Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fqLkaEt64O02_lmcjkuZCkbv5tA.roa
File: fqLkaEt64O02_lmcjkuZCkbv5tA.roa (raw, json)
Hash identifier: Y+/w+Dc1pA7oezE12bkQQz/ET8C7xWBW+RJAPXDek+g=
Subject key identifier: 7E:A2:E4:68:4B:7A:E0:ED:36:FE:59:9C:8E:4B:99:0A:46:EF:E6:D0
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019C5B0A1657471F64A42A4C77BF3A8B1AC5
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fqLkaEt64O02_lmcjkuZCkbv5tA.roa
Signing time: Sat 14 Feb 2026 07:25:13 +0000
ROA not before: Sat 14 Feb 2026 07:25:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213449
IP address blocks: 5.175.170.0/24 maxlen: 24
5.175.217.0/24 maxlen: 24
89.106.95.0/24 maxlen: 24
89.144.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:5b:0a:16:57:47:1f:64:a4:2a:4c:77:bf:3a:8b:1a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 14 07:25:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ea2e4684b7ae0ed36fe599c8e4b990a46efe6d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:af:a0:ad:c1:68:11:dd:18:d0:e0:b2:c2:17:
84:a4:4d:6b:8b:1b:41:b3:9d:33:0e:f4:24:24:6f:
b5:f8:9b:3a:97:21:d2:cf:3f:cb:76:e1:fe:52:bb:
85:4c:71:cc:d9:1d:dd:bd:a3:a5:b5:d6:15:d0:6a:
5a:ef:c1:40:f2:45:f5:fd:0e:bc:1a:6c:d9:1a:21:
1c:1c:c3:8a:96:a5:ae:97:3b:60:4f:61:12:42:2f:
48:0f:64:c1:0d:2e:3f:78:2e:40:50:bf:ba:8d:b5:
a1:84:86:ca:c9:50:e4:c8:27:d4:f6:78:40:92:b9:
a1:7e:e6:98:d0:ca:70:0a:c1:f2:b5:0d:2c:d8:af:
d4:92:d5:0d:d6:03:94:87:1e:65:ca:59:d0:91:3c:
97:3b:dd:ae:ab:43:1c:55:e4:8b:6c:94:08:ec:e5:
23:b2:d6:0b:95:70:72:45:f8:6e:65:66:af:4f:6e:
be:06:d1:b4:2a:4d:6d:16:a8:f0:f3:72:d7:6c:97:
97:99:78:3d:05:93:25:c2:75:27:7d:79:eb:a3:09:
51:91:5c:df:60:f8:2d:62:1b:ad:15:21:f1:fc:d5:
62:2f:71:69:2a:55:36:91:c7:ac:fb:3b:9c:ab:cd:
ae:16:9d:45:4d:90:8d:4c:fc:10:59:8b:d7:eb:4e:
e6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A2:E4:68:4B:7A:E0:ED:36:FE:59:9C:8E:4B:99:0A:46:EF:E6:D0
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fqLkaEt64O02_lmcjkuZCkbv5tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.170.0/24
5.175.217.0/24
89.106.95.0/24
89.144.63.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:55:7a:3d:36:8c:cf:ab:2f:92:b1:6e:ae:a5:55:dd:06:e6:
94:69:e1:fc:24:47:36:e3:fa:8a:5f:a0:2a:fa:bb:9d:e7:4b:
1c:6e:c7:e6:18:c1:12:a3:f9:6a:ff:7a:d0:c0:3f:f3:46:67:
61:dc:8c:36:05:e4:91:dd:61:5c:b3:c1:09:6b:8f:d5:b1:12:
79:59:8c:6a:31:10:65:d4:02:b9:be:b6:16:7a:ac:76:44:13:
d8:f1:f1:7b:44:36:e0:1e:41:07:19:f3:f2:3d:fa:85:64:22:
bb:10:4a:9e:7f:2c:66:a5:47:06:1b:e2:cc:41:1b:b5:0c:8d:
c4:d0:2c:27:92:4e:5d:2a:13:f2:44:17:e1:33:f6:d3:72:6f:
a4:55:a7:f0:ef:f7:f2:92:36:35:3a:89:0c:26:27:b1:18:3f:
33:a0:fc:d1:64:c0:b0:6e:03:a4:3e:bf:c3:ac:f4:d4:9a:78:
81:72:2e:02:d4:7a:5c:e5:03:cc:1a:d0:2b:fd:20:b9:a3:e5:
58:8a:30:19:56:60:2d:c6:da:6b:e8:6f:0d:36:eb:84:cf:b0:
8b:81:ec:4a:cb:9d:03:0e:ca:aa:9b:b7:9a:99:4b:79:96:3b:
b5:51:8e:12:4d:fa:c9:78:b6:35:6e:1c:2b:8c:3f:a2:c5:7c:
65:ee:0c:e3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZxbChZXRx9kpCpMd786ixrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMjE0MDcyNTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWEyZTQ2ODRiN2FlMGVkMzZmZTU5OWM4ZTRiOTkwYTQ2ZWZlNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6+grcFoEd0Y0OCywheEpE1rixtB
s50zDvQkJG+1+Js6lyHSzz/LduH+UruFTHHM2R3dvaOltdYV0Gpa78FA8kX1/Q68
GmzZGiEcHMOKlqWulztgT2ESQi9ID2TBDS4/eC5AUL+6jbWhhIbKyVDkyCfU9nhA
krmhfuaY0MpwCsHytQ0s2K/UktUN1gOUhx5lylnQkTyXO92uq0McVeSLbJQI7OUj
stYLlXByRfhuZWavT26+BtG0Kk1tFqjw83LXbJeXmXg9BZMlwnUnfXnrowlRkVzf
YPgtYhutFSHx/NViL3FpKlU2kces+zucq82uFp1FTZCNTPwQWYvX607mMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH6i5GhLeuDtNv5ZnI5LmQpG7+bQMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZnFMa2FFdDY0TzAyX2xtY2prdVpDa2J2NXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABa+qAwQA
Ba/ZAwQAWWpfAwQAWZA/MA0GCSqGSIb3DQEBCwUAA4IBAQCoVXo9NozPqy+SsW6u
pVXdBuaUaeH8JEc24/qKX6Aq+rud50scbsfmGMESo/lq/3rQwD/zRmdh3Iw2BeSR
3WFcs8EJa4/VsRJ5WYxqMRBl1AK5vrYWeqx2RBPY8fF7RDbgHkEHGfPyPfqFZCK7
EEqefyxmpUcGG+LMQRu1DI3E0Cwnkk5dKhPyRBfhM/bTcm+kVafw7/fykjY1OokM
JiexGD8zoPzRZMCwbgOkPr/DrPTUmniBci4C1Hpc5QPMGtAr/SC5o+VYijAZVmAt
xtpr6G8NNuuEz7CLgexKy50DDsqqm7eamUt5lju1UY4STfrJeLY1bhwrjD+ixXxl
7gzj
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:32:45 2026 by rpki-client