Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fkGv8QevH70Vweql5e5jlC1BC_8.roa
File: fkGv8QevH70Vweql5e5jlC1BC_8.roa (raw, json)
Hash identifier: 9NGjHqtl1UFxOYkcedfN06O4o2yEiRW8KIABjBUcMUs=
Subject key identifier: 7E:41:AF:F1:07:AF:1F:BD:15:C1:EA:A5:E5:EE:63:94:2D:41:0B:FF
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019D68173C776CB68ACC91185A132B870551
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fkGv8QevH70Vweql5e5jlC1BC_8.roa
Signing time: Tue 07 Apr 2026 13:17:26 +0000
ROA not before: Tue 07 Apr 2026 13:17:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29278
IP address blocks: 79.172.196.0/24 maxlen: 24
79.172.199.0/24 maxlen: 24
79.172.203.0/24 maxlen: 24
79.172.209.0/24 maxlen: 24
79.172.211.0/24 maxlen: 24
79.172.213.0/24 maxlen: 24
79.172.225.0/24 maxlen: 24
79.172.236.0/24 maxlen: 24
79.172.238.0/24 maxlen: 24
79.172.240.0/24 maxlen: 24
79.172.241.0/24 maxlen: 24
79.172.243.0/24 maxlen: 24
79.172.248.0/24 maxlen: 24
79.172.253.0/24 maxlen: 24
79.172.255.0/24 maxlen: 24
84.21.0.0/19 maxlen: 19
84.21.7.0/24 maxlen: 24
84.21.8.0/24 maxlen: 24
84.21.18.0/24 maxlen: 24
84.21.19.0/24 maxlen: 24
87.229.15.0/24 maxlen: 24
87.229.26.0/24 maxlen: 24
87.229.32.0/24 maxlen: 24
87.229.33.0/24 maxlen: 24
87.229.45.0/24 maxlen: 24
87.229.53.0/24 maxlen: 24
87.229.54.0/24 maxlen: 24
87.229.55.0/24 maxlen: 24
87.229.58.0/24 maxlen: 24
87.229.59.0/24 maxlen: 24
87.229.65.0/24 maxlen: 24
87.229.66.0/24 maxlen: 24
87.229.73.0/24 maxlen: 24
87.229.74.0/23 maxlen: 23
87.229.78.0/24 maxlen: 24
87.229.83.0/24 maxlen: 24
87.229.93.0/24 maxlen: 24
87.229.94.0/24 maxlen: 24
87.229.96.0/24 maxlen: 24
87.229.105.0/24 maxlen: 24
87.229.113.0/24 maxlen: 24
87.229.114.0/24 maxlen: 24
87.229.116.0/24 maxlen: 24
87.229.118.0/24 maxlen: 24
87.229.121.0/24 maxlen: 24
95.138.192.0/21 maxlen: 21
178.238.208.0/20 maxlen: 20
178.238.208.0/21 maxlen: 21
178.238.214.0/24 maxlen: 24
178.238.216.0/21 maxlen: 21
213.181.196.0/24 maxlen: 24
213.181.197.0/24 maxlen: 24
213.181.198.0/24 maxlen: 24
213.181.200.0/24 maxlen: 24
213.181.204.0/24 maxlen: 24
213.181.207.0/24 maxlen: 24
213.181.210.0/24 maxlen: 24
213.181.219.0/24 maxlen: 24
213.181.221.0/24 maxlen: 24
217.113.50.0/24 maxlen: 24
217.113.51.0/24 maxlen: 24
217.113.52.0/24 maxlen: 24
217.113.59.0/24 maxlen: 24
217.113.61.0/24 maxlen: 24
217.113.63.0/24 maxlen: 24
217.144.48.0/23 maxlen: 23
217.144.50.0/24 maxlen: 24
217.144.56.0/21 maxlen: 21
217.144.62.0/24 maxlen: 24
