Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/fmcwhaidzArdA6kvh0y-Aej9y88.roa
File: fmcwhaidzArdA6kvh0y-Aej9y88.roa (raw, json)
Hash identifier: bKNi3L38o7bRnB56dZw/HCV46FJZnj7F35iWZ5QhbjY=
Subject key identifier: 7E:67:30:85:A8:9D:CC:0A:DD:03:A9:2F:87:4C:BE:01:E8:FD:CB:CF
Certificate issuer: /CN=db641fc903d5b4cc971649324a4b34e4f82422c5
Certificate serial: 019C4C72B9E2B61AA84F5C8826C04C9D4354
Authority key identifier: DB:64:1F:C9:03:D5:B4:CC:97:16:49:32:4A:4B:34:E4:F8:24:22:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/fmcwhaidzArdA6kvh0y-Aej9y88.roa
Signing time: Wed 11 Feb 2026 11:25:12 +0000
ROA not before: Wed 11 Feb 2026 11:25:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5533
IP address blocks: 77.91.200.0/21 maxlen: 21
80.172.0.0/16 maxlen: 18
188.93.224.0/21 maxlen: 21
194.62.240.0/22 maxlen: 22
195.22.0.0/19 maxlen: 19
195.35.66.0/24 maxlen: 24
195.72.136.0/22 maxlen: 22
2001:4cc0::/32 maxlen: 48
2a03:73c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4c:72:b9:e2:b6:1a:a8:4f:5c:88:26:c0:4c:9d:43:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db641fc903d5b4cc971649324a4b34e4f82422c5
Validity
Not Before: Feb 11 11:25:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7e673085a89dcc0add03a92f874cbe01e8fdcbcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e4:28:b3:e2:1d:7a:e7:58:0f:e1:e6:ab:57:
67:ac:90:87:96:b3:a3:b1:40:86:4d:94:79:b2:23:
59:33:16:2c:73:e2:93:29:93:21:b1:84:b2:f4:4d:
f9:7b:e4:ed:82:a1:85:ca:46:ed:64:41:79:72:6c:
da:9c:c5:f2:0d:ea:03:c6:56:ee:0f:a4:91:38:9f:
55:1f:05:93:12:21:ca:87:30:59:a5:7d:c7:2b:47:
38:11:14:0c:a9:70:3d:88:8b:02:4c:04:0d:35:01:
bf:a4:27:b6:61:35:2d:b4:85:89:72:ee:f1:51:3b:
9e:19:1c:14:06:cc:8e:f7:66:0d:6b:6d:de:75:b0:
bc:3f:51:36:0a:90:8f:4f:5f:79:c8:58:23:4a:94:
b9:b9:2e:83:19:43:9b:49:ac:f0:bd:3f:e1:3c:9e:
b2:d5:03:4c:eb:88:6d:68:3e:c3:9e:82:ab:df:43:
21:71:5a:de:1b:e0:7b:93:fa:5f:80:04:18:a0:42:
ed:70:57:76:59:40:b1:74:16:15:9a:f8:ac:f6:97:
f9:d0:7f:9e:ea:f6:5a:4f:11:52:57:49:8a:7a:1f:
06:38:4f:f0:ea:0d:9c:6c:60:62:1d:f4:ec:a6:90:
07:f0:45:e3:21:39:0b:c2:92:76:dc:7a:43:a0:cf:
f7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:67:30:85:A8:9D:CC:0A:DD:03:A9:2F:87:4C:BE:01:E8:FD:CB:CF
X509v3 Authority Key Identifier:
keyid:DB:64:1F:C9:03:D5:B4:CC:97:16:49:32:4A:4B:34:E4:F8:24:22:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/fmcwhaidzArdA6kvh0y-Aej9y88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.200.0/21
80.172.0.0/16
188.93.224.0/21
194.62.240.0/22
195.22.0.0/19
195.35.66.0/24
195.72.136.0/22
IPv6:
2001:4cc0::/32
2a03:73c0::/48
