Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/7jZAi51aHExWPZHg8Bwl9g1fDmo.roa
File: 7jZAi51aHExWPZHg8Bwl9g1fDmo.roa (raw, json)
Hash identifier: TNKFGF2TYtoFuGPgkD5XD7N/fcDVAQd/RPU9vBC0xJw=
Subject key identifier: EE:36:40:8B:9D:5A:1C:4C:56:3D:91:E0:F0:1C:25:F6:0D:5F:0E:6A
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019C9F86A400DF154FE64A6A553EAB647850
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/7jZAi51aHExWPZHg8Bwl9g1fDmo.roa
Signing time: Fri 27 Feb 2026 14:35:27 +0000
ROA not before: Fri 27 Feb 2026 14:35:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 92.62.241.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:86:a4:00:df:15:4f:e6:4a:6a:55:3e:ab:64:78:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Feb 27 14:35:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ee36408b9d5a1c4c563d91e0f01c25f60d5f0e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1c:e3:85:08:22:8a:15:61:38:fa:8b:7b:d6:
61:0e:97:9c:ae:ac:41:09:9a:ef:be:9f:18:5c:3b:
ba:48:e4:b5:ce:05:c8:a3:81:96:a5:8e:ee:36:b7:
43:3f:2c:8c:6d:69:bd:4f:8c:f2:51:33:3d:a1:ba:
88:ca:23:aa:cd:78:b7:a5:1d:25:ca:15:b4:69:17:
74:3d:c4:a2:52:8d:6d:f2:b2:bb:2e:30:dc:92:93:
d5:6a:30:3a:06:05:75:2b:3f:3c:3d:1d:2c:6f:a3:
35:31:ac:94:13:b0:33:b8:2d:b0:ea:0a:fc:48:3b:
24:27:7d:5c:ff:d5:18:9d:0c:c2:72:be:1d:69:06:
94:0b:57:fb:92:56:95:fc:36:87:5e:6d:5c:7a:08:
6d:78:b8:fc:e6:a0:16:96:46:5a:54:8f:28:a5:34:
2a:2b:62:47:d8:3d:3e:1b:41:34:54:16:1f:da:85:
58:b1:e4:4b:57:0b:d8:4f:7c:64:a2:61:54:ab:3d:
bc:de:1f:17:f5:06:71:17:b6:fd:52:d8:b2:47:7b:
c8:a3:e9:56:b8:7a:51:8c:a6:46:15:8e:62:46:af:
0d:81:30:84:e4:d1:01:99:dc:db:bc:46:0c:8e:eb:
b5:40:36:d9:81:f8:d2:f3:12:4c:7c:75:d6:b5:45:
58:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:36:40:8B:9D:5A:1C:4C:56:3D:91:E0:F0:1C:25:F6:0D:5F:0E:6A
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/7jZAi51aHExWPZHg8Bwl9g1fDmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.241.0/24
185.95.157.0/24
Signature Algorithm: sha256WithRSAEncryption
39:d5:a9:ee:7d:f3:32:32:3b:f4:e9:cc:44:e2:97:2e:1f:aa:
7d:74:a7:33:60:9d:a5:65:bf:c4:e1:4e:d5:29:49:56:99:d9:
ac:73:2f:08:2c:38:d2:f5:2d:6f:33:74:05:54:30:5c:c3:ee:
86:e1:01:83:05:de:6b:d0:59:33:22:19:84:24:0e:1c:43:20:
46:3c:81:71:65:58:38:25:9b:1b:ed:d4:9f:bf:e2:38:14:6e:
8f:9d:f9:fe:7f:5d:ba:d5:9d:d2:13:90:29:c6:94:5e:fb:b0:
21:f7:6f:30:08:73:14:96:cc:df:d6:17:87:ef:9c:0e:85:b4:
eb:53:ac:95:9d:5e:5c:37:c5:e9:4c:97:96:75:a5:8d:e6:4a:
85:d0:f4:c5:38:ce:1f:5d:1a:61:7c:24:05:97:56:02:f1:94:
92:59:7d:f1:00:9e:d7:06:83:31:05:2c:78:74:b6:3a:36:a2:
38:b4:14:4a:f5:8b:dd:21:c4:0d:ee:51:09:8b:32:42:31:03:
e6:23:37:79:3b:b7:5b:95:33:65:40:97:b0:f9:81:e0:ec:ac:
db:fe:de:36:ec:52:39:ff:a4:5c:89:d8:dd:13:32:aa:f5:9a:
05:a1:98:d3:78:d4:68:f4:41:f2:0f:b4:61:66:51:d0:06:a4:
65:18:fc:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyfhqQA3xVP5kpqVT6rZHhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjYwMjI3MTQzNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTM2NDA4YjlkNWExYzRjNTYzZDkxZTBmMDFjMjVmNjBkNWYwZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BzjhQgiihVhOPqLe9ZhDpecrqxB
CZrvvp8YXDu6SOS1zgXIo4GWpY7uNrdDPyyMbWm9T4zyUTM9obqIyiOqzXi3pR0l
yhW0aRd0PcSiUo1t8rK7LjDckpPVajA6BgV1Kz88PR0sb6M1MayUE7AzuC2w6gr8
SDskJ31c/9UYnQzCcr4daQaUC1f7klaV/DaHXm1ceghteLj85qAWlkZaVI8opTQq
K2JH2D0+G0E0VBYf2oVYseRLVwvYT3xkomFUqz283h8X9QZxF7b9UtiyR3vIo+lW
uHpRjKZGFY5iRq8NgTCE5NEBmdzbvEYMjuu1QDbZgfjS8xJMfHXWtUVYJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO42QIudWhxMVj2R4PAcJfYNXw5qMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvN2paQWk1MWFIRXhXUFpIZzhCd2w5ZzFmRG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXD7xAwQA
uV+dMA0GCSqGSIb3DQEBCwUAA4IBAQA51anuffMyMjv06cxE4pcuH6p9dKczYJ2l
Zb/E4U7VKUlWmdmscy8ILDjS9S1vM3QFVDBcw+6G4QGDBd5r0FkzIhmEJA4cQyBG
PIFxZVg4JZsb7dSfv+I4FG6Pnfn+f1261Z3SE5ApxpRe+7Ah928wCHMUlszf1heH
75wOhbTrU6yVnV5cN8XpTJeWdaWN5kqF0PTFOM4fXRphfCQFl1YC8ZSSWX3xAJ7X
BoMxBSx4dLY6NqI4tBRK9YvdIcQN7lEJizJCMQPmIzd5O7dblTNlQJew+YHg7Kzb
/t427FI5/6RcidjdEzKq9ZoFoZjTeNRo9EHyD7RhZlHQBqRlGPxs
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:04:21 2026 by rpki-client