Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/FqQzin5AyA5f6WQtz3QGyb25Lkw.roa
File: FqQzin5AyA5f6WQtz3QGyb25Lkw.roa (raw, json)
Hash identifier: jo5wd7AW0r4ksG6ucK99tJ1yird0s7L219QrcqvmBqs=
Subject key identifier: 16:A4:33:8A:7E:40:C8:0E:5F:E9:64:2D:CF:74:06:C9:BD:B9:2E:4C
Certificate issuer: /CN=db641fc903d5b4cc971649324a4b34e4f82422c5
Certificate serial: 019EBCBF90B3A5AC2F84D77B2C90E4B4ACE0
Authority key identifier: DB:64:1F:C9:03:D5:B4:CC:97:16:49:32:4A:4B:34:E4:F8:24:22:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/FqQzin5AyA5f6WQtz3QGyb25Lkw.roa
Signing time: Fri 12 Jun 2026 16:52:11 +0000
ROA not before: Fri 12 Jun 2026 16:52:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5533
IP address blocks: 77.91.200.0/21 maxlen: 21
80.172.0.0/16 maxlen: 18
188.93.224.0/21 maxlen: 21
194.62.240.0/22 maxlen: 22
195.22.0.0/19 maxlen: 19
195.35.66.0/24 maxlen: 24
195.72.136.0/22 maxlen: 22
2001:4cc0::/32 maxlen: 48
2a02:27e0::/32 maxlen: 48
2a03:73c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Jun 2026 13:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bc:bf:90:b3:a5:ac:2f:84:d7:7b:2c:90:e4:b4:ac:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db641fc903d5b4cc971649324a4b34e4f82422c5
Validity
Not Before: Jun 12 16:52:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=16a4338a7e40c80e5fe9642dcf7406c9bdb92e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:aa:81:12:12:93:0f:e8:0c:b4:72:81:b0:c8:
66:bb:32:76:40:67:50:cf:f0:ad:4d:81:3e:d2:b4:
91:3e:fd:e9:e8:4e:6a:28:7a:44:fb:81:43:5d:b7:
7d:13:fb:aa:11:af:1b:e8:0b:ba:c8:51:f8:f3:f9:
68:e9:da:c8:4f:58:d9:84:a7:a6:ea:a6:fc:3b:c7:
d9:09:d3:5b:ce:d5:74:c1:5d:59:7a:17:77:22:9c:
fb:56:6e:b6:c2:26:14:8e:41:70:5f:1d:6d:cc:14:
dd:ed:14:2f:eb:26:62:12:60:46:29:d7:cc:94:d1:
47:9f:82:c7:cc:0f:b5:c9:ce:cb:ae:2f:81:0c:50:
ad:4c:83:f9:bc:f7:1c:a7:6b:c8:08:be:c7:0c:79:
25:c7:47:e7:08:21:e7:62:72:0c:37:8d:0a:d0:25:
a7:f5:2e:b9:d8:e9:cb:f9:a0:8a:9b:d9:57:1f:da:
7f:ec:42:e0:f2:af:d1:25:d3:e1:21:40:2b:2c:67:
7b:54:3d:40:ed:52:75:04:30:0e:40:12:b8:66:ce:
d2:95:57:c7:8a:9a:b3:41:15:76:1c:ce:d7:1f:7d:
62:c8:2b:c5:28:b8:ec:16:e4:27:a7:c3:d7:5e:b1:
dc:77:2d:e3:d1:05:ea:e1:08:8b:43:eb:ac:5d:11:
ba:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:A4:33:8A:7E:40:C8:0E:5F:E9:64:2D:CF:74:06:C9:BD:B9:2E:4C
X509v3 Authority Key Identifier:
keyid:DB:64:1F:C9:03:D5:B4:CC:97:16:49:32:4A:4B:34:E4:F8:24:22:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/FqQzin5AyA5f6WQtz3QGyb25Lkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.200.0/21
80.172.0.0/16
188.93.224.0/21
194.62.240.0/22
195.22.0.0/19
195.35.66.0/24
195.72.136.0/22
IPv6:
2001:4cc0::/32
2a02:27e0::/32
