Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/69045e-aacc-4835-8fa5-92e84879dfcc/1/_fyeIxDaafsDWMkS2A3N58AtJkU.roa
File: _fyeIxDaafsDWMkS2A3N58AtJkU.roa (raw, json)
Hash identifier: H0SeTPFO1ojjf24io8wfPyjJHZQNS+KrdvYRVXD+DL4=
Subject key identifier: FD:FC:9E:23:10:DA:69:FB:03:58:C9:12:D8:0D:CD:E7:C0:2D:26:45
Certificate issuer: /CN=fef7c4d570c17c9a8679a10634605c984b9503a4
Certificate serial: 019CC3472B7161581DC6E0C3E3B435D8DE4F
Authority key identifier: FE:F7:C4:D5:70:C1:7C:9A:86:79:A1:06:34:60:5C:98:4B:95:03:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vfE1XDBfJqGeaEGNGBcmEuVA6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/69045e-aacc-4835-8fa5-92e84879dfcc/1/_fyeIxDaafsDWMkS2A3N58AtJkU.roa
Signing time: Fri 06 Mar 2026 13:12:27 +0000
ROA not before: Fri 06 Mar 2026 13:12:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48260
IP address blocks: 195.137.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/69045e-aacc-4835-8fa5-92e84879dfcc/1/_vfE1XDBfJqGeaEGNGBcmEuVA6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/69045e-aacc-4835-8fa5-92e84879dfcc/1/_vfE1XDBfJqGeaEGNGBcmEuVA6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/_vfE1XDBfJqGeaEGNGBcmEuVA6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c3:47:2b:71:61:58:1d:c6:e0:c3:e3:b4:35:d8:de:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef7c4d570c17c9a8679a10634605c984b9503a4
Validity
Not Before: Mar 6 13:12:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fdfc9e2310da69fb0358c912d80dcde7c02d2645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d6:f6:dd:f9:cd:01:87:c3:f7:db:bd:3b:73:
12:94:dc:91:eb:73:df:22:09:9a:b0:ca:85:e0:7d:
5b:a4:b7:a3:b4:90:71:26:cc:62:3a:31:76:99:57:
db:d8:32:aa:73:9b:b0:3b:e8:f2:51:45:ca:64:e1:
36:59:c4:ca:a1:17:71:08:06:c3:84:9e:b9:0c:15:
43:c1:7f:92:1f:e9:a4:e2:c5:60:62:be:89:1b:6b:
73:8a:30:6a:29:3d:08:3b:85:55:a1:70:e4:04:46:
16:e1:d0:14:ef:20:32:93:49:d5:c3:af:ba:d8:a9:
07:89:d2:2f:f0:c5:68:05:c2:9e:55:fc:c6:85:cb:
d4:51:09:d0:f6:51:b1:97:45:47:16:a5:04:05:02:
86:38:4a:e9:54:3a:af:4b:cb:81:ca:00:20:d5:b6:
0f:7c:74:68:82:96:96:03:25:c2:f0:33:34:c0:02:
32:fe:4c:f1:86:e5:26:a3:e3:88:1c:5c:96:b9:d2:
6c:f7:c1:7a:01:2a:c4:e9:9b:e7:49:a6:5c:92:51:
bf:ee:53:0f:47:10:a5:30:52:ab:10:2b:7c:7b:7c:
aa:c3:58:86:5f:63:af:e7:c6:fd:ce:77:5e:e5:81:
bb:c5:e3:d9:73:72:61:09:ca:77:62:4d:a1:67:68:
69:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FC:9E:23:10:DA:69:FB:03:58:C9:12:D8:0D:CD:E7:C0:2D:26:45
X509v3 Authority Key Identifier:
keyid:FE:F7:C4:D5:70:C1:7C:9A:86:79:A1:06:34:60:5C:98:4B:95:03:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vfE1XDBfJqGeaEGNGBcmEuVA6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/69045e-aacc-4835-8fa5-92e84879dfcc/1/_fyeIxDaafsDWMkS2A3N58AtJkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/69045e-aacc-4835-8fa5-92e84879dfcc/1/_vfE1XDBfJqGeaEGNGBcmEuVA6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.243.0/24
