680f61287d6b20c4f2ffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3a:aa:93:d3:61:45:e8:ba:34:cc:c5:09:48:
24:27:07:d5:ee:bb:50:44:cb:15:97:b3:80:23:58:
60:36:4e:86:a8:b9:3e:37:00:5e:fe:e0:c1:2b:bc:
39:b6:cc:96:3e:44:f3:0f:0d:1c:2e:44:8f:99:dc:
c0:0c:34:e6:fc:0d:d5:73:77:15:4d:e2:62:3c:b7:
07:da:3e:10:83:97:0d:ed:9d:3b:9e:68:fc:a5:1c:
48:4c:c0:a9:47:40:54:1f:b9:e8:19:74:cf:b0:60:
da:0f:cb:6b:e3:db:b5:c4:05:6a:94:64:d9:d5:22:
5f:b4:16:75:27:47:bf:4e:20:90:4a:c6:d8:41:65:
54:05:99:61:22:7a:41:d1:23:f0:c5:23:9e:88:2b:
0a:31:17:6f:76:13:5e:9c:7b:89:11:b9:d7:63:1d:
09:1e:10:c4:2d:e7:60:a0:64:7a:c2:91:43:8f:39:
9c:65:e2:14:d1:c1:b7:bd:f6:db:6a:c3:dc:bf:c4:
40:3a:71:2d:96:c2:c9:b4:4d:38:8f:ec:f2:b2:bc:
1a:d7:1c:c1:42:9b:3b:c8:4b:9a:e4:38:9a:41:30:
ac:95:2a:d1:da:c4:9c:7a:8f:2d:a0:b7:1e:6a:f4:
0e:88:50:46:15:2f:1c:35:02:02:a9:c9:fc:c5:26:
be:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:7D:83:08:28:35:D1:5D:CD:16:80:F6:12:87:D6:B2:0C:4F:2F:FC
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/FX2DCCg10V3NFoD2EofWsgxPL_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.243.0/24
45.146.128.0/24
IPv6:
2a09:17c0:1000::/48
2a0a:2d07:24::/48
2a0e:c785:1::/48
2a0f:e6c7::/32
2a12:ac43:baca::/48
Signature Algorithm: sha256WithRSAEncryption
6b:c3:fd:a0:a7:c6:2e:b1:68:41:5a:b2:54:59:4a:d9:75:35:
10:c8:de:5c:0f:e2:6b:63:16:d1:02:b9:0b:27:ac:b2:ab:ac:
ab:3c:fa:df:88:87:b4:67:8f:59:8d:f9:cc:8f:3f:bd:53:9e:
5b:e3:90:6b:a1:c8:c5:b7:9d:ea:c9:55:fb:23:06:d4:6e:b6:
33:a7:23:f2:ad:9e:c0:2e:fe:1e:52:87:06:d6:a4:45:67:70:
6f:a4:eb:87:39:f8:3e:58:df:93:3e:67:52:6c:8a:3d:58:2b:
f1:b6:a6:92:4c:22:49:6f:f0:da:df:2d:b9:81:3c:19:12:b4:
ad:16:8b:5f:75:62:a3:16:47:d9:3e:d7:87:8b:e0:34:d7:45:
42:5c:49:f9:93:ee:e1:05:cf:a7:e7:fc:39:b0:3d:8c:b0:f1:
c9:da:da:36:1b:12:02:17:8a:5b:27:2d:8b:0d:8a:65:16:a5:
dd:75:5b:a7:a9:2e:d7:cf:0d:c4:9a:24:09:01:fe:8f:93:13:
6a:e0:7b:20:a7:b3:d3:3a:13:84:d3:f1:f7:f6:75:18:31:d8:
cb:33:2e:d9:a2:c9:0f:c8:7b:fd:6a:56:a3:b6:18:9f:4d:10:
89:08:f2:7b:61:ed:b4:3e:71:03:39:54:89:32:ac:30:96:47:
1e:f8:52:b0
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZyyxC8CqbytxrkmLcw5Nbh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzAzMDgxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTdkODMwODI4MzVkMTVkY2QxNjgwZjYxMjg3ZDZiMjBjNGYyZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjqqk9NhRei6NMzFCUgkJwfV7rtQ
RMsVl7OAI1hgNk6GqLk+NwBe/uDBK7w5tsyWPkTzDw0cLkSPmdzADDTm/A3Vc3cV
TeJiPLcH2j4Qg5cN7Z07nmj8pRxITMCpR0BUH7noGXTPsGDaD8tr49u1xAVqlGTZ
1SJftBZ1J0e/TiCQSsbYQWVUBZlhInpB0SPwxSOeiCsKMRdvdhNenHuJEbnXYx0J
HhDELedgoGR6wpFDjzmcZeIU0cG3vfbbasPcv8RAOnEtlsLJtE04j+zysrwa1xzB
Qps7yEua5DiaQTCslSrR2sSceo8toLceavQOiFBGFS8cNQICqcn8xSa+DwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBV9gwgoNdFdzRaA9hKH1rIMTy/8MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRlgyRENDZzEwVjNORm9EMkVvZldzZ3hQTF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzASBAIAATAMAwQALVfzAwQA
LZKAMDEEAgACMCsDBwAqCRfAEAADBwAqCi0HACQDBwAqDseFAAEDBQAqD+bHAwcA
KhKsQ7rKMA0GCSqGSIb3DQEBCwUAA4IBAQBrw/2gp8YusWhBWrJUWUrZdTUQyN5c
D+JrYxbRArkLJ6yyq6yrPPrfiIe0Z49ZjfnMjz+9U55b45BrocjFt53qyVX7IwbU
brYzpyPyrZ7ALv4eUocG1qRFZ3BvpOuHOfg+WN+TPmdSbIo9WCvxtqaSTCJJb/Da
3y25gTwZErStFotfdWKjFkfZPteHi+A010VCXEn5k+7hBc+n5/w5sD2MsPHJ2to2
GxICF4pbJy2LDYplFqXddVunqS7Xzw3EmiQJAf6PkxNq4Hsgp7PTOhOE0/H39nUY
MdjLMy7ZoskPyHv9alajthifTRCJCPJ7Ye20PnEDOVSJMqwwlkce+FKw
-----END CERTIFICATE-----
Generated at Fri Mar 6 19:06:33 2026 by rpki-client