Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/fzWlLGEPBxz1DR-_ybKSosveito.roa
File: fzWlLGEPBxz1DR-_ybKSosveito.roa (raw, json)
Hash identifier: PMju7hqmYk5olTtNec80dTLKx9r70k1T9axrJxxCFmQ=
Subject key identifier: 7F:35:A5:2C:61:0F:07:1C:F5:0D:1F:BF:C9:B2:92:A2:CB:DE:8A:DA
Certificate issuer: /CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Certificate serial: 019C7D545E7C3304F4181BC328B56CD150C4
Authority key identifier: EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/fzWlLGEPBxz1DR-_ybKSosveito.roa
Signing time: Fri 20 Feb 2026 23:13:27 +0000
ROA not before: Fri 20 Feb 2026 23:13:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208024
IP address blocks: 2a07:cec0:4000::/48 maxlen: 48
2a07:cec0:4200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.mft
rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7d:54:5e:7c:33:04:f4:18:1b:c3:28:b5:6c:d1:50:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Validity
Not Before: Feb 20 23:13:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7f35a52c610f071cf50d1fbfc9b292a2cbde8ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e1:2d:67:12:4c:0b:af:10:18:e8:a3:3b:97:
0b:05:55:66:3f:66:f5:c3:b9:a9:0e:e6:44:08:77:
d0:5c:f5:4c:74:34:f6:35:63:61:1f:e4:b6:5f:10:
5a:34:36:68:39:9d:57:67:cc:ac:e1:d6:aa:49:06:
03:6a:7c:14:53:e4:92:a7:03:41:91:a1:d9:c7:fb:
0d:69:f3:a7:30:98:45:28:de:1e:f4:0e:d2:40:48:
b7:59:12:58:0f:f3:de:b3:c4:d9:ac:9b:cb:cb:12:
77:4c:2d:18:e2:63:13:86:5f:2c:7c:40:38:68:14:
82:55:26:5c:ae:e6:fd:64:e5:5e:ae:13:fc:7d:d4:
96:fc:89:4d:60:1f:94:b5:06:35:50:96:2b:21:cf:
1a:82:95:d7:ce:15:3d:01:cd:19:71:1d:eb:55:ad:
f0:cf:16:1d:0c:78:4e:9e:e7:7d:15:44:1a:4e:cd:
fe:46:53:91:4e:ca:0c:9f:6e:15:b5:f3:60:40:53:
ab:69:72:6f:1b:ef:bf:d6:d6:bf:3b:2a:03:b0:96:
c7:9f:31:94:46:d2:7d:27:cd:b4:1b:89:7f:c3:5d:
49:46:ea:7e:d1:d2:ca:d3:c1:47:36:88:ed:28:31:
94:f9:8c:29:57:78:d9:6f:7c:83:38:34:05:95:ce:
68:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:35:A5:2C:61:0F:07:1C:F5:0D:1F:BF:C9:B2:92:A2:CB:DE:8A:DA
X509v3 Authority Key Identifier:
keyid:EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/fzWlLGEPBxz1DR-_ybKSosveito.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:cec0:4000::/48
2a07:cec0:4200::/48
Signature Algorithm: sha256WithRSAEncryption
4a:17:e8:16:c1:7f:b3:1a:0d:a4:52:e3:ea:f0:8a:1a:5b:96:
99:50:f1:fe:a0:93:f4:a2:86:8d:1a:20:c4:4c:e9:70:35:b6:
13:a7:03:e3:f9:9b:c9:7b:ae:fc:14:79:81:e1:10:31:1e:7a:
a7:20:f1:c2:5a:36:71:ff:cd:91:73:74:12:ff:52:d0:98:be:
96:24:01:8a:13:2e:89:67:e9:31:7f:86:b7:1e:7b:5b:2f:a2:
79:54:93:46:c0:88:6a:3d:ed:93:00:91:7f:59:6e:98:24:ab:
5b:69:2d:ee:25:f6:94:17:c5:56:26:8b:ab:ce:a9:1e:b9:a7:
0c:c3:16:d1:f8:cd:9d:ea:f8:28:62:a4:d4:c6:f6:00:7a:a7:
20:2a:09:c6:99:60:59:e8:e9:1d:67:9e:a5:95:ec:cb:a6:65:
ba:ce:fc:08:47:59:2a:7a:cc:0d:23:ce:21:89:81:71:6a:de:
7a:e1:8b:db:1f:7e:70:40:ce:1c:72:b9:96:06:56:51:76:eb:
cf:b9:84:8d:eb:2c:40:87:6b:ae:b3:f5:d2:69:8e:97:37:6c:
91:1a:90:fb:33:9a:7d:a7:89:31:d6:78:27:e7:2e:18:d2:bb:
4a:e3:db:be:18:e4:78:c0:a1:65:2a:51:93:22:eb:31:5d:6d:
ab:96:7b:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZx9VF58MwT0GBvDKLVs0VDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTViNjIzNDdhMWI2NGNlYTQ5YTJhYjNhYjQ5ODNjMzQ4
NjFmYjIwHhcNMjYwMjIwMjMxMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjM1YTUyYzYxMGYwNzFjZjUwZDFmYmZjOWIyOTJhMmNiZGU4YWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+EtZxJMC68QGOijO5cLBVVmP2b1
w7mpDuZECHfQXPVMdDT2NWNhH+S2XxBaNDZoOZ1XZ8ys4daqSQYDanwUU+SSpwNB
kaHZx/sNafOnMJhFKN4e9A7SQEi3WRJYD/Pes8TZrJvLyxJ3TC0Y4mMThl8sfEA4
aBSCVSZcrub9ZOVerhP8fdSW/IlNYB+UtQY1UJYrIc8agpXXzhU9Ac0ZcR3rVa3w
zxYdDHhOnud9FUQaTs3+RlORTsoMn24VtfNgQFOraXJvG++/1ta/OyoDsJbHnzGU
RtJ9J820G4l/w11JRup+0dLK08FHNojtKDGU+YwpV3jZb3yDODQFlc5oWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH81pSxhDwcc9Q0fv8mykqLL3oraMB8GA1UdIwQY
MBaAFO+ltiNHobZM6kmiqzq0mDw0hh+yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQt
MDEzZDJhMTFjMGE1LzEvZnpXbExHRVBCeHoxRFItX3liS1Nvc3ZlaXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQtMDEzZDJhMTFjMGE1
LzEvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgfOwEAA
AwcAKgfOwEIAMA0GCSqGSIb3DQEBCwUAA4IBAQBKF+gWwX+zGg2kUuPq8IoaW5aZ
UPH+oJP0ooaNGiDETOlwNbYTpwPj+ZvJe678FHmB4RAxHnqnIPHCWjZx/82Rc3QS
/1LQmL6WJAGKEy6JZ+kxf4a3HntbL6J5VJNGwIhqPe2TAJF/WW6YJKtbaS3uJfaU
F8VWJourzqkeuacMwxbR+M2d6vgoYqTUxvYAeqcgKgnGmWBZ6OkdZ56llezLpmW6
zvwIR1kqeswNI84hiYFxat564YvbH35wQM4ccrmWBlZRduvPuYSN6yxAh2uus/XS
aY6XN2yRGpD7M5p9p4kx1ngn5y4Y0rtK49u+GOR4wKFlKlGTIusxXW2rlnsm
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:44:10 2026 by rpki-client