Signature Algorithm: sha256WithRSAEncryption
21:4b:8d:46:a5:51:05:b4:b6:b2:49:58:2e:2f:b1:79:09:93:
25:c4:05:ff:0c:0f:bc:2e:f3:ca:44:f2:38:f6:95:4f:db:a7:
46:82:76:eb:d1:62:10:c0:8f:a1:d8:c3:88:73:08:2a:3f:c1:
86:19:2b:33:4f:5e:06:48:3d:33:05:20:ab:43:c3:34:94:20:
08:96:6f:90:9e:92:ac:34:df:b2:ff:5d:6d:61:b8:91:58:f9:
c4:c1:53:ec:51:15:2b:0c:c5:ce:65:46:33:53:bb:f5:0b:61:
b7:29:6b:3e:d9:4c:26:d1:c9:92:89:85:fe:1a:49:2f:4b:b7:
73:b7:bd:3a:7d:e2:81:e6:84:6f:36:b3:63:fa:22:9c:54:cc:
e2:28:6a:65:38:96:31:ac:91:17:1c:3b:56:87:20:2e:da:be:
26:30:6c:44:af:b4:39:e6:89:8f:3d:79:7d:68:2a:b1:97:66:
b2:bd:ff:31:1c:62:ce:4c:57:a4:22:7d:53:8e:c5:71:09:76:
5f:8f:ae:2f:bd:09:41:f2:18:36:f4:82:1d:7a:46:77:3f:d7:
95:5b:de:7c:48:5a:d9:6c:5c:9c:8f:2e:fb:ee:f8:69:63:05:
32:8c:2f:c9:bf:eb:a0:46:33:4a:7e:65:fe:b6:29:c7:3c:c8:
76:a3:be:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzDRytxYVgdxuDD47Q12N5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjdjNGQ1NzBjMTdjOWE4Njc5YTEwNjM0NjA1Yzk4NGI5
NTAzYTQwHhcNMjYwMzA2MTMxMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGZjOWUyMzEwZGE2OWZiMDM1OGM5MTJkODBkY2RlN2MwMmQyNjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztb23fnNAYfD99u9O3MSlNyR63Pf
IgmasMqF4H1bpLejtJBxJsxiOjF2mVfb2DKqc5uwO+jyUUXKZOE2WcTKoRdxCAbD
hJ65DBVDwX+SH+mk4sVgYr6JG2tzijBqKT0IO4VVoXDkBEYW4dAU7yAyk0nVw6+6
2KkHidIv8MVoBcKeVfzGhcvUUQnQ9lGxl0VHFqUEBQKGOErpVDqvS8uBygAg1bYP
fHRogpaWAyXC8DM0wAIy/kzxhuUmo+OIHFyWudJs98F6ASrE6ZvnSaZcklG/7lMP
RxClMFKrECt8e3yqw1iGX2Ov58b9znde5YG7xePZc3JhCcp3Yk2hZ2hpUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP38niMQ2mn7A1jJEtgNzefALSZFMB8GA1UdIwQY
MBaAFP73xNVwwXyahnmhBjRgXJhLlQOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZmRTFYREJmSnFHZWFFR05HQmNtRXVWQTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC82OTA0NWUtYWFjYy00ODM1LThmYTUt
OTJlODQ4NzlkZmNjLzEvX2Z5ZUl4RGFhZnNEV01rUzJBM041OEF0SmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC82OTA0NWUtYWFjYy00ODM1LThmYTUtOTJlODQ4NzlkZmNj
LzEvX3ZmRTFYREJmSnFHZWFFR05HQmNtRXVWQTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4nzMA0G
CSqGSIb3DQEBCwUAA4IBAQAhS41GpVEFtLaySVguL7F5CZMlxAX/DA+8LvPKRPI4
9pVP26dGgnbr0WIQwI+h2MOIcwgqP8GGGSszT14GSD0zBSCrQ8M0lCAIlm+QnpKs
NN+y/11tYbiRWPnEwVPsURUrDMXOZUYzU7v1C2G3KWs+2Uwm0cmSiYX+GkkvS7dz
t706feKB5oRvNrNj+iKcVMziKGplOJYxrJEXHDtWhyAu2r4mMGxEr7Q55omPPXl9
aCqxl2ayvf8xHGLOTFekIn1TjsVxCXZfj64vvQlB8hg29IIdekZ3P9eVW958SFrZ
bFycjy777vhpYwUyjC/Jv+ugRjNKfmX+tinHPMh2o76g
-----END CERTIFICATE-----
Generated at Thu Mar 19 15:29:53 2026 by rpki-client