Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/FO1Njm3D4bTVUVZ-uzf1LfhrAeE.roa
File: FO1Njm3D4bTVUVZ-uzf1LfhrAeE.roa (raw, json)
Hash identifier: 2QGOBb9FpXcwwQ8GXal25w6k799irhd3uwRo+HisqYc=
Subject key identifier: 14:ED:4D:8E:6D:C3:E1:B4:D5:51:56:7E:BB:37:F5:2D:F8:6B:01:E1
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019D70BBF978566AA9255EF0CE78A87384CC
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/FO1Njm3D4bTVUVZ-uzf1LfhrAeE.roa
Signing time: Thu 09 Apr 2026 05:34:20 +0000
ROA not before: Thu 09 Apr 2026 05:34:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7018
IP address blocks: 109.121.0.0/19 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:56:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:70:bb:f9:78:56:6a:a9:25:5e:f0:ce:78:a8:73:84:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 9 05:34:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=14ed4d8e6dc3e1b4d551567ebb37f52df86b01e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:51:0b:6d:94:39:cf:6b:e6:d2:54:43:80:61:
74:55:a1:82:ce:c0:61:36:2e:98:67:37:47:07:b5:
e9:7f:5f:4d:94:5f:42:e4:03:5e:48:31:48:c2:1d:
53:cc:a5:8d:62:2f:7f:fe:d1:b3:a6:97:4b:e3:00:
dc:4d:6f:21:35:72:aa:ed:4d:3b:fb:27:46:02:7e:
b4:68:9d:7a:b6:c5:ca:18:e0:ea:7b:96:62:8e:2f:
f6:22:6c:12:62:95:9a:e1:14:56:4a:b8:23:54:6a:
99:96:8a:25:0c:3b:60:26:8d:29:ff:58:a5:6e:1e:
92:96:e7:61:d6:f9:fc:c8:77:af:30:88:8e:53:8b:
eb:a5:62:5b:a2:91:b7:11:04:11:be:d4:49:ad:2d:
76:d8:f6:98:8e:bb:99:78:5a:75:80:69:60:da:29:
ad:32:b0:fb:2a:d3:2d:b6:84:ae:f1:f3:0e:03:91:
93:13:f8:aa:8f:23:fb:cb:3b:09:4a:ec:66:31:5d:
87:82:e4:f1:11:a8:54:57:6a:c8:32:d1:54:60:25:
b6:2a:08:b9:e7:18:c7:64:bd:5d:62:46:bb:2e:99:
ec:06:cf:a8:44:eb:29:cd:ae:0d:77:4d:9b:3a:37:
9c:96:ce:c4:2b:2f:24:08:5d:80:21:53:49:2b:c2:
b4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:ED:4D:8E:6D:C3:E1:B4:D5:51:56:7E:BB:37:F5:2D:F8:6B:01:E1
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/FO1Njm3D4bTVUVZ-uzf1LfhrAeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.121.40.0/24
109.121.43.0/24
109.233.184.0/23
178.253.237.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:f2:93:b3:57:cb:48:80:38:5b:9e:e1:54:39:8f:b5:17:6d:
e7:c4:68:cd:d3:05:48:d1:3a:fd:73:8d:c1:e8:42:dd:ab:8e:
c4:f7:75:45:6c:8c:b7:ca:b3:7b:2e:0d:b4:f6:84:0f:e0:7c:
15:c5:4e:19:cc:13:19:d8:3f:11:ed:0c:70:eb:1b:b4:2e:83:
c9:e6:68:ca:33:68:8b:c0:ba:a4:ef:89:a4:94:a1:33:5e:85:
a7:a8:cf:a3:33:30:70:71:b9:a6:f0:49:5f:d5:fc:da:30:d3:
4f:a3:ec:f7:e6:8f:36:52:c3:d9:5c:9e:02:39:2a:8b:ff:2c:
80:93:a6:b9:76:c0:7d:7d:92:6b:34:f2:af:6c:8a:b6:63:82:
07:f3:9c:ae:f9:04:2e:b1:02:ad:41:9e:7a:82:0c:ba:0e:5f:
cb:0e:4e:2d:06:e7:37:4d:33:28:f7:33:85:c6:4c:99:75:c5:
83:89:0d:f5:79:49:9d:7d:f9:8e:73:7a:3e:fa:70:c4:63:08:
00:c2:ed:32:d2:40:01:f2:f6:f0:5a:e6:b4:f6:27:21:9b:55:
e5:cf:18:7f:5c:f4:c2:a0:de:37:95:ad:7b:be:3d:7d:d4:16:
ea:14:eb:4d:2e:53:96:ae:d4:2f:7c:0b:b3:e6:8e:17:00:a9:
fb:80:a6:c8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ1wu/l4VmqpJV7wznioc4TMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNDA5MDUzNDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGVkNGQ4ZTZkYzNlMWI0ZDU1MTU2N2ViYjM3ZjUyZGY4NmIwMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01ELbZQ5z2vm0lRDgGF0VaGCzsBh
Ni6YZzdHB7Xpf19NlF9C5ANeSDFIwh1TzKWNYi9//tGzppdL4wDcTW8hNXKq7U07
+ydGAn60aJ16tsXKGODqe5Ziji/2ImwSYpWa4RRWSrgjVGqZloolDDtgJo0p/1il
bh6Sludh1vn8yHevMIiOU4vrpWJbopG3EQQRvtRJrS122PaYjruZeFp1gGlg2imt
MrD7KtMttoSu8fMOA5GTE/iqjyP7yzsJSuxmMV2HguTxEahUV2rIMtFUYCW2Kgi5
5xjHZL1dYka7LpnsBs+oROspza4Nd02bOjecls7EKy8kCF2AIVNJK8K0JwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBTtTY5tw+G01VFWfrs39S34awHhMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvRk8xTmptM0Q0YlRWVVZaLXV6ZjFMZmhyQWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFbXkAAwQA
bXkoAwQAbXkrAwQBbem4AwQAsv3tMA0GCSqGSIb3DQEBCwUAA4IBAQAq8pOzV8tI
gDhbnuFUOY+1F23nxGjN0wVI0Tr9c43B6ELdq47E93VFbIy3yrN7Lg209oQP4HwV
xU4ZzBMZ2D8R7Qxw6xu0LoPJ5mjKM2iLwLqk74mklKEzXoWnqM+jMzBwcbmm8Elf
1fzaMNNPo+z35o82UsPZXJ4COSqL/yyAk6a5dsB9fZJrNPKvbIq2Y4IH85yu+QQu
sQKtQZ56ggy6Dl/LDk4tBuc3TTMo9zOFxkyZdcWDiQ31eUmdffmOc3o++nDEYwgA
wu0y0kAB8vbwWua09ichm1Xlzxh/XPTCoN43la17vj191BbqFOtNLlOWrtQvfAuz
5o4XAKn7gKbI
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:10:20 2026 by rpki-client