Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f56d7f-1b78-4453-81e7-ba56378a6476/1/fHFuDubGJay6f3QRMl_syy59tUI.roa
File: fHFuDubGJay6f3QRMl_syy59tUI.roa (raw, json)
Hash identifier: WeJ0odvv5HiU4s+dbY5OYrOLlDMz7f5iB63fYsvrOCc=
Subject key identifier: 7C:71:6E:0E:E6:C6:25:AC:BA:7F:74:11:32:5F:EC:CB:2E:7D:B5:42
Certificate issuer: /CN=153b46702839a795baba8d8d15ecdcca637e336c
Certificate serial: 019ED03F69AD6E5007B2F150E5FE8C9835F5
Authority key identifier: 15:3B:46:70:28:39:A7:95:BA:BA:8D:8D:15:EC:DC:CA:63:7E:33:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTtGcCg5p5W6uo2NFezcymN-M2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f56d7f-1b78-4453-81e7-ba56378a6476/1/fHFuDubGJay6f3QRMl_syy59tUI.roa
Signing time: Tue 16 Jun 2026 11:44:37 +0000
ROA not before: Tue 16 Jun 2026 11:44:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20686
IP address blocks: 185.245.22.0/24 maxlen: 24
2a0c:d4c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/f56d7f-1b78-4453-81e7-ba56378a6476/1/FTtGcCg5p5W6uo2NFezcymN-M2w.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/f56d7f-1b78-4453-81e7-ba56378a6476/1/FTtGcCg5p5W6uo2NFezcymN-M2w.mft
rsync://rpki.ripe.net/repository/DEFAULT/FTtGcCg5p5W6uo2NFezcymN-M2w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 05:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d0:3f:69:ad:6e:50:07:b2:f1:50:e5:fe:8c:98:35:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=153b46702839a795baba8d8d15ecdcca637e336c
Validity
Not Before: Jun 16 11:44:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7c716e0ee6c625acba7f7411325feccb2e7db542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:96:2b:56:85:bb:38:f7:50:65:98:e2:7e:ca:
f9:25:8e:d3:75:9e:0f:7b:16:c3:aa:01:b1:94:90:
e3:94:55:86:8d:ab:4c:b6:58:2b:7c:0c:a4:10:65:
7b:b3:7c:f6:7f:7a:32:41:0b:a0:84:cc:f4:b7:68:
f2:3b:62:4c:36:11:65:0d:39:90:75:fa:72:40:a2:
4a:70:1a:68:cc:05:05:99:e5:a4:6b:2a:3c:c5:a5:
38:37:fd:a1:b8:42:d6:ec:15:6f:8e:82:24:7b:61:
00:0b:1c:60:3f:d9:61:e3:ac:fd:e5:1c:95:0e:ad:
c9:2d:69:cc:ce:79:a6:e7:33:01:e0:43:e3:df:49:
1f:3e:0a:55:a4:a6:bf:87:60:68:62:b0:59:b2:2a:
54:5e:c9:79:e7:41:1a:83:85:41:91:e4:2a:54:23:
29:86:66:cb:3b:fa:35:9d:9d:43:40:83:53:92:24:
65:5b:9d:19:4a:16:9d:5b:8e:aa:9b:ec:03:2c:ea:
f6:bd:b7:2a:d3:03:c7:31:76:66:ff:68:99:d6:05:
19:ca:af:ad:90:d7:8d:0a:4c:97:7a:00:91:56:f1:
11:16:21:87:b7:2e:cd:44:ba:d5:7a:63:76:df:4a:
f4:d0:96:67:99:d7:00:70:2f:ba:72:9a:17:a1:bc:
85:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:71:6E:0E:E6:C6:25:AC:BA:7F:74:11:32:5F:EC:CB:2E:7D:B5:42
X509v3 Authority Key Identifier:
