Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/fc6tl6tRNdHMEV0XRgDYWcR4tJM.roa
File: fc6tl6tRNdHMEV0XRgDYWcR4tJM.roa (raw, json)
Hash identifier: Axs9wi6HaTQe2xTGzEqxPJwos/1+C/Ws2Um5WmgRXvY=
Subject key identifier: 7D:CE:AD:97:AB:51:35:D1:CC:11:5D:17:46:00:D8:59:C4:78:B4:93
Certificate issuer: /CN=edfffb3c661e2f78a5785be95916044b06af51d2
Certificate serial: 019D43412B1E2D84D8E59C940BC5F26DB52B
Authority key identifier: ED:FF:FB:3C:66:1E:2F:78:A5:78:5B:E9:59:16:04:4B:06:AF:51:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7f_7PGYeL3ileFvpWRYESwavUdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/fc6tl6tRNdHMEV0XRgDYWcR4tJM.roa
Signing time: Tue 31 Mar 2026 09:37:17 +0000
ROA not before: Tue 31 Mar 2026 09:37:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57087
IP address blocks: 5.182.130.0/23 maxlen: 23
5.182.130.0/24 maxlen: 24
5.182.131.0/24 maxlen: 24
193.163.40.0/22 maxlen: 24
193.163.42.0/23 maxlen: 24
193.163.42.0/24 maxlen: 24
193.163.43.0/24 maxlen: 24
193.163.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/7f_7PGYeL3ileFvpWRYESwavUdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/7f_7PGYeL3ileFvpWRYESwavUdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7f_7PGYeL3ileFvpWRYESwavUdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 03:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:43:41:2b:1e:2d:84:d8:e5:9c:94:0b:c5:f2:6d:b5:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edfffb3c661e2f78a5785be95916044b06af51d2
Validity
Not Before: Mar 31 09:37:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7dcead97ab5135d1cc115d174600d859c478b493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e6:db:02:e8:2d:37:34:81:d6:fa:c8:aa:db:
de:de:17:88:60:c7:16:63:48:8e:dc:21:08:02:b9:
fc:81:91:2c:47:f6:ae:81:de:dc:43:ac:f1:49:d4:
c9:dc:e8:77:45:fc:fc:dc:2e:7e:5e:01:30:1d:a3:
0b:1d:d8:08:81:71:1e:27:44:07:ed:01:48:4f:bf:
a5:f6:71:4b:35:56:3a:28:e1:dc:49:16:24:96:9c:
34:54:f3:84:fd:0d:84:b0:55:c4:49:30:db:1a:57:
4f:cd:ac:10:e6:88:22:18:a2:f6:86:33:d8:22:24:
8e:ed:c0:84:50:7a:94:18:b0:4f:83:c5:39:5f:23:
93:ae:85:d4:61:59:06:83:86:63:2c:ae:e9:29:0d:
97:db:51:5d:c5:e3:54:18:e0:85:d7:1a:89:c1:62:
8c:c2:c0:e8:df:e9:7c:2d:e5:99:c1:0d:41:d1:ca:
a1:a5:79:60:6a:49:91:d8:44:b4:95:37:85:14:e8:
12:21:b8:3a:91:42:10:63:24:80:2f:6a:38:32:23:
a9:fe:31:c0:da:10:9f:0a:a3:77:83:b6:35:da:17:
8b:5b:f4:ce:ba:43:1c:bf:7f:e2:8a:c9:78:10:12:
b0:62:17:57:a4:05:75:76:91:eb:f4:25:66:45:86:
0b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:CE:AD:97:AB:51:35:D1:CC:11:5D:17:46:00:D8:59:C4:78:B4:93
X509v3 Authority Key Identifier:
