Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/FTZo4j3WvgKRWbiHUOCPZsX1zgQ.roa
File: FTZo4j3WvgKRWbiHUOCPZsX1zgQ.roa (raw, json)
Hash identifier: Q/+Okbz+6+jAXp/C9vXemB7x6MV3XdMTaEZvLlqSiqE=
Subject key identifier: 15:36:68:E2:3D:D6:BE:02:91:59:B8:87:50:E0:8F:66:C5:F5:CE:04
Certificate issuer: /CN=5550e06ee02c5a32e54dc89853b4aa378f8604f7
Certificate serial: 019C1E01093BDA0F54A06AE9FAA91B9C1951
Authority key identifier: 55:50:E0:6E:E0:2C:5A:32:E5:4D:C8:98:53:B4:AA:37:8F:86:04:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VVDgbuAsWjLlTciYU7SqN4-GBPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/FTZo4j3WvgKRWbiHUOCPZsX1zgQ.roa
Signing time: Mon 02 Feb 2026 10:58:30 +0000
ROA not before: Mon 02 Feb 2026 10:58:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201364
IP address blocks: 85.202.202.0/24 maxlen: 24
2a09:5980::/32 maxlen: 32
2a09:5981::/32 maxlen: 32
2a09:5982::/32 maxlen: 32
2a09:5983::/32 maxlen: 32
2a09:5984::/32 maxlen: 32
2a09:5985::/32 maxlen: 32
2a09:5986::/32 maxlen: 32
2a09:5987::/32 maxlen: 32
2a09:f340::/32 maxlen: 32
2a09:f341::/32 maxlen: 32
2a09:f342::/32 maxlen: 32
2a09:f343::/32 maxlen: 32
2a09:f344::/32 maxlen: 32
2a09:f345::/32 maxlen: 32
2a09:f346::/32 maxlen: 32
2a09:f347::/32 maxlen: 32
2a0d:8040::/32 maxlen: 32
2a0d:8041::/32 maxlen: 32
2a0d:8042::/32 maxlen: 32
2a0d:8043::/32 maxlen: 32
2a0d:8044::/32 maxlen: 32
2a0d:8045::/32 maxlen: 32
2a0d:8046::/32 maxlen: 32
2a0d:8047::/32 maxlen: 32
2a11:1800::/32 maxlen: 32
2a11:1801::/32 maxlen: 32
2a11:1802::/32 maxlen: 32
2a11:1803::/32 maxlen: 32
2a11:1804::/32 maxlen: 32
2a11:1805::/32 maxlen: 32
2a11:1806::/32 maxlen: 32
2a11:1807::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/VVDgbuAsWjLlTciYU7SqN4-GBPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/VVDgbuAsWjLlTciYU7SqN4-GBPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/VVDgbuAsWjLlTciYU7SqN4-GBPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:1e:01:09:3b:da:0f:54:a0:6a:e9:fa:a9:1b:9c:19:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5550e06ee02c5a32e54dc89853b4aa378f8604f7
Validity
Not Before: Feb 2 10:58:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=153668e23dd6be029159b88750e08f66c5f5ce04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ce:16:a2:08:29:9f:b5:72:d8:45:11:9b:20:
e1:dc:c6:e5:50:71:a1:a6:05:be:9d:66:43:da:92:
55:e3:a8:d9:3f:9e:89:fd:80:30:ba:ea:8d:38:19:
2e:e0:de:20:b4:f0:2f:ce:02:e8:fc:78:68:f4:e0:
dd:cb:60:6d:77:29:c7:4c:a7:c4:a0:54:f2:50:66:
a0:e5:a6:e4:b2:90:51:f2:23:5d:af:1a:c2:9e:4c:
06:f1:95:59:6f:20:99:d5:39:cb:f8:a6:e9:ea:e3:
79:b3:fb:7b:b2:92:7a:e4:72:0a:a0:5c:a2:a7:db:
b8:6f:ef:23:50:ac:7b:35:7a:d8:8f:b1:0f:66:3c:
84:cf:43:4b:d9:96:09:2d:50:95:73:46:8f:d1:86:
08:b6:a3:50:7d:3b:69:92:ba:68:e8:14:46:8a:94:
1d:db:9d:79:3b:72:48:a5:d2:42:ea:a1:42:c2:ee:
85:79:d5:b8:bd:db:46:e0:b3:64:ba:63:31:9e:93:
83:fc:bf:ce:22:e2:84:13:31:7f:e0:a1:08:1c:cc:
c4:33:d2:05:ae:6a:1d:1c:08:ed:dd:cd:bf:8a:77:
1b:78:be:f0:54:82:a6:a8:ba:2f:da:d3:0d:25:2d:
98:fd:67:ac:d4:45:71:7c:80:0d:59:d8:7d:07:5f:
