Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f4c47b-9dee-4e71-a6da-80a91af42a65/1/FlcJyZz4eln8fJdce2z7NQ0wMnc.roa
File: FlcJyZz4eln8fJdce2z7NQ0wMnc.roa (raw, json)
Hash identifier: o606d+6FRBkMadGSOs+1vJgoFljdYGR0aPQGsULNpfk=
Subject key identifier: 16:57:09:C9:9C:F8:7A:59:FC:7C:97:5C:7B:6C:FB:35:0D:30:32:77
Certificate issuer: /CN=79a1d0ea730fcfcb2149995c78289bf2d6d186fc
Certificate serial: 019DB3B43BAD5C01DA9B01B92977E27F445C
Authority key identifier: 79:A1:D0:EA:73:0F:CF:CB:21:49:99:5C:78:28:9B:F2:D6:D1:86:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eaHQ6nMPz8shSZlceCib8tbRhvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f4c47b-9dee-4e71-a6da-80a91af42a65/1/FlcJyZz4eln8fJdce2z7NQ0wMnc.roa
Signing time: Wed 22 Apr 2026 05:40:26 +0000
ROA not before: Wed 22 Apr 2026 05:40:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59668
IP address blocks: 31.40.24.0/22 maxlen: 22
45.91.220.0/22 maxlen: 24
45.91.222.0/23 maxlen: 23
82.215.96.0/20 maxlen: 20
91.212.124.0/24 maxlen: 24
93.157.58.0/24 maxlen: 24
118.88.16.0/21 maxlen: 21
119.12.104.0/21 maxlen: 21
178.218.200.0/21 maxlen: 21
202.79.184.0/21 maxlen: 21
2a0e:17c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/f4c47b-9dee-4e71-a6da-80a91af42a65/1/eaHQ6nMPz8shSZlceCib8tbRhvw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/f4c47b-9dee-4e71-a6da-80a91af42a65/1/eaHQ6nMPz8shSZlceCib8tbRhvw.mft
rsync://rpki.ripe.net/repository/DEFAULT/eaHQ6nMPz8shSZlceCib8tbRhvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 02:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b3:b4:3b:ad:5c:01:da:9b:01:b9:29:77:e2:7f:44:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a1d0ea730fcfcb2149995c78289bf2d6d186fc
Validity
Not Before: Apr 22 05:40:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=165709c99cf87a59fc7c975c7b6cfb350d303277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:95:5d:35:b2:bf:e8:c7:2a:d6:3c:86:ee:9d:
54:6a:46:1d:86:76:fc:a3:2b:a7:ca:80:e3:b7:1e:
24:a9:09:ce:41:6c:16:c6:83:e3:8e:de:bd:de:69:
df:f4:95:a2:07:65:fd:3b:f1:03:51:d9:e9:22:68:
e0:82:f3:43:78:4a:54:75:ac:0a:d0:8a:2b:09:aa:
88:fc:01:25:d3:69:12:fd:76:db:7b:56:d4:a1:13:
5f:26:45:59:cc:a2:14:15:31:a2:f4:63:f6:c6:1b:
04:b2:fb:1a:3e:ee:a4:f7:2d:86:7e:ee:dc:0b:90:
cd:01:cd:57:66:52:73:2b:7c:ef:26:e9:00:22:d2:
ae:60:77:68:66:14:e0:ed:93:b6:9e:13:58:3e:f0:
0f:74:45:9d:bd:63:f0:01:0a:58:96:cc:aa:2f:99:
3e:b1:d2:08:a4:00:a5:ff:0e:65:4c:6a:2c:67:0c:
59:e8:47:f5:0c:e3:4a:eb:fd:62:66:30:79:eb:79:
9c:0a:9b:da:13:22:2a:41:96:8b:69:14:a3:9a:ba:
f0:3a:8b:7e:30:a2:55:2b:06:d1:5f:e6:60:ec:37:
a5:8e:9a:5f:b9:4f:d6:96:79:36:07:c0:13:d8:49:
d4:8b:25:73:34:68:eb:1f:ec:05:48:c2:3e:d3:7c:
e4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:57:09:C9:9C:F8:7A:59:FC:7C:97:5C:7B:6C:FB:35:0D:30:32:77
X509v3 Authority Key Identifier:
