Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/fc-z64p9INgXqSlpt0wgmjnDjcM.roa
File: fc-z64p9INgXqSlpt0wgmjnDjcM.roa (raw, json)
Hash identifier: iAvsJsJGvYYjjk6ye/5/KN/cmvlNuk2vjqxHBnhTILY=
Subject key identifier: 7D:CF:B3:EB:8A:7D:20:D8:17:A9:29:69:B7:4C:20:9A:39:C3:8D:C3
Certificate issuer: /CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Certificate serial: 019C94A330A2A99B8C67082EA879FF6325A6
Authority key identifier: A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/fc-z64p9INgXqSlpt0wgmjnDjcM.roa
Signing time: Wed 25 Feb 2026 11:50:48 +0000
ROA not before: Wed 25 Feb 2026 11:50:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5394
IP address blocks: 77.39.160.0/19 maxlen: 19
77.39.160.0/20 maxlen: 20
77.39.176.0/20 maxlen: 20
77.39.224.0/19 maxlen: 19
77.39.224.0/20 maxlen: 20
77.39.240.0/20 maxlen: 20
81.29.180.0/22 maxlen: 22
81.29.184.0/21 maxlen: 21
82.145.104.0/21 maxlen: 21
82.145.112.0/20 maxlen: 20
82.192.120.0/21 maxlen: 21
82.192.127.0/24 maxlen: 24
194.79.192.0/19 maxlen: 19
194.79.192.0/20 maxlen: 20
194.79.207.0/24 maxlen: 24
194.79.208.0/20 maxlen: 20
194.183.0.0/19 maxlen: 19
194.183.16.0/24 maxlen: 24
195.94.128.0/18 maxlen: 18
195.94.152.0/24 maxlen: 24
195.94.160.0/24 maxlen: 24
195.94.170.0/24 maxlen: 24
195.94.181.0/24 maxlen: 24
195.250.224.0/19 maxlen: 19
195.250.224.0/24 maxlen: 24
195.250.232.0/24 maxlen: 24
213.233.0.0/18 maxlen: 18
213.233.0.0/19 maxlen: 19
213.233.27.0/24 maxlen: 24
213.233.32.0/19 maxlen: 19
213.233.36.0/24 maxlen: 24
217.72.96.0/20 maxlen: 20
2a02:688::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:94:a3:30:a2:a9:9b:8c:67:08:2e:a8:79:ff:63:25:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Validity
Not Before: Feb 25 11:50:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7dcfb3eb8a7d20d817a92969b74c209a39c38dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1d:41:a0:62:74:a5:a2:e4:bc:66:03:99:4a:
04:48:e3:0e:de:63:c6:c8:0f:37:f6:ad:5f:1d:ca:
87:4d:b7:38:81:f0:73:60:fd:b3:47:d7:7f:74:f8:
9f:f0:c9:cf:08:71:76:62:d7:8e:16:7f:db:ef:bb:
a5:f9:2b:24:d3:bb:7e:71:d8:89:50:a9:e6:96:15:
ed:70:2d:cc:09:bb:60:cc:7a:3c:f0:a2:57:6c:1a:
01:98:bf:6b:dd:05:b5:3c:db:e0:dc:7c:4f:31:c3:
3a:b6:c0:39:48:79:3f:60:93:f9:07:9e:6a:eb:95:
c6:19:8a:fd:72:5e:45:9d:7f:6c:9d:48:d7:59:de:
67:3f:2a:f5:15:ab:bb:9d:f2:b2:37:97:cd:e1:bc:
1d:0c:d0:ad:df:21:d7:d0:4c:83:e8:2e:1b:6a:95:
77:11:cf:8d:39:f3:20:19:d7:e1:e0:08:e0:76:30:
5d:32:d1:5f:23:c3:dd:cb:89:49:8a:5a:85:f4:1a:
a9:ca:fd:46:84:74:73:ba:72:b4:18:a5:d3:48:27:
e1:41:ff:e0:7c:f5:99:cd:66:e7:62:87:00:e8:9a:
b8:c6:84:32:30:84:4a:3f:d2:33:4d:bf:30:94:fb:
7b:1b:1a:98:7b:81:35:c5:28:fa:4e:35:4f:13:db:
40:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:CF:B3:EB:8A:7D:20:D8:17:A9:29:69:B7:4C:20:9A:39:C3:8D:C3
X509v3 Authority Key Identifier:
