Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/fzfszWt-kJZcfbCPsxciTP6C4Dk.roa
File: fzfszWt-kJZcfbCPsxciTP6C4Dk.roa (raw, json)
Hash identifier: Xaxe3Hu1PY1WZ5xZc3wZj9w0NSOK2DQVeSn4qSIA58I=
Subject key identifier: 7F:37:EC:CD:6B:7E:90:96:5C:7D:B0:8F:B3:17:22:4C:FE:82:E0:39
Certificate issuer: /CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Certificate serial: 019E8CBBEE504F05678289C24E28CBE93F9C
Authority key identifier: E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/fzfszWt-kJZcfbCPsxciTP6C4Dk.roa
Signing time: Wed 03 Jun 2026 09:06:26 +0000
ROA not before: Wed 03 Jun 2026 09:06:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15594
IP address blocks: 82.116.96.0/19 maxlen: 25
95.174.128.0/19 maxlen: 25
212.9.32.0/19 maxlen: 25
217.10.64.0/20 maxlen: 25
217.116.112.0/20 maxlen: 25
2001:ab0::/29 maxlen: 48
2001:ab0::/36 maxlen: 49
2001:ab7::/36 maxlen: 49
2001:ab7:1000::/36 maxlen: 49
2001:ab7:2000::/36 maxlen: 49
2001:ab7:3000::/36 maxlen: 49
2001:ab7:a000::/36 maxlen: 49
2001:ab7:f000::/36 maxlen: 49
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8c:bb:ee:50:4f:05:67:82:89:c2:4e:28:cb:e9:3f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Validity
Not Before: Jun 3 09:06:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7f37eccd6b7e90965c7db08fb317224cfe82e039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:49:3d:a3:44:3d:99:b0:7f:5e:b3:4e:41:7f:
62:20:d2:38:81:c8:39:5b:d6:44:da:9e:e9:f4:37:
5a:2a:98:81:08:be:e6:1f:58:21:24:56:d8:19:19:
d1:86:3b:eb:20:b6:93:74:ac:eb:7a:8a:1b:f2:ff:
83:57:60:86:32:5c:34:f7:69:9f:a1:df:39:60:e9:
24:7b:73:57:ef:95:0d:89:75:d2:80:2e:51:61:a6:
34:fa:1b:fb:e5:4a:b3:51:f8:55:13:2a:3e:51:11:
67:be:77:39:77:9f:b4:21:5b:31:32:db:35:65:06:
13:54:4b:51:2b:1a:df:b7:db:5f:a1:86:5c:b8:f0:
27:19:31:8e:cf:57:86:40:d9:bf:c4:df:1e:3e:60:
d9:66:db:b1:96:d8:01:c2:d5:e4:72:b2:9e:06:a5:
5c:fe:79:4d:20:14:aa:b5:0a:63:f7:43:5e:53:4c:
60:e4:1d:e4:0c:aa:58:85:be:06:14:45:be:1f:10:
36:53:10:29:d0:bd:cc:14:46:01:64:f9:31:c3:02:
6a:fd:3a:66:b8:64:28:cd:d7:27:74:be:1d:44:67:
d9:b9:d4:09:05:17:40:09:0c:48:be:48:da:57:cf:
e8:b6:0f:93:49:8d:1e:38:0b:90:b5:a1:53:7e:02:
20:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:37:EC:CD:6B:7E:90:96:5C:7D:B0:8F:B3:17:22:4C:FE:82:E0:39
X509v3 Authority Key Identifier:
keyid:E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/fzfszWt-kJZcfbCPsxciTP6C4Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.116.96.0/19
