Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/a7cCw736vJvpDFHHxGq0YOrSK0Q.roa
File: a7cCw736vJvpDFHHxGq0YOrSK0Q.roa (raw, json)
Hash identifier: EeWFTwKKJlx7lUnfssDHOWepDKuGlciwfBZKQl4bQyA=
Subject key identifier: 6B:B7:02:C3:BD:FA:BC:9B:E9:0C:51:C7:C4:6A:B4:60:EA:D2:2B:44
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019D8A2A4D63711EAD21E577C0F5302CA8A3
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/a7cCw736vJvpDFHHxGq0YOrSK0Q.roa
Signing time: Tue 14 Apr 2026 04:05:21 +0000
ROA not before: Tue 14 Apr 2026 04:05:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49581
IP address blocks: 5.231.26.0/24 maxlen: 24
5.231.242.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
94.249.230.0/24 maxlen: 24
2a02:2fc0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8a:2a:4d:63:71:1e:ad:21:e5:77:c0:f5:30:2c:a8:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 14 04:05:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6bb702c3bdfabc9be90c51c7c46ab460ead22b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3c:cc:04:13:72:d5:4d:40:79:f1:58:1f:3e:
4e:5e:60:16:03:6b:cb:21:3c:6d:13:57:41:7b:c9:
05:c9:50:6c:3a:10:86:33:2d:a1:d9:a1:99:27:ed:
b0:84:80:a6:d7:44:14:5b:8c:0b:b5:44:22:77:d4:
3b:68:61:f7:34:c2:cc:4e:0b:e9:3c:7c:91:da:ac:
e5:7c:e0:38:c8:0d:70:62:59:bb:19:fd:d4:19:88:
c0:9c:9b:35:37:71:c9:07:2d:1e:7f:4d:9f:5b:9f:
11:9e:5b:12:96:1c:6b:4f:64:ab:8c:fe:05:df:b2:
c1:de:15:31:9f:06:7c:a9:6b:f1:e0:5b:20:48:e8:
68:f7:aa:63:22:3f:87:31:8f:43:75:0a:8f:95:52:
05:e8:de:49:0d:bb:c3:a4:73:35:12:ee:f1:b6:17:
b5:8c:9e:7b:5e:11:b2:ab:ed:81:91:a2:97:b0:ed:
80:10:67:da:35:2b:2f:f3:3b:20:e0:9a:13:22:0f:
24:40:b0:4d:2a:82:46:cf:a7:01:98:5f:0d:cc:eb:
0b:3b:47:d5:77:32:cf:94:67:a3:e0:fe:9b:3d:30:
29:1f:7a:b1:ea:ad:c1:47:b0:69:87:c5:e7:9a:ca:
89:fd:19:81:78:9a:45:26:ef:85:57:6b:ac:5a:8f:
11:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B7:02:C3:BD:FA:BC:9B:E9:0C:51:C7:C4:6A:B4:60:EA:D2:2B:44
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/a7cCw736vJvpDFHHxGq0YOrSK0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.26.0/24
5.231.242.0/24
89.106.71.0/24
94.249.230.0/24
IPv6:
2a02:2fc0:11::/48
Signature Algorithm: sha256WithRSAEncryption
9c:49:a9:4d:f9:dd:64:50:f0:cb:44:f0:02:22:be:56:48:72:
cc:1b:0e:79:c7:09:1d:a3:3e:2a:df:43:50:6c:fa:ce:59:be:
40:10:77:a0:8f:4d:71:1c:55:39:fc:9f:b1:3a:2c:6f:0f:40:
77:9b:00:4d:cb:f1:31:fc:1f:70:90:3c:65:c6:db:1b:75:15:
5e:ef:5d:83:8c:d3:dc:7b:c8:2d:0e:4c:82:ec:53:4d:34:7d:
9e:9f:ea:df:94:d8:77:61:79:f7:6f:3c:9b:92:60:92:8f:7d:
ae:5f:4f:8f:ce:87:35:f7:d6:54:29:a0:da:fe:e5:e7:b9:9d:
08:44:f9:4f:df:dd:d4:88:2e:e5:ce:9c:16:02:05:de:ba:91:
07:f6:fa:09:23:64:d0:1f:d6:c4:65:15:ac:78:58:fb:10:e6:
89:e8:54:72:e8:3f:ea:b4:53:cf:34:a1:e6:cc:21:39:a8:9e:
82:c0:98:9c:92:f2:3c:7b:cf:f6:52:e7:58:ef:74:c5:0f:ed:
da:1d:43:02:55:c5:d3:7c:dc:5a:12:55:7c:23:53:29:9d:fd:
37:20:88:a5:c2:86:6c:d5:d7:65:2e:f8:4a:ed:89:7d:e7:86:
23:88:af:97:23:6e:c4:25:77:fa:d4:00:6e:b0:58:fc:bd:ac:
00:6f:dd:c3
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZ2KKk1jcR6tIeV3wPUwLKijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNDE0MDQwNTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmI3MDJjM2JkZmFiYzliZTkwYzUxYzdjNDZhYjQ2MGVhZDIyYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTzMBBNy1U1AefFYHz5OXmAWA2vL
ITxtE1dBe8kFyVBsOhCGMy2h2aGZJ+2whICm10QUW4wLtUQid9Q7aGH3NMLMTgvp
PHyR2qzlfOA4yA1wYlm7Gf3UGYjAnJs1N3HJBy0ef02fW58RnlsSlhxrT2SrjP4F
37LB3hUxnwZ8qWvx4FsgSOho96pjIj+HMY9DdQqPlVIF6N5JDbvDpHM1Eu7xthe1
jJ57XhGyq+2BkaKXsO2AEGfaNSsv8zsg4JoTIg8kQLBNKoJGz6cBmF8NzOsLO0fV
dzLPlGej4P6bPTApH3qx6q3BR7Bph8XnmsqJ/RmBeJpFJu+FV2usWo8RIQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGu3AsO9+ryb6QxRx8RqtGDq0itEMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvYTdjQ3c3MzZ2SnZwREZISHhHcTBZT3JTSzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQABecaAwQA
BefyAwQAWWpHAwQAXvnmMA8EAgACMAkDBwAqAi/AABEwDQYJKoZIhvcNAQELBQAD
ggEBAJxJqU353WRQ8MtE8AIivlZIcswbDnnHCR2jPirfQ1Bs+s5ZvkAQd6CPTXEc
VTn8n7E6LG8PQHebAE3L8TH8H3CQPGXG2xt1FV7vXYOM09x7yC0OTILsU000fZ6f
6t+U2HdhefdvPJuSYJKPfa5fT4/OhzX31lQpoNr+5ee5nQhE+U/f3dSILuXOnBYC
Bd66kQf2+gkjZNAf1sRlFax4WPsQ5onoVHLoP+q0U880oebMITmonoLAmJyS8jx7
z/ZS51jvdMUP7dodQwJVxdN83FoSVXwjUymd/TcgiKXChmzV12Uu+ErtiX3nhiOI
r5cjbsQld/rUAG6wWPy9rABv3cM=
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:25:54 2026 by rpki-client