keyid:79:A1:D0:EA:73:0F:CF:CB:21:49:99:5C:78:28:9B:F2:D6:D1:86:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eaHQ6nMPz8shSZlceCib8tbRhvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f4c47b-9dee-4e71-a6da-80a91af42a65/1/FlcJyZz4eln8fJdce2z7NQ0wMnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f4c47b-9dee-4e71-a6da-80a91af42a65/1/eaHQ6nMPz8shSZlceCib8tbRhvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.24.0/22
45.91.220.0/22
82.215.96.0/20
91.212.124.0/24
93.157.58.0/24
118.88.16.0/21
119.12.104.0/21
178.218.200.0/21
202.79.184.0/21
IPv6:
2a0e:17c0::/29
Signature Algorithm: sha256WithRSAEncryption
ae:36:c0:f5:32:e8:53:56:2f:7c:39:72:b4:d6:13:7e:06:6d:
0a:9c:3f:08:6f:7c:47:63:c5:9d:d2:e0:ce:da:f8:8c:da:cc:
d8:3e:82:ea:45:20:3e:b8:ba:f7:e2:08:d9:ed:fa:8e:a2:61:
5f:44:c4:da:a3:0f:54:d9:1d:30:a6:0e:ce:8d:4d:7a:46:fe:
20:3a:3c:7d:fa:aa:4b:8e:c3:db:ca:02:a4:99:00:e2:df:2d:
c3:25:94:69:c6:02:f5:8f:02:4b:50:65:9b:8c:79:05:25:ec:
1c:97:54:c4:b6:ad:a3:97:2f:a8:21:0a:01:0f:35:3e:ca:50:
72:64:a4:26:54:37:35:62:8a:7f:b9:1f:37:10:b2:30:91:13:
ef:32:71:6d:26:b1:86:f4:7b:5d:b2:e9:8e:1b:23:b8:88:57:
22:8e:58:82:4f:ca:cc:3e:8b:69:d6:de:d9:01:d6:07:7f:7b:
e1:bd:66:78:f4:dc:8b:58:b8:63:02:71:69:ce:55:8e:98:9f:
fe:eb:1d:62:1d:33:dc:a9:a3:2c:87:22:8e:d9:31:7a:95:f3:
1b:e7:e3:18:e9:0c:3c:07:56:b1:0e:f9:04:60:f0:b5:8b:ae:
75:81:e2:f1:69:c0:45:32:ed:55:0a:de:47:56:9c:57:35:f8:
2f:c7:d4:69
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ2ztDutXAHamwG5KXfif0RcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTFkMGVhNzMwZmNmY2IyMTQ5OTk1Yzc4Mjg5YmYyZDZk
MTg2ZmMwHhcNMjYwNDIyMDU0MDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjU3MDljOTljZjg3YTU5ZmM3Yzk3NWM3YjZjZmIzNTBkMzAzMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZVdNbK/6Mcq1jyG7p1UakYdhnb8
oyunyoDjtx4kqQnOQWwWxoPjjt693mnf9JWiB2X9O/EDUdnpImjggvNDeEpUdawK
0IorCaqI/AEl02kS/Xbbe1bUoRNfJkVZzKIUFTGi9GP2xhsEsvsaPu6k9y2Gfu7c
C5DNAc1XZlJzK3zvJukAItKuYHdoZhTg7ZO2nhNYPvAPdEWdvWPwAQpYlsyqL5k+
sdIIpACl/w5lTGosZwxZ6Ef1DONK6/1iZjB563mcCpvaEyIqQZaLaRSjmrrwOot+
MKJVKwbRX+Zg7DeljppfuU/Wlnk2B8AT2EnUiyVzNGjrH+wFSMI+03zk0wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFBZXCcmc+HpZ/HyXXHts+zUNMDJ3MB8GA1UdIwQY
MBaAFHmh0OpzD8/LIUmZXHgom/LW0Yb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFIUTZuTVB6OHNoU1psY2VDaWI4dGJSaHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mNGM0N2ItOWRlZS00ZTcxLWE2ZGEt
ODBhOTFhZjQyYTY1LzEvRmxjSnlaejRlbG44ZkpkY2UyejdOUTB3TW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mNGM0N2ItOWRlZS00ZTcxLWE2ZGEtODBhOTFhZjQyYTY1
LzEvZWFIUTZuTVB6OHNoU1psY2VDaWI4dGJSaHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCHygYAwQC
LVvcAwQEUtdgAwQAW9R8AwQAXZ06AwQDdlgQAwQDdwxoAwQDstrIAwQDyk+4MA0E
AgACMAcDBQMqDhfAMA0GCSqGSIb3DQEBCwUAA4IBAQCuNsD1MuhTVi98OXK01hN+
Bm0KnD8Ib3xHY8Wd0uDO2viM2szYPoLqRSA+uLr34gjZ7fqOomFfRMTaow9U2R0w
pg7OjU16Rv4gOjx9+qpLjsPbygKkmQDi3y3DJZRpxgL1jwJLUGWbjHkFJewcl1TE
tq2jly+oIQoBDzU+ylByZKQmVDc1Yop/uR83ELIwkRPvMnFtJrGG9HtdsumOGyO4
iFcijliCT8rMPotp1t7ZAdYHf3vhvWZ49NyLWLhjAnFpzlWOmJ/+6x1iHTPcqaMs
hyKO2TF6lfMb5+MY6Qw8B1axDvkEYPC1i651geLxacBFMu1VCt5HVpxXNfgvx9Rp
-----END CERTIFICATE-----
Generated at Wed Jun 17 12:37:46 2026 by rpki-client