Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fTd_AjszHpDkGVzWGx9TeG2nBEo.roa
File: fTd_AjszHpDkGVzWGx9TeG2nBEo.roa (raw, json)
Hash identifier: hv5tslNHlORT4WLvhTzkL2TSXKn2TDkO4pk/llw1KDs=
Subject key identifier: 7D:37:7F:02:3B:33:1E:90:E4:19:5C:D6:1B:1F:53:78:6D:A7:04:4A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D87E4EDF6389A22AB78A1B93C09E23157
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fTd_AjszHpDkGVzWGx9TeG2nBEo.roa
Signing time: Mon 13 Apr 2026 17:30:20 +0000
ROA not before: Mon 13 Apr 2026 17:30:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25198
IP address blocks: 45.128.78.0/24 maxlen: 24
84.21.188.0/24 maxlen: 24
2a10:7500::/29 maxlen: 29
2a13:8c85::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:87:e4:ed:f6:38:9a:22:ab:78:a1:b9:3c:09:e2:31:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 13 17:30:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7d377f023b331e90e4195cd61b1f53786da7044a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f9:4d:28:4e:77:13:77:c8:d3:ae:98:72:bc:
9b:ed:f9:cb:4b:2d:1d:6c:c8:07:f7:a7:7d:74:26:
67:fd:f8:c7:6a:6b:39:13:f6:dd:c7:ef:43:d1:88:
57:e6:78:7a:a5:9b:8a:9f:45:77:4b:cf:9e:e7:1e:
66:5a:0d:c8:3b:e7:5a:91:a3:d5:ed:28:90:c7:26:
3c:2a:6f:ab:21:c8:bf:f4:8e:23:f0:79:b8:51:de:
66:9f:5b:85:74:ff:8c:36:35:76:c4:50:f6:f3:c7:
a4:a0:43:17:b7:93:2b:d5:5a:d7:ab:f2:ff:81:40:
e6:7f:7a:a6:de:8d:9e:db:29:f0:58:b5:b9:36:4a:
98:03:b0:47:ce:4d:c9:1e:9e:dc:01:81:79:62:06:
c2:a0:3e:80:55:9b:60:b0:58:54:d7:33:ba:93:99:
03:c3:be:1b:90:8c:cc:d2:95:4b:37:b1:72:7f:81:
44:15:b2:d1:4c:be:4d:b8:0c:35:cc:1a:09:de:e8:
66:7e:0b:35:db:b4:ed:6c:64:83:37:dd:03:f0:b4:
9a:99:fd:99:08:50:dc:47:45:d6:8d:6e:8f:af:15:
34:75:a8:c2:55:11:20:37:11:f9:03:8b:c2:7c:cf:
30:50:e6:0c:19:53:d0:2d:db:f4:a2:d4:a8:d3:ea:
37:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:37:7F:02:3B:33:1E:90:E4:19:5C:D6:1B:1F:53:78:6D:A7:04:4A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fTd_AjszHpDkGVzWGx9TeG2nBEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.78.0/24
84.21.188.0/24
IPv6:
2a10:7500::/29
2a13:8c85::/32
Signature Algorithm: sha256WithRSAEncryption
41:5b:64:aa:21:1e:98:3e:cf:e4:7e:bf:e4:77:2e:74:b1:d9:
3f:e1:80:8d:01:80:d2:d8:34:5d:3f:25:af:d2:a5:78:fc:94:
12:3e:3d:1c:07:f4:b7:23:be:61:b3:07:50:1b:70:0f:9a:14:
e6:81:45:04:97:ff:d6:30:a4:23:f5:13:63:79:c9:9a:8b:3a:
36:3a:d9:da:ff:17:e0:24:c5:e5:cc:66:21:57:67:6e:a7:14:
f4:e5:4b:81:6d:ca:a5:30:40:2b:f3:a1:c6:21:df:63:e5:d2:
82:a1:8b:55:17:ba:68:89:fb:68:9e:78:d1:ab:9e:21:3d:ab:
0d:7a:2f:3f:ad:42:a4:a3:88:f2:3d:9e:10:df:34:37:be:b3:
8a:19:bc:38:aa:50:23:22:f8:79:3b:8e:f2:b0:ab:5e:44:9b:
22:8c:a9:b6:16:f7:f0:1c:aa:36:3d:18:e4:0a:f2:68:da:7a:
7b:bc:df:63:b1:da:fe:2a:ad:c2:eb:c0:af:a1:46:8d:f1:23:
6b:3e:b7:ab:a0:6c:79:1e:5c:5e:a8:81:24:b2:86:4d:36:f9:
95:58:8a:55:a8:1e:b7:c8:7a:db:85:4d:7e:5b:b6:dd:3e:68:
13:a3:23:d3:f6:79:88:15:7c:50:5b:a6:31:cd:e3:75:10:82:
c7:39:c4:4d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ2H5O32OJoiq3ihuTwJ4jFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNDEzMTczMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDM3N2YwMjNiMzMxZTkwZTQxOTVjZDYxYjFmNTM3ODZkYTcwNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PlNKE53E3fI066Ycryb7fnLSy0d
bMgH96d9dCZn/fjHams5E/bdx+9D0YhX5nh6pZuKn0V3S8+e5x5mWg3IO+dakaPV
7SiQxyY8Km+rIci/9I4j8Hm4Ud5mn1uFdP+MNjV2xFD288ekoEMXt5Mr1VrXq/L/
gUDmf3qm3o2e2ynwWLW5NkqYA7BHzk3JHp7cAYF5YgbCoD6AVZtgsFhU1zO6k5kD
w74bkIzM0pVLN7Fyf4FEFbLRTL5NuAw1zBoJ3uhmfgs127TtbGSDN90D8LSamf2Z
CFDcR0XWjW6PrxU0dajCVREgNxH5A4vCfM8wUOYMGVPQLdv0otSo0+o3fwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH03fwI7Mx6Q5Blc1hsfU3htpwRKMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZlRkX0Fqc3pIcERrR1Z6V0d4OVRlRzJuQkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQALYBOAwQA
VBW8MBQEAgACMA4DBQMqEHUAAwUAKhOMhTANBgkqhkiG9w0BAQsFAAOCAQEAQVtk
qiEemD7P5H6/5HcudLHZP+GAjQGA0tg0XT8lr9KlePyUEj49HAf0tyO+YbMHUBtw
D5oU5oFFBJf/1jCkI/UTY3nJmos6NjrZ2v8X4CTF5cxmIVdnbqcU9OVLgW3KpTBA
K/OhxiHfY+XSgqGLVRe6aIn7aJ540aueIT2rDXovP61CpKOI8j2eEN80N76zihm8
OKpQIyL4eTuO8rCrXkSbIoypthb38ByqNj0Y5AryaNp6e7zfY7Ha/iqtwuvAr6FG
jfEjaz63q6BseR5cXqiBJLKGTTb5lViKVaget8h624VNflu23T5oE6Mj0/Z5iBV8
UFumMc3jdRCCxznETQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:24:58 2026 by rpki-client