Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/b5WvswXGdht2SeiK_jv35NL4gnI.roa
File: b5WvswXGdht2SeiK_jv35NL4gnI.roa (raw, json)
Hash identifier: 0UoIoUw2bFmFjnI7xdMqsJUHr7laHjja/7wI/sUlMOs=
Subject key identifier: 6F:95:AF:B3:05:C6:76:1B:76:49:E8:8A:FE:3B:F7:E4:D2:F8:82:72
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D72FF81CD4B08B19F6AE51FD514AC1D47
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/b5WvswXGdht2SeiK_jv35NL4gnI.roa
Signing time: Thu 09 Apr 2026 16:07:20 +0000
ROA not before: Thu 09 Apr 2026 16:07:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 24768
IP address blocks: 78.17.244.0/22 maxlen: 22
89.125.176.0/22 maxlen: 22
89.125.240.0/23 maxlen: 23
89.125.246.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:46:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:ff:81:cd:4b:08:b1:9f:6a:e5:1f:d5:14:ac:1d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 9 16:07:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6f95afb305c6761b7649e88afe3bf7e4d2f88272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ec:84:41:6d:5a:78:24:6d:bf:70:00:53:69:
f2:f4:d4:5f:3b:f1:8c:07:cc:c1:77:fe:9e:07:68:
71:58:66:a2:ad:0d:7c:85:b4:cc:ff:b1:8d:a3:e6:
68:63:fd:da:d5:ab:5f:70:0e:fc:0a:65:b6:9a:d9:
de:5b:d8:8f:ae:98:01:bd:52:e7:43:a9:b2:4b:6e:
90:bd:96:61:73:25:34:8d:53:41:b5:61:ec:3b:74:
72:77:f3:4d:20:12:5f:73:0f:38:a8:1a:08:43:a2:
9d:87:86:c6:ea:90:67:5e:aa:6c:71:7a:f8:8e:44:
d4:44:0a:c5:a7:98:53:4a:04:75:22:47:8c:2c:58:
39:c8:0a:74:d9:5c:8d:7b:c3:c8:a4:33:b0:d6:3c:
af:54:76:a8:56:84:37:5e:ec:d8:84:d2:d5:12:9b:
51:82:9b:0a:d0:6e:1a:13:23:e7:ff:18:40:d8:16:
cd:a7:e6:94:98:d9:77:f9:1e:6c:94:2a:fc:38:da:
79:aa:96:ad:44:55:20:36:61:71:13:10:bc:37:ed:
7b:40:9c:97:72:91:22:dc:50:6c:80:a8:42:36:c5:
e6:23:2d:98:93:a4:fe:02:0a:5a:0b:cf:28:5c:9f:
2e:75:35:13:df:6d:62:d7:f1:55:ab:e2:30:d0:f7:
34:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:95:AF:B3:05:C6:76:1B:76:49:E8:8A:FE:3B:F7:E4:D2:F8:82:72
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/b5WvswXGdht2SeiK_jv35NL4gnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.244.0/22
89.125.176.0/22
89.125.240.0/23
89.125.246.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:95:de:e2:6d:93:3d:04:e1:d9:02:e3:03:14:c2:95:a4:80:
f0:95:5a:45:7c:40:6f:d6:6a:c8:95:c4:bd:56:ec:9b:dc:f5:
f5:49:01:d4:87:b7:34:de:b3:85:b3:01:4f:f7:7a:a0:32:4c:
fb:b7:a2:59:2b:6b:08:5e:eb:96:e5:c5:36:cf:4f:18:a5:02:
62:02:cd:f2:31:b6:19:49:4b:43:f9:27:74:ca:61:fe:13:44:
83:d2:5c:c7:2c:b7:99:6a:cc:fe:f0:88:ff:91:d6:38:b2:bf:
dc:5f:5c:93:1a:25:1a:7b:fd:fc:bc:47:94:29:c3:cc:ab:59:
03:91:d4:c8:20:3d:16:c9:f8:d7:9f:20:69:dd:ec:3c:14:3e:
2c:45:2c:b2:57:71:4e:1d:da:a9:25:10:28:85:76:41:8b:9f:
4d:2a:bc:59:5a:fb:b8:66:de:f1:ca:a0:19:ea:ca:4f:e8:ec:
f8:1c:48:5b:e8:59:89:1c:a5:d8:5b:02:84:fd:24:16:a8:40:
31:51:41:4d:46:ba:84:7e:2b:13:07:ad:ed:40:1c:fa:6f:df:
91:77:4f:e5:3c:31:3d:76:ed:36:09:ed:f6:82:bd:46:53:4e:
f9:cf:8e:d3:c2:3f:39:64:eb:bb:97:93:ba:c4:a5:15:72:0e:
1f:a2:f7:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1y/4HNSwixn2rlH9UUrB1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwNDA5MTYwNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjk1YWZiMzA1YzY3NjFiNzY0OWU4OGFmZTNiZjdlNGQyZjg4MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+yEQW1aeCRtv3AAU2ny9NRfO/GM
B8zBd/6eB2hxWGairQ18hbTM/7GNo+ZoY/3a1atfcA78CmW2mtneW9iPrpgBvVLn
Q6myS26QvZZhcyU0jVNBtWHsO3Ryd/NNIBJfcw84qBoIQ6Kdh4bG6pBnXqpscXr4
jkTURArFp5hTSgR1IkeMLFg5yAp02VyNe8PIpDOw1jyvVHaoVoQ3XuzYhNLVEptR
gpsK0G4aEyPn/xhA2BbNp+aUmNl3+R5slCr8ONp5qpatRFUgNmFxExC8N+17QJyX
cpEi3FBsgKhCNsXmIy2Yk6T+AgpaC88oXJ8udTUT321i1/FVq+Iw0Pc0MwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG+Vr7MFxnYbdknoiv479+TS+IJyMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYjVXdnN3WEdkaHQyU2VpS19qdjM1Tkw0Z25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCThH0AwQC
WX2wAwQBWX3wAwQBWX32MA0GCSqGSIb3DQEBCwUAA4IBAQBNld7ibZM9BOHZAuMD
FMKVpIDwlVpFfEBv1mrIlcS9Vuyb3PX1SQHUh7c03rOFswFP93qgMkz7t6JZK2sI
XuuW5cU2z08YpQJiAs3yMbYZSUtD+Sd0ymH+E0SD0lzHLLeZasz+8Ij/kdY4sr/c
X1yTGiUae/38vEeUKcPMq1kDkdTIID0WyfjXnyBp3ew8FD4sRSyyV3FOHdqpJRAo
hXZBi59NKrxZWvu4Zt7xyqAZ6spP6Oz4HEhb6FmJHKXYWwKE/SQWqEAxUUFNRrqE
fisTB63tQBz6b9+Rd0/lPDE9du02Ce32gr1GU075z47Twj85ZOu7l5O6xKUVcg4f
ovcp
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:20:31 2026 by rpki-client