Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_HBLA5zrTBUGiIhqar_JgfBv1vo.roa
File: _HBLA5zrTBUGiIhqar_JgfBv1vo.roa (raw, json)
Hash identifier: W8Gt/OtMkFc3kKw3y3Z+qmhezuMWDL/+X2+fD/gdgfA=
Subject key identifier: FC:70:4B:03:9C:EB:4C:15:06:88:88:6A:6A:BF:C9:81:F0:6F:D6:FA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019C5CBDDF962268149631DA546002E691CC
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_HBLA5zrTBUGiIhqar_JgfBv1vo.roa
Signing time: Sat 14 Feb 2026 15:21:13 +0000
ROA not before: Sat 14 Feb 2026 15:21:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 45.88.14.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
77.81.182.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
89.125.193.0/24 maxlen: 24
93.115.107.0/24 maxlen: 24
93.118.36.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
185.198.233.0/24 maxlen: 24
188.241.221.0/24 maxlen: 24
193.178.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:5c:bd:df:96:22:68:14:96:31:da:54:60:02:e6:91:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 14 15:21:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fc704b039ceb4c150688886a6abfc981f06fd6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a5:f4:6f:7e:12:e2:6f:43:24:9b:cf:ff:01:
73:f2:9a:a9:68:c5:65:15:61:cd:b0:ac:46:db:fc:
c2:dc:0f:60:18:dd:6c:6e:93:f8:f4:98:86:a2:f8:
f0:a3:80:99:22:15:ab:a0:6d:d9:f4:07:00:d6:26:
b2:70:b1:93:07:60:11:03:bf:67:da:3a:71:98:69:
63:d4:9f:b5:cf:bd:c4:b6:74:86:0c:a9:ff:78:31:
71:fb:5e:58:56:c1:b5:bb:7c:92:db:4c:2d:67:1d:
e2:a9:a2:27:db:9c:22:72:78:01:47:52:d7:86:0e:
c7:f5:50:e8:6d:f1:3a:d5:e5:73:80:2a:42:7e:27:
8d:36:97:ea:11:0d:2b:97:35:fd:a1:66:39:70:17:
4f:d8:de:25:f0:78:27:1d:3a:cb:ba:07:7a:1e:98:
f6:e1:5d:be:16:cc:17:0c:e4:4c:73:d5:d8:16:b2:
1e:fb:0b:3b:e6:21:91:f3:ae:a1:ec:c4:fc:11:84:
17:44:8d:8d:96:67:64:f5:29:a6:f1:5b:87:6a:b4:
83:f2:70:61:7e:06:22:3e:01:1e:fe:41:90:be:98:
77:07:fa:9c:7a:fc:9c:b2:c9:c3:a9:72:65:df:6e:
53:ab:d0:5a:e6:4f:0e:ea:a7:cb:c0:41:81:ed:cf:
12:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:70:4B:03:9C:EB:4C:15:06:88:88:6A:6A:BF:C9:81:F0:6F:D6:FA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_HBLA5zrTBUGiIhqar_JgfBv1vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.14.0/24
62.192.152.0/24
77.81.182.0/24
89.34.106.0/24
89.37.192.0/24
89.40.36.0/24
89.40.215.0/24
89.47.36.0/24
89.125.193.0/24
93.115.107.0/24
93.118.36.0/24
128.0.41.0/24
185.198.233.0/24
188.241.221.0/24
193.178.134.0/24
Signature Algorithm: sha256WithRSAEncryption
81:d3:b2:13:2e:67:85:06:e5:e5:db:ff:99:f6:b5:bf:6d:a5:
3f:25:09:40:ec:03:02:33:2b:1a:c1:99:26:11:2e:80:e5:a9:
90:5e:e2:69:c5:a3:89:05:6d:60:57:76:02:50:19:b6:53:d5:
d7:83:49:ad:4c:fa:36:9e:36:73:94:53:36:cb:43:38:13:49:
b2:0f:3b:26:a9:22:4f:f0:4b:60:4a:15:39:6c:f5:14:30:10:
e2:a8:e3:1c:f7:67:0d:a4:2f:8f:3d:03:f0:75:22:ee:b8:aa:
e5:25:33:e6:91:79:1f:34:ee:59:f0:b3:96:60:7a:2a:0e:89:
5a:f8:3b:59:59:51:6c:98:33:c5:be:cf:06:b8:fa:3a:aa:36:
c8:a3:ce:9e:ac:ac:75:a9:2f:40:87:07:33:d8:ea:23:4a:d7:
f1:d9:ef:2c:34:f8:c4:74:4c:65:4c:4c:a3:33:d9:bd:e5:d2:
ca:47:aa:2d:f2:d2:99:77:2f:5b:d8:ab:1a:67:66:08:7e:b4:
bf:16:ed:d9:16:51:f9:b8:56:5b:ef:b4:7a:88:92:5c:84:6f:
e5:ed:36:68:07:d0:4b:53:ed:41:e4:ed:98:5f:07:5b:2d:92:
46:d4:ef:45:2a:0b:24:b5:28:a1:9d:16:55:70:a5:fd:f5:78:
36:3a:42:f9
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZxcvd+WImgUljHaVGAC5pHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMjE0MTUyMTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzcwNGIwMzljZWI0YzE1MDY4ODg4NmE2YWJmYzk4MWYwNmZkNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06X0b34S4m9DJJvP/wFz8pqpaMVl
FWHNsKxG2/zC3A9gGN1sbpP49JiGovjwo4CZIhWroG3Z9AcA1iaycLGTB2ARA79n
2jpxmGlj1J+1z73EtnSGDKn/eDFx+15YVsG1u3yS20wtZx3iqaIn25wicngBR1LX
hg7H9VDobfE61eVzgCpCfieNNpfqEQ0rlzX9oWY5cBdP2N4l8HgnHTrLugd6Hpj2
4V2+FswXDORMc9XYFrIe+ws75iGR866h7MT8EYQXRI2Nlmdk9Smm8VuHarSD8nBh
fgYiPgEe/kGQvph3B/qcevycssnDqXJl325Tq9Ba5k8O6qfLwEGB7c8SbQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFPxwSwOc60wVBoiIamq/yYHwb9b6MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvX0hCTEE1enJUQlVHaUlocWFyX0pnZkJ2MXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALVgOAwQA
PsCYAwQATVG2AwQAWSJqAwQAWSXAAwQAWSgkAwQAWSjXAwQAWS8kAwQAWX3BAwQA
XXNrAwQAXXYkAwQAgAApAwQAucbpAwQAvPHdAwQAwbKGMA0GCSqGSIb3DQEBCwUA
A4IBAQCB07ITLmeFBuXl2/+Z9rW/baU/JQlA7AMCMysawZkmES6A5amQXuJpxaOJ
BW1gV3YCUBm2U9XXg0mtTPo2njZzlFM2y0M4E0myDzsmqSJP8EtgShU5bPUUMBDi
qOMc92cNpC+PPQPwdSLuuKrlJTPmkXkfNO5Z8LOWYHoqDola+DtZWVFsmDPFvs8G
uPo6qjbIo86erKx1qS9Ahwcz2OojStfx2e8sNPjEdExlTEyjM9m95dLKR6ot8tKZ
dy9b2KsaZ2YIfrS/Fu3ZFlH5uFZb77R6iJJchG/l7TZoB9BLU+1B5O2YXwdbLZJG
1O9FKgsktSihnRZVcKX99Xg2OkL5
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:01:43 2026 by rpki-client