2a02:730::/32 maxlen: 32
2a02:730:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:68:17:3c:77:6c:b6:8a:cc:91:18:5a:13:2b:87:05:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Apr 7 13:17:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7e41aff107af1fbd15c1eaa5e5ee63942d410bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:38:d2:82:1b:8c:78:43:45:04:44:61:b2:c1:
96:e3:2c:67:34:df:09:1f:59:86:da:28:ec:81:9a:
91:97:99:4f:d9:e9:fa:3e:60:69:ac:12:19:5d:d0:
c5:a6:4a:1f:bb:cc:53:29:9f:be:43:d5:25:9f:d0:
cc:1f:17:3e:47:8c:51:a8:e6:ea:b5:1c:4b:0c:96:
02:00:e8:83:c9:2f:f6:04:0e:cd:0c:14:0a:c8:69:
3a:32:15:fb:80:dc:d8:e8:75:30:f3:19:bb:9a:3d:
24:ad:1a:0e:3b:99:43:f8:c9:6c:75:85:3a:a1:c9:
38:f8:d0:bc:75:1a:a1:b4:ec:b8:39:aa:b8:54:cc:
7b:6f:46:88:c4:23:da:48:20:db:3e:16:e3:2d:a1:
c0:84:29:ea:28:e0:f4:5e:da:1d:cf:52:8e:0a:4a:
e6:b0:48:24:98:73:d5:ad:3c:f9:bc:8c:38:c8:b2:
30:11:07:24:89:89:aa:20:0c:49:95:7f:70:d4:11:
e9:37:0c:3c:28:c0:6d:d4:a3:a1:56:d8:04:44:25:
39:62:23:3f:99:51:ee:95:e1:e9:74:2c:1a:7e:df:
de:ce:4c:87:93:d7:ff:e8:7a:96:70:b6:b8:3d:45:
a7:00:48:03:48:88:f0:fa:b2:54:45:ef:e0:17:ec:
50:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:41:AF:F1:07:AF:1F:BD:15:C1:EA:A5:E5:EE:63:94:2D:41:0B:FF
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fkGv8QevH70Vweql5e5jlC1BC_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.196.0/24
79.172.199.0/24
79.172.203.0/24
79.172.209.0/24
79.172.211.0/24
79.172.213.0/24
79.172.225.0/24
79.172.236.0/24
79.172.238.0/24
79.172.240.0/23
79.172.243.0/24
79.172.248.0/24
79.172.253.0/24
79.172.255.0/24
84.21.0.0/19
87.229.15.0/24
87.229.26.0/24
87.229.32.0/23
87.229.45.0/24
87.229.53.0-87.229.55.255
87.229.58.0/23
87.229.65.0-87.229.66.255
87.229.73.0-87.229.75.255
87.229.78.0/24
87.229.83.0/24
87.229.93.0-87.229.94.255
87.229.96.0/24
87.229.105.0/24
87.229.113.0-87.229.114.255
87.229.116.0/24
87.229.118.0/24
87.229.121.0/24
95.138.192.0/21
178.238.208.0/20
213.181.196.0-213.181.198.255
213.181.200.0/24
213.181.204.0/24
213.181.207.0/24
213.181.210.0/24
213.181.219.0/24
213.181.221.0/24
217.113.50.0-217.113.52.255
217.113.59.0/24
217.113.61.0/24
217.113.63.0/24
217.144.48.0-217.144.50.255
217.144.56.0/21
IPv6:
2a02:730::/32
Signature Algorithm: sha256WithRSAEncryption
4c:73:0d:fe:a7:db:d4:4d:f5:af:bb:d4:15:79:85:a5:32:33:
37:87:e5:89:3b:cc:44:3a:a7:78:b1:9c:ed:ec:71:a2:da:2c:
41:f8:d7:97:d3:aa:7f:bf:4d:bc:67:60:16:aa:67:0c:2a:fb:
