Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/7j2_NbelXGkPqeH8Kkeh1ym9_DA.roa
File: 7j2_NbelXGkPqeH8Kkeh1ym9_DA.roa (raw, json)
Hash identifier: JZe6w9UDx2mGbUG+2NzB+MVQw/jPj68z/y/0hvVfhLU=
Subject key identifier: EE:3D:BF:35:B7:A5:5C:69:0F:A9:E1:FC:2A:47:A1:D7:29:BD:FC:30
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019C2E1C4E903FFBF67F13D010FFB4C4F501
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/7j2_NbelXGkPqeH8Kkeh1ym9_DA.roa
Signing time: Thu 05 Feb 2026 14:02:12 +0000
ROA not before: Thu 05 Feb 2026 14:02:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59441
IP address blocks: 62.60.128.0/21 maxlen: 24
62.60.164.0/22 maxlen: 24
62.60.200.0/22 maxlen: 24
62.60.204.0/22 maxlen: 24
62.60.209.0/24 maxlen: 24
62.60.210.0/23 maxlen: 24
62.60.210.0/24 maxlen: 24
62.60.211.0/24 maxlen: 24
62.60.212.0/22 maxlen: 24
213.176.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2e:1c:4e:90:3f:fb:f6:7f:13:d0:10:ff:b4:c4:f5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Feb 5 14:02:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ee3dbf35b7a55c690fa9e1fc2a47a1d729bdfc30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4e:a8:fc:80:3c:fd:3f:61:3b:fb:5d:2b:d8:
b0:ef:7e:dd:d0:ae:85:64:4a:ee:f8:63:32:26:5e:
c7:8e:a6:e5:f9:05:5b:d5:a1:74:7d:51:b7:93:88:
7b:3b:01:9c:bd:da:a0:d4:14:24:cb:91:ac:b9:ab:
32:6d:ad:f1:61:1f:54:4a:6f:d1:e8:3d:6e:19:d8:
c2:3a:8d:08:3d:c2:16:88:d7:f8:e9:de:d8:6b:ff:
06:4d:93:fa:43:a9:9b:7d:6d:15:f2:9d:4a:a8:da:
38:41:f0:0b:37:12:13:41:a3:59:6b:67:b7:54:bf:
fe:47:76:06:e2:ad:31:f5:60:15:e0:a7:79:ae:02:
fd:aa:38:9d:c7:3c:67:a6:a8:21:60:1e:d6:ed:86:
2d:90:95:7f:a8:9d:f0:26:da:53:f1:ca:95:0e:20:
b8:8f:7b:d7:fb:52:75:af:9f:0e:2a:12:16:6c:b6:
01:b1:c8:8e:a7:73:5a:9e:d2:14:bc:77:52:7e:4d:
ee:ad:64:56:6c:10:4f:09:34:c8:26:db:41:89:88:
c3:e0:5a:85:c6:5c:21:2a:02:6b:f0:44:3b:e0:5e:
f2:a1:cb:d2:42:bc:4b:0f:82:03:ea:82:f1:03:c4:
fa:6a:f8:68:ff:08:12:33:29:30:21:44:05:8e:92:
02:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:3D:BF:35:B7:A5:5C:69:0F:A9:E1:FC:2A:47:A1:D7:29:BD:FC:30
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/7j2_NbelXGkPqeH8Kkeh1ym9_DA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.128.0/21
62.60.164.0/22
62.60.200.0/21
62.60.209.0-62.60.215.255
213.176.28.0/22
Signature Algorithm: sha256WithRSAEncryption
57:ca:13:58:dd:40:de:bf:b0:12:6c:0d:d7:57:f6:ae:41:9b:
8b:d2:aa:0a:05:f7:62:7f:33:b7:53:6d:77:32:c7:24:51:a0:
6d:3b:35:60:83:e1:2f:53:45:ba:73:00:1e:7d:c7:94:49:7d:
22:41:43:c6:7d:51:97:0a:5c:b0:d3:b1:8d:4f:e2:fc:10:b7:
aa:e2:3c:51:2c:52:fe:97:28:de:3a:78:b9:c0:9c:7f:5a:d2:
96:4d:63:e0:76:78:56:e1:4a:4c:21:77:b7:40:7e:ce:3a:cf:
ca:3c:8b:dc:e1:a5:f3:6e:7b:31:b2:b7:8c:27:1e:9a:19:7a:
ce:f2:24:eb:f6:fc:64:f0:a0:03:e5:be:1f:21:76:99:0c:17:
bd:24:85:9e:4d:4c:83:d6:64:c6:b9:40:dd:a5:2a:0f:80:77:
19:a2:b7:92:7f:e9:14:c3:19:94:2a:89:5d:15:2e:c1:69:f9:
2c:51:34:06:3c:43:e5:a5:75:c6:34:f2:53:3d:6c:f6:d5:23:
c3:92:7e:44:eb:06:36:af:18:6c:6d:7f:ff:d6:a2:d3:21:db:
3e:be:d4:c3:f8:39:d6:16:c7:eb:cf:99:27:87:78:da:56:b2:
df:91:9d:9b:ad:76:07:fd:1a:4f:15:f9:e2:c4:d6:2d:e9:3b:
72:64:49:27
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZwuHE6QP/v2fxPQEP+0xPUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjYwMjA1MTQwMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTNkYmYzNWI3YTU1YzY5MGZhOWUxZmMyYTQ3YTFkNzI5YmRmYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvE6o/IA8/T9hO/tdK9iw737d0K6F
ZEru+GMyJl7Hjqbl+QVb1aF0fVG3k4h7OwGcvdqg1BQky5Gsuasyba3xYR9USm/R
6D1uGdjCOo0IPcIWiNf46d7Ya/8GTZP6Q6mbfW0V8p1KqNo4QfALNxITQaNZa2e3
VL/+R3YG4q0x9WAV4Kd5rgL9qjidxzxnpqghYB7W7YYtkJV/qJ3wJtpT8cqVDiC4
j3vX+1J1r58OKhIWbLYBsciOp3NantIUvHdSfk3urWRWbBBPCTTIJttBiYjD4FqF
xlwhKgJr8EQ74F7yocvSQrxLD4ID6oLxA8T6avho/wgSMykwIUQFjpIC1QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFO49vzW3pVxpD6nh/CpHodcpvfwwMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvN2oyX05iZWxYR2tQcWVIOEtrZWgxeW05X0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDPjyAAwQC
PjykAwQDPjzIMAwDBAA+PNEDBAM+PNADBALVsBwwDQYJKoZIhvcNAQELBQADggEB
AFfKE1jdQN6/sBJsDddX9q5Bm4vSqgoF92J/M7dTbXcyxyRRoG07NWCD4S9TRbpz
AB59x5RJfSJBQ8Z9UZcKXLDTsY1P4vwQt6riPFEsUv6XKN46eLnAnH9a0pZNY+B2
eFbhSkwhd7dAfs46z8o8i9zhpfNuezGyt4wnHpoZes7yJOv2/GTwoAPlvh8hdpkM
F70khZ5NTIPWZMa5QN2lKg+Adxmit5J/6RTDGZQqiV0VLsFp+SxRNAY8Q+WldcY0
8lM9bPbVI8OSfkTrBjavGGxtf//WotMh2z6+1MP4OdYWx+vPmSeHeNpWst+RnZut
dgf9Gk8V+eLE1i3pO3JkSSc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:00:30 2026 by rpki-client