Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/FoH9ps9NIlN7HCCsr_L_q5RnpT8.roa
File: FoH9ps9NIlN7HCCsr_L_q5RnpT8.roa (raw, json)
Hash identifier: V8yDvWYjZgT2Vk6m8UQDxVTsGXUYqta3GtOUd408vp8=
Subject key identifier: 16:81:FD:A6:CF:4D:22:53:7B:1C:20:AC:AF:F2:FF:AB:94:67:A5:3F
Certificate issuer: /CN=ca6dcdad99290456c6d7c18eb1c058d941088801
Certificate serial: 019D3EA50DC326DB059FDB029DC8BBB88CCE
Authority key identifier: CA:6D:CD:AD:99:29:04:56:C6:D7:C1:8E:B1:C0:58:D9:41:08:88:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/FoH9ps9NIlN7HCCsr_L_q5RnpT8.roa
Signing time: Mon 30 Mar 2026 12:08:17 +0000
ROA not before: Mon 30 Mar 2026 12:08:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198288
IP address blocks: 5.34.248.0/21 maxlen: 24
185.44.156.0/22 maxlen: 24
185.208.120.0/22 maxlen: 22
2a00:f8c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 12:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3e:a5:0d:c3:26:db:05:9f:db:02:9d:c8:bb:b8:8c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca6dcdad99290456c6d7c18eb1c058d941088801
Validity
Not Before: Mar 30 12:08:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1681fda6cf4d22537b1c20acaff2ffab9467a53f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8b:82:6e:36:b7:13:80:66:1b:4e:18:6e:8e:
ab:f1:90:7e:8c:5a:68:51:cf:10:a7:1c:ed:89:aa:
ac:72:8a:94:19:97:d8:28:b8:37:f7:7b:57:fc:57:
84:89:97:73:1e:f1:3f:2c:d1:6a:01:78:ea:05:32:
fd:ef:1a:d6:94:37:99:9f:1f:7c:49:c8:f9:b6:bb:
1f:64:85:c1:29:2c:ce:4c:a0:c7:2f:c1:b0:2b:ed:
6e:cd:85:8a:5b:71:69:e1:a6:b1:3a:0f:45:62:e3:
49:5b:20:13:10:87:28:2a:4e:30:8c:c6:f2:d4:37:
8f:bb:c7:3f:3f:2a:b3:35:ed:e0:32:e2:3c:9c:42:
48:ba:5c:8e:b1:82:2b:fc:81:59:d0:cd:e7:9a:c9:
57:aa:2f:8c:41:7e:06:af:5b:75:c0:2c:d8:71:92:
6c:67:f3:5d:15:e3:e3:50:41:68:f2:e6:fb:fa:ca:
c8:50:06:a0:a0:01:3d:64:58:84:d8:b8:af:c8:05:
64:b4:af:30:b3:99:d0:01:39:9a:92:82:a0:06:26:
de:97:81:34:9e:3d:e0:d1:fa:45:88:07:7e:72:67:
80:d2:55:c0:28:f5:6c:fc:8e:75:dd:18:1d:25:aa:
f3:ac:b2:f3:e5:ff:13:04:ae:81:f1:e7:31:0b:57:
30:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:81:FD:A6:CF:4D:22:53:7B:1C:20:AC:AF:F2:FF:AB:94:67:A5:3F
X509v3 Authority Key Identifier:
keyid:CA:6D:CD:AD:99:29:04:56:C6:D7:C1:8E:B1:C0:58:D9:41:08:88:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ym3NrZkpBFbG18GOscBY2UEIiAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/FoH9ps9NIlN7HCCsr_L_q5RnpT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/76759e-3964-4c4f-876b-bc475d008869/1/ym3NrZkpBFbG18GOscBY2UEIiAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.248.0/21
