Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/fvZVLt2jJxSwkZIVsLw5-Ya7ZRI.roa
File: fvZVLt2jJxSwkZIVsLw5-Ya7ZRI.roa (raw, json)
Hash identifier: fRu3ed4NqNa0Gx+wvKVb9ozSMChmEYjpHTUHm+NNTxQ=
Subject key identifier: 7E:F6:55:2E:DD:A3:27:14:B0:91:92:15:B0:BC:39:F9:86:BB:65:12
Certificate issuer: /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial: 019E634A0911DF8C6A3E87858FD7DF2314D3
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/fvZVLt2jJxSwkZIVsLw5-Ya7ZRI.roa
Signing time: Tue 26 May 2026 07:57:36 +0000
ROA not before: Tue 26 May 2026 07:57:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198605
IP address blocks: 95.142.118.0/24 maxlen: 24
95.142.121.0/24 maxlen: 24
95.142.124.0/24 maxlen: 24
159.242.227.0/24 maxlen: 24
159.242.234.0/24 maxlen: 24
159.242.239.0/24 maxlen: 24
185.54.230.0/24 maxlen: 24
194.99.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:63:4a:09:11:df:8c:6a:3e:87:85:8f:d7:df:23:14:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Validity
Not Before: May 26 07:57:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ef6552edda32714b0919215b0bc39f986bb6512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1b:d5:63:d1:d6:1b:d8:22:d1:b9:e3:9d:47:
00:f7:c6:ed:69:32:a5:14:88:0c:7a:0c:ad:66:9d:
f2:fa:ee:4e:68:a1:d2:f4:e2:6c:8d:cd:c9:b6:58:
0d:5b:69:ad:bf:e1:d9:c9:cd:9d:38:3d:d4:73:f8:
3d:7b:91:28:11:3f:c7:ee:0b:e0:af:b1:b9:41:45:
fb:f5:91:b3:53:be:9e:44:23:27:b4:b4:7a:71:0d:
d8:02:a9:35:62:ca:37:12:c3:bf:16:57:6a:9a:a1:
6d:43:11:a2:2a:3f:a7:8a:43:d7:2a:04:ac:5d:16:
c0:fe:6f:8d:04:c7:8f:27:45:14:90:eb:07:1b:9c:
d8:e8:98:ea:93:f6:c9:72:a4:48:e6:8c:b3:b3:5d:
94:64:98:1a:f8:7b:72:6e:da:dc:bf:56:4c:db:f7:
f5:42:d0:88:3b:82:24:cb:a3:46:59:fb:2e:d2:12:
d1:80:3c:27:48:eb:9e:b3:93:b7:f6:43:cb:f9:4f:
8a:44:63:b6:0b:1c:60:c1:b2:c7:77:ba:1f:f3:02:
2a:b9:62:19:88:01:50:92:31:18:e5:30:98:9f:c8:
1d:57:73:b1:a8:ee:f6:ca:86:11:f4:a1:cd:06:2a:
59:73:f5:71:ee:4c:6a:19:ac:2b:94:55:26:29:e1:
25:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F6:55:2E:DD:A3:27:14:B0:91:92:15:B0:BC:39:F9:86:BB:65:12
X509v3 Authority Key Identifier:
keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/fvZVLt2jJxSwkZIVsLw5-Ya7ZRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.118.0/24
95.142.121.0/24
95.142.124.0/24
159.242.227.0/24
159.242.234.0/24
159.242.239.0/24
185.54.230.0/24
194.99.28.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:29:a9:ba:6a:1a:41:3c:32:73:c6:82:e1:5b:82:1e:d1:52:
a8:da:fa:af:a5:50:e0:e0:26:79:be:51:eb:e2:93:1a:0b:0a:
e2:a2:49:f7:9c:7a:5a:4f:4b:69:9c:4d:be:50:4b:98:ee:5a:
7e:8d:57:25:e3:f8:3e:12:7b:7f:0e:cd:b4:66:9c:dd:98:0c:
b3:07:cc:ce:54:49:53:90:c9:99:32:5c:12:29:e2:b9:b1:a4:
33:41:cb:89:a2:6d:59:1b:e1:42:8f:43:2f:58:39:82:e2:e8:
4f:e6:6f:19:40:13:13:83:7e:56:b6:9e:7a:84:36:79:90:1b:
f4:30:71:b4:3a:86:f5:fd:12:91:49:c7:72:15:34:6e:eb:d8:
2b:4f:39:65:5e:70:d6:57:c6:8b:20:83:e5:19:c6:95:c8:0f:
6e:71:a2:a9:93:61:88:56:91:18:e9:b1:e0:56:b8:6a:36:5a:
d3:0a:48:31:f4:04:56:6a:8a:d0:33:95:e4:bb:42:f1:06:14:
07:67:78:40:13:da:8f:12:68:9e:6c:ed:a7:d4:a7:4e:2f:09:
b2:f9:7a:40:36:3d:f3:1d:0d:3e:34:5a:51:78:44:31:b6:42:
6f:43:bc:a1:e8:b4:99:c6:62:b1:56:99:b8:57:22:25:75:c2:
d0:9f:1e:88
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ5jSgkR34xqPoeFj9ffIxTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjYwNTI2MDc1NzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWY2NTUyZWRkYTMyNzE0YjA5MTkyMTViMGJjMzlmOTg2YmI2NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BvVY9HWG9gi0bnjnUcA98btaTKl
FIgMegytZp3y+u5OaKHS9OJsjc3JtlgNW2mtv+HZyc2dOD3Uc/g9e5EoET/H7gvg
r7G5QUX79ZGzU76eRCMntLR6cQ3YAqk1Yso3EsO/FldqmqFtQxGiKj+nikPXKgSs
XRbA/m+NBMePJ0UUkOsHG5zY6Jjqk/bJcqRI5oyzs12UZJga+Htybtrcv1ZM2/f1
QtCIO4Iky6NGWfsu0hLRgDwnSOues5O39kPL+U+KRGO2CxxgwbLHd7of8wIquWIZ
iAFQkjEY5TCYn8gdV3OxqO72yoYR9KHNBipZc/Vx7kxqGawrlFUmKeEluwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFH72VS7doycUsJGSFbC8OfmGu2USMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEvZnZaVkx0MmpKeFN3a1pJVnNMdzUtWWE3WlJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAX452AwQA
X455AwQAX458AwQAn/LjAwQAn/LqAwQAn/LvAwQAuTbmAwQCwmMcMA0GCSqGSIb3
DQEBCwUAA4IBAQB8Kam6ahpBPDJzxoLhW4Ie0VKo2vqvpVDg4CZ5vlHr4pMaCwri
okn3nHpaT0tpnE2+UEuY7lp+jVcl4/g+Ent/Ds20ZpzdmAyzB8zOVElTkMmZMlwS
KeK5saQzQcuJom1ZG+FCj0MvWDmC4uhP5m8ZQBMTg35Wtp56hDZ5kBv0MHG0Oob1
/RKRScdyFTRu69grTzllXnDWV8aLIIPlGcaVyA9ucaKpk2GIVpEY6bHgVrhqNlrT
Ckgx9ARWaorQM5Xku0LxBhQHZ3hAE9qPEmiebO2n1KdOLwmy+XpANj3zHQ0+NFpR
eEQxtkJvQ7yh6LSZxmKxVpm4VyIldcLQnx6I
-----END CERTIFICATE-----
Generated at Sat Jun 13 17:04:00 2026 by rpki-client