Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/51b2ce-09aa-438d-9907-101b9e80e359/1/FsZqIeW01RfaEApHUES0cB5ebyI.roa
File: FsZqIeW01RfaEApHUES0cB5ebyI.roa (raw, json)
Hash identifier: VCT9mMAi/Cn+09fCPNJ/y3SBfVeioqWO5E+XzvEA3FA=
Subject key identifier: 16:C6:6A:21:E5:B4:D5:17:DA:10:0A:47:50:44:B4:70:1E:5E:6F:22
Certificate issuer: /CN=497ede37f29f40a71b1cb2a5fce526e8a3d0e5e1
Certificate serial: 019C9A621D2CB53A7DF2DB07008A35C22E2A
Authority key identifier: 49:7E:DE:37:F2:9F:40:A7:1B:1C:B2:A5:FC:E5:26:E8:A3:D0:E5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SX7eN_KfQKcbHLKl_OUm6KPQ5eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/51b2ce-09aa-438d-9907-101b9e80e359/1/FsZqIeW01RfaEApHUES0cB5ebyI.roa
Signing time: Thu 26 Feb 2026 14:37:27 +0000
ROA not before: Thu 26 Feb 2026 14:37:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34040
IP address blocks: 62.204.224.0/19 maxlen: 19
62.204.228.0/23 maxlen: 23
87.249.140.0/22 maxlen: 22
87.249.144.0/20 maxlen: 20
2a02:17b8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/51b2ce-09aa-438d-9907-101b9e80e359/1/SX7eN_KfQKcbHLKl_OUm6KPQ5eE.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/51b2ce-09aa-438d-9907-101b9e80e359/1/SX7eN_KfQKcbHLKl_OUm6KPQ5eE.mft
rsync://rpki.ripe.net/repository/DEFAULT/SX7eN_KfQKcbHLKl_OUm6KPQ5eE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9a:62:1d:2c:b5:3a:7d:f2:db:07:00:8a:35:c2:2e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=497ede37f29f40a71b1cb2a5fce526e8a3d0e5e1
Validity
Not Before: Feb 26 14:37:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=16c66a21e5b4d517da100a475044b4701e5e6f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:17:4c:12:67:0f:66:8a:94:d6:fa:cb:e7:d8:
39:fb:39:a3:04:57:62:d7:c2:8d:4b:51:94:82:ae:
58:24:35:e6:a7:2f:0b:d1:54:d5:43:e7:6b:25:40:
b2:9c:04:4e:f6:2a:e6:ff:3f:28:d1:55:e2:9c:2d:
b6:11:de:93:62:3f:07:27:08:2b:28:72:87:2a:61:
d1:ba:93:5d:12:01:4f:05:30:d8:25:cb:22:c0:32:
cc:4d:26:7c:5d:41:bb:60:ba:26:0d:5e:0e:d9:34:
8b:d5:48:13:55:ac:7c:e3:54:12:2a:3e:f1:37:8d:
d9:08:83:6e:42:0f:92:1c:cb:6c:b0:dd:4f:03:76:
0d:55:0d:0a:66:3d:f2:84:c8:69:44:72:ec:70:27:
73:08:99:d7:a8:34:40:a4:25:90:31:d7:a5:1a:46:
0c:91:0a:90:d3:0b:5c:f2:27:1f:9d:9e:b3:59:51:
b8:5c:e5:c4:76:8c:c8:6a:ea:de:60:42:72:86:a5:
a3:99:82:e6:04:5b:f8:fb:c3:f1:b9:c8:68:c2:5b:
54:24:6d:35:18:ab:ee:fe:8f:31:5f:13:20:6b:71:
42:22:7c:fc:b2:01:c6:84:ad:e3:84:ad:af:e0:f6:
88:b3:0b:b1:57:b9:6a:33:ef:c9:3a:33:27:41:50:
a3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C6:6A:21:E5:B4:D5:17:DA:10:0A:47:50:44:B4:70:1E:5E:6F:22
X509v3 Authority Key Identifier:
keyid:49:7E:DE:37:F2:9F:40:A7:1B:1C:B2:A5:FC:E5:26:E8:A3:D0:E5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SX7eN_KfQKcbHLKl_OUm6KPQ5eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/51b2ce-09aa-438d-9907-101b9e80e359/1/FsZqIeW01RfaEApHUES0cB5ebyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/51b2ce-09aa-438d-9907-101b9e80e359/1/SX7eN_KfQKcbHLKl_OUm6KPQ5eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.224.0/19
