Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/xVfc3l4EP7dhrtLcyRanOg0ot1M.roa
File: xVfc3l4EP7dhrtLcyRanOg0ot1M.roa (raw, json)
Hash identifier: xZO+gj3NO3PDe8x2SOyM664HUG69cn+y1nIklk8tHeA=
Subject key identifier: C5:57:DC:DE:5E:04:3F:B7:61:AE:D2:DC:C9:16:A7:3A:0D:28:B7:53
Certificate issuer: /CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Certificate serial: 019C7D0DDEFBF49726D13CCEB711927CF695
Authority key identifier: EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/xVfc3l4EP7dhrtLcyRanOg0ot1M.roa
Signing time: Fri 20 Feb 2026 21:56:26 +0000
ROA not before: Fri 20 Feb 2026 21:56:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216416
IP address blocks: 157.173.16.0/21 maxlen: 21
157.173.25.0/24 maxlen: 24
157.173.26.0/24 maxlen: 24
157.173.27.0/24 maxlen: 24
185.207.136.0/24 maxlen: 24
185.207.137.0/24 maxlen: 24
185.207.138.0/24 maxlen: 24
185.207.139.0/24 maxlen: 24
188.137.152.0/24 maxlen: 24
188.137.153.0/24 maxlen: 24
188.137.154.0/24 maxlen: 24
188.137.155.0/24 maxlen: 24
188.137.156.0/24 maxlen: 24
188.137.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.mft
rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7d:0d:de:fb:f4:97:26:d1:3c:ce:b7:11:92:7c:f6:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Validity
Not Before: Feb 20 21:56:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c557dcde5e043fb761aed2dcc916a73a0d28b753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:11:20:c6:e6:0b:f8:e6:17:b8:76:3d:ed:86:
d2:56:b4:5b:ac:bc:36:af:ae:51:91:80:52:38:f7:
d9:98:72:4c:08:c3:9f:ca:f5:21:db:0a:7c:76:52:
b6:77:d2:a8:8a:25:18:0e:6f:c1:90:4d:33:7f:9d:
af:f0:d7:8c:bb:3c:8c:16:16:90:45:0d:e3:8a:f3:
02:57:1d:e5:e2:74:de:0c:f5:32:1c:53:c6:34:83:
3d:92:da:38:7c:3a:d8:e2:0f:56:73:4d:d5:20:43:
00:4a:3d:fc:7e:78:51:fc:71:6a:42:29:18:03:be:
fc:08:df:4d:c8:61:f8:d5:b1:ed:c1:f0:af:5d:b7:
f4:06:97:e2:ce:48:f8:14:3b:85:8f:6f:1d:4f:6e:
43:26:49:89:8c:48:2b:31:25:db:5c:d6:64:63:ec:
52:a7:0b:98:7a:b6:d6:b2:dd:93:e2:96:11:61:d1:
f1:74:b1:ec:35:14:99:7e:5c:c7:6e:ab:0c:a9:4e:
89:a8:6c:b5:e0:30:7f:ed:2f:4c:74:22:49:f6:ac:
20:b7:4f:e0:cd:3b:27:9b:3b:94:80:7a:47:c8:12:
bc:98:a8:10:45:8f:7b:62:f3:d4:ac:9f:cb:f4:26:
3f:5a:db:e5:6c:fb:f2:39:c9:0b:52:39:34:91:9e:
ab:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:57:DC:DE:5E:04:3F:B7:61:AE:D2:DC:C9:16:A7:3A:0D:28:B7:53
X509v3 Authority Key Identifier:
keyid:EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/xVfc3l4EP7dhrtLcyRanOg0ot1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.173.16.0/21
