Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/avNtWIw0xDOhXSkQxb238E_rdrc.roa
File: avNtWIw0xDOhXSkQxb238E_rdrc.roa (raw, json)
Hash identifier: 1XrLxSjmxifLbkwIDjE2Jny/plpMxxpAEyFrwG//VP4=
Subject key identifier: 6A:F3:6D:58:8C:34:C4:33:A1:5D:29:10:C5:BD:B7:F0:4F:EB:76:B7
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D577A9B05037527B790D1E4E6204E25EA
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/avNtWIw0xDOhXSkQxb238E_rdrc.roa
Signing time: Sat 04 Apr 2026 07:52:26 +0000
ROA not before: Sat 04 Apr 2026 07:52:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 45.88.14.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
77.81.182.0/24 maxlen: 24
78.17.19.0/24 maxlen: 24
78.17.22.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
89.125.99.0/24 maxlen: 24
89.125.100.0/24 maxlen: 24
89.125.101.0/24 maxlen: 24
89.125.193.0/24 maxlen: 24
93.115.107.0/24 maxlen: 24
93.118.36.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
185.198.233.0/24 maxlen: 24
188.241.221.0/24 maxlen: 24
193.178.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:46:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:57:7a:9b:05:03:75:27:b7:90:d1:e4:e6:20:4e:25:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 4 07:52:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6af36d588c34c433a15d2910c5bdb7f04feb76b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a5:41:41:ce:76:0c:2b:92:37:95:54:3a:ff:
7c:ec:a8:45:08:31:cc:85:50:c6:f9:ba:01:59:47:
9f:a6:e8:25:56:8f:ac:e7:a9:74:9d:8b:57:fc:7f:
fd:a0:3f:8d:53:ec:3e:ee:3d:e7:89:90:b7:9c:cf:
95:76:ce:a4:75:34:7e:16:86:bf:61:f8:a1:e1:f7:
e8:cd:e0:20:f7:39:bf:d3:da:6f:4a:e2:22:bd:da:
33:b0:6e:34:ba:4d:db:2a:0a:89:dd:53:54:ac:95:
e3:1a:19:7c:df:04:ac:59:5e:cd:74:9d:a9:35:dd:
d9:b9:56:24:89:7f:07:0d:bc:e0:27:b9:e0:ea:81:
99:cf:00:e4:74:64:ab:0d:a9:86:c5:51:dc:29:9d:
8e:20:65:91:30:b3:e7:12:01:14:d9:90:8a:5e:fe:
3b:68:4e:3f:d3:7c:9b:0c:15:08:fe:77:4a:88:33:
f4:0c:5f:2d:3c:56:be:b3:7e:85:51:66:8a:68:f1:
d0:b7:ba:d1:81:3b:41:bc:b5:0a:8c:22:ae:0f:cb:
79:37:96:36:dc:46:cc:be:62:eb:85:30:2b:2c:59:
54:ed:7d:97:17:7f:1d:74:11:63:5b:38:1d:cc:77:
16:f3:2c:7b:5a:f5:ad:9f:2f:bf:ba:ed:ee:ce:3e:
79:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F3:6D:58:8C:34:C4:33:A1:5D:29:10:C5:BD:B7:F0:4F:EB:76:B7
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/avNtWIw0xDOhXSkQxb238E_rdrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.14.0/24
62.192.152.0/24
77.81.182.0/24
78.17.19.0/24
78.17.22.0/24
89.34.106.0/24
