Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tzVYq6Bsso_YdRE_X-B1xHv2bJc.roa
File: tzVYq6Bsso_YdRE_X-B1xHv2bJc.roa (raw, json)
Hash identifier: LMTBBvAqP/wFQU0BQSC3lLd1n7Ijck49vWZwgtvAiGs=
Subject key identifier: B7:35:58:AB:A0:6C:B2:8F:D8:75:11:3F:5F:E0:75:C4:7B:F6:6C:97
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 019CADCB998BA5A381DBA324E6D1CB4521E4
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tzVYq6Bsso_YdRE_X-B1xHv2bJc.roa
Signing time: Mon 02 Mar 2026 09:05:27 +0000
ROA not before: Mon 02 Mar 2026 09:05:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44843
IP address blocks: 31.207.66.0/23 maxlen: 23
31.207.66.0/24 maxlen: 24
31.207.67.0/24 maxlen: 24
152.89.134.0/24 maxlen: 24
178.236.128.0/21 maxlen: 21
178.236.128.0/24 maxlen: 24
178.236.129.0/24 maxlen: 24
178.236.130.0/24 maxlen: 24
178.236.131.0/24 maxlen: 24
178.236.132.0/24 maxlen: 24
178.236.133.0/24 maxlen: 24
178.236.134.0/24 maxlen: 24
178.236.135.0/24 maxlen: 24
2a02:1710:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft
rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:cb:99:8b:a5:a3:81:db:a3:24:e6:d1:cb:45:21:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Mar 2 09:05:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b73558aba06cb28fd875113f5fe075c47bf66c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e5:50:32:ad:5b:f9:9d:74:39:d7:45:d6:2a:
86:7c:14:61:9d:f3:43:e2:cd:5e:e5:e7:a1:1a:ce:
be:b7:8c:70:14:4a:c9:3a:f2:60:18:c7:10:06:40:
36:c7:b7:a4:ec:5c:57:d1:b2:da:8d:4a:5d:1c:89:
98:6c:4c:bf:e1:b4:22:f2:d6:86:78:ae:3f:11:bd:
5d:fe:d6:fc:5f:f8:bc:df:3c:19:db:52:6e:69:7e:
fe:b3:7d:a5:95:56:52:23:bc:f2:74:c1:a9:0b:d8:
16:1d:04:51:62:8c:19:7e:0c:bf:a8:94:df:20:84:
8f:8f:e3:34:db:26:14:b2:d7:63:82:72:63:44:53:
55:1d:af:a1:76:5f:9d:ee:69:61:d8:1d:30:bd:b5:
e6:94:e5:e3:06:88:1c:2f:79:ab:cd:66:d0:ef:41:
0c:16:91:49:dd:4d:3a:dd:b8:82:42:97:e0:df:a8:
6d:ba:4f:5c:6b:97:f0:40:d1:d1:30:b5:40:ab:70:
dd:fc:07:58:54:1b:12:7a:c9:f0:77:ae:aa:81:51:
b0:0e:c4:cc:08:e7:23:c5:e5:93:7a:5f:bc:c8:2e:
e2:79:72:36:be:4c:29:74:c3:1b:72:a4:64:a6:d3:
c5:ef:03:6f:7b:57:b3:1c:73:be:89:87:c1:21:f6:
b7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:35:58:AB:A0:6C:B2:8F:D8:75:11:3F:5F:E0:75:C4:7B:F6:6C:97
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tzVYq6Bsso_YdRE_X-B1xHv2bJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.66.0/23
152.89.134.0/24
178.236.128.0/21
IPv6:
2a02:1710:4::/48
Signature Algorithm: sha256WithRSAEncryption
92:d6:34:a0:25:83:e1:02:1d:d6:05:34:72:43:2b:17:7e:20:
83:80:9b:f7:eb:70:8d:1e:09:be:92:0d:86:b6:de:59:1a:d1:
79:43:b8:70:70:28:53:63:de:92:65:45:c0:52:a8:2f:2e:c5:
18:47:a4:42:3d:13:a3:50:f7:67:ac:e2:ed:96:92:8c:77:1d:
e2:0b:85:21:2d:ba:37:9b:46:a0:0d:bb:32:ba:a0:51:33:ed:
df:a7:a6:a9:f4:c2:e2:91:ad:8c:02:cb:05:73:b8:ef:b9:92:
44:3a:8b:18:dc:a1:51:50:ea:a1:85:38:9b:e5:f7:32:9f:a4:
c2:98:b9:7b:76:3b:ea:ce:a2:99:5d:d4:1a:dd:f3:ca:61:d0:
6d:24:4e:f4:58:eb:42:83:39:17:03:4f:95:6e:4b:d0:f4:61:
2c:28:20:e2:f3:4a:1c:38:3d:49:b2:32:31:ba:2a:13:0f:e8:
22:61:bf:65:ef:5c:22:26:ae:4f:3c:f5:83:bd:e0:20:65:c4:
82:3b:64:fa:4e:d7:3e:df:6c:a1:bd:38:6c:6f:aa:18:a1:ff:
be:c3:9d:35:fd:43:b8:1c:75:ab:90:b1:6c:4e:10:15:c1:18:
64:62:c7:cc:cf:a1:b5:b5:09:b6:49:fb:50:01:2d:1a:5c:6c:
28:39:dd:64
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZyty5mLpaOB26Mk5tHLRSHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjYwMzAyMDkwNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzM1NThhYmEwNmNiMjhmZDg3NTExM2Y1ZmUwNzVjNDdiZjY2Yzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+VQMq1b+Z10OddF1iqGfBRhnfND
4s1e5eehGs6+t4xwFErJOvJgGMcQBkA2x7ek7FxX0bLajUpdHImYbEy/4bQi8taG
eK4/Eb1d/tb8X/i83zwZ21JuaX7+s32llVZSI7zydMGpC9gWHQRRYowZfgy/qJTf
IISPj+M02yYUstdjgnJjRFNVHa+hdl+d7mlh2B0wvbXmlOXjBogcL3mrzWbQ70EM
FpFJ3U063biCQpfg36htuk9ca5fwQNHRMLVAq3Dd/AdYVBsSesnwd66qgVGwDsTM
COcjxeWTel+8yC7ieXI2vkwpdMMbcqRkptPF7wNve1ezHHO+iYfBIfa3SQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLc1WKugbLKP2HURP1/gdcR79myXMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvdHpWWXE2QnNzb19ZZFJFX1gtQjF4SHYyYkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBH89CAwQA
mFmGAwQDsuyAMA8EAgACMAkDBwAqAhcQAAQwDQYJKoZIhvcNAQELBQADggEBAJLW
NKAlg+ECHdYFNHJDKxd+IIOAm/frcI0eCb6SDYa23lka0XlDuHBwKFNj3pJlRcBS
qC8uxRhHpEI9E6NQ92es4u2Wkox3HeILhSEtujebRqANuzK6oFEz7d+npqn0wuKR
rYwCywVzuO+5kkQ6ixjcoVFQ6qGFOJvl9zKfpMKYuXt2O+rOopld1Brd88ph0G0k
TvRY60KDORcDT5VuS9D0YSwoIOLzShw4PUmyMjG6KhMP6CJhv2XvXCImrk889YO9
4CBlxII7ZPpO1z7fbKG9OGxvqhih/77DnTX9Q7gcdauQsWxOEBXBGGRix8zPobW1
CbZJ+1ABLRpcbCg53WQ=
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:34:49 2026 by rpki-client