28:c3:b3:94:87:a4:ae:2e:27:29:8d:5e:2a:ab:ba:c0:c3:0d:
e4:5f:28:cc:da:8d:88:a3:68:ae:49:93:c5:b5:5f:f4:98:c0:
4e:e8:0d:91:b6:d4:4b:08:a2:2b:12:db:8b:40:3f:80:cf:28:
d0:08:5a:59:d0:86:46:9d:ad:29:1e:25:c4:e8:ed:d3:7d:2c:
d2:12:2d:97:48:c5:b1:02:1e:ba:ad:d4:cd:12:2b:90:10:41:
dd:b3:ca:4b:ff:69:fe:48:08:7b:9d:67:f9:d9:e7:21:2d:47:
2a:ad:7d:ed:b7:cc:03:68:7e:a5:dc:37:61:c9:82:2c:22:e2:
ee:fb:12:97:5a:8a:f9:93:d5:40:f4:39:01:69:04:8e:ba:7b:
df:61:c2:44:e1:ed:9e:5e:82:1a:0b:3b:04:26:21:e8:c5:fe:
fd:c2:89:10:2e:2d:5b:51:91:c5:02:ad:d6:04:a3:15:be:32:
1a:b3:a4:40:66:3d:8d:31:fd:a7:7e:2b:e6:e7:ce:ed:46:5c:
4a:60:3b:30
-----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgISAZ1oFzx3bLaKzJEYWhMrhwVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjYwNDA3MTMxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQxYWZmMTA3YWYxZmJkMTVjMWVhYTVlNWVlNjM5NDJkNDEwYmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDjSghuMeENFBERhssGW4yxnNN8J
H1mG2ijsgZqRl5lP2en6PmBprBIZXdDFpkofu8xTKZ++Q9Uln9DMHxc+R4xRqObq
tRxLDJYCAOiDyS/2BA7NDBQKyGk6MhX7gNzY6HUw8xm7mj0krRoOO5lD+MlsdYU6
ock4+NC8dRqhtOy4Oaq4VMx7b0aIxCPaSCDbPhbjLaHAhCnqKOD0Xtodz1KOCkrm
sEgkmHPVrTz5vIw4yLIwEQckiYmqIAxJlX9w1BHpNww8KMBt1KOhVtgERCU5YiM/
mVHuleHpdCwaft/ezkyHk9f/6HqWcLa4PUWnAEgDSIjw+rJURe/gF+xQ0wIDAQAB
o4IDdjCCA3IwHQYDVR0OBBYEFH5Br/EHrx+9FcHqpeXuY5QtQQv/MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvZmtHdjhRZXZINzBWd2VxbDVlNWpsQzFCQ184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBigYIKwYBBQUHAQcBAf8EggF5MIIBdTCCAWIEAgABMIIB
WgMEAE+sxAMEAE+sxwMEAE+sywMEAE+s0QMEAE+s0wMEAE+s1QMEAE+s4QMEAE+s
7AMEAE+s7gMEAU+s8AMEAE+s8wMEAE+s+AMEAE+s/QMEAE+s/wMEBVQVAAMEAFfl
DwMEAFflGgMEAVflIAMEAFflLTAMAwQAV+U1AwQDV+UwAwQBV+U6MAwDBABX5UED
BABX5UIwDAMEAFflSQMEAlflSAMEAFflTgMEAFflUzAMAwQAV+VdAwQAV+VeAwQA
V+VgAwQAV+VpMAwDBABX5XEDBABX5XIDBABX5XQDBABX5XYDBABX5XkDBANfisAD
BASy7tAwDAMEAtW1xAMEANW1xgMEANW1yAMEANW1zAMEANW1zwMEANW10gMEANW1
2wMEANW13TAMAwQB2XEyAwQA2XE0AwQA2XE7AwQA2XE9AwQA2XE/MAwDBATZkDAD
BADZkDIDBAPZkDgwDQQCAAIwBwMFACoCBzAwDQYJKoZIhvcNAQELBQADggEBAExz
Df6n29RN9a+71BV5haUyMzeH5Yk7zEQ6p3ixnO3scaLaLEH415fTqn+/TbxnYBaq
Zwwq+yjDs5SHpK4uJymNXiqrusDDDeRfKMzajYijaK5Jk8W1X/SYwE7oDZG21EsI
oisS24tAP4DPKNAIWlnQhkadrSkeJcTo7dN9LNISLZdIxbECHrqt1M0SK5AQQd2z
ykv/af5ICHudZ/nZ5yEtRyqtfe23zANofqXcN2HJgiwi4u77EpdaivmT1UD0OQFp
BI66e99hwkTh7Z5eghoLOwQmIejF/v3CiRAuLVtRkcUCrdYEoxW+MhqzpEBmPY0x
/ad+K+bnzu1GXEpgOzA=
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:59:25 2026 by rpki-client