Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fbh0o5mQ7T-jMaGeXGgENjQBB6I.roa
File: fbh0o5mQ7T-jMaGeXGgENjQBB6I.roa (raw, json)
Hash identifier: CQ4X+A+4Qm0VIhChbkP+ntxnbm75AYrrkPpkV2yZcVM=
Subject key identifier: 7D:B8:74:A3:99:90:ED:3F:A3:31:A1:9E:5C:68:04:36:34:01:07:A2
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019EB640FAC88C2FCBA3367E364A05B41C0C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fbh0o5mQ7T-jMaGeXGgENjQBB6I.roa
Signing time: Thu 11 Jun 2026 10:36:12 +0000
ROA not before: Thu 11 Jun 2026 10:36:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200823
IP address blocks: 45.12.62.0/24 maxlen: 24
45.131.214.0/24 maxlen: 24
45.151.106.0/24 maxlen: 24
93.190.247.0/24 maxlen: 24
103.227.84.0/24 maxlen: 24
193.41.68.0/24 maxlen: 24
194.33.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b6:40:fa:c8:8c:2f:cb:a3:36:7e:36:4a:05:b4:1c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 11 10:36:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7db874a39990ed3fa331a19e5c680436340107a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:88:fb:5b:ef:5c:65:7e:91:5c:29:36:79:04:
69:77:f8:87:db:80:2a:45:75:c7:e7:67:5c:4a:70:
f0:7e:f7:fe:34:e7:5b:3a:e2:ea:93:5d:d3:9c:e4:
7a:e6:85:52:2f:71:a0:7d:1a:fd:cd:36:16:a1:c8:
eb:03:22:15:50:a0:d4:d1:7c:75:ff:2c:b7:23:d9:
03:f6:70:0a:50:a2:76:31:24:12:81:60:85:5c:68:
e5:0b:33:fb:22:c4:88:a5:54:37:34:38:d3:45:aa:
c3:45:fa:14:a8:85:4a:19:c6:ed:07:4e:07:3d:dd:
45:93:79:e3:dd:c5:fe:5a:6b:d2:7f:8b:22:57:76:
ed:c4:54:1d:19:b2:a7:78:45:f4:26:6b:88:38:73:
3e:3f:b0:eb:38:0c:c6:27:47:64:98:d9:8b:e0:5f:
3d:26:e7:3e:9a:a4:da:cd:cd:5a:4a:a8:29:da:64:
ba:69:1c:d1:93:ef:ae:84:0f:62:0e:f3:97:3b:2a:
b3:ab:82:8f:4a:4d:ec:2f:4a:32:bb:01:7b:d0:d1:
02:86:6f:fe:27:4f:9d:95:cc:9b:1c:10:49:c7:2f:
d6:93:0c:72:1c:fb:3e:e5:75:a1:01:22:74:2c:7c:
fa:2e:fa:aa:86:32:ed:19:82:45:67:97:c5:da:32:
d9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B8:74:A3:99:90:ED:3F:A3:31:A1:9E:5C:68:04:36:34:01:07:A2
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fbh0o5mQ7T-jMaGeXGgENjQBB6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.62.0/24
45.131.214.0/24
45.151.106.0/24
93.190.247.0/24
103.227.84.0/24
193.41.68.0/24
194.33.61.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:71:ed:38:f2:2f:29:92:7b:c3:03:32:2a:b2:b6:22:91:da:
3d:0a:fc:e4:f9:24:27:53:19:61:55:97:4a:b2:90:7e:3a:f4:
5b:4a:04:f8:b5:98:9f:c6:8e:9a:4e:93:f4:d6:1a:70:df:d9:
a0:cd:b7:a2:87:57:74:bd:9e:4c:c0:bd:9c:5a:d4:11:a7:f1:
74:f6:d0:a3:2f:cd:a0:72:26:a5:a1:56:ba:c7:c9:6d:50:c2:
3d:da:8f:bb:e9:fc:cc:1a:45:e4:d9:e1:13:85:7c:5b:e7:56:
eb:02:fe:b9:1f:69:a0:55:06:a9:8b:9b:a8:c7:14:3d:40:d2:
ff:c9:36:dd:10:88:96:fd:de:32:bb:b9:79:9e:d5:fc:e2:af:
99:b9:b1:de:6b:2d:59:02:25:df:f0:0b:b2:f9:80:4f:75:e7:
45:b3:63:49:6c:a4:a7:2d:53:38:2d:47:32:6d:4a:47:74:e9:
29:17:e9:25:6e:82:2e:ef:f9:5e:74:02:47:41:22:2b:51:ec:
df:32:ed:3d:58:8d:8e:ca:48:38:e4:11:8a:a7:ea:d1:48:5f:
12:65:d4:11:48:51:9a:92:7a:c8:79:b6:2c:6f:ce:4c:d9:47:
9d:59:d2:d6:71:e9:f0:c8:91:5d:98:a9:f3:c9:e8:91:f5:50:
da:1e:d6:9e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ62QPrIjC/LozZ+NkoFtBwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNjExMTAzNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGI4NzRhMzk5OTBlZDNmYTMzMWExOWU1YzY4MDQzNjM0MDEwN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYj7W+9cZX6RXCk2eQRpd/iH24Aq
RXXH52dcSnDwfvf+NOdbOuLqk13TnOR65oVSL3GgfRr9zTYWocjrAyIVUKDU0Xx1
/yy3I9kD9nAKUKJ2MSQSgWCFXGjlCzP7IsSIpVQ3NDjTRarDRfoUqIVKGcbtB04H
Pd1Fk3nj3cX+WmvSf4siV3btxFQdGbKneEX0JmuIOHM+P7DrOAzGJ0dkmNmL4F89
Juc+mqTazc1aSqgp2mS6aRzRk++uhA9iDvOXOyqzq4KPSk3sL0oyuwF70NEChm/+
J0+dlcybHBBJxy/WkwxyHPs+5XWhASJ0LHz6LvqqhjLtGYJFZ5fF2jLZlQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFH24dKOZkO0/ozGhnlxoBDY0AQeiMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZmJoMG81bVE3VC1qTWFHZVhHZ0VOalFCQjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQw+AwQA
LYPWAwQALZdqAwQAXb73AwQAZ+NUAwQAwSlEAwQAwiE9MA0GCSqGSIb3DQEBCwUA
A4IBAQCyce048i8pknvDAzIqsrYikdo9Cvzk+SQnUxlhVZdKspB+OvRbSgT4tZif
xo6aTpP01hpw39mgzbeih1d0vZ5MwL2cWtQRp/F09tCjL82gcialoVa6x8ltUMI9
2o+76fzMGkXk2eEThXxb51brAv65H2mgVQapi5uoxxQ9QNL/yTbdEIiW/d4yu7l5
ntX84q+ZubHeay1ZAiXf8Auy+YBPdedFs2NJbKSnLVM4LUcybUpHdOkpF+klboIu
7/ledAJHQSIrUezfMu09WI2Oykg45BGKp+rRSF8SZdQRSFGaknrIebYsb85M2Ued
WdLWcenwyJFdmKnzyeiR9VDaHtae
-----END CERTIFICATE-----
Generated at Thu Jun 11 16:26:22 2026 by rpki-client