87.249.140.0-87.249.159.255
IPv6:
2a02:17b8::/32
Signature Algorithm: sha256WithRSAEncryption
1e:a6:a0:3e:ae:55:73:61:bb:d0:3c:24:54:dd:4f:e8:17:14:
ad:81:b1:93:9f:5c:1e:c3:d7:cb:9d:87:71:4d:69:01:41:fe:
a7:ce:91:41:f6:21:f9:7e:23:55:00:25:01:59:92:92:a9:ca:
0c:c6:05:85:d5:05:72:b7:89:fa:2a:d9:1a:73:c2:4b:05:e6:
d3:a4:c0:ae:20:43:6e:1a:a1:b8:35:47:ba:70:f1:0d:20:f5:
f8:dc:05:3b:4c:88:67:53:01:45:7c:99:28:db:0a:c8:0f:5f:
f4:c3:b3:10:80:eb:8a:30:1a:2f:37:e2:da:b8:42:d5:a5:78:
0e:9e:9b:54:c5:08:6a:bf:e3:75:7a:dc:35:d0:5d:87:d1:44:
60:3d:80:69:04:fd:a1:f2:99:07:6b:ed:ae:49:de:48:c4:46:
15:85:27:bc:1c:6e:ea:af:1a:50:14:95:4c:9e:74:6c:d5:73:
5d:c1:ce:16:89:3c:fb:3b:42:8d:5a:e8:19:57:47:8c:86:ea:
53:72:9a:24:cc:26:ce:2a:34:b3:a0:fa:c6:ee:bb:05:e4:f0:
60:75:66:cd:88:db:75:2e:bd:b4:d6:29:2c:43:c6:35:b9:ef:
3d:33:5a:5d:c6:3e:db:8e:ab:54:b6:9f:82:88:e5:66:a2:24:
2d:1d:01:1e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZyaYh0stTp98tsHAIo1wi4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5N2VkZTM3ZjI5ZjQwYTcxYjFjYjJhNWZjZTUyNmU4YTNk
MGU1ZTEwHhcNMjYwMjI2MTQzNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmM2NmEyMWU1YjRkNTE3ZGExMDBhNDc1MDQ0YjQ3MDFlNWU2ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxdMEmcPZoqU1vrL59g5+zmjBFdi
18KNS1GUgq5YJDXmpy8L0VTVQ+drJUCynARO9irm/z8o0VXinC22Ed6TYj8HJwgr
KHKHKmHRupNdEgFPBTDYJcsiwDLMTSZ8XUG7YLomDV4O2TSL1UgTVax841QSKj7x
N43ZCINuQg+SHMtssN1PA3YNVQ0KZj3yhMhpRHLscCdzCJnXqDRApCWQMdelGkYM
kQqQ0wtc8icfnZ6zWVG4XOXEdozIaureYEJyhqWjmYLmBFv4+8PxuchowltUJG01
GKvu/o8xXxMga3FCInz8sgHGhK3jhK2v4PaIswuxV7lqM+/JOjMnQVCjWwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBbGaiHltNUX2hAKR1BEtHAeXm8iMB8GA1UdIwQY
MBaAFEl+3jfyn0CnGxyypfzlJuij0OXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1g3ZU5fS2ZRS2NiSExLbF9PVW02S1BRNWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC81MWIyY2UtMDlhYS00MzhkLTk5MDct
MTAxYjllODBlMzU5LzEvRnNacUllVzAxUmZhRUFwSFVFUzBjQjVlYnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC81MWIyY2UtMDlhYS00MzhkLTk5MDctMTAxYjllODBlMzU5
LzEvU1g3ZU5fS2ZRS2NiSExLbF9PVW02S1BRNWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQFPszgMAwD
BAJX+YwDBAVX+YAwDQQCAAIwBwMFACoCF7gwDQYJKoZIhvcNAQELBQADggEBAB6m
oD6uVXNhu9A8JFTdT+gXFK2BsZOfXB7D18udh3FNaQFB/qfOkUH2Ifl+I1UAJQFZ
kpKpygzGBYXVBXK3ifoq2RpzwksF5tOkwK4gQ24aobg1R7pw8Q0g9fjcBTtMiGdT
AUV8mSjbCsgPX/TDsxCA64owGi834tq4QtWleA6em1TFCGq/43V63DXQXYfRRGA9
gGkE/aHymQdr7a5J3kjERhWFJ7wcbuqvGlAUlUyedGzVc13BzhaJPPs7Qo1a6BlX
R4yG6lNymiTMJs4qNLOg+sbuuwXk8GB1Zs2I23UuvbTWKSxDxjW57z0zWl3GPtuO
q1S2n4KI5WaiJC0dAR4=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:42:53 2026 by rpki-client