Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4FmN4tvyFYp649ezPFQGSjIpSgo.roa
File: 4FmN4tvyFYp649ezPFQGSjIpSgo.roa (raw, json)
Hash identifier: 92qZshL6/H1jz7eZOfxO5J8zE0BA55u2dsJDijW1qe0=
Subject key identifier: E0:59:8D:E2:DB:F2:15:8A:7A:E3:D7:B3:3C:54:06:4A:32:29:4A:0A
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019C7AF81FA31EC99B01C600B2D89251558D
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4FmN4tvyFYp649ezPFQGSjIpSgo.roa
Signing time: Fri 20 Feb 2026 12:13:27 +0000
ROA not before: Fri 20 Feb 2026 12:13:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212815
IP address blocks: 194.124.66.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:f8:1f:a3:1e:c9:9b:01:c6:00:b2:d8:92:51:55:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 20 12:13:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e0598de2dbf2158a7ae3d7b33c54064a32294a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9a:77:21:35:0f:3a:84:96:4c:e8:3d:ba:f5:
f9:a6:83:0f:32:56:4a:4e:d0:86:2d:36:51:b4:f3:
b9:9f:55:fd:22:54:6a:f0:03:b6:f3:1b:41:f0:a2:
42:17:e9:ae:74:36:4d:bf:93:ef:af:c3:5e:c9:92:
d9:a9:f0:dc:6d:28:a3:5d:c7:86:be:7d:22:02:be:
6b:3f:b9:ab:76:98:62:98:98:4b:d4:8d:f6:4b:46:
a4:63:78:a4:bb:30:cf:c8:15:bf:27:56:74:e7:ec:
a1:10:d7:61:ba:85:37:ad:8c:17:4e:3c:1a:01:42:
82:b7:8a:dc:92:2b:03:ca:50:47:75:99:b2:4a:f1:
08:1a:c1:45:dc:1d:5c:15:e2:e5:a4:0e:b0:12:9c:
1f:62:5e:89:a1:d1:72:c2:8b:fc:e2:81:f9:9b:b6:
22:00:5c:c4:d8:1f:96:b1:02:93:c9:24:0c:a1:87:
f9:75:6b:68:fc:4f:3f:fd:80:59:82:e0:e6:8e:82:
b7:10:73:4b:c4:7f:60:37:5e:0b:90:a9:26:e7:c7:
10:81:96:36:86:3a:37:fb:90:b0:69:f4:21:28:59:
85:d5:68:b1:51:e3:4c:fa:21:f6:24:02:ca:df:4e:
cb:23:97:53:e0:03:08:43:e9:f3:8c:fb:b6:42:6d:
bc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:59:8D:E2:DB:F2:15:8A:7A:E3:D7:B3:3C:54:06:4A:32:29:4A:0A
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4FmN4tvyFYp649ezPFQGSjIpSgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.66.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:22:2d:b2:e2:e3:fc:fa:76:b2:67:8a:20:d5:f7:9d:ba:eb:
f9:e5:71:f3:bc:b8:78:58:87:b5:5f:53:81:79:9d:b4:a2:ce:
ba:51:b2:2c:82:04:39:fb:f7:1d:ce:00:e3:cc:43:ac:47:01:
01:59:0a:fc:52:94:4c:97:86:52:7f:d9:bc:be:06:c6:4d:d0:
bb:a8:23:68:45:56:64:fb:43:f5:b0:6c:8e:94:59:08:24:24:
fd:ef:ba:59:93:37:3b:52:ee:f1:e5:82:99:c0:a2:37:dd:73:
47:d3:d3:ac:00:54:ec:80:17:66:82:7c:3c:d5:e6:d6:c6:64:
53:d1:ae:12:9a:50:f2:c2:66:24:3d:35:f7:a6:65:c9:6e:38:
73:20:d9:ab:00:83:27:be:e4:67:43:ca:29:6f:bc:4c:f0:a1:
cc:41:65:05:9f:fd:7d:3b:15:42:dd:e6:f2:4d:f9:5f:88:1a:
e9:2b:d3:45:40:30:5e:29:3f:4d:85:85:33:ef:6a:2d:39:e2:
68:9b:f6:3d:25:d4:eb:74:f9:54:2d:b8:52:95:14:1e:ae:93:
36:9c:c5:fc:a5:b4:e8:03:40:03:20:cc:45:bc:92:a7:f7:7a:
c9:7e:ae:c9:52:c4:ae:41:cb:69:5b:25:d1:c1:56:a5:03:a5:
8b:a3:c4:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZx6+B+jHsmbAcYAstiSUVWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwMjIwMTIxMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDU5OGRlMmRiZjIxNThhN2FlM2Q3YjMzYzU0MDY0YTMyMjk0YTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJp3ITUPOoSWTOg9uvX5poMPMlZK
TtCGLTZRtPO5n1X9IlRq8AO28xtB8KJCF+mudDZNv5Pvr8NeyZLZqfDcbSijXceG
vn0iAr5rP7mrdphimJhL1I32S0akY3ikuzDPyBW/J1Z05+yhENdhuoU3rYwXTjwa
AUKCt4rckisDylBHdZmySvEIGsFF3B1cFeLlpA6wEpwfYl6JodFywov84oH5m7Yi
AFzE2B+WsQKTySQMoYf5dWto/E8//YBZguDmjoK3EHNLxH9gN14LkKkm58cQgZY2
hjo3+5CwafQhKFmF1WixUeNM+iH2JALK307LI5dT4AMIQ+nzjPu2Qm28YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOBZjeLb8hWKeuPXszxUBkoyKUoKMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNEZtTjR0dnlGWXA2NDllelBGUUdTaklwU2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnxCMA0G
CSqGSIb3DQEBCwUAA4IBAQCxIi2y4uP8+nayZ4og1feduuv55XHzvLh4WIe1X1OB
eZ20os66UbIsggQ5+/cdzgDjzEOsRwEBWQr8UpRMl4ZSf9m8vgbGTdC7qCNoRVZk
+0P1sGyOlFkIJCT977pZkzc7Uu7x5YKZwKI33XNH09OsAFTsgBdmgnw81ebWxmRT
0a4SmlDywmYkPTX3pmXJbjhzINmrAIMnvuRnQ8opb7xM8KHMQWUFn/19OxVC3eby
TflfiBrpK9NFQDBeKT9NhYUz72otOeJom/Y9JdTrdPlULbhSlRQerpM2nMX8pbTo
A0ADIMxFvJKn93rJfq7JUsSuQctpWyXRwValA6WLo8T4
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:37:27 2026 by rpki-client