2a03:73c0::/48
Signature Algorithm: sha256WithRSAEncryption
7d:be:19:ac:69:85:c8:f9:ca:2d:2c:5f:11:88:14:0b:a6:08:
ae:f3:04:b6:de:92:08:a2:40:6a:27:1a:a9:dd:a2:b6:55:c5:
58:42:63:f2:c2:ed:eb:87:78:d1:59:a4:02:ba:10:49:12:40:
c5:28:81:2a:bd:80:ae:4b:fc:ca:48:05:7d:ab:69:83:bf:af:
19:8c:30:0d:d7:b3:ea:fa:d6:c5:4e:c1:58:30:ae:f4:8d:63:
18:eb:cf:be:17:73:a8:22:11:8a:d9:45:05:e4:f6:8d:ef:27:
69:0d:b4:6f:3e:6d:0c:b6:e7:c0:38:ec:d8:e6:0d:61:90:c8:
4b:da:a7:f3:56:9a:0a:2b:dd:45:10:7b:4d:3e:14:01:25:30:
13:c4:34:13:82:8e:f6:06:8f:e2:d4:8b:23:82:20:c1:2e:5c:
b3:fa:cc:2c:9f:06:19:48:75:39:c9:58:95:b3:b5:ce:ec:a4:
c7:6d:6d:f4:c1:df:c5:e3:6c:e7:3d:c3:2c:d3:40:54:6e:a3:
7f:5d:e1:71:79:4a:89:1a:97:fa:a6:5d:9d:3d:71:f7:68:db:
09:17:4f:55:ce:76:e6:bc:c6:52:a9:68:97:3f:43:aa:16:4d:
7c:8f:f0:7c:0b:fa:d3:6d:31:5a:2b:33:9c:d3:2f:a6:7a:93:
1d:70:85:7c
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ68v5CzpawvhNd7LJDktKzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNjQxZmM5MDNkNWI0Y2M5NzE2NDkzMjRhNGIzNGU0Zjgy
NDIyYzUwHhcNMjYwNjEyMTY1MjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmE0MzM4YTdlNDBjODBlNWZlOTY0MmRjZjc0MDZjOWJkYjkyZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaqBEhKTD+gMtHKBsMhmuzJ2QGdQ
z/CtTYE+0rSRPv3p6E5qKHpE+4FDXbd9E/uqEa8b6Au6yFH48/lo6drIT1jZhKem
6qb8O8fZCdNbztV0wV1Zehd3Ipz7Vm62wiYUjkFwXx1tzBTd7RQv6yZiEmBGKdfM
lNFHn4LHzA+1yc7Lri+BDFCtTIP5vPccp2vICL7HDHklx0fnCCHnYnIMN40K0CWn
9S652OnL+aCKm9lXH9p/7ELg8q/RJdPhIUArLGd7VD1A7VJ1BDAOQBK4Zs7SlVfH
ipqzQRV2HM7XH31iyCvFKLjsFuQnp8PXXrHcdy3j0QXq4QiLQ+usXRG6eQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBakM4p+QMgOX+lkLc90Bsm9uS5MMB8GA1UdIwQY
MBaAFNtkH8kD1bTMlxZJMkpLNOT4JCLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjJRZnlRUFZ0TXlYRmtreVNrczA1UGdrSXNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDA5NWYtZmQzNS00YTA2LThmMzkt
N2ZlZTU5MWEyMDljLzEvRnFRemluNUF5QTVmNldRdHozUUd5YjI1TGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMDA5NWYtZmQzNS00YTA2LThmMzktN2ZlZTU5MWEyMDlj
LzEvMjJRZnlRUFZ0TXlYRmtreVNrczA1UGdrSXNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAvBAIAATApAwQDTVvIAwMA
UKwDBAO8XeADBALCPvADBAXDFgADBADDI0IDBALDSIgwHQQCAAIwFwMFACABTMAD
BQAqAifgAwcAKgNzwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQB9vhmsaYXI+cotLF8R
iBQLpgiu8wS23pIIokBqJxqp3aK2VcVYQmPywu3rh3jRWaQCuhBJEkDFKIEqvYCu
S/zKSAV9q2mDv68ZjDAN17Pq+tbFTsFYMK70jWMY68++F3OoIhGK2UUF5PaN7ydp
DbRvPm0MtufAOOzY5g1hkMhL2qfzVpoKK91FEHtNPhQBJTATxDQTgo72Bo/i1Isj
giDBLlyz+swsnwYZSHU5yViVs7XO7KTHbW30wd/F42znPcMs00BUbqN/XeFxeUqJ
Gpf6pl2dPXH3aNsJF09VznbmvMZSqWiXP0OqFk18j/B8C/rTbTFaKzOc0y+mepMd
cIV8
-----END CERTIFICATE-----
Generated at Sun Jun 14 22:53:11 2026 by rpki-client