Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FGmMERkJYXH07yrtE8WO-nkpZjM.roa
File: FGmMERkJYXH07yrtE8WO-nkpZjM.roa (raw, json)
Hash identifier: dBuVVBBSIiBTqClI7RunW3qrluaDzW25YjkQgwOo300=
Subject key identifier: 14:69:8C:11:19:09:61:71:F4:EF:2A:ED:13:C5:8E:FA:79:29:66:33
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D90E550568024A7DBD65CC4C6773FAE85
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FGmMERkJYXH07yrtE8WO-nkpZjM.roa
Signing time: Wed 15 Apr 2026 11:27:20 +0000
ROA not before: Wed 15 Apr 2026 11:27:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 46.102.237.0/24 maxlen: 24
78.17.7.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.125.126.0/24 maxlen: 24
91.132.50.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
103.245.228.0/24 maxlen: 24
167.17.191.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
206.245.152.0/22 maxlen: 22
206.245.156.0/24 maxlen: 24
206.245.158.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 13:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:90:e5:50:56:80:24:a7:db:d6:5c:c4:c6:77:3f:ae:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 15 11:27:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=14698c1119096171f4ef2aed13c58efa79296633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e6:5d:de:20:29:9d:7c:09:0c:b1:68:e0:93:
93:0b:ca:75:38:82:af:8b:c4:09:1d:57:ee:ea:e9:
19:e4:03:30:6c:4c:62:7f:c6:c2:3f:c2:a4:cb:01:
46:20:b5:1d:bf:5e:25:bf:95:e0:bb:15:a4:7f:ff:
59:9b:2e:84:34:54:a5:7b:4b:d1:46:c7:75:2f:c5:
c4:5c:93:fb:7a:ac:df:90:07:8f:98:1a:1a:e9:34:
33:dc:9d:de:b6:99:16:07:64:1a:eb:6e:67:9b:72:
21:9e:f2:8d:05:c7:08:12:c4:bb:94:1c:14:19:b7:
9e:d7:8e:84:c7:10:92:bd:04:89:bb:06:99:74:65:
96:a9:d4:d3:91:4f:64:e9:98:7d:01:3f:be:62:42:
7e:6c:99:bf:c9:7e:81:3d:ea:2d:5a:2b:1d:a6:3c:
e2:8e:ae:d5:44:00:09:8c:b5:57:e5:f3:38:e1:25:
ef:a0:e2:84:ab:b8:4a:77:5f:c7:d0:ea:1d:45:6b:
4b:73:b4:ac:f4:a7:4f:63:47:a6:3b:94:1e:9e:b0:
42:c8:95:fc:ff:f3:5f:c0:85:8b:19:86:a1:bd:d9:
02:e3:10:d1:37:52:38:56:83:ec:10:14:1b:67:04:
88:81:55:9a:09:df:b9:a4:55:98:c5:5b:75:c3:12:
bd:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:69:8C:11:19:09:61:71:F4:EF:2A:ED:13:C5:8E:FA:79:29:66:33
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FGmMERkJYXH07yrtE8WO-nkpZjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.237.0/24
78.17.7.0/24
89.34.106.0/24
89.125.126.0/24
91.132.50.0/24
93.114.183.0/24
103.245.228.0/24
167.17.191.0/24
194.58.47.0/24
206.245.152.0-206.245.156.255
206.245.158.0/24
212.192.7.0-212.192.8.255
212.192.10.0/24
212.192.30.0/24
212.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
59:08:71:d8:1c:7f:a2:70:66:12:55:8e:5a:24:b6:24:e7:1d:
dd:5b:b9:7c:dd:46:f6:f1:22:e5:a3:c0:e0:2d:12:69:65:f8:
d8:a6:a5:7c:0d:f0:fd:92:2a:5b:7b:0a:06:01:23:81:f5:35:
be:cf:c5:36:16:21:70:d9:6d:0e:06:c9:e8:ec:6e:c0:96:60:
7c:4a:77:91:2f:86:d6:fe:9f:06:5c:7b:42:8f:46:b5:45:bc:
3b:69:c0:9e:18:1b:6d:9e:06:29:29:ff:34:dd:f8:a9:4a:81:
7f:ea:1d:23:09:9f:e5:6f:70:a6:f2:c3:a4:57:3e:48:8f:98:
96:e3:ed:8e:2e:09:e1:42:05:79:b4:dd:1a:98:0e:25:01:c3:
ee:29:aa:7c:5f:d5:ea:34:be:7a:56:8e:9a:a1:64:16:f9:0f:
78:62:04:f9:d2:89:ff:a9:be:53:8b:02:ad:dd:70:4f:5e:fc:
51:af:7b:9d:ce:85:26:da:e5:4c:42:a9:4f:66:42:4c:37:85:
df:ed:f4:31:21:6f:23:17:f8:0e:23:54:ba:ac:cc:26:cf:23:
2d:ef:ce:73:66:ab:3a:df:cc:85:ef:33:16:61:1b:4b:e5:35:
d1:ff:94:f9:80:9d:cd:5a:b9:89:f4:07:99:30:33:12:83:6b:
31:7e:4e:39
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZ2Q5VBWgCSn29ZcxMZ3P66FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNDE1MTEyNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDY5OGMxMTE5MDk2MTcxZjRlZjJhZWQxM2M1OGVmYTc5Mjk2NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+Zd3iApnXwJDLFo4JOTC8p1OIKv
i8QJHVfu6ukZ5AMwbExif8bCP8KkywFGILUdv14lv5XguxWkf/9Zmy6ENFSle0vR
Rsd1L8XEXJP7eqzfkAePmBoa6TQz3J3etpkWB2Qa625nm3IhnvKNBccIEsS7lBwU
Gbee146ExxCSvQSJuwaZdGWWqdTTkU9k6Zh9AT++YkJ+bJm/yX6BPeotWisdpjzi
jq7VRAAJjLVX5fM44SXvoOKEq7hKd1/H0OodRWtLc7Ss9KdPY0emO5QenrBCyJX8
//NfwIWLGYahvdkC4xDRN1I4VoPsEBQbZwSIgVWaCd+5pFWYxVt1wxK9TwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFBRpjBEZCWFx9O8q7RPFjvp5KWYzMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvRkdtTUVSa0pZWEgwN3lydEU4V08tbmtwWmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAC5m7QME
AE4RBwMEAFkiagMEAFl9fgMEAFuEMgMEAF1ytwMEAGf15AMEAKcRvwMEAMI6LzAM
AwQDzvWYAwQAzvWcAwQAzvWeMAwDBADUwAcDBADUwAgDBADUwAoDBADUwB4DBADU
wNAwDQYJKoZIhvcNAQELBQADggEBAFkIcdgcf6JwZhJVjloktiTnHd1buXzdRvbx
IuWjwOAtEmll+NimpXwN8P2SKlt7CgYBI4H1Nb7PxTYWIXDZbQ4GyejsbsCWYHxK
d5Evhtb+nwZce0KPRrVFvDtpwJ4YG22eBikp/zTd+KlKgX/qHSMJn+VvcKbyw6RX
PkiPmJbj7Y4uCeFCBXm03RqYDiUBw+4pqnxf1eo0vnpWjpqhZBb5D3hiBPnSif+p
vlOLAq3dcE9e/FGve53OhSba5UxCqU9mQkw3hd/t9DEhbyMX+A4jVLqszCbPIy3v
znNmqzrfzIXvMxZhG0vlNdH/lPmAnc1auYn0B5kwMxKDazF+Tjk=
-----END CERTIFICATE-----
Generated at Thu Apr 16 22:35:48 2026 by rpki-client