b8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:36:68:E2:3D:D6:BE:02:91:59:B8:87:50:E0:8F:66:C5:F5:CE:04
X509v3 Authority Key Identifier:
keyid:55:50:E0:6E:E0:2C:5A:32:E5:4D:C8:98:53:B4:AA:37:8F:86:04:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VVDgbuAsWjLlTciYU7SqN4-GBPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/FTZo4j3WvgKRWbiHUOCPZsX1zgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/VVDgbuAsWjLlTciYU7SqN4-GBPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.202.0/24
IPv6:
2a09:5980::/29
2a09:f340::/29
2a0d:8040::/29
2a11:1800::/29
Signature Algorithm: sha256WithRSAEncryption
4d:36:e6:2f:12:95:09:b2:2e:0c:67:f1:82:d3:8c:3b:6e:23:
cb:10:56:ac:c3:d9:b1:4b:92:e1:88:ff:e8:4c:2e:ce:49:fb:
d7:03:3a:30:22:9e:a5:c0:e3:91:6b:0e:f9:eb:7c:4d:9b:4f:
30:a4:bb:1e:5f:83:8d:c2:70:e4:08:06:2b:65:05:96:39:89:
b3:a4:c7:7c:01:42:79:40:5d:df:c0:6c:68:e7:59:e1:ea:a3:
05:9f:38:ab:47:61:7c:aa:0e:33:ad:96:03:8b:08:53:57:25:
12:9c:a0:9f:0b:dd:1d:8f:22:67:ab:46:1f:6b:75:a7:dc:7a:
76:4d:3d:85:c2:38:bf:d2:4e:49:11:4c:eb:db:e5:74:4a:a8:
c2:56:42:ef:30:46:bf:e6:b0:8c:72:7b:19:5f:c9:58:7b:69:
13:ff:24:f0:20:b0:4d:b1:f1:dd:e8:ff:9b:0a:71:96:3c:93:
b4:1b:5b:c8:d1:b3:5e:56:ed:68:58:87:87:ef:3b:89:8b:7f:
1b:de:fa:88:b2:12:51:ee:34:d1:a0:89:57:66:0b:da:4c:25:
be:50:4f:ea:3e:8e:a7:fb:36:43:aa:1f:14:51:46:a3:e2:57:
6b:d9:0b:23:b7:d7:89:4a:35:e9:4d:9d:53:43:a2:a7:87:1e:
ac:0c:b5:09
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZweAQk72g9UoGrp+qkbnBlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NTBlMDZlZTAyYzVhMzJlNTRkYzg5ODUzYjRhYTM3OGY4
NjA0ZjcwHhcNMjYwMjAyMTA1ODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTM2NjhlMjNkZDZiZTAyOTE1OWI4ODc1MGUwOGY2NmM1ZjVjZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx84Woggpn7Vy2EURmyDh3MblUHGh
pgW+nWZD2pJV46jZP56J/YAwuuqNOBku4N4gtPAvzgLo/Hho9ODdy2BtdynHTKfE
oFTyUGag5abkspBR8iNdrxrCnkwG8ZVZbyCZ1TnL+Kbp6uN5s/t7spJ65HIKoFyi
p9u4b+8jUKx7NXrYj7EPZjyEz0NL2ZYJLVCVc0aP0YYItqNQfTtpkrpo6BRGipQd
2515O3JIpdJC6qFCwu6FedW4vdtG4LNkumMxnpOD/L/OIuKEEzF/4KEIHMzEM9IF
rmodHAjt3c2/incbeL7wVIKmqLov2tMNJS2Y/Wes1EVxfIANWdh9B1+4uwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBU2aOI91r4CkVm4h1Dgj2bF9c4EMB8GA1UdIwQY
MBaAFFVQ4G7gLFoy5U3ImFO0qjePhgT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlZEZ2J1QXNXakxsVGNpWVU3U3FONC1HQlBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9kZWViNGMtOTlkNi00YTllLTgyMDAt
N2NhYTk3OTI3MTQyLzEvRlRabzRqM1d2Z0tSV2JpSFVPQ1Bac1gxemdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9kZWViNGMtOTlkNi00YTllLTgyMDAtN2NhYTk3OTI3MTQy
LzEvVlZEZ2J1QXNXakxsVGNpWVU3U3FONC1HQlBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQAVcrKMCIE
AgACMBwDBQMqCVmAAwUDKgnzQAMFAyoNgEADBQMqERgAMA0GCSqGSIb3DQEBCwUA
A4IBAQBNNuYvEpUJsi4MZ/GC04w7biPLEFasw9mxS5LhiP/oTC7OSfvXAzowIp6l
wOORaw7563xNm08wpLseX4ONwnDkCAYrZQWWOYmzpMd8AUJ5QF3fwGxo51nh6qMF
nzirR2F8qg4zrZYDiwhTVyUSnKCfC90djyJnq0Yfa3Wn3Hp2TT2Fwji/0k5JEUzr
2+V0SqjCVkLvMEa/5rCMcnsZX8lYe2kT/yTwILBNsfHd6P+bCnGWPJO0G1vI0bNe
Vu1oWIeH7zuJi38b3vqIshJR7jTRoIlXZgvaTCW+UE/qPo6n+zZDqh8UUUaj4ldr
2Qsjt9eJSjXpTZ1TQ6Knhx6sDLUJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:16:28 2026 by rpki-client