157.173.25.0-157.173.27.255
185.207.136.0/22
188.137.152.0-188.137.157.255
Signature Algorithm: sha256WithRSAEncryption
8b:f3:b9:6e:e5:a3:92:82:85:cd:ab:f5:c0:54:b0:ff:cf:5e:
e6:ae:9a:f5:d8:e0:16:9e:79:34:f3:43:10:5a:7e:37:9c:a0:
4c:1d:56:09:27:83:b2:1b:28:44:df:9e:40:9c:ed:71:8c:a7:
3d:24:f9:22:25:04:f7:7e:fa:76:e7:36:3f:c9:63:d3:0b:35:
e8:03:02:db:8d:ea:ba:c0:56:ef:e0:3a:4f:05:e9:dd:23:3e:
d2:4a:9f:4f:eb:f8:4a:eb:fb:47:39:b4:49:0b:0e:ac:e4:e0:
24:38:2f:ab:fe:12:2e:60:66:95:74:fd:6f:b6:b3:81:37:71:
82:5a:10:e7:05:de:06:86:37:0d:28:d0:e5:f0:c0:99:fb:7f:
9a:a1:31:09:6f:42:6f:46:7f:b3:8e:15:61:84:90:b0:c6:e6:
ae:31:3b:f5:ad:c4:a6:cb:b9:7b:b7:8e:c7:66:08:70:f2:14:
12:40:5c:64:fd:47:fd:7a:c5:54:4f:94:b5:79:04:9a:95:8a:
dd:f8:5e:30:cc:d9:12:c7:2b:14:b1:f2:2f:fd:cd:af:7f:45:
dc:ea:e2:69:7c:fe:e2:4f:dc:0b:e9:48:8c:90:ee:08:fe:65:
c5:6d:a8:1f:7b:f7:57:c3:e2:87:57:0a:9b:25:20:df:c5:00:
db:bb:6d:0f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZx9Dd779Jcm0TzOtxGSfPaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTViNjIzNDdhMWI2NGNlYTQ5YTJhYjNhYjQ5ODNjMzQ4
NjFmYjIwHhcNMjYwMjIwMjE1NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTU3ZGNkZTVlMDQzZmI3NjFhZWQyZGNjOTE2YTczYTBkMjhiNzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxEgxuYL+OYXuHY97YbSVrRbrLw2
r65RkYBSOPfZmHJMCMOfyvUh2wp8dlK2d9KoiiUYDm/BkE0zf52v8NeMuzyMFhaQ
RQ3jivMCVx3l4nTeDPUyHFPGNIM9kto4fDrY4g9Wc03VIEMASj38fnhR/HFqQikY
A778CN9NyGH41bHtwfCvXbf0Bpfizkj4FDuFj28dT25DJkmJjEgrMSXbXNZkY+xS
pwuYerbWst2T4pYRYdHxdLHsNRSZflzHbqsMqU6JqGy14DB/7S9MdCJJ9qwgt0/g
zTsnmzuUgHpHyBK8mKgQRY97YvPUrJ/L9CY/WtvlbPvyOckLUjk0kZ6rLQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMVX3N5eBD+3Ya7S3MkWpzoNKLdTMB8GA1UdIwQY
MBaAFO+ltiNHobZM6kmiqzq0mDw0hh+yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQt
MDEzZDJhMTFjMGE1LzEveFZmYzNsNEVQN2RocnRMY3lSYW5PZzBvdDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQtMDEzZDJhMTFjMGE1
LzEvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQDna0QMAwD
BACdrRkDBAKdrRgDBAK5z4gwDAMEA7yJmAMEAbyJnDANBgkqhkiG9w0BAQsFAAOC
AQEAi/O5buWjkoKFzav1wFSw/89e5q6a9djgFp55NPNDEFp+N5ygTB1WCSeDshso
RN+eQJztcYynPST5IiUE9376duc2P8lj0ws16AMC243qusBW7+A6TwXp3SM+0kqf
T+v4Suv7Rzm0SQsOrOTgJDgvq/4SLmBmlXT9b7azgTdxgloQ5wXeBoY3DSjQ5fDA
mft/mqExCW9Cb0Z/s44VYYSQsMbmrjE79a3Epsu5e7eOx2YIcPIUEkBcZP1H/XrF
VE+UtXkEmpWK3fheMMzZEscrFLHyL/3Nr39F3OriaXz+4k/cC+lIjJDuCP5lxW2o
H3v3V8Pih1cKmyUg38UA27ttDw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:49:42 2026 by rpki-client