Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/2ddd39-e7bd-44ba-ab21-2f0655f01029/1/fW7i-ydwSOerw2n_L4PNyclOskE.roa
File: fW7i-ydwSOerw2n_L4PNyclOskE.roa (raw, json)
Hash identifier: MNasKrVDbU2F3SX0XRq0N4dRBWi9zLGS+rvS7Zr9I7E=
Subject key identifier: 7D:6E:E2:FB:27:70:48:E7:AB:C3:69:FF:2F:83:CD:C9:C9:4E:B2:41
Certificate issuer: /CN=54ac0ddec30e24e457e16e6507d219728310893d
Certificate serial: 019D6E9FCE853C95B8021198EDCB8A4F8F14
Authority key identifier: 54:AC:0D:DE:C3:0E:24:E4:57:E1:6E:65:07:D2:19:72:83:10:89:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VKwN3sMOJORX4W5lB9IZcoMQiT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/2ddd39-e7bd-44ba-ab21-2f0655f01029/1/fW7i-ydwSOerw2n_L4PNyclOskE.roa
Signing time: Wed 08 Apr 2026 19:44:19 +0000
ROA not before: Wed 08 Apr 2026 19:44:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8368
IP address blocks: 45.149.96.0/22 maxlen: 24
81.85.61.0/24 maxlen: 24
91.212.215.0/24 maxlen: 24
91.236.192.0/24 maxlen: 24
95.36.80.0/20 maxlen: 24
212.85.56.0/21 maxlen: 24
217.18.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/2ddd39-e7bd-44ba-ab21-2f0655f01029/1/VKwN3sMOJORX4W5lB9IZcoMQiT0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/2ddd39-e7bd-44ba-ab21-2f0655f01029/1/VKwN3sMOJORX4W5lB9IZcoMQiT0.mft
rsync://rpki.ripe.net/repository/DEFAULT/VKwN3sMOJORX4W5lB9IZcoMQiT0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6e:9f:ce:85:3c:95:b8:02:11:98:ed:cb:8a:4f:8f:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54ac0ddec30e24e457e16e6507d219728310893d
Validity
Not Before: Apr 8 19:44:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7d6ee2fb277048e7abc369ff2f83cdc9c94eb241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9e:fa:92:a2:16:b0:54:6c:61:c4:22:f0:17:
a5:bb:ad:0d:77:b0:c9:3a:25:b6:cf:03:d9:0e:45:
16:91:ea:b8:03:f1:37:79:27:69:40:89:2b:7d:09:
9c:ee:5b:8b:68:e5:ca:70:9d:6c:27:80:6a:f7:44:
c6:9f:df:5f:86:50:89:12:c9:d9:35:29:4b:d1:9b:
6d:28:e5:ae:b3:e5:da:81:24:54:fa:0f:12:e8:65:
04:e9:d3:42:01:1e:33:73:64:d9:36:bd:e7:21:d9:
af:d1:3a:48:5c:cd:9f:40:ba:fb:76:60:06:b8:db:
fd:b3:c8:d4:c4:45:59:5a:ba:fd:2e:18:df:a3:a6:
7f:cb:32:a8:9c:6d:ce:38:50:20:30:c8:d5:cf:fc:
08:ac:af:6a:5d:a2:af:f8:36:8e:d0:4f:3f:05:06:
69:65:fd:1b:96:04:f0:0a:4d:71:59:f7:38:fc:47:
68:ea:3e:3c:1d:62:ff:ef:4d:ef:48:ab:17:fb:b4:
50:e4:11:7e:97:be:70:0b:54:10:25:fe:5a:a3:a4:
1f:22:06:84:b8:22:90:36:00:95:3e:96:36:82:33:
41:24:12:5e:68:97:69:f9:42:4a:43:b6:e4:7a:25:
12:d3:ce:45:55:0d:55:0f:8b:d9:41:ad:85:e9:d5:
db:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:6E:E2:FB:27:70:48:E7:AB:C3:69:FF:2F:83:CD:C9:C9:4E:B2:41
X509v3 Authority Key Identifier:
keyid:54:AC:0D:DE:C3:0E:24:E4:57:E1:6E:65:07:D2:19:72:83:10:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VKwN3sMOJORX4W5lB9IZcoMQiT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2ddd39-e7bd-44ba-ab21-2f0655f01029/1/fW7i-ydwSOerw2n_L4PNyclOskE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2ddd39-e7bd-44ba-ab21-2f0655f01029/1/VKwN3sMOJORX4W5lB9IZcoMQiT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.96.0/22
