Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/D4ylrio1wtOKejkm6w9gAvQAe9Y.roa
File: D4ylrio1wtOKejkm6w9gAvQAe9Y.roa (raw, json)
Hash identifier: 8e3cUg43lYO4QgRug3qrBfXB7M63c6tSerUcL1Eq+FA=
Subject key identifier: 0F:8C:A5:AE:2A:35:C2:D3:8A:7A:39:26:EB:0F:60:02:F4:00:7B:D6
Certificate issuer: /CN=e7796d8c19f32a1cafbd5b78f5276ce8df995d0a
Certificate serial: 019C912721C391A903F4E93A42D5D2D6DEB4
Authority key identifier: E7:79:6D:8C:19:F3:2A:1C:AF:BD:5B:78:F5:27:6C:E8:DF:99:5D:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/53ltjBnzKhyvvVt49Sds6N-ZXQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/D4ylrio1wtOKejkm6w9gAvQAe9Y.roa
Signing time: Tue 24 Feb 2026 19:36:26 +0000
ROA not before: Tue 24 Feb 2026 19:36:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42742
IP address blocks: 78.157.224.0/19 maxlen: 19
78.157.252.0/24 maxlen: 24
78.157.253.0/24 maxlen: 24
78.157.254.0/23 maxlen: 23
185.211.164.0/22 maxlen: 22
188.191.0.0/20 maxlen: 20
188.191.2.0/24 maxlen: 24
188.191.3.0/24 maxlen: 24
188.191.4.0/24 maxlen: 24
188.191.5.0/24 maxlen: 24
188.191.6.0/24 maxlen: 24
188.191.7.0/24 maxlen: 24
188.191.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/53ltjBnzKhyvvVt49Sds6N-ZXQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/53ltjBnzKhyvvVt49Sds6N-ZXQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/53ltjBnzKhyvvVt49Sds6N-ZXQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:91:27:21:c3:91:a9:03:f4:e9:3a:42:d5:d2:d6:de:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7796d8c19f32a1cafbd5b78f5276ce8df995d0a
Validity
Not Before: Feb 24 19:36:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0f8ca5ae2a35c2d38a7a3926eb0f6002f4007bd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5e:6c:74:38:23:8c:e7:b2:67:ac:40:d3:3c:
f2:84:b9:59:fe:85:93:4d:02:dc:51:b5:ec:2f:d3:
2e:7f:cf:ec:d8:b1:31:fc:ce:87:38:16:cb:ea:1b:
26:9c:22:3d:84:e8:43:8b:6d:64:a6:b1:8e:0a:c9:
0f:a2:25:a0:ca:09:44:f2:60:e7:a4:ad:ac:52:d2:
7c:46:a1:2b:49:ce:82:0b:66:73:2d:3a:47:93:42:
2d:f8:6a:8d:46:9b:de:2a:c4:fa:32:5f:35:96:3b:
46:7e:ca:04:cb:24:e2:3f:cb:45:52:43:b5:2a:54:
64:a1:18:e2:25:75:0b:fc:24:0b:79:ce:9d:08:c7:
3b:4d:47:a0:b4:8c:e2:9c:1b:53:b5:6a:b2:06:87:
8b:09:f7:41:b2:b9:5d:ef:14:9d:6c:8e:a2:7c:8c:
0b:aa:76:1d:4e:27:19:8b:2c:98:e3:f0:36:9d:b7:
ef:64:ef:88:a2:bd:22:ab:e2:51:55:b0:40:08:4c:
63:6a:5a:9a:90:f7:5f:d2:62:3c:f8:ab:00:a1:ec:
90:87:c4:f2:4a:6b:5f:e6:9d:78:9c:90:0d:04:c8:
6c:15:e4:c2:f7:6e:b2:0e:65:e2:09:6d:88:fd:10:
54:4e:51:94:10:4f:2b:59:b3:c9:36:2d:a7:fa:f9:
31:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8C:A5:AE:2A:35:C2:D3:8A:7A:39:26:EB:0F:60:02:F4:00:7B:D6
X509v3 Authority Key Identifier:
keyid:E7:79:6D:8C:19:F3:2A:1C:AF:BD:5B:78:F5:27:6C:E8:DF:99:5D:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/53ltjBnzKhyvvVt49Sds6N-ZXQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/D4ylrio1wtOKejkm6w9gAvQAe9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/53ltjBnzKhyvvVt49Sds6N-ZXQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.157.224.0/19
185.211.164.0/22
188.191.0.0/20
Signature Algorithm: sha256WithRSAEncryption
99:b6:6e:91:80:03:5d:f9:8a:17:49:96:42:7d:c7:95:25:4d:
4c:61:76:25:65:