185.44.156.0/22
185.208.120.0/22
IPv6:
2a00:f8c0::/32
Signature Algorithm: sha256WithRSAEncryption
65:e7:b8:84:54:19:9a:1a:49:7c:17:57:06:e6:36:c2:c9:36:
dd:15:2e:7c:29:43:14:48:64:f5:e5:5f:49:2d:73:8b:0e:81:
75:fa:03:9f:22:66:8e:c2:2e:f7:11:48:e0:2d:2b:e9:12:99:
94:d1:da:4d:bd:70:cc:da:36:ea:a9:95:a1:ab:53:99:75:6e:
3a:19:cc:8a:85:0c:99:d4:36:e1:af:b9:d0:43:bd:1e:cb:fc:
f9:cf:7b:39:b8:d9:17:c3:bf:6d:a7:58:92:4a:2d:06:b5:aa:
80:0a:8c:30:b6:fd:67:e0:03:40:df:c5:4f:f5:97:06:75:76:
a4:20:75:5c:a5:17:ea:4a:62:df:d0:33:61:0a:a4:8b:98:ba:
b2:b3:55:12:7b:14:69:dc:c6:da:27:92:aa:bc:f8:ad:55:4e:
81:6b:a8:49:1d:8a:68:75:bd:80:4c:dd:a4:91:93:b0:b0:fb:
d0:06:b5:6e:8b:46:c5:f9:8e:73:e1:ab:38:95:d5:bc:a3:2a:
6a:8d:7e:7e:f2:7a:15:ce:99:91:8c:fc:f7:dd:60:1f:65:59:
c8:a4:90:cb:82:cc:7d:80:48:c7:2f:4e:60:86:f0:24:1f:8c:
9f:87:c4:42:0a:ad:a2:51:8f:5b:e7:e7:70:5a:1e:08:99:b7:
db:dc:c5:89
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ0+pQ3DJtsFn9sCnci7uIzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNmRjZGFkOTkyOTA0NTZjNmQ3YzE4ZWIxYzA1OGQ5NDEw
ODg4MDEwHhcNMjYwMzMwMTIwODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjgxZmRhNmNmNGQyMjUzN2IxYzIwYWNhZmYyZmZhYjk0NjdhNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIuCbja3E4BmG04Ybo6r8ZB+jFpo
Uc8QpxztiaqscoqUGZfYKLg393tX/FeEiZdzHvE/LNFqAXjqBTL97xrWlDeZnx98
Scj5trsfZIXBKSzOTKDHL8GwK+1uzYWKW3Fp4aaxOg9FYuNJWyATEIcoKk4wjMby
1DePu8c/PyqzNe3gMuI8nEJIulyOsYIr/IFZ0M3nmslXqi+MQX4Gr1t1wCzYcZJs
Z/NdFePjUEFo8ub7+srIUAagoAE9ZFiE2LivyAVktK8ws5nQATmakoKgBibel4E0
nj3g0fpFiAd+cmeA0lXAKPVs/I513RgdJarzrLLz5f8TBK6B8ecxC1cw3wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBaB/abPTSJTexwgrK/y/6uUZ6U/MB8GA1UdIwQY
MBaAFMptza2ZKQRWxtfBjrHAWNlBCIgBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83Njc1OWUtMzk2NC00YzRmLTg3NmIt
YmM0NzVkMDA4ODY5LzEvRm9IOXBzOU5JbE43SENDc3JfTF9xNVJucFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83Njc1OWUtMzk2NC00YzRmLTg3NmItYmM0NzVkMDA4ODY5
LzEveW0zTnJaa3BCRmJHMThHT3NjQlkyVUVJaUFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBSL4AwQC
uSycAwQCudB4MA0EAgACMAcDBQAqAPjAMA0GCSqGSIb3DQEBCwUAA4IBAQBl57iE
VBmaGkl8F1cG5jbCyTbdFS58KUMUSGT15V9JLXOLDoF1+gOfImaOwi73EUjgLSvp
EpmU0dpNvXDM2jbqqZWhq1OZdW46GcyKhQyZ1Dbhr7nQQ70ey/z5z3s5uNkXw79t
p1iSSi0GtaqACowwtv1n4ANA38VP9ZcGdXakIHVcpRfqSmLf0DNhCqSLmLqys1US
exRp3MbaJ5KqvPitVU6Ba6hJHYpodb2ATN2kkZOwsPvQBrVui0bF+Y5z4as4ldW8
oypqjX5+8noVzpmRjPz33WAfZVnIpJDLgsx9gEjHL05ghvAkH4yfh8RCCq2iUY9b
5+dwWh4Imbfb3MWJ
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:50:09 2026 by rpki-client