81.85.61.0/24
91.212.215.0/24
91.236.192.0/24
95.36.80.0/20
212.85.56.0/21
217.18.80.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:27:4a:13:12:ac:9b:6e:29:2f:71:ca:12:7f:42:b7:f3:b8:
8c:d5:c2:e9:49:51:a4:16:24:17:84:2f:70:e1:b2:e0:e9:52:
93:56:bd:77:d9:48:30:f1:88:dc:fc:ee:2b:e9:a7:9a:93:42:
49:5c:51:f8:24:57:43:b9:ab:66:2e:84:e6:3c:58:83:a0:2f:
d3:ec:b4:41:b5:ba:28:f2:55:96:83:52:90:37:7c:06:00:52:
4b:5f:2a:0d:2d:ff:b8:2d:c5:bc:d1:e2:ab:19:bd:4f:5a:30:
44:80:0d:ae:18:df:41:7f:bc:17:ca:3c:1d:ab:c3:42:c5:b8:
e9:16:02:fb:ae:d6:eb:0a:61:75:2f:7e:86:37:80:c4:9e:3b:
4d:98:50:7b:b6:bb:71:7e:b3:23:18:5b:9c:d2:c9:6c:c4:d7:
2d:da:36:15:5c:af:a4:2c:e8:39:c6:42:16:06:24:ea:3e:38:
40:c7:3a:cc:66:b2:18:84:f4:d4:72:0a:40:06:55:27:8c:2e:
3e:37:b1:45:b4:51:35:c8:61:2d:7b:df:f9:51:cc:44:d8:88:
b0:03:31:f3:2f:d8:62:fa:d9:06:09:01:cb:88:d7:1a:cc:da:
e1:2f:eb:57:91:71:68:11:f5:d9:85:0d:51:37:f2:16:98:0d:
66:86:36:8c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ1un86FPJW4AhGY7cuKT48UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YWMwZGRlYzMwZTI0ZTQ1N2UxNmU2NTA3ZDIxOTcyODMx
MDg5M2QwHhcNMjYwNDA4MTk0NDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDZlZTJmYjI3NzA0OGU3YWJjMzY5ZmYyZjgzY2RjOWM5NGViMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv576kqIWsFRsYcQi8Belu60Nd7DJ
OiW2zwPZDkUWkeq4A/E3eSdpQIkrfQmc7luLaOXKcJ1sJ4Bq90TGn99fhlCJEsnZ
NSlL0ZttKOWus+XagSRU+g8S6GUE6dNCAR4zc2TZNr3nIdmv0TpIXM2fQLr7dmAG
uNv9s8jUxEVZWrr9Lhjfo6Z/yzKonG3OOFAgMMjVz/wIrK9qXaKv+DaO0E8/BQZp
Zf0blgTwCk1xWfc4/Edo6j48HWL/703vSKsX+7RQ5BF+l75wC1QQJf5ao6QfIgaE
uCKQNgCVPpY2gjNBJBJeaJdp+UJKQ7bkeiUS085FVQ1VD4vZQa2F6dXbIwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFH1u4vsncEjnq8Np/y+DzcnJTrJBMB8GA1UdIwQY
MBaAFFSsDd7DDiTkV+FuZQfSGXKDEIk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkt3TjNzTU9KT1JYNFc1bEI5SVpjb01RaVQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yZGRkMzktZTdiZC00NGJhLWFiMjEt
MmYwNjU1ZjAxMDI5LzEvZlc3aS15ZHdTT2VydzJuX0w0UE55Y2xPc2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yZGRkMzktZTdiZC00NGJhLWFiMjEtMmYwNjU1ZjAxMDI5
LzEvVkt3TjNzTU9KT1JYNFc1bEI5SVpjb01RaVQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLZVgAwQA
UVU9AwQAW9TXAwQAW+zAAwQEXyRQAwQD1FU4AwQA2RJQMA0GCSqGSIb3DQEBCwUA
A4IBAQAsJ0oTEqybbikvccoSf0K387iM1cLpSVGkFiQXhC9w4bLg6VKTVr132Ugw
8Yjc/O4r6aeak0JJXFH4JFdDuatmLoTmPFiDoC/T7LRBtboo8lWWg1KQN3wGAFJL
XyoNLf+4LcW80eKrGb1PWjBEgA2uGN9Bf7wXyjwdq8NCxbjpFgL7rtbrCmF1L36G
N4DEnjtNmFB7trtxfrMjGFuc0slsxNct2jYVXK+kLOg5xkIWBiTqPjhAxzrMZrIY
hPTUcgpABlUnjC4+N7FFtFE1yGEte9/5UcxE2IiwAzHzL9hi+tkGCQHLiNcazNrh
L+tXkXFoEfXZhQ1RN/IWmA1mhjaM
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:07:22 2026 by rpki-client