Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fLmQxJAxR97UvCyS_2lYafpwuvY.roa
File: fLmQxJAxR97UvCyS_2lYafpwuvY.roa (raw, json)
Hash identifier: GQpkvUeCz4hQXIfNRZnhEDCEVwEY3uiIIfYUqndrXw4=
Subject key identifier: 7C:B9:90:C4:90:31:47:DE:D4:BC:2C:92:FF:69:58:69:FA:70:BA:F6
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019D7DED5A2F621BBF0F0F8829A901F9FB5B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fLmQxJAxR97UvCyS_2lYafpwuvY.roa
Signing time: Sat 11 Apr 2026 19:03:20 +0000
ROA not before: Sat 11 Apr 2026 19:03:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210644
IP address blocks: 147.45.40.0/22 maxlen: 32
147.45.68.0/22 maxlen: 32
147.45.72.0/21 maxlen: 24
185.103.101.0/24 maxlen: 24
185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
193.233.128.0/22 maxlen: 24
193.233.133.0/24 maxlen: 24
193.233.136.0/22 maxlen: 24
193.233.161.0/24 maxlen: 24
193.233.201.0/24 maxlen: 24
193.233.202.0/23 maxlen: 24
193.233.208.0/22 maxlen: 24
193.233.232.0/24 maxlen: 24
193.233.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7d:ed:5a:2f:62:1b:bf:0f:0f:88:29:a9:01:f9:fb:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 11 19:03:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7cb990c4903147ded4bc2c92ff695869fa70baf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:16:25:75:d2:60:2a:f9:ee:4e:ae:18:76:c9:
5a:78:7b:cb:a6:1e:f9:5d:90:49:28:96:e3:fe:47:
6b:8b:41:20:c8:57:f9:a1:32:75:78:aa:7d:90:d2:
c4:a5:3d:18:e9:fd:e5:75:30:67:f3:44:00:f6:ba:
2f:08:3c:8a:27:3c:39:96:6d:94:b9:74:f6:dd:a8:
2a:f3:e0:db:59:43:5e:a3:64:2e:d5:09:95:55:a2:
8c:39:02:6f:6f:95:9c:cd:78:48:19:35:2d:19:91:
ab:17:08:7d:33:b8:5f:e8:21:2c:66:96:18:51:a6:
c3:c5:39:69:24:ea:d7:18:26:02:5f:3d:2a:cf:ce:
95:ad:39:8c:86:66:b2:29:55:99:3a:f1:8d:70:7e:
0b:4c:9c:2e:69:6d:55:e1:63:2d:79:88:0e:7f:a7:
79:5a:79:0f:28:76:37:8a:45:f9:58:8d:a2:b0:d9:
cd:db:b1:eb:9f:c8:32:7a:7b:44:33:95:77:fb:8d:
61:86:cd:5b:dc:34:d6:a9:c5:4c:be:70:a4:d1:36:
61:d6:26:a0:ca:70:c0:4c:3c:9a:4f:8c:cb:35:a6:
c9:90:71:9d:63:44:de:4f:c2:5f:54:ad:41:8e:b3:
15:c7:36:52:db:ca:8e:e2:10:f2:67:39:d9:46:6f:
43:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B9:90:C4:90:31:47:DE:D4:BC:2C:92:FF:69:58:69:FA:70:BA:F6
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fLmQxJAxR97UvCyS_2lYafpwuvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.40.0/22
147.45.68.0-147.45.79.255
185.103.101.0-185.103.103.255