keyid:15:3B:46:70:28:39:A7:95:BA:BA:8D:8D:15:EC:DC:CA:63:7E:33:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTtGcCg5p5W6uo2NFezcymN-M2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f56d7f-1b78-4453-81e7-ba56378a6476/1/fHFuDubGJay6f3QRMl_syy59tUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f56d7f-1b78-4453-81e7-ba56378a6476/1/FTtGcCg5p5W6uo2NFezcymN-M2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.22.0/24
IPv6:
2a0c:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:dd:39:dc:ef:55:fe:dc:d5:cc:35:ac:5a:9e:7a:50:27:53:
d4:f5:48:fa:9a:ec:22:c2:88:e3:c6:23:f4:2f:c2:21:46:96:
15:5b:7c:8d:e8:73:2c:c2:aa:47:f2:03:a8:59:86:bb:71:1b:
25:b4:a9:95:19:1c:b1:99:8f:85:57:bd:13:e4:25:5a:9e:ec:
0b:50:df:e3:f7:97:0c:bc:be:54:80:0d:b3:71:34:be:b1:95:
37:a8:8f:28:78:b8:23:03:24:d0:96:3c:7c:b2:b0:6c:7c:bc:
ff:15:80:fe:37:16:fe:e4:ec:b9:40:e5:c7:83:73:65:c4:16:
14:72:0c:e1:a6:0a:bd:50:56:f9:da:28:13:4d:c9:28:5d:a1:
21:40:4c:b9:88:f0:6b:2a:6b:a6:c9:fd:3f:99:2d:52:b0:63:
be:da:69:4d:62:9e:f5:ee:63:69:53:f4:8c:4f:76:be:93:8f:
c3:53:a5:f8:bc:a1:38:fd:a0:a2:6e:61:c6:52:a9:05:b3:ba:
c7:a0:47:54:b6:6a:56:e3:d1:c7:e7:d8:97:f3:17:72:d1:66:
af:3b:09:02:a8:50:c5:ac:e6:37:73:82:e1:8b:3f:12:e3:1b:
a8:75:2f:d0:ec:43:59:29:8b:89:e8:59:d8:37:5b:fc:91:c6:
e6:d8:74:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ7QP2mtblAHsvFQ5f6MmDX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1M2I0NjcwMjgzOWE3OTViYWJhOGQ4ZDE1ZWNkY2NhNjM3
ZTMzNmMwHhcNMjYwNjE2MTE0NDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzcxNmUwZWU2YzYyNWFjYmE3Zjc0MTEzMjVmZWNjYjJlN2RiNTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJYrVoW7OPdQZZjifsr5JY7TdZ4P
exbDqgGxlJDjlFWGjatMtlgrfAykEGV7s3z2f3oyQQughMz0t2jyO2JMNhFlDTmQ
dfpyQKJKcBpozAUFmeWkayo8xaU4N/2huELW7BVvjoIke2EACxxgP9lh46z95RyV
Dq3JLWnMznmm5zMB4EPj30kfPgpVpKa/h2BoYrBZsipUXsl550Eag4VBkeQqVCMp
hmbLO/o1nZ1DQINTkiRlW50ZShadW46qm+wDLOr2vbcq0wPHMXZm/2iZ1gUZyq+t
kNeNCkyXegCRVvERFiGHty7NRLrVemN230r00JZnmdcAcC+6cpoXobyFNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHxxbg7mxiWsun90ETJf7MsufbVCMB8GA1UdIwQY
MBaAFBU7RnAoOaeVurqNjRXs3MpjfjNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlR0R2NDZzVwNVc2dW8yTkZlemN5bU4tTTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTZkN2YtMWI3OC00NDUzLTgxZTct
YmE1NjM3OGE2NDc2LzEvZkhGdUR1YkdKYXk2ZjNRUk1sX3N5eTU5dFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNTZkN2YtMWI3OC00NDUzLTgxZTctYmE1NjM3OGE2NDc2
LzEvRlR0R2NDZzVwNVc2dW8yTkZlemN5bU4tTTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufUWMA0E
AgACMAcDBQMqDNTAMA0GCSqGSIb3DQEBCwUAA4IBAQAW3Tnc71X+3NXMNaxannpQ
J1PU9Uj6muwiwojjxiP0L8IhRpYVW3yN6HMswqpH8gOoWYa7cRsltKmVGRyxmY+F
V70T5CVanuwLUN/j95cMvL5UgA2zcTS+sZU3qI8oeLgjAyTQljx8srBsfLz/FYD+
Nxb+5Oy5QOXHg3NlxBYUcgzhpgq9UFb52igTTckoXaEhQEy5iPBrKmumyf0/mS1S
sGO+2mlNYp717mNpU/SMT3a+k4/DU6X4vKE4/aCibmHGUqkFs7rHoEdUtmpW49HH
59iX8xdy0WavOwkCqFDFrOY3c4Lhiz8S4xuodS/Q7ENZKYuJ6FnYN1v8kcbm2HTP
-----END CERTIFICATE-----
Generated at Wed Jun 17 12:52:55 2026 by rpki-client