Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/Fb3QRguUDty9iQr1ULGmN54gLiI.roa
File: Fb3QRguUDty9iQr1ULGmN54gLiI.roa (raw, json)
Hash identifier: kgzbakyVLR8dQ8e9EI+6xpmdVsMJI+WFbZcHU/IXAUc=
Subject key identifier: 15:BD:D0:46:0B:94:0E:DC:BD:89:0A:F5:50:B1:A6:37:9E:20:2E:22
Certificate issuer: /CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Certificate serial: 019D4A0AF770A26BC777DA9955B88BD83621
Authority key identifier: 00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/Fb3QRguUDty9iQr1ULGmN54gLiI.roa
Signing time: Wed 01 Apr 2026 17:15:25 +0000
ROA not before: Wed 01 Apr 2026 17:15:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204506
IP address blocks: 93.157.207.0/24 maxlen: 24
2001:678:210::/48 maxlen: 48
2a0f:4500::/32 maxlen: 32
2a0f:4507:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4a:0a:f7:70:a2:6b:c7:77:da:99:55:b8:8b:d8:36:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Validity
Not Before: Apr 1 17:15:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=15bdd0460b940edcbd890af550b1a6379e202e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:da:18:d0:0b:eb:43:86:58:6e:bf:d0:40:83:
e5:b9:c3:aa:87:e2:af:0c:e1:e2:98:70:f0:79:4a:
03:01:52:da:44:ad:08:1b:b5:46:21:8a:00:a0:f2:
75:e5:2c:eb:76:50:e0:e8:fc:e9:47:20:c1:3a:57:
9b:85:68:89:e2:cc:f9:7c:ab:d9:8e:56:f9:31:7b:
36:09:1d:40:51:c6:f1:c6:3c:98:0e:16:44:a6:66:
e5:ca:5a:47:02:3a:89:0f:da:16:a1:e1:1d:e2:3e:
0a:d0:7a:a2:78:28:05:fd:bb:62:b3:85:77:07:6c:
c1:79:7d:65:b3:44:ef:59:13:49:72:93:d8:ed:ba:
f4:7f:8c:b4:51:be:6e:82:57:3a:ab:c3:33:a8:15:
e9:43:e4:9c:be:42:bf:5a:e2:51:2e:61:52:78:32:
73:7f:23:70:c8:8a:2d:82:51:e9:53:69:42:75:cc:
79:5f:b0:62:ba:01:39:c9:03:a2:04:59:fb:60:28:
4d:66:3c:43:56:8f:d4:57:cb:35:cb:67:2f:02:ee:
f6:50:e5:14:be:ac:7e:56:cd:e7:d7:0e:6a:d0:cd:
3b:4d:d0:11:a1:17:ca:99:6e:e0:b4:d5:2f:0a:06:
4d:1f:dc:45:31:a8:93:fb:f2:9e:ee:9d:cc:ce:2d:
7a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:BD:D0:46:0B:94:0E:DC:BD:89:0A:F5:50:B1:A6:37:9E:20:2E:22
X509v3 Authority Key Identifier:
keyid:00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/Fb3QRguUDty9iQr1ULGmN54gLiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.207.0/24
IPv6:
2001:678:210::/48
2a0f:4500::/32
2a0f:4507:8000::/33
Signature Algorithm: sha256WithRSAEncryption
c9:53:e7:43:50:3e:fb:9c:f6:77:65:e8:9c:09:50:a9:70:62:
1b:33:df:da:a3:6a:04:9e:85:48:4d:eb:f8:61:f3:1b:8d:fd:
1b:79:05:7b:8e:e0:6a:77:b6:08:ad:25:2f:4e:28:fe:f3:10:
11:d6:c8:21:50:98:e8:e0:9b:72:0c:05:e7:64:5b:3a:31:24:
32:19:6a:34:cb:b7:83:d3:04:dd:32:3b:d3:ab:be:34:94:43:
35:bc:4e:4e:df:59:e3:2d:04:19:0b:1d:9b:5a:2f:0a:cc:91:
a7:c2:3f:d6:23:67:99:2b:3b:b4:c4:20:a7:04:f4:bc:9f:75:
96:cb:b6:b4:7d:28:0b:ab:0d:71:1f:b9:fa:b0:4b:e7:df:ef:
8f:ab:71:72:c9:89:02:9a:ea:ef:43:b5:b6:9a:9e:2c:de:69:
ed:6c:5f:07:43:ec:a9:79:7b:ab:64:ec:7a:85:52:94:01:5f:
94:26:7c:6c:ee:84:bf:73:33:4f:d9:5b:fa:be:d4:3e:fe:4a:
e3:8a:3b:8b:29:da:aa:af:78:ab:bc:91:fe:32:a8:0a:6e:50:
05:79:41:9c:ec:2b:3b:4b:ce:70:63:c1:fd:f0:57:7b:88:ec:
99:5d:ae:6f:26:e4:6e:df:d3:df:b4:3a:75:77:bb:06:00:7c:
56:b3:49:0a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ1KCvdwomvHd9qZVbiL2DYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwM2IyYzM4NzEwNjkwMDJhZDBiMmY0MmIwY2JmNWU5MmUz
YmU0YjMwHhcNMjYwNDAxMTcxNTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWJkZDA0NjBiOTQwZWRjYmQ4OTBhZjU1MGIxYTYzNzllMjAyZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNoY0AvrQ4ZYbr/QQIPlucOqh+Kv
DOHimHDweUoDAVLaRK0IG7VGIYoAoPJ15SzrdlDg6PzpRyDBOlebhWiJ4sz5fKvZ
jlb5MXs2CR1AUcbxxjyYDhZEpmblylpHAjqJD9oWoeEd4j4K0HqieCgF/btis4V3
B2zBeX1ls0TvWRNJcpPY7br0f4y0Ub5uglc6q8MzqBXpQ+ScvkK/WuJRLmFSeDJz
fyNwyIotglHpU2lCdcx5X7BiugE5yQOiBFn7YChNZjxDVo/UV8s1y2cvAu72UOUU
vqx+Vs3n1w5q0M07TdARoRfKmW7gtNUvCgZNH9xFMaiT+/Ke7p3Mzi16awIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBW90EYLlA7cvYkK9VCxpjeeIC4iMB8GA1UdIwQY
MBaAFAA7LDhxBpACrQsvQrDL9ekuO+SzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGIt
YjM1YTBhMTQ1M2ZiLzEvRmIzUVJndVVEdHk5aVFyMVVMR21ONTRnTGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGItYjM1YTBhMTQ1M2Zi
LzEvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAMBAIAATAGAwQAXZ3PMB4E
AgACMBgDBwAgAQZ4AhADBQAqD0UAAwYHKg9FB4AwDQYJKoZIhvcNAQELBQADggEB
AMlT50NQPvuc9ndl6JwJUKlwYhsz39qjagSehUhN6/hh8xuN/Rt5BXuO4Gp3tgit
JS9OKP7zEBHWyCFQmOjgm3IMBedkWzoxJDIZajTLt4PTBN0yO9OrvjSUQzW8Tk7f
WeMtBBkLHZtaLwrMkafCP9YjZ5krO7TEIKcE9LyfdZbLtrR9KAurDXEfufqwS+ff
74+rcXLJiQKa6u9Dtbaanizeae1sXwdD7Kl5e6tk7HqFUpQBX5QmfGzuhL9zM0/Z
W/q+1D7+SuOKO4sp2qqveKu8kf4yqApuUAV5QZzsKztLznBjwf3wV3uI7Jldrm8m
5G7f09+0OnV3uwYAfFazSQo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:12:29 2026 by rpki-client