193.233.128.0/22
193.233.133.0/24
193.233.136.0/22
193.233.161.0/24
193.233.201.0-193.233.203.255
193.233.208.0/22
193.233.232.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:60:6b:d9:46:33:bb:bb:69:4b:09:e8:08:e7:36:5a:c3:44:
2b:d1:a2:f0:05:5f:e3:2c:09:5b:ca:d2:91:ed:6d:e5:0c:e6:
c6:b7:44:45:f4:b4:13:a9:62:1e:f0:ba:82:93:dc:c2:5c:48:
f0:91:09:a8:4f:e7:31:b3:56:31:ec:65:6b:51:4e:39:a1:2f:
d6:3a:cb:1c:f6:f7:da:ab:fc:8e:ea:e4:a1:31:e2:0c:4f:b3:
b6:15:59:dc:b5:6f:28:43:79:25:a9:a5:bd:68:e8:35:a8:75:
08:db:25:30:1d:22:35:54:b7:b1:82:ef:6b:e0:5f:3d:dd:7b:
85:ad:da:72:8a:33:67:96:ee:48:8a:5d:e4:76:e2:a5:91:7c:
1c:78:63:56:80:4f:e7:e0:f3:d0:1a:cc:9f:8e:24:b6:54:0c:
24:6b:1d:fa:d9:f4:31:2c:a6:f4:b8:fb:4f:2d:98:14:31:14:
e8:97:bc:0e:83:69:79:ca:b7:98:ae:c5:17:16:67:9e:68:49:
3a:b8:67:07:a7:20:21:4c:99:3e:14:9d:12:0a:c9:24:53:d7:
31:b9:42:2c:57:04:26:0f:88:a9:9d:42:de:8a:61:42:e7:5f:
4b:ba:64:6a:0e:aa:a0:a5:e0:02:27:27:9b:71:71:59:8c:ed:
6a:97:1e:14
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZ197VovYhu/Dw+IKakB+ftbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjYwNDExMTkwMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2I5OTBjNDkwMzE0N2RlZDRiYzJjOTJmZjY5NTg2OWZhNzBiYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8RYlddJgKvnuTq4YdslaeHvLph75
XZBJKJbj/kdri0EgyFf5oTJ1eKp9kNLEpT0Y6f3ldTBn80QA9rovCDyKJzw5lm2U
uXT23agq8+DbWUNeo2Qu1QmVVaKMOQJvb5WczXhIGTUtGZGrFwh9M7hf6CEsZpYY
UabDxTlpJOrXGCYCXz0qz86VrTmMhmayKVWZOvGNcH4LTJwuaW1V4WMteYgOf6d5
WnkPKHY3ikX5WI2isNnN27Hrn8gyentEM5V3+41hhs1b3DTWqcVMvnCk0TZh1iag
ynDATDyaT4zLNabJkHGdY0TeT8JfVK1BjrMVxzZS28qO4hDyZznZRm9DFQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHy5kMSQMUfe1Lwskv9pWGn6cLr2MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZkxtUXhKQXhSOTdVdkN5U18ybFlhZnB3dXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCky0oMAwD
BAKTLUQDBASTLUAwDAMEALlnZQMEA7lnYAMEAsHpgAMEAMHphQMEAsHpiAMEAMHp
oTAMAwQAwenJAwQCwenIAwQCwenQAwQBwenoMA0GCSqGSIb3DQEBCwUAA4IBAQBs
YGvZRjO7u2lLCegI5zZaw0Qr0aLwBV/jLAlbytKR7W3lDObGt0RF9LQTqWIe8LqC
k9zCXEjwkQmoT+cxs1Yx7GVrUU45oS/WOssc9vfaq/yO6uShMeIMT7O2FVnctW8o
Q3klqaW9aOg1qHUI2yUwHSI1VLexgu9r4F893XuFrdpyijNnlu5Iil3kduKlkXwc
eGNWgE/n4PPQGsyfjiS2VAwkax362fQxLKb0uPtPLZgUMRTol7wOg2l5yreYrsUX
FmeeaEk6uGcHpyAhTJk+FJ0SCskkU9cxuUIsVwQmD4ipnULeimFC519LumRqDqqg
peACJyebcXFZjO1qlx4U
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:12:00 2026 by rpki-client