89.37.192.0/24
89.40.36.0/24
89.40.215.0/24
89.47.36.0/24
89.125.99.0-89.125.101.255
89.125.193.0/24
93.115.107.0/24
93.118.36.0/24
128.0.41.0/24
185.198.233.0/24
188.241.221.0/24
193.178.134.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:77:d0:63:73:db:8f:2f:80:1d:0b:2e:bb:b0:3b:77:96:ae:
42:0f:77:62:25:6a:fc:b3:4f:c3:46:78:7d:7c:16:f8:28:7b:
a0:8f:2c:20:62:52:19:f1:95:23:1d:01:c5:71:de:1c:a9:ae:
4d:06:fe:4e:7d:4e:22:40:20:22:4b:83:cf:c5:3a:a8:67:52:
52:67:3f:ac:58:ee:56:37:cc:25:c9:73:f3:dd:32:f7:2c:72:
ec:f2:96:6e:45:f1:44:ce:88:d1:34:ee:07:20:01:96:55:81:
6f:9f:e1:7d:35:f7:80:8b:e6:a5:76:dd:a9:71:43:ba:ba:2b:
db:ed:9d:69:e0:96:40:ee:26:2f:fa:d5:57:53:da:89:26:e2:
97:df:78:ba:36:51:d8:ee:65:ec:75:02:ad:be:49:b5:5e:27:
9e:9a:89:ff:e0:71:ad:8b:00:d7:99:1d:72:a1:62:13:80:08:
93:9f:b9:ca:bd:30:ab:d2:4d:03:3b:b1:48:f4:f1:24:42:1d:
c9:6d:98:a2:e1:e0:70:88:f0:d2:ac:ab:4b:8e:c1:2c:5f:eb:
75:80:58:c6:e7:d6:c7:d7:f6:84:9d:01:c7:a3:19:f3:c9:10:
9d:a1:5d:13:62:a2:ad:ed:78:0b:1b:60:c6:1b:d7:b1:ba:81:
e7:db:4a:b5
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZ1XepsFA3Unt5DR5OYgTiXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNDA0MDc1MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWYzNmQ1ODhjMzRjNDMzYTE1ZDI5MTBjNWJkYjdmMDRmZWI3NmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qVBQc52DCuSN5VUOv987KhFCDHM
hVDG+boBWUefpuglVo+s56l0nYtX/H/9oD+NU+w+7j3niZC3nM+Vds6kdTR+Foa/
Yfih4ffozeAg9zm/09pvSuIivdozsG40uk3bKgqJ3VNUrJXjGhl83wSsWV7NdJ2p
Nd3ZuVYkiX8HDbzgJ7ng6oGZzwDkdGSrDamGxVHcKZ2OIGWRMLPnEgEU2ZCKXv47
aE4/03ybDBUI/ndKiDP0DF8tPFa+s36FUWaKaPHQt7rRgTtBvLUKjCKuD8t5N5Y2
3EbMvmLrhTArLFlU7X2XF38ddBFjWzgdzHcW8yx7WvWtny+/uu3uzj55bQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFGrzbViMNMQzoV0pEMW9t/BP63a3MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYXZOdFdJdzB4RE9oWFNrUXhiMjM4RV9yZHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAC1YDgME
AD7AmAMEAE1RtgMEAE4REwMEAE4RFgMEAFkiagMEAFklwAMEAFkoJAMEAFko1wME
AFkvJDAMAwQAWX1jAwQBWX1kAwQAWX3BAwQAXXNrAwQAXXYkAwQAgAApAwQAucbp
AwQAvPHdAwQAwbKGMA0GCSqGSIb3DQEBCwUAA4IBAQALd9Bjc9uPL4AdCy67sDt3
lq5CD3diJWr8s0/DRnh9fBb4KHugjywgYlIZ8ZUjHQHFcd4cqa5NBv5OfU4iQCAi
S4PPxTqoZ1JSZz+sWO5WN8wlyXPz3TL3LHLs8pZuRfFEzojRNO4HIAGWVYFvn+F9
NfeAi+aldt2pcUO6uivb7Z1p4JZA7iYv+tVXU9qJJuKX33i6NlHY7mXsdQKtvkm1
Xieemon/4HGtiwDXmR1yoWITgAiTn7nKvTCr0k0DO7FI9PEkQh3JbZii4eBwiPDS
rKtLjsEsX+t1gFjG59bH1/aEnQHHoxnzyRCdoV0TYqKt7XgLG2DGG9exuoHn20q1
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:21:22 2026 by rpki-client