keyid:ED:FF:FB:3C:66:1E:2F:78:A5:78:5B:E9:59:16:04:4B:06:AF:51:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f_7PGYeL3ileFvpWRYESwavUdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/fc6tl6tRNdHMEV0XRgDYWcR4tJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/7f_7PGYeL3ileFvpWRYESwavUdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.130.0/23
193.163.40.0-193.163.44.255
Signature Algorithm: sha256WithRSAEncryption
06:ad:a3:b0:a3:7d:89:69:24:23:fe:80:e7:6a:3c:55:1a:79:
69:9c:bc:1e:2b:6f:7f:83:9b:aa:60:d4:6d:66:6a:99:d1:56:
17:09:27:fb:ab:b9:f1:e1:d3:32:09:4f:82:11:d4:6d:58:6e:
a0:10:3e:4a:35:fb:1f:03:15:4c:00:92:31:b3:64:a6:ae:b3:
45:9e:02:64:93:57:87:62:7e:86:c8:ea:a4:85:89:d4:a8:e5:
9a:72:10:e0:f2:ad:70:84:94:f4:65:d1:49:cb:03:de:b6:18:
28:ed:f2:6d:22:2d:23:d2:96:7a:7f:9d:72:26:97:ca:bc:eb:
fc:af:8f:c6:1a:9e:43:16:f4:82:cd:ab:0c:a2:a7:af:6d:c5:
62:65:43:60:8d:ce:ba:4b:75:11:fe:74:d9:c0:92:99:17:79:
df:c8:07:e9:43:af:38:d3:4e:ee:e3:81:06:fe:5d:31:0c:e8:
a1:dd:a7:c4:53:75:05:e7:ef:40:28:70:ee:db:c4:c8:8b:e5:
5d:98:9f:9d:87:85:38:25:1b:4e:cb:b5:2d:c2:04:56:20:87:
0e:a7:89:e0:28:5e:e4:8b:05:39:f7:7b:d8:8a:88:96:bb:47:
75:53:2a:75:39:de:a8:fd:54:3a:61:2b:67:aa:c0:e0:7f:e1:
22:74:66:09
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ1DQSseLYTY5ZyUC8XybbUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZmZmYjNjNjYxZTJmNzhhNTc4NWJlOTU5MTYwNDRiMDZh
ZjUxZDIwHhcNMjYwMzMxMDkzNzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGNlYWQ5N2FiNTEzNWQxY2MxMTVkMTc0NjAwZDg1OWM0NzhiNDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+bbAugtNzSB1vrIqtve3heIYMcW
Y0iO3CEIArn8gZEsR/augd7cQ6zxSdTJ3Oh3Rfz83C5+XgEwHaMLHdgIgXEeJ0QH
7QFIT7+l9nFLNVY6KOHcSRYklpw0VPOE/Q2EsFXESTDbGldPzawQ5ogiGKL2hjPY
IiSO7cCEUHqUGLBPg8U5XyOTroXUYVkGg4ZjLK7pKQ2X21FdxeNUGOCF1xqJwWKM
wsDo3+l8LeWZwQ1B0cqhpXlgakmR2ES0lTeFFOgSIbg6kUIQYySAL2o4MiOp/jHA
2hCfCqN3g7Y12heLW/TOukMcv3/iisl4EBKwYhdXpAV1dpHr9CVmRYYL3wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFH3OrZerUTXRzBFdF0YA2FnEeLSTMB8GA1UdIwQY
MBaAFO3/+zxmHi94pXhb6VkWBEsGr1HSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2ZfN1BHWWVMM2lsZUZ2cFdSWUVTd2F2VWRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hMzhlNGYtNGQxMC00YjlmLThmMmYt
YTk4OTM1NDVjM2M1LzEvZmM2dGw2dFJOZEhNRVYwWFJnRFlXY1I0dEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hMzhlNGYtNGQxMC00YjlmLThmMmYtYTk4OTM1NDVjM2M1
LzEvN2ZfN1BHWWVMM2lsZUZ2cFdSWUVTd2F2VWRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBBbaCMAwD
BAPBoygDBADBoywwDQYJKoZIhvcNAQELBQADggEBAAato7CjfYlpJCP+gOdqPFUa
eWmcvB4rb3+Dm6pg1G1mapnRVhcJJ/urufHh0zIJT4IR1G1YbqAQPko1+x8DFUwA
kjGzZKaus0WeAmSTV4difobI6qSFidSo5ZpyEODyrXCElPRl0UnLA962GCjt8m0i
LSPSlnp/nXIml8q86/yvj8YankMW9ILNqwyip69txWJlQ2CNzrpLdRH+dNnAkpkX
ed/IB+lDrzjTTu7jgQb+XTEM6KHdp8RTdQXn70AocO7bxMiL5V2Yn52HhTglG07L
tS3CBFYghw6nieAoXuSLBTn3e9iKiJa7R3VTKnU53qj9VDphK2eqwOB/4SJ0Zgk=
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:58:15 2026 by rpki-client