Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tgP6FKF_LgqPqvc3D6S5laEAx64.roa
File: tgP6FKF_LgqPqvc3D6S5laEAx64.roa (raw, json)
Hash identifier: z5x01xWZ4fVOcE2bl5CSHtNh/VsSGAA5QW7uhaNzgoY=
Subject key identifier: B6:03:FA:14:A1:7F:2E:0A:8F:AA:F7:37:0F:A4:B9:95:A1:00:C7:AE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019C2FA2541EDDF27A955339972AE35F0FA9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tgP6FKF_LgqPqvc3D6S5laEAx64.roa
Signing time: Thu 05 Feb 2026 21:08:13 +0000
ROA not before: Thu 05 Feb 2026 21:08:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 266500
IP address blocks: 91.212.100.0/24 maxlen: 24
91.212.123.0/24 maxlen: 24
2a0f:e7c4:11::/48 maxlen: 48
2a13:18c6:5584::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2f:a2:54:1e:dd:f2:7a:95:53:39:97:2a:e3:5f:0f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 5 21:08:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b603fa14a17f2e0a8faaf7370fa4b995a100c7ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b6:7e:fb:39:dd:ae:d1:2b:bb:94:fa:0e:0b:
04:2f:42:7e:d3:0d:48:e2:7a:73:b5:8a:47:36:e6:
f9:4c:81:7f:10:75:d0:62:85:27:ed:30:13:73:8f:
e1:24:c1:0a:9c:83:0f:e0:25:bc:95:dc:87:33:94:
f7:5b:92:b6:5d:ca:d5:2a:bb:82:b1:00:5f:d3:61:
c8:41:e6:8f:1a:46:74:8e:fd:4f:2f:2b:ec:83:8d:
0d:5f:0b:79:21:71:9e:df:f1:bb:e3:69:9c:f8:7a:
ca:e2:66:dd:fa:a2:37:43:1a:99:cd:07:c4:d2:b9:
69:d0:e7:42:1d:87:f9:1f:08:00:53:f0:74:35:e0:
28:67:08:e4:57:81:2a:bd:d6:25:bb:30:f4:00:87:
f1:86:dc:bd:44:28:ef:de:64:9d:01:14:0b:24:18:
5d:52:d1:4b:64:25:02:f9:7a:cd:1b:6b:3c:4a:98:
74:3a:af:fe:1a:93:ad:90:26:5c:ce:49:86:cf:19:
12:7d:25:a1:b8:d2:5d:4d:17:17:a0:01:02:82:d3:
98:e0:4f:c8:14:a9:f5:78:a9:f7:cd:76:70:66:5f:
ea:ee:c1:5e:66:03:42:81:e7:c8:55:93:9a:ad:37:
7b:50:85:ea:66:d0:02:a9:15:49:0d:5b:88:ac:33:
da:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:03:FA:14:A1:7F:2E:0A:8F:AA:F7:37:0F:A4:B9:95:A1:00:C7:AE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tgP6FKF_LgqPqvc3D6S5laEAx64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.100.0/24
91.212.123.0/24
IPv6:
2a0f:e7c4:11::/48
2a13:18c6:5584::/48
Signature Algorithm: sha256WithRSAEncryption
52:7f:1f:8d:f3:03:45:39:bf:b9:91:61:fa:b7:15:8d:9e:fd:
53:49:b4:66:42:d1:c9:bc:0c:b0:fa:46:b8:09:98:b7:df:9c:
34:38:bf:8c:d7:33:6f:64:96:be:5b:44:cb:27:0d:f2:07:a0:
38:e6:b2:17:db:43:56:f5:ec:9b:cf:f2:ca:2e:9d:63:14:c1:
7c:20:ae:db:4d:76:f9:02:89:72:64:6b:45:2b:c3:8a:57:53:
d1:ad:09:b0:ec:1e:22:d8:b8:ea:4d:ad:74:06:f1:bf:fd:d8:
31:6f:d3:b5:b2:34:2b:6e:67:87:7b:12:c6:32:be:89:85:96:
a9:f5:aa:9a:2a:ed:77:bc:cf:c8:f9:80:c9:4b:4b:27:3d:a2:
8c:0b:1e:90:09:62:af:6a:aa:5b:51:99:f6:61:6c:68:96:1d:
f5:c9:39:8c:3d:fb:cb:e3:4f:65:72:05:17:50:73:cd:fe:77:
dd:69:f2:ab:2a:a7:6b:b6:4f:05:e8:0f:6d:b7:8d:ac:61:09:
af:45:b6:39:f1:6f:ca:a2:ca:f8:81:8c:9a:f7:f7:bc:26:6a:
fb:22:9d:d5:bd:09:53:b3:50:4e:69:3d:fd:3f:81:f8:55:fc:
91:8e:71:3e:be:f0:1a:02:db:2a:fc:78:24:17:41:c3:d7:7b:
00:9d:6c:c0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZwvolQe3fJ6lVM5lyrjXw+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMjA1MjEwODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjAzZmExNGExN2YyZTBhOGZhYWY3MzcwZmE0Yjk5NWExMDBjN2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbZ++zndrtEru5T6DgsEL0J+0w1I
4npztYpHNub5TIF/EHXQYoUn7TATc4/hJMEKnIMP4CW8ldyHM5T3W5K2XcrVKruC
sQBf02HIQeaPGkZ0jv1PLyvsg40NXwt5IXGe3/G742mc+HrK4mbd+qI3QxqZzQfE
0rlp0OdCHYf5HwgAU/B0NeAoZwjkV4EqvdYluzD0AIfxhty9RCjv3mSdARQLJBhd
UtFLZCUC+XrNG2s8Sph0Oq/+GpOtkCZczkmGzxkSfSWhuNJdTRcXoAECgtOY4E/I
FKn1eKn3zXZwZl/q7sFeZgNCgefIVZOarTd7UIXqZtACqRVJDVuIrDPaUQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLYD+hShfy4Kj6r3Nw+kuZWhAMeuMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdGdQNkZLRl9MZ3FQcXZjM0Q2UzVsYUVBeDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAW9RkAwQA
W9R7MBgEAgACMBIDBwAqD+fEABEDBwAqExjGVYQwDQYJKoZIhvcNAQELBQADggEB
AFJ/H43zA0U5v7mRYfq3FY2e/VNJtGZC0cm8DLD6RrgJmLffnDQ4v4zXM29klr5b
RMsnDfIHoDjmshfbQ1b17JvP8sounWMUwXwgrttNdvkCiXJka0Urw4pXU9GtCbDs
HiLYuOpNrXQG8b/92DFv07WyNCtuZ4d7EsYyvomFlqn1qpoq7Xe8z8j5gMlLSyc9
oowLHpAJYq9qqltRmfZhbGiWHfXJOYw9+8vjT2VyBRdQc83+d91p8qsqp2u2TwXo
D223jaxhCa9Ftjnxb8qiyviBjJr397wmavsindW9CVOzUE5pPf0/gfhV/JGOcT6+
8BoC2yr8eCQXQcPXewCdbMA=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:49:11 2026 by rpki-client