95.174.128.0/19
212.9.32.0/19
217.10.64.0/20
217.116.112.0/20
IPv6:
2001:ab0::/29
Signature Algorithm: sha256WithRSAEncryption
53:92:84:ad:79:18:ae:ae:cb:21:36:80:08:33:0d:0b:f7:ae:
1a:dc:ce:50:d9:da:64:da:e6:da:5e:a9:13:37:8c:86:a2:4e:
34:b6:fe:aa:2c:5b:3a:f6:08:e4:9d:b0:92:0b:64:6a:cc:7c:
70:73:27:46:e3:d9:62:19:d7:1f:dc:17:8e:5e:a3:c1:29:d6:
42:19:82:16:d6:6d:6e:8a:51:05:2c:90:09:ea:55:ba:5e:0a:
a1:05:55:8a:3e:52:ac:e0:55:cf:1b:5e:32:9c:f9:51:4b:0b:
9b:aa:4c:02:ba:3d:16:c0:d0:83:d4:39:91:02:94:6c:eb:18:
7f:12:b7:1a:78:c9:68:ae:f5:8b:a0:23:d3:6a:88:60:e8:e7:
cf:2f:9b:56:4a:86:c9:8f:00:e8:62:21:dc:f9:9f:5b:50:bb:
b2:3f:ba:2c:52:02:dd:62:ef:ed:aa:53:59:bf:ff:c3:14:3b:
04:e3:78:7a:55:5d:36:c9:b5:02:78:55:54:a1:2c:bf:22:1d:
48:a4:16:88:f1:6f:f3:3b:20:d0:ca:4b:37:4f:90:56:a9:95:
ad:cd:9a:f8:59:c2:f7:2d:fe:56:d3:a9:49:d3:78:bf:11:03:
3b:bb:08:16:4f:ad:79:7e:45:09:64:b3:04:98:56:db:2b:e5:
66:37:ef:70
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ6Mu+5QTwVngonCTijL6T+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZjcwNzA2ZjZjMGNmYmQ5YzczYTdmM2Q4MzAyMzI0MGE0
MmY1MGQwHhcNMjYwNjAzMDkwNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjM3ZWNjZDZiN2U5MDk2NWM3ZGIwOGZiMzE3MjI0Y2ZlODJlMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0k9o0Q9mbB/XrNOQX9iINI4gcg5
W9ZE2p7p9DdaKpiBCL7mH1ghJFbYGRnRhjvrILaTdKzreoob8v+DV2CGMlw092mf
od85YOkke3NX75UNiXXSgC5RYaY0+hv75UqzUfhVEyo+URFnvnc5d5+0IVsxMts1
ZQYTVEtRKxrft9tfoYZcuPAnGTGOz1eGQNm/xN8ePmDZZtuxltgBwtXkcrKeBqVc
/nlNIBSqtQpj90NeU0xg5B3kDKpYhb4GFEW+HxA2UxAp0L3MFEYBZPkxwwJq/Tpm
uGQozdcndL4dRGfZudQJBRdACQxIvkjaV8/otg+TSY0eOAuQtaFTfgIgOwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFH837M1rfpCWXH2wj7MXIkz+guA5MB8GA1UdIwQY
MBaAFOP3Bwb2wM+9nHOn89gwIyQKQvUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTIt
MDlmZjc5MzA4YmJlLzEvZnpmc3pXdC1rSlpjZmJDUHN4Y2lUUDZDNERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJl
LzEvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFUnRgAwQF
X66AAwQF1AkgAwQE2QpAAwQE2XRwMA0EAgACMAcDBQMgAQqwMA0GCSqGSIb3DQEB
CwUAA4IBAQBTkoSteRiursshNoAIMw0L964a3M5Q2dpk2ubaXqkTN4yGok40tv6q
LFs69gjknbCSC2RqzHxwcydG49liGdcf3BeOXqPBKdZCGYIW1m1uilEFLJAJ6lW6
XgqhBVWKPlKs4FXPG14ynPlRSwubqkwCuj0WwNCD1DmRApRs6xh/ErcaeMlorvWL
oCPTaohg6OfPL5tWSobJjwDoYiHc+Z9bULuyP7osUgLdYu/tqlNZv//DFDsE43h6
VV02ybUCeFVUoSy/Ih1IpBaI8W/zOyDQyks3T5BWqZWtzZr4WcL3Lf5W06lJ03i/
EQM7uwgWT615fkUJZLMEmFbbK+VmN+9w
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:56 2026 by rpki-client