Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/1-lZQQwIGspy-A49VyQ7kHmNHpKQ.roa
File: 1-lZQQwIGspy-A49VyQ7kHmNHpKQ.roa (raw, json)
Hash identifier: 2vhnioGO/eiMQvJeJ+tmXutIm8YlR1a8HfWiqLl7pT0=
Subject key identifier: FA:56:50:43:02:06:B2:9C:BE:03:8F:55:C9:0E:E4:1E:63:47:A4:A4
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019ED996F062194EAB8CC4F4E408CD357940
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/1-lZQQwIGspy-A49VyQ7kHmNHpKQ.roa
Signing time: Thu 18 Jun 2026 07:16:48 +0000
ROA not before: Thu 18 Jun 2026 07:16:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198154
IP address blocks: 45.159.148.0/24 maxlen: 24
87.236.38.0/24 maxlen: 24
195.190.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d9:96:f0:62:19:4e:ab:8c:c4:f4:e4:08:cd:35:79:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Jun 18 07:16:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa5650430206b29cbe038f55c90ee41e6347a4a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ba:eb:b9:3e:55:24:b5:0b:f3:fb:ac:3b:9c:
2e:94:cc:c7:5a:66:86:f9:70:8b:40:0c:03:77:7e:
fd:12:5c:74:3f:65:e8:55:58:e9:fd:1e:49:13:3e:
cd:2b:18:93:50:43:f4:65:fc:cf:2f:a3:2a:10:f9:
8b:42:de:32:87:01:b8:5e:09:37:49:90:c3:d3:04:
d5:70:cf:28:50:d8:cd:5d:54:8f:05:fc:75:be:db:
df:26:b1:38:1f:c3:e8:62:5b:eb:9e:3b:70:e6:ea:
9f:14:a5:9c:ab:d5:92:9a:43:43:8e:f4:a3:88:bb:
c2:03:f1:57:b0:c3:f5:fa:84:88:63:97:03:26:d5:
24:5d:45:c5:e0:53:75:a2:34:ce:6d:44:57:2a:ce:
8b:89:31:5b:ca:48:35:53:6b:6f:fd:d6:2c:f8:fc:
bf:1b:79:72:14:43:17:0f:c2:f7:d9:99:6d:24:83:
bf:85:1e:8e:aa:b3:56:fa:b6:57:28:89:e7:10:22:
18:a6:e7:0d:f3:ea:98:ca:22:e7:83:1a:b0:fb:21:
51:40:5f:fa:f7:75:68:fc:c7:dc:e9:55:c7:57:d7:
ee:0e:41:8b:ae:13:ef:aa:3a:ad:cf:76:9d:bb:3c:
84:d5:67:79:e9:e8:62:26:f9:e5:ee:01:98:ad:a4:
89:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:56:50:43:02:06:B2:9C:BE:03:8F:55:C9:0E:E4:1E:63:47:A4:A4
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/1-lZQQwIGspy-A49VyQ7kHmNHpKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.148.0/24
87.236.38.0/24
195.190.144.0/24
Signature Algorithm: sha256WithRSAEncryption
57:d1:a9:e8:b2:b7:bf:77:2f:04:9d:2a:81:b2:53:1e:ed:0f:
91:0f:f3:92:b3:bf:b2:7c:19:45:d2:97:b3:66:27:61:db:d2:
3c:91:aa:11:b3:ba:20:a4:79:55:9d:1d:c3:ed:16:df:7c:80:
75:20:1d:81:2e:2f:12:65:42:36:c7:f2:07:01:65:c3:63:e9:
4f:30:18:6a:a9:f5:f8:72:da:2d:0c:5d:2d:53:0a:32:44:22:
3c:62:39:0d:a3:1d:ed:8b:8c:6e:6e:90:86:b3:78:5f:ce:a9:
8c:5e:5f:e5:5f:de:ba:4c:74:58:48:26:b2:64:71:9d:1b:3a:
28:19:d3:43:67:e8:47:9f:87:aa:70:75:cf:7a:64:e0:cd:f2:
0e:64:56:21:e0:19:46:ab:27:2f:6c:95:bf:00:82:1a:c3:2e:
73:c9:1c:fa:bb:14:79:dc:6f:97:1e:eb:bf:4f:d8:b9:11:49:
af:7d:1c:3e:4d:92:6f:2e:fc:36:bf:6c:09:2a:cf:34:9c:1e:
a9:1e:d6:62:8a:2d:d3:db:48:9b:97:d4:03:f1:6f:f2:70:4d:
d1:f8:15:a5:63:cc:c8:4f:8d:a1:4b:96:90:86:be:9b:57:0a:
9e:2f:10:3a:e8:58:c6:9e:84:cc:be:84:b1:2a:7d:f3:cc:96:
15:63:55:ad
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZ7ZlvBiGU6rjMT05AjNNXlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwNjE4MDcxNjQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTU2NTA0MzAyMDZiMjljYmUwMzhmNTVjOTBlZTQxZTYzNDdhNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3brruT5VJLUL8/usO5wulMzHWmaG
+XCLQAwDd379Elx0P2XoVVjp/R5JEz7NKxiTUEP0ZfzPL6MqEPmLQt4yhwG4Xgk3
SZDD0wTVcM8oUNjNXVSPBfx1vtvfJrE4H8PoYlvrnjtw5uqfFKWcq9WSmkNDjvSj
iLvCA/FXsMP1+oSIY5cDJtUkXUXF4FN1ojTObURXKs6LiTFbykg1U2tv/dYs+Py/
G3lyFEMXD8L32ZltJIO/hR6OqrNW+rZXKInnECIYpucN8+qYyiLngxqw+yFRQF/6
93Vo/Mfc6VXHV9fuDkGLrhPvqjqtz3aduzyE1Wd56ehiJvnl7gGYraSJMwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPpWUEMCBrKcvgOPVckO5B5jR6SkMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvMS1sWlFRd0lHc3B5LUE0OVZ5UTdrSG1OSHBLUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2YvZmQzNjJmLWFmY2ItNGNmNS05OGM2LTA5NDg5ODllNmQ1
NS8xL2ZEMENLaVFNNXg0S2JoNmFyZ0VTMm9RTXcwcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC2flAME
AFfsJgMEAMO+kDANBgkqhkiG9w0BAQsFAAOCAQEAV9Gp6LK3v3cvBJ0qgbJTHu0P
kQ/zkrO/snwZRdKXs2YnYdvSPJGqEbO6IKR5VZ0dw+0W33yAdSAdgS4vEmVCNsfy
BwFlw2PpTzAYaqn1+HLaLQxdLVMKMkQiPGI5DaMd7YuMbm6QhrN4X86pjF5f5V/e
ukx0WEgmsmRxnRs6KBnTQ2foR5+HqnB1z3pk4M3yDmRWIeAZRqsnL2yVvwCCGsMu
c8kc+rsUedxvlx7rv0/YuRFJr30cPk2Sby78Nr9sCSrPNJweqR7WYoot09tIm5fU
A/Fv8nBN0fgVpWPMyE+NoUuWkIa+m1cKni8QOuhYxp6EzL6EsSp988yWFWNVrQ==
-----END CERTIFICATE-----
Generated at Sat Jun 20 05:20:10 2026 by rpki-client