Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/fRcV96iXGKdoyjVRdPHrGAownRM.roa
File: fRcV96iXGKdoyjVRdPHrGAownRM.roa (raw, json)
Hash identifier: IKkVCoYycSpKuhTwuB1p341N4mBMfqOr4DjrshXk01c=
Subject key identifier: 7D:17:15:F7:A8:97:18:A7:68:CA:35:51:74:F1:EB:18:0A:30:9D:13
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 019E877075D4773244B919427AB7F8E10110
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/fRcV96iXGKdoyjVRdPHrGAownRM.roa
Signing time: Tue 02 Jun 2026 08:25:54 +0000
ROA not before: Tue 02 Jun 2026 08:25:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 178.236.32.0/24 maxlen: 24
178.236.35.0/24 maxlen: 24
185.49.104.0/24 maxlen: 24
185.49.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:70:75:d4:77:32:44:b9:19:42:7a:b7:f8:e1:01:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Jun 2 08:25:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7d1715f7a89718a768ca355174f1eb180a309d13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c6:af:e4:38:7c:5a:14:c8:34:92:60:84:4c:
cd:de:ad:b2:9f:69:51:b4:0a:b1:fc:0c:c6:a2:79:
06:ed:b0:d1:b6:a7:60:0b:4f:cd:06:11:da:cb:07:
17:3b:a3:02:f8:19:1c:5b:a9:df:73:12:e7:67:81:
eb:1b:55:2a:ae:7b:bd:0d:2d:98:f0:dd:7e:f2:ea:
26:84:44:06:0f:54:7d:b6:e5:75:0a:33:03:a9:24:
25:ac:30:fa:74:31:f8:d1:d4:7f:85:6e:51:aa:0b:
92:5b:91:9a:13:61:84:4b:b6:bb:ca:30:6a:cd:a8:
00:06:c7:0a:23:4f:97:0e:39:7b:b2:63:62:d2:91:
64:6c:06:43:90:7f:e3:68:a3:cf:62:1e:9b:41:e1:
e6:35:df:5c:f3:97:bf:ef:29:84:ea:5e:cd:66:2e:
7b:06:51:3d:02:53:fd:cd:38:26:9e:8f:52:88:d9:
89:46:43:e4:7c:ff:4f:70:f3:33:4d:25:2c:b8:b5:
75:21:f4:36:99:74:a7:6e:7b:ea:b4:5e:4b:5f:db:
68:0c:31:2f:4f:3a:9a:4b:c2:ea:76:c1:d7:40:05:
3e:12:41:d9:00:8f:e8:ed:c3:be:90:91:27:16:da:
d3:dc:53:5f:78:b5:ea:35:5d:2a:d0:bd:db:f8:ad:
8b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:17:15:F7:A8:97:18:A7:68:CA:35:51:74:F1:EB:18:0A:30:9D:13
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/fRcV96iXGKdoyjVRdPHrGAownRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.32.0/24
178.236.35.0/24
185.49.104.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:97:ba:a7:3c:9d:dc:68:4b:98:d8:4a:57:60:a9:5e:99:8f:
7a:78:b2:1a:33:ad:ad:9f:fc:82:6b:45:e9:fa:a5:7e:3c:7d:
ef:40:6c:1c:98:26:b7:47:29:d1:e6:9e:41:3a:7a:72:11:72:
4a:5e:2b:80:c0:ac:9e:19:6c:44:c6:f3:3c:9f:35:f9:22:bf:
c5:72:6b:91:01:4a:9c:ea:eb:1e:6e:72:60:0f:4e:85:96:0b:
9a:da:2e:65:68:d1:98:39:6e:d8:04:d7:78:7a:86:0a:b2:69:
21:95:db:4f:39:df:84:71:a0:7a:96:aa:c9:fb:7f:80:b7:06:
38:a2:49:88:5f:08:06:a9:fd:e2:71:c8:85:75:91:cb:8d:a7:
ca:11:67:11:cc:46:3d:af:19:21:35:6c:76:e8:51:51:af:f4:
17:14:09:3b:8b:ee:bb:a1:39:84:32:78:07:6d:fc:dd:7d:d2:
d2:c0:4b:34:ec:41:df:1e:04:a4:42:76:d2:9b:44:59:db:39:
05:44:97:2a:e4:ea:fc:9a:f6:20:b7:f1:58:01:ba:5e:23:19:
42:84:57:7f:b7:60:b3:3b:93:36:e8:2a:b4:7d:81:9a:e1:c2:
ea:f1:9a:d4:87:24:30:c3:1c:85:ae:5f:46:d3:b7:12:0f:63:
71:bd:19:e6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ6HcHXUdzJEuRlCerf44QEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjYwNjAyMDgyNTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDE3MTVmN2E4OTcxOGE3NjhjYTM1NTE3NGYxZWIxODBhMzA5ZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcav5Dh8WhTINJJghEzN3q2yn2lR
tAqx/AzGonkG7bDRtqdgC0/NBhHaywcXO6MC+BkcW6nfcxLnZ4HrG1Uqrnu9DS2Y
8N1+8uomhEQGD1R9tuV1CjMDqSQlrDD6dDH40dR/hW5RqguSW5GaE2GES7a7yjBq
zagABscKI0+XDjl7smNi0pFkbAZDkH/jaKPPYh6bQeHmNd9c85e/7ymE6l7NZi57
BlE9AlP9zTgmno9SiNmJRkPkfP9PcPMzTSUsuLV1IfQ2mXSnbnvqtF5LX9toDDEv
TzqaS8LqdsHXQAU+EkHZAI/o7cO+kJEnFtrT3FNfeLXqNV0q0L3b+K2LFQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFH0XFfeolxinaMo1UXTx6xgKMJ0TMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL2ZSY1Y5NmlYR0tkb3lqVlJkUEhyR0Fvd25STS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACy7CAD
BACy7CMDBAG5MWgwDQYJKoZIhvcNAQELBQADggEBAByXuqc8ndxoS5jYSldgqV6Z
j3p4shozra2f/IJrRen6pX48fe9AbByYJrdHKdHmnkE6enIRckpeK4DArJ4ZbETG
8zyfNfkiv8Vya5EBSpzq6x5ucmAPToWWC5raLmVo0Zg5btgE13h6hgqyaSGV2085
34RxoHqWqsn7f4C3BjiiSYhfCAap/eJxyIV1kcuNp8oRZxHMRj2vGSE1bHboUVGv
9BcUCTuL7ruhOYQyeAdt/N190tLASzTsQd8eBKRCdtKbRFnbOQVElyrk6vya9iC3
8VgBul4jGUKEV3+3YLM7kzboKrR9gZrhwurxmtSHJDDDHIWuX0bTtxIPY3G9GeY=
-----END CERTIFICATE-----
Generated at Fri Jun 12 06:21:53 2026 by rpki-client