Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/fRlCpAdK_YZREGxWapp68F7zuEA.roa
File: fRlCpAdK_YZREGxWapp68F7zuEA.roa (raw, json)
Hash identifier: zAJXXwlDW27Zioeem8uONy4haxRerGq2uybiwaWLxns=
Subject key identifier: 7D:19:42:A4:07:4A:FD:86:51:10:6C:56:6A:9A:7A:F0:5E:F3:B8:40
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 019D8B0B80B6196B1BB567408363B025BA44
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/fRlCpAdK_YZREGxWapp68F7zuEA.roa
Signing time: Tue 14 Apr 2026 08:11:20 +0000
ROA not before: Tue 14 Apr 2026 08:11:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209439
IP address blocks: 95.111.151.0/24 maxlen: 24
149.232.189.0/24 maxlen: 24
2a00:8b80::/32 maxlen: 32
2a09:3dc0::/30 maxlen: 30
2a09:3dc4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8b:0b:80:b6:19:6b:1b:b5:67:40:83:63:b0:25:ba:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Apr 14 08:11:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7d1942a4074afd8651106c566a9a7af05ef3b840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:23:16:16:a2:55:af:08:2c:e2:46:1a:ef:c0:
b8:3b:5c:21:6e:dd:17:95:2e:6a:32:a8:f9:b7:6a:
4b:5d:12:d0:57:cc:07:bc:b4:5d:2a:5f:c1:f8:df:
b3:e0:fc:43:fb:75:62:f6:9a:89:a1:5e:b5:35:7c:
94:a8:a9:97:29:cc:16:02:0f:34:c4:7a:e6:ff:c0:
50:56:48:bc:f5:20:9a:c5:61:a1:02:fe:16:04:97:
db:0f:25:e1:82:fe:fa:7a:37:4c:97:7a:5a:9d:46:
57:7f:a9:76:64:b4:42:75:2f:52:89:eb:60:0a:dd:
11:21:e9:cd:43:af:37:44:2f:bd:9d:c4:53:1a:85:
ef:bb:e9:0e:c7:f2:71:70:02:e4:d7:38:a0:97:1d:
98:42:51:bf:ee:eb:1c:3b:32:0c:45:0b:8f:77:76:
32:ef:bf:15:95:47:7b:1e:69:72:90:00:71:2c:9a:
35:44:05:26:75:41:66:66:7b:d9:7f:e4:0a:9d:7e:
3a:e2:42:7c:0a:32:44:e6:d2:d2:1d:c1:c3:de:f9:
e5:26:f7:71:d0:72:c9:d5:44:00:7e:77:df:cc:0d:
11:73:43:d6:86:88:1f:57:2d:90:a2:a6:c9:3f:0a:
ca:36:0c:9a:74:28:79:db:a8:e7:1e:fb:b9:eb:9e:
cc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:19:42:A4:07:4A:FD:86:51:10:6C:56:6A:9A:7A:F0:5E:F3:B8:40
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/fRlCpAdK_YZREGxWapp68F7zuEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.151.0/24
149.232.189.0/24
IPv6:
2a00:8b80::/32
2a09:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:2c:b6:cd:97:4b:48:e1:02:51:ef:00:93:93:55:68:9e:31:
41:c2:6e:03:cb:b4:12:22:dc:38:b4:31:60:4c:73:5b:ac:0d:
06:a1:bd:26:31:8a:f0:bb:aa:16:0b:66:89:f7:83:ae:ff:90:
c1:7b:bd:26:5b:eb:af:12:d6:e4:47:f3:e0:58:41:89:de:26:
2e:e7:c1:bd:69:a0:e2:80:c8:c5:74:ea:5d:f2:10:ef:b7:e2:
9b:5a:6d:7e:8b:d0:69:b6:9c:28:2a:19:56:60:7d:a0:c2:a4:
3f:29:b0:a6:b2:f3:af:ee:60:ef:4b:b2:73:de:b8:66:da:0f:
e4:27:a8:33:26:90:db:b0:5d:cc:55:05:30:3d:fb:d0:c9:b3:
5b:31:6e:82:9f:cb:a7:06:15:1a:ff:a7:90:31:c0:8a:c8:97:
7d:f1:4f:04:2b:83:d6:0c:6e:f4:0f:48:f4:c2:39:6b:fc:84:
73:2a:bb:50:fc:53:03:3a:84:32:9b:2e:5e:57:7c:13:b3:88:
bd:71:55:f8:b3:4f:27:0f:a5:49:02:d6:80:c6:db:9a:66:98:
83:86:8c:b3:19:5d:70:ec:48:09:c0:65:85:4d:c7:0b:7c:5c:
6e:f5:9c:51:56:3c:03:25:b9:e9:eb:f2:ef:59:1e:65:57:76:
27:af:5d:e7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ2LC4C2GWsbtWdAg2OwJbpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjYwNDE0MDgxMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDE5NDJhNDA3NGFmZDg2NTExMDZjNTY2YTlhN2FmMDVlZjNiODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyMWFqJVrwgs4kYa78C4O1whbt0X
lS5qMqj5t2pLXRLQV8wHvLRdKl/B+N+z4PxD+3Vi9pqJoV61NXyUqKmXKcwWAg80
xHrm/8BQVki89SCaxWGhAv4WBJfbDyXhgv76ejdMl3panUZXf6l2ZLRCdS9Sietg
Ct0RIenNQ683RC+9ncRTGoXvu+kOx/JxcALk1ziglx2YQlG/7uscOzIMRQuPd3Yy
778VlUd7HmlykABxLJo1RAUmdUFmZnvZf+QKnX464kJ8CjJE5tLSHcHD3vnlJvdx
0HLJ1UQAfnffzA0Rc0PWhogfVy2QoqbJPwrKNgyadCh526jnHvu5657MOwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH0ZQqQHSv2GURBsVmqaevBe87hAMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvZlJsQ3BBZEtfWVpSRUd4V2FwcDY4Rjd6dUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAX2+XAwQA
lei9MBQEAgACMA4DBQAqAIuAAwUDKgk9wDANBgkqhkiG9w0BAQsFAAOCAQEAKyy2
zZdLSOECUe8Ak5NVaJ4xQcJuA8u0EiLcOLQxYExzW6wNBqG9JjGK8LuqFgtmifeD
rv+QwXu9JlvrrxLW5Efz4FhBid4mLufBvWmg4oDIxXTqXfIQ77fim1ptfovQabac
KCoZVmB9oMKkPymwprLzr+5g70uyc964ZtoP5CeoMyaQ27BdzFUFMD370MmzWzFu
gp/LpwYVGv+nkDHAisiXffFPBCuD1gxu9A9I9MI5a/yEcyq7UPxTAzqEMpsuXld8
E7OIvXFV+LNPJw+lSQLWgMbbmmaYg4aMsxldcOxICcBlhU3HC3xcbvWcUVY8AyW5
6evy71keZVd2J69d5w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:26:57 2026 by rpki-client