Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/_V1eYBVYxmawleKCxSJwuqWODac.roa
File: _V1eYBVYxmawleKCxSJwuqWODac.roa (raw, json)
Hash identifier: 3K8lDaSpTjh6iTXNksJXFqV5KFnEV3q9baRrNVjBL80=
Subject key identifier: FD:5D:5E:60:15:58:C6:66:B0:95:E2:82:C5:22:70:BA:A5:8E:0D:A7
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019D293D09458E2C236088E84D5F804DAE50
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/_V1eYBVYxmawleKCxSJwuqWODac.roa
Signing time: Thu 26 Mar 2026 08:22:39 +0000
ROA not before: Thu 26 Mar 2026 08:22:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5065
IP address blocks: 82.108.3.0/24 maxlen: 24
82.108.43.0/24 maxlen: 24
82.108.51.0/24 maxlen: 24
82.108.57.0/24 maxlen: 24
87.84.197.0/24 maxlen: 24
87.84.199.0/24 maxlen: 24
195.40.153.0/24 maxlen: 24
195.40.154.0/24 maxlen: 24
195.40.155.0/24 maxlen: 24
195.172.120.0/24 maxlen: 24
195.172.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:52:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:3d:09:45:8e:2c:23:60:88:e8:4d:5f:80:4d:ae:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Mar 26 08:22:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fd5d5e601558c666b095e282c52270baa58e0da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ee:61:00:17:6a:0f:bd:53:2a:cd:7d:10:41:
c0:ea:bf:28:b6:f2:d0:0e:05:54:87:4b:a5:87:0e:
e9:14:c4:19:9d:a6:c4:88:d8:97:19:53:4e:88:5d:
cb:dd:48:20:d5:15:69:07:e2:20:de:0a:2b:14:14:
79:03:b5:2d:dc:89:88:62:1b:68:bc:61:14:8e:39:
86:93:a6:0b:11:8e:20:7e:7d:c4:23:02:fc:dd:5f:
2f:fc:2b:59:c5:18:4c:a4:0d:0d:a1:7c:d6:35:75:
cc:9a:40:f3:49:bc:88:d0:db:f1:91:31:55:fb:5e:
73:91:a3:fe:1d:14:45:37:c8:1b:9b:41:7f:b0:cb:
2a:70:ce:c7:e7:d0:99:c5:ef:b7:66:6c:40:87:08:
e6:37:be:02:eb:3f:52:37:7c:86:a2:74:bb:23:82:
05:a8:47:fe:d7:ca:18:9d:f9:21:5b:35:72:fe:08:
f3:c4:eb:b4:c8:32:7c:e0:fe:ad:45:e2:b3:4e:4b:
2e:2e:a1:21:c1:87:45:82:80:ef:44:d7:5d:bf:eb:
af:69:8e:20:a1:6f:4f:8c:dd:91:c8:05:b4:6f:6a:
bc:b3:14:a9:74:e6:97:c8:83:3f:2f:96:d7:1f:4f:
9b:bd:fb:c0:0e:5a:58:43:b0:3d:5c:8e:99:f6:11:
36:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:5D:5E:60:15:58:C6:66:B0:95:E2:82:C5:22:70:BA:A5:8E:0D:A7
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/_V1eYBVYxmawleKCxSJwuqWODac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.108.3.0/24
82.108.43.0/24
82.108.51.0/24
82.108.57.0/24
87.84.197.0/24
87.84.199.0/24
195.40.153.0-195.40.155.255
195.172.120.0/24
195.172.145.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:f6:1c:5c:5c:96:e9:8d:bd:6c:8f:a7:5c:6b:40:32:c5:90:
7d:a1:15:2b:6d:72:3f:44:0c:41:92:30:b4:43:58:eb:9e:51:
ac:e8:11:0f:3a:ba:5d:d7:5f:97:41:5e:bf:38:a8:12:08:e4:
7b:23:33:99:f3:43:41:97:14:98:76:1f:5b:6e:1c:6d:ce:b4:
49:de:98:9a:da:67:78:46:e4:7a:4f:f0:24:18:3e:3b:17:b1:
09:09:a4:84:41:8b:e8:ee:c3:30:1d:cf:dd:fc:39:b9:ad:8b:
30:78:05:77:3e:eb:85:b5:dc:5b:12:40:8d:2c:45:0d:75:d2:
0e:a7:88:5e:5b:f1:4f:d8:1b:0d:ea:a0:66:ef:e7:cf:22:a7:
7b:c6:d1:24:4f:77:61:f7:cb:91:76:11:b3:e4:ff:dc:c9:57:
fa:22:57:27:08:6f:2d:5a:35:a8:1c:b6:55:27:93:ee:be:55:
31:d3:89:6e:11:e1:a3:5f:c3:cb:a9:b1:4a:d9:e2:e5:ea:89:
5a:16:95:8c:c0:54:75:c8:b0:3e:b9:95:12:46:61:88:49:68:
53:e2:ce:34:ff:77:cf:74:a1:5d:03:90:6e:65:a7:a6:f7:db:
c8:5d:8d:e9:32:56:ff:e1:29:4e:f0:e0:08:34:9b:35:74:7d:
da:d9:ca:05
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZ0pPQlFjiwjYIjoTV+ATa5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMzI2MDgyMjM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDVkNWU2MDE1NThjNjY2YjA5NWUyODJjNTIyNzBiYWE1OGUwZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+5hABdqD71TKs19EEHA6r8otvLQ
DgVUh0ulhw7pFMQZnabEiNiXGVNOiF3L3Ugg1RVpB+Ig3gorFBR5A7Ut3ImIYhto
vGEUjjmGk6YLEY4gfn3EIwL83V8v/CtZxRhMpA0NoXzWNXXMmkDzSbyI0NvxkTFV
+15zkaP+HRRFN8gbm0F/sMsqcM7H59CZxe+3ZmxAhwjmN74C6z9SN3yGonS7I4IF
qEf+18oYnfkhWzVy/gjzxOu0yDJ84P6tReKzTksuLqEhwYdFgoDvRNddv+uvaY4g
oW9PjN2RyAW0b2q8sxSpdOaXyIM/L5bXH0+bvfvADlpYQ7A9XI6Z9hE2sQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFP1dXmAVWMZmsJXigsUicLqljg2nMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvX1YxZVlCVll4bWF3bGVLQ3hTSnd1cVdPRGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAUmwDAwQA
UmwrAwQAUmwzAwQAUmw5AwQAV1TFAwQAV1THMAwDBADDKJkDBALDKJgDBADDrHgD
BADDrJEwDQYJKoZIhvcNAQELBQADggEBAH72HFxclumNvWyPp1xrQDLFkH2hFStt
cj9EDEGSMLRDWOueUazoEQ86ul3XX5dBXr84qBII5HsjM5nzQ0GXFJh2H1tuHG3O
tEnemJraZ3hG5HpP8CQYPjsXsQkJpIRBi+juwzAdz938ObmtizB4BXc+64W13FsS
QI0sRQ110g6niF5b8U/YGw3qoGbv588ip3vG0SRPd2H3y5F2EbPk/9zJV/oiVycI
by1aNagctlUnk+6+VTHTiW4R4aNfw8upsUrZ4uXqiVoWlYzAVHXIsD65lRJGYYhJ
aFPizjT/d890oV0DkG5lp6b328hdjekyVv/hKU7w4Ag0mzV0fdrZygU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:17:40 2026 by rpki-client