Signature Algorithm: sha256WithRSAEncryption
64:71:64:f9:73:bc:0b:74:1e:1d:84:e3:e2:1a:7a:b6:d4:93:
c2:8f:ac:05:65:f8:0d:8a:22:7a:1f:c7:bb:84:49:57:1d:28:
70:2d:b6:98:5e:4d:1e:68:2a:e3:d8:46:e9:af:0b:74:05:f3:
65:ac:18:49:ff:1d:af:d0:cf:22:13:9d:f0:07:9b:6a:ba:9b:
12:63:52:61:85:b6:5f:e4:00:86:f5:1d:76:ab:24:8c:8d:53:
bb:7b:00:f4:d5:20:f5:a9:e8:12:18:0c:53:d9:c2:b5:b3:09:
a1:0c:4e:00:f6:f8:62:0c:66:8e:30:aa:dc:3a:51:98:c8:24:
18:e5:46:4e:fe:2e:21:c0:05:9e:72:01:97:5d:66:1a:80:79:
10:92:46:91:d3:37:92:38:25:4d:a5:ce:76:b6:91:0a:ac:0b:
f0:d0:9f:ae:b4:c8:74:e3:e0:f3:ba:c9:76:eb:d2:f3:28:54:
df:50:61:81:1c:19:99:d9:70:b8:44:5b:e5:71:c4:dc:52:36:
b1:65:a8:25:26:bf:70:37:00:0c:45:ab:a7:f8:92:4e:46:53:
72:d7:63:19:94:e1:fc:55:6c:4e:af:88:0a:f6:66:e7:17:64:
6a:28:27:bc:11:f2:39:5f:fb:0a:ff:32:02:74:64:fc:4b:88:
31:61:b0:9a
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZxMcrnithqoT1yIJsBMnUNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNjQxZmM5MDNkNWI0Y2M5NzE2NDkzMjRhNGIzNGU0Zjgy
NDIyYzUwHhcNMjYwMjExMTEyNTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTY3MzA4NWE4OWRjYzBhZGQwM2E5MmY4NzRjYmUwMWU4ZmRjYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleQos+IdeudYD+Hmq1dnrJCHlrOj
sUCGTZR5siNZMxYsc+KTKZMhsYSy9E35e+TtgqGFykbtZEF5cmzanMXyDeoDxlbu
D6SROJ9VHwWTEiHKhzBZpX3HK0c4ERQMqXA9iIsCTAQNNQG/pCe2YTUttIWJcu7x
UTueGRwUBsyO92YNa23edbC8P1E2CpCPT195yFgjSpS5uS6DGUObSazwvT/hPJ6y
1QNM64htaD7DnoKr30MhcVreG+B7k/pfgAQYoELtcFd2WUCxdBYVmvis9pf50H+e
6vZaTxFSV0mKeh8GOE/w6g2cbGBiHfTsppAH8EXjITkLwpJ23HpDoM/32QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFH5nMIWoncwK3QOpL4dMvgHo/cvPMB8GA1UdIwQY
MBaAFNtkH8kD1bTMlxZJMkpLNOT4JCLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjJRZnlRUFZ0TXlYRmtreVNrczA1UGdrSXNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDA5NWYtZmQzNS00YTA2LThmMzkt
N2ZlZTU5MWEyMDljLzEvZm1jd2hhaWR6QXJkQTZrdmgweS1BZWo5eTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMDA5NWYtZmQzNS00YTA2LThmMzktN2ZlZTU5MWEyMDlj
LzEvMjJRZnlRUFZ0TXlYRmtreVNrczA1UGdrSXNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAvBAIAATApAwQDTVvIAwMA
UKwDBAO8XeADBALCPvADBAXDFgADBADDI0IDBALDSIgwFgQCAAIwEAMFACABTMAD
BwAqA3PAAAAwDQYJKoZIhvcNAQELBQADggEBAGRxZPlzvAt0Hh2E4+IaerbUk8KP
rAVl+A2KInofx7uESVcdKHAttpheTR5oKuPYRumvC3QF82WsGEn/Ha/QzyITnfAH
m2q6mxJjUmGFtl/kAIb1HXarJIyNU7t7APTVIPWp6BIYDFPZwrWzCaEMTgD2+GIM
Zo4wqtw6UZjIJBjlRk7+LiHABZ5yAZddZhqAeRCSRpHTN5I4JU2lzna2kQqsC/DQ
n660yHTj4PO6yXbr0vMoVN9QYYEcGZnZcLhEW+VxxNxSNrFlqCUmv3A3AAxFq6f4
kk5GU3LXYxmU4fxVbE6viAr2ZucXZGooJ7wR8jlf+wr/MgJ0ZPxLiDFhsJo=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:08:51 2026 by rpki-client