Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/f0fB3ZCLspEHf4xo9ont5Ruj-yU.roa
File: f0fB3ZCLspEHf4xo9ont5Ruj-yU.roa (raw, json)
Hash identifier: s3KQRvgs0uMJaKxlqnyZSS+058EdiVidz4VTBoWLKeU=
Subject key identifier: 7F:47:C1:DD:90:8B:B2:91:07:7F:8C:68:F6:89:ED:E5:1B:A3:FB:25
Certificate issuer: /CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Certificate serial: 019E60D6E5FA4DA405B103590406111E9F9B
Authority key identifier: 92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/f0fB3ZCLspEHf4xo9ont5Ruj-yU.roa
Signing time: Mon 25 May 2026 20:32:36 +0000
ROA not before: Mon 25 May 2026 20:32:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51026
IP address blocks: 5.56.132.0/24 maxlen: 24
5.56.133.0/24 maxlen: 24
79.143.84.0/24 maxlen: 24
87.236.209.0/24 maxlen: 24
87.236.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:60:d6:e5:fa:4d:a4:05:b1:03:59:04:06:11:1e:9f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Validity
Not Before: May 25 20:32:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7f47c1dd908bb291077f8c68f689ede51ba3fb25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9d:b6:82:ac:a2:c8:54:75:85:a6:9c:53:79:
f1:6c:c8:81:64:6c:d2:9e:9b:3a:7f:35:7c:46:1c:
06:2b:2a:98:0b:02:87:b4:0f:7d:e7:32:6a:18:a4:
93:05:2c:73:3a:d2:a1:3b:fd:bb:de:e4:0b:50:34:
1a:44:6d:c7:aa:fa:49:b4:56:90:02:0c:7f:6c:ec:
09:8e:ba:85:81:81:ea:04:88:98:5e:f0:43:43:9e:
b9:d7:3a:b2:fd:59:76:74:79:0b:6c:d5:ee:bf:66:
ff:8e:cd:1e:9d:c0:b4:a5:f6:21:07:98:53:6e:a8:
c2:59:a9:d2:65:80:a3:1d:3a:1b:f2:e2:4a:46:f2:
f5:a5:e9:b8:c4:96:37:55:a3:10:9c:22:a9:0e:a5:
b6:8b:76:f4:74:b4:de:e3:07:f2:f8:ee:83:46:cb:
e6:04:73:81:8d:5b:68:d3:58:a5:6c:72:92:8b:91:
3d:4a:a8:11:fa:eb:ec:51:99:8d:6a:9e:05:66:a6:
48:e6:89:a1:52:94:35:6a:27:ed:a3:5e:ef:d9:77:
3b:6a:62:32:b4:1f:2d:78:24:74:06:3d:65:4a:c0:
c1:cb:8b:c9:11:1d:e5:cd:f0:a6:e0:13:f7:80:36:
c6:28:63:81:7d:05:0d:e6:43:d4:cd:17:2c:c5:d1:
eb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:47:C1:DD:90:8B:B2:91:07:7F:8C:68:F6:89:ED:E5:1B:A3:FB:25
X509v3 Authority Key Identifier:
keyid:92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/f0fB3ZCLspEHf4xo9ont5Ruj-yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.132.0/23
79.143.84.0/24
87.236.209.0/24
87.236.212.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:59:81:7c:81:f7:0f:fe:cb:c4:d2:e4:a2:b9:a2:8a:b6:07:
a0:34:47:90:ba:96:e9:06:32:86:a1:ae:c3:2d:48:f1:1f:e6:
d0:5e:23:54:bc:6e:d6:10:8c:bc:49:f9:59:40:f4:1b:9a:71:
29:b6:22:ef:d1:34:52:4f:59:61:c9:ef:dc:51:c4:24:a0:93:
fa:4a:ff:3e:a3:c8:38:a9:e1:81:a2:01:27:52:f9:05:43:06:
e6:20:e3:80:de:72:ac:f8:6d:e2:02:9c:81:84:84:3d:6b:44:
74:75:54:e0:d3:7a:78:a1:e2:21:28:11:e7:e6:01:89:1b:35:
d6:1b:17:83:58:bd:a4:9c:f5:ce:fd:08:97:ce:17:15:57:f6:
64:88:07:70:13:6f:10:6c:ed:e4:f5:a1:f8:0f:89:93:1e:d1:
66:f0:40:58:d5:75:44:87:dc:02:a5:fc:24:20:df:91:c3:d6:
e7:d2:c2:10:32:20:02:bc:e5:57:d0:f3:a4:b6:28:f0:cd:92:
94:74:7b:91:3f:ec:67:b2:db:fe:f7:2d:b0:b2:b1:76:b7:c2:
7c:2d:f2:fb:73:8b:2b:cc:fc:ac:e1:58:b1:93:18:4c:be:1f:
9c:05:ca:89:e8:f8:06:e0:18:c9:59:0e:27:43:a9:fb:bd:93:
4a:9d:88:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5g1uX6TaQFsQNZBAYRHp+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYmY2NDY0Y2U2ZTE5YTRkY2Y4YTMyYjI3YTJmMWNiZTE1
NTEwNTUwHhcNMjYwNTI1MjAzMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQ3YzFkZDkwOGJiMjkxMDc3ZjhjNjhmNjg5ZWRlNTFiYTNmYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz522gqyiyFR1haacU3nxbMiBZGzS
nps6fzV8RhwGKyqYCwKHtA995zJqGKSTBSxzOtKhO/273uQLUDQaRG3HqvpJtFaQ
Agx/bOwJjrqFgYHqBIiYXvBDQ5651zqy/Vl2dHkLbNXuv2b/js0encC0pfYhB5hT
bqjCWanSZYCjHTob8uJKRvL1pem4xJY3VaMQnCKpDqW2i3b0dLTe4wfy+O6DRsvm
BHOBjVto01ilbHKSi5E9SqgR+uvsUZmNap4FZqZI5omhUpQ1aifto17v2Xc7amIy
tB8teCR0Bj1lSsDBy4vJER3lzfCm4BP3gDbGKGOBfQUN5kPUzRcsxdHrJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH9Hwd2Qi7KRB3+MaPaJ7eUbo/slMB8GA1UdIwQY
MBaAFJK/ZGTObhmk3PijKyei8cvhVRBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzct
YjUzZTMwZTE0MTJhLzEvZjBmQjNaQ0xzcEVIZjR4bzlvbnQ1UnVqLXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzctYjUzZTMwZTE0MTJh
LzEva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBTiEAwQA
T49UAwQAV+zRAwQAV+zUMA0GCSqGSIb3DQEBCwUAA4IBAQC9WYF8gfcP/svE0uSi
uaKKtgegNEeQupbpBjKGoa7DLUjxH+bQXiNUvG7WEIy8SflZQPQbmnEptiLv0TRS
T1lhye/cUcQkoJP6Sv8+o8g4qeGBogEnUvkFQwbmIOOA3nKs+G3iApyBhIQ9a0R0
dVTg03p4oeIhKBHn5gGJGzXWGxeDWL2knPXO/QiXzhcVV/ZkiAdwE28QbO3k9aH4
D4mTHtFm8EBY1XVEh9wCpfwkIN+Rw9bn0sIQMiACvOVX0POktijwzZKUdHuRP+xn
stv+9y2wsrF2t8J8LfL7c4srzPys4VixkxhMvh+cBcqJ6PgG4BjJWQ4nQ6n7vZNK
nYh1
-----END CERTIFICATE-----
Generated at Fri Jun 12 05:30:38 2026 by rpki-client