Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/FC06aK4k9Vhficw41G6Hdl0Xt58.roa
File: FC06aK4k9Vhficw41G6Hdl0Xt58.roa (raw, json)
Hash identifier: ZG52zMOxumtbmZghOID0KYulTKdKMGJDweSarBJ8RO8=
Subject key identifier: 14:2D:3A:68:AE:24:F5:58:5F:89:CC:38:D4:6E:87:76:5D:17:B7:9F
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019C36B8E519C1EE6092D57D3579F6D4E529
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/FC06aK4k9Vhficw41G6Hdl0Xt58.roa
Signing time: Sat 07 Feb 2026 06:10:12 +0000
ROA not before: Sat 07 Feb 2026 06:10:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42337
IP address blocks: 109.122.241.0/24 maxlen: 24
109.122.242.0/24 maxlen: 24
109.122.243.0/24 maxlen: 24
109.122.248.0/24 maxlen: 24
109.122.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:36:b8:e5:19:c1:ee:60:92:d5:7d:35:79:f6:d4:e5:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Feb 7 06:10:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=142d3a68ae24f5585f89cc38d46e87765d17b79f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:82:56:14:62:84:4f:a4:a2:89:d9:1b:ed:25:
db:6f:bb:cb:43:5b:5c:56:8c:c8:ff:0b:8c:fe:29:
71:62:cb:ff:cf:e2:c8:b2:74:ff:57:c5:9b:55:31:
1b:5f:d0:28:90:e8:11:3d:dc:32:67:2c:be:32:d1:
24:54:bc:14:3c:5a:c3:3d:c6:e1:0a:5b:8e:d8:d5:
0a:47:98:ba:13:1b:1e:fc:35:b8:60:71:00:cc:c1:
25:98:ae:8e:f6:20:1c:e8:4f:41:83:80:85:0b:07:
d3:59:c0:cf:3d:a8:2a:c1:ea:ee:a4:c8:20:53:42:
bc:f4:7a:b5:f2:72:72:7a:60:d1:1e:38:7f:8b:00:
75:17:4e:84:b8:f6:5c:ec:78:9d:9c:0d:45:ad:1a:
fc:09:71:3e:a5:cb:5c:9f:6f:87:2f:18:79:38:dd:
36:16:78:70:70:44:0d:21:8e:13:58:20:51:2d:f8:
c8:14:08:7f:7d:9e:01:36:a4:c2:24:0c:b2:94:fe:
39:02:c5:9f:3c:1a:17:1e:6a:77:65:4e:7b:6f:31:
6a:ed:67:25:2d:ae:ed:75:0f:a1:34:5b:d4:44:10:
dc:76:a7:90:ea:c9:97:b7:6d:d8:97:69:90:8e:b9:
f2:91:94:0b:d0:f5:e8:7a:af:49:13:8b:f0:37:2f:
9c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2D:3A:68:AE:24:F5:58:5F:89:CC:38:D4:6E:87:76:5D:17:B7:9F
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/FC06aK4k9Vhficw41G6Hdl0Xt58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.241.0-109.122.243.255
109.122.248.0/24
109.122.253.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:75:9a:f1:28:fa:ac:2d:17:f0:71:7d:73:0c:79:dc:b2:f4:
f3:41:fc:27:01:4f:54:67:44:da:9d:99:ac:4a:eb:fe:99:ca:
df:e5:38:66:c3:31:ae:ac:01:cf:c2:00:7f:51:cb:a3:fe:41:
f4:ed:4c:41:79:3c:c9:21:ad:08:0d:98:ce:63:34:bc:c7:22:
1b:e2:d4:12:2c:8e:b7:02:a9:ef:2d:43:2d:1e:1f:68:14:66:
ca:fa:42:b3:cf:30:48:72:a4:36:60:db:46:01:fa:5c:42:8e:
0a:7c:7c:02:96:ba:2e:56:55:f8:f4:38:4e:c9:05:74:cc:ec:
0f:5b:00:a5:bc:cd:0d:38:34:c3:81:56:da:ad:9a:1c:52:3e:
4b:70:3b:83:f4:a6:93:43:f4:16:be:c4:24:49:d2:97:9b:74:
f0:97:38:9a:ac:bb:ac:b2:44:43:81:e9:4d:bc:12:12:81:c1:
32:5f:49:c9:b3:cc:56:2d:e5:eb:1c:b2:fa:21:83:26:c5:b6:
fb:a9:2f:a7:13:9b:f7:9f:0f:b7:44:ce:1e:eb:de:bd:a0:89:
88:d4:60:01:a5:45:81:56:79:46:2c:d3:8f:36:55:ac:0c:e6:
52:69:40:ba:74:3b:99:3c:c1:a6:e8:eb:d3:e3:35:d7:63:01:
11:c0:01:87
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZw2uOUZwe5gktV9NXn21OUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjYwMjA3MDYxMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDJkM2E2OGFlMjRmNTU4NWY4OWNjMzhkNDZlODc3NjVkMTdiNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoJWFGKET6Siidkb7SXbb7vLQ1tc
VozI/wuM/ilxYsv/z+LIsnT/V8WbVTEbX9AokOgRPdwyZyy+MtEkVLwUPFrDPcbh
CluO2NUKR5i6Exse/DW4YHEAzMElmK6O9iAc6E9Bg4CFCwfTWcDPPagqwerupMgg
U0K89Hq18nJyemDRHjh/iwB1F06EuPZc7HidnA1FrRr8CXE+pctcn2+HLxh5ON02
FnhwcEQNIY4TWCBRLfjIFAh/fZ4BNqTCJAyylP45AsWfPBoXHmp3ZU57bzFq7Wcl
La7tdQ+hNFvURBDcdqeQ6smXt23Yl2mQjrnykZQL0PXoeq9JE4vwNy+cEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBQtOmiuJPVYX4nMONRuh3ZdF7efMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvRkMwNmFLNGs5VmhmaWN3NDFHNkhkbDBYdDU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABtevED
BAJtevADBABtevgDBABtev0wDQYJKoZIhvcNAQELBQADggEBADx1mvEo+qwtF/Bx
fXMMedyy9PNB/CcBT1RnRNqdmaxK6/6Zyt/lOGbDMa6sAc/CAH9Ry6P+QfTtTEF5
PMkhrQgNmM5jNLzHIhvi1BIsjrcCqe8tQy0eH2gUZsr6QrPPMEhypDZg20YB+lxC
jgp8fAKWui5WVfj0OE7JBXTM7A9bAKW8zQ04NMOBVtqtmhxSPktwO4P0ppND9Ba+
xCRJ0pebdPCXOJqsu6yyREOB6U28EhKBwTJfScmzzFYt5escsvohgybFtvupL6cT
m/efD7dEzh7r3r2giYjUYAGlRYFWeUYs0482VawM5lJpQLp0O5k8wabo69PjNddj
ARHAAYc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:48:57 2026 by rpki-client