keyid:A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/fc-z64p9INgXqSlpt0wgmjnDjcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.39.160.0/19
77.39.224.0/19
81.29.180.0-81.29.191.255
82.145.104.0-82.145.127.255
82.192.120.0/21
194.79.192.0/19
194.183.0.0/19
195.94.128.0/18
195.250.224.0/19
213.233.0.0/18
217.72.96.0/20
IPv6:
2a02:688::/32
Signature Algorithm: sha256WithRSAEncryption
26:00:50:03:2b:5c:7c:b6:f8:9b:e3:d8:3e:90:bc:25:ed:dd:
92:fa:09:ab:63:e4:02:db:c1:b7:84:95:b8:19:29:a4:5f:a6:
02:d8:7e:ef:f8:ff:97:8c:87:1e:66:31:70:1f:e1:66:f0:07:
dd:48:50:a2:eb:7f:a9:76:38:69:eb:15:26:bc:0f:cd:c0:64:
fe:f3:4e:b5:da:92:b7:b4:82:31:8f:45:a4:20:ad:5f:ca:de:
b6:d8:73:3f:5f:a2:8b:f3:72:38:8f:9e:c7:3b:16:6d:20:db:
60:2c:69:81:e7:28:a6:a9:57:16:6a:87:79:62:78:68:95:1a:
6c:55:9d:00:62:93:c6:43:5c:c1:a5:8b:7c:26:c9:ea:02:d1:
84:36:7a:18:c1:1b:96:9d:52:3b:57:f6:48:81:8f:22:6c:3a:
86:8c:3b:c4:52:e7:fc:cc:23:0e:28:e3:9a:d3:06:65:23:02:
a9:b7:a9:fd:5e:13:87:4e:84:ac:4e:15:91:18:0d:8b:ca:78:
92:6f:ab:e1:6f:1b:5b:25:5d:06:9d:2c:f2:91:f0:fe:a7:d2:
e2:0a:55:2f:eb:b4:5b:bf:96:15:56:d9:81:01:a0:40:e4:b1:
42:06:64:c6:7d:27:0b:9c:6f:06:a9:15:a4:36:2e:25:e0:0c:
ef:27:8c:7c
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZyUozCiqZuMZwguqHn/YyWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2I1MGU3OGEzYTMxZTMzNzVjZjJhYWI4NjVlODQ1ZmYy
ZTk5YzEwHhcNMjYwMjI1MTE1MDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGNmYjNlYjhhN2QyMGQ4MTdhOTI5NjliNzRjMjA5YTM5YzM4ZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR1BoGJ0paLkvGYDmUoESOMO3mPG
yA839q1fHcqHTbc4gfBzYP2zR9d/dPif8MnPCHF2YteOFn/b77ul+Ssk07t+cdiJ
UKnmlhXtcC3MCbtgzHo88KJXbBoBmL9r3QW1PNvg3HxPMcM6tsA5SHk/YJP5B55q
65XGGYr9cl5FnX9snUjXWd5nPyr1Fau7nfKyN5fN4bwdDNCt3yHX0EyD6C4bapV3
Ec+NOfMgGdfh4AjgdjBdMtFfI8Pdy4lJilqF9Bqpyv1GhHRzunK0GKXTSCfhQf/g
fPWZzWbnYocA6Jq4xoQyMIRKP9IzTb8wlPt7GxqYe4E1xSj6TjVPE9tAkwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFH3Ps+uKfSDYF6kpabdMIJo5w43DMB8GA1UdIwQY
MBaAFKTLUOeKOjHjN1zyqrhl6EX/LpnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMt
NGJlNzk0ZDY0MDZkLzEvZmMtejY0cDlJTmdYcVNscHQwd2dtam5EamNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMtNGJlNzk0ZDY0MDZk
LzEvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQFTSegAwQF
TSfgMAwDBAJRHbQDBAZRHYAwDAMEA1KRaAMEB1KRAAMEA1LAeAMEBcJPwAMEBcK3
AAMEBsNegAMEBcP64AMEBtXpAAMEBNlIYDANBAIAAjAHAwUAKgIGiDANBgkqhkiG
9w0BAQsFAAOCAQEAJgBQAytcfLb4m+PYPpC8Je3dkvoJq2PkAtvBt4SVuBkppF+m
Ath+7/j/l4yHHmYxcB/hZvAH3UhQout/qXY4aesVJrwPzcBk/vNOtdqSt7SCMY9F
pCCtX8retthzP1+ii/NyOI+exzsWbSDbYCxpgecopqlXFmqHeWJ4aJUabFWdAGKT
xkNcwaWLfCbJ6gLRhDZ6GMEblp1SO1f2SIGPImw6how7xFLn/MwjDijjmtMGZSMC
qbep/V4Th06ErE4VkRgNi8p4km+r4W8bWyVdBp0s8pHw/qfS4gpVL+u0W7+WFVbZ
gQGgQOSxQgZkxn0nC5xvBqkVpDYuJeAM7yeMfA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:11:35 2026 by rpki-client