Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/fBBdkc9OcFL9IFNGRsTh7kzJnu8.roa
File: fBBdkc9OcFL9IFNGRsTh7kzJnu8.roa (raw, json)
Hash identifier: 3718oBliIf8ahxlcxxTMJ4qT3erkgc0V2HhmRL6/2UY=
Subject key identifier: 7C:10:5D:91:CF:4E:70:52:FD:20:53:46:46:C4:E1:EE:4C:C9:9E:EF
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019C661C8CB70E85CD242C237BD30CF6405C
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/fBBdkc9OcFL9IFNGRsTh7kzJnu8.roa
Signing time: Mon 16 Feb 2026 11:01:12 +0000
ROA not before: Mon 16 Feb 2026 11:01:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42831
IP address blocks: 85.239.150.0/24 maxlen: 24
92.62.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:66:1c:8c:b7:0e:85:cd:24:2c:23:7b:d3:0c:f6:40:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Feb 16 11:01:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7c105d91cf4e7052fd20534646c4e1ee4cc99eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ea:be:43:a9:cc:34:46:0c:32:9d:d8:20:bf:
27:90:87:6b:d5:8c:8d:c0:ad:04:35:5c:ce:f5:95:
bb:5d:64:33:5f:49:6f:81:63:65:45:83:fb:a8:59:
10:74:93:9d:0a:66:13:e0:96:8d:03:fa:25:b2:ac:
25:bc:c4:63:6f:1b:27:5f:1d:06:45:db:b9:e7:27:
e8:61:ab:d6:87:76:8b:32:8b:ef:7f:ed:c9:5e:80:
08:81:4d:ff:ce:d1:cb:b3:b1:25:40:2b:b3:cf:3d:
50:d4:6e:e1:54:43:27:d5:db:f5:19:9f:e2:2b:d2:
a3:54:67:06:30:9d:f0:08:11:44:79:e5:0b:7d:fb:
b0:2c:32:79:80:d5:0e:5d:d3:c0:41:80:d6:95:c0:
b7:80:86:7b:b9:de:e0:94:f2:f5:4d:b9:d0:dd:0e:
10:9a:9e:d6:5b:57:ed:df:5a:ac:6a:63:dd:21:d8:
3b:37:0e:3a:59:5e:e7:c3:21:dd:5f:05:b7:ad:76:
98:75:04:5a:a6:bf:e9:9b:12:c6:da:53:f3:3b:71:
38:f8:62:08:96:a9:bf:da:b1:a1:5c:ce:fa:36:e8:
fb:ac:70:f9:14:61:64:b6:2a:a5:f9:39:c9:cd:84:
be:fe:b7:10:75:f8:9d:14:86:e0:0e:c2:11:49:01:
bb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:10:5D:91:CF:4E:70:52:FD:20:53:46:46:C4:E1:EE:4C:C9:9E:EF
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/fBBdkc9OcFL9IFNGRsTh7kzJnu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.150.0/24
92.62.248.0/24
Signature Algorithm: sha256WithRSAEncryption
38:4a:78:d9:cd:5c:50:8d:de:bc:a2:92:97:8a:88:5c:d2:46:
fe:61:59:2e:d1:e0:53:bd:eb:7f:6c:2d:f4:97:76:8f:29:ec:
f8:1e:78:39:8a:24:e7:db:ff:aa:13:54:07:dd:39:d1:a8:85:
b9:b8:93:54:dd:c5:b0:08:16:7b:45:b1:b2:9c:d3:73:f8:f2:
6f:17:23:7c:98:8b:02:4c:81:7b:68:20:fd:c9:0e:7a:54:bd:
db:46:22:77:71:74:99:02:30:6a:7d:ee:d2:93:39:7f:b0:fd:
8a:76:06:df:04:90:c8:96:bf:c7:a8:f0:79:37:00:75:ab:0a:
69:b8:20:09:5c:1c:e8:18:bd:c0:69:e5:02:61:56:6e:e8:52:
71:6a:7f:eb:ea:7a:52:92:f7:08:71:bc:5b:4c:9b:e9:c5:8c:
59:26:07:91:8c:f1:21:bc:88:69:c9:e0:4e:da:a2:aa:8b:e2:
b5:25:a7:e0:5c:66:70:f7:82:52:a4:a6:f8:f1:55:ae:7b:65:
86:5a:4e:5d:91:c3:3e:c0:d8:b2:76:e0:10:85:b2:5c:6a:72:
a5:14:d3:27:28:3b:db:36:2e:04:e6:ac:4c:a8:88:be:ad:b8:
88:1a:dc:91:16:50:75:5c:64:4f:93:bc:40:9c:26:ef:3a:2e:
a5:6c:ed:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZxmHIy3DoXNJCwje9MM9kBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjYwMjE2MTEwMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzEwNWQ5MWNmNGU3MDUyZmQyMDUzNDY0NmM0ZTFlZTRjYzk5ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Oq+Q6nMNEYMMp3YIL8nkIdr1YyN
wK0ENVzO9ZW7XWQzX0lvgWNlRYP7qFkQdJOdCmYT4JaNA/olsqwlvMRjbxsnXx0G
Rdu55yfoYavWh3aLMovvf+3JXoAIgU3/ztHLs7ElQCuzzz1Q1G7hVEMn1dv1GZ/i
K9KjVGcGMJ3wCBFEeeULffuwLDJ5gNUOXdPAQYDWlcC3gIZ7ud7glPL1TbnQ3Q4Q
mp7WW1ft31qsamPdIdg7Nw46WV7nwyHdXwW3rXaYdQRapr/pmxLG2lPzO3E4+GII
lqm/2rGhXM76Nuj7rHD5FGFktiql+TnJzYS+/rcQdfidFIbgDsIRSQG7TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHwQXZHPTnBS/SBTRkbE4e5MyZ7vMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvZkJCZGtjOU9jRkw5SUZOR1JzVGg3a3pKbnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe+WAwQA
XD74MA0GCSqGSIb3DQEBCwUAA4IBAQA4SnjZzVxQjd68opKXiohc0kb+YVku0eBT
vet/bC30l3aPKez4Hng5iiTn2/+qE1QH3TnRqIW5uJNU3cWwCBZ7RbGynNNz+PJv
FyN8mIsCTIF7aCD9yQ56VL3bRiJ3cXSZAjBqfe7Skzl/sP2KdgbfBJDIlr/HqPB5
NwB1qwppuCAJXBzoGL3AaeUCYVZu6FJxan/r6npSkvcIcbxbTJvpxYxZJgeRjPEh
vIhpyeBO2qKqi+K1JafgXGZw94JSpKb48VWue2WGWk5dkcM+wNiyduAQhbJcanKl
FNMnKDvbNi4E5qxMqIi+rbiIGtyRFlB1XGRPk7xAnCbvOi6lbO2V
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:10:06 2026 by rpki-client