Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/4pRktO4y8eD6ra6mNvqltmnz8b4.roa
File: 4pRktO4y8eD6ra6mNvqltmnz8b4.roa (raw, json)
Hash identifier: 12Ja1hE6iIHHrJyGhSLx59zaQ5zOOmttof6X79gSp0Q=
Subject key identifier: E2:94:64:B4:EE:32:F1:E0:FA:AD:AE:A6:36:FA:A5:B6:69:F3:F1:BE
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019D924DA5EC09AA70650A75B22011961224
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/4pRktO4y8eD6ra6mNvqltmnz8b4.roa
Signing time: Wed 15 Apr 2026 18:00:55 +0000
ROA not before: Wed 15 Apr 2026 18:00:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200436
IP address blocks: 5.42.217.0/24 maxlen: 24
62.3.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 11:21:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:4d:a5:ec:09:aa:70:65:0a:75:b2:20:11:96:12:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Apr 15 18:00:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e29464b4ee32f1e0faadaea636faa5b669f3f1be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cd:5b:13:5a:c0:ae:49:28:b3:eb:ad:82:47:
5e:3b:61:49:9f:7e:05:52:70:14:bf:dd:49:45:f3:
3b:1e:22:84:68:ec:29:cc:b7:36:47:b8:06:28:e3:
b7:6c:a7:7d:81:da:9c:5f:5e:0d:24:2a:6c:1b:0c:
57:bf:b7:9b:08:af:38:a6:64:96:82:f5:c6:ac:de:
d5:ef:f5:68:4b:a8:d8:17:f8:cf:69:21:23:1e:49:
3b:f6:61:52:cc:dc:7b:2a:93:52:f9:7d:e4:f8:d1:
ea:93:0e:e9:21:aa:a1:2b:46:2c:88:27:df:72:c5:
39:49:94:6e:54:fd:03:cb:15:a2:53:9e:d1:bf:8f:
a5:f7:0d:76:32:e1:07:cd:41:9f:08:55:4d:16:51:
f3:06:35:fc:40:ce:37:1a:ed:11:d0:f9:8b:5a:de:
3a:92:ac:7d:12:a4:a9:b6:54:1b:f1:53:e6:a2:0c:
04:12:b9:34:46:48:a0:2d:dd:9a:9b:0b:3a:c7:45:
52:74:8e:82:c3:3c:dc:ca:76:b2:81:78:4a:cc:d2:
22:7a:6a:a5:ed:88:37:54:44:c0:ef:4d:4f:14:30:
97:93:bb:ab:af:54:db:18:10:b8:b5:2a:c7:5f:6f:
82:81:08:cd:21:37:f4:b8:cf:4e:b1:a9:6d:72:2f:
98:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:94:64:B4:EE:32:F1:E0:FA:AD:AE:A6:36:FA:A5:B6:69:F3:F1:BE
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/4pRktO4y8eD6ra6mNvqltmnz8b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.217.0/24
62.3.14.0/24
Signature Algorithm: sha256WithRSAEncryption
92:0b:61:69:ed:a2:68:82:7e:92:1e:0d:79:80:41:cf:6e:3e:
17:39:73:5a:3b:a5:77:d0:b9:5c:b5:08:98:f3:7c:15:9a:f9:
54:d8:be:74:25:81:7c:09:39:52:51:d4:bc:dd:3f:76:dd:40:
57:47:a8:82:46:43:79:f8:fd:a9:42:eb:eb:a5:44:f5:88:b0:
a6:cf:4b:bc:4d:25:db:f0:47:9c:87:7e:b2:b4:01:12:60:eb:
13:28:77:ee:85:b5:f7:09:55:e5:0f:60:b1:cd:c7:d2:1c:6b:
71:4f:60:73:c2:37:47:07:5b:78:60:e6:2c:15:8d:be:f9:68:
c1:b7:05:c9:8d:c2:d2:bb:92:77:49:cc:54:67:a5:c1:11:9c:
51:78:cd:d9:fc:39:e3:fb:d3:e0:aa:63:ec:9c:28:02:6d:a1:
2b:02:eb:41:bb:38:0f:d4:3f:b4:cd:c6:64:e3:45:4a:1d:46:
ce:f1:9a:d7:34:49:b7:dc:b5:65:69:c9:82:d7:0f:b8:ef:b2:
39:e5:91:3c:43:9c:ac:07:2d:47:fc:e5:41:0a:1e:3e:ea:91:
a6:c9:af:bc:df:d7:6a:f8:c9:08:41:83:d9:6d:35:2f:5a:4b:
ec:9b:cd:87:fc:71:c4:91:80:cf:ef:fc:0c:ee:c8:55:dc:7b:
eb:0e:4e:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2STaXsCapwZQp1siARlhIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwNDE1MTgwMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjk0NjRiNGVlMzJmMWUwZmFhZGFlYTYzNmZhYTViNjY5ZjNmMWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzc1bE1rArkkos+utgkdeO2FJn34F
UnAUv91JRfM7HiKEaOwpzLc2R7gGKOO3bKd9gdqcX14NJCpsGwxXv7ebCK84pmSW
gvXGrN7V7/VoS6jYF/jPaSEjHkk79mFSzNx7KpNS+X3k+NHqkw7pIaqhK0YsiCff
csU5SZRuVP0DyxWiU57Rv4+l9w12MuEHzUGfCFVNFlHzBjX8QM43Gu0R0PmLWt46
kqx9EqSptlQb8VPmogwEErk0RkigLd2amws6x0VSdI6CwzzcynaygXhKzNIiemql
7Yg3VETA701PFDCXk7urr1TbGBC4tSrHX2+CgQjNITf0uM9Osaltci+YMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOKUZLTuMvHg+q2upjb6pbZp8/G+MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvNHBSa3RPNHk4ZUQ2cmE2bU52cWx0bW56OGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABSrZAwQA
PgMOMA0GCSqGSIb3DQEBCwUAA4IBAQCSC2Fp7aJogn6SHg15gEHPbj4XOXNaO6V3
0LlctQiY83wVmvlU2L50JYF8CTlSUdS83T923UBXR6iCRkN5+P2pQuvrpUT1iLCm
z0u8TSXb8Eech36ytAESYOsTKHfuhbX3CVXlD2CxzcfSHGtxT2BzwjdHB1t4YOYs
FY2++WjBtwXJjcLSu5J3ScxUZ6XBEZxReM3Z/Dnj+9PgqmPsnCgCbaErAutBuzgP
1D+0zcZk40VKHUbO8ZrXNEm33LVlacmC1w+477I55ZE8Q5ysBy1H/OVBCh4+6pGm
ya+839dq+MkIQYPZbTUvWkvsm82H/HHEkYDP7/wM7shV3HvrDk66
-----END CERTIFICATE-----
Generated at Thu Apr 16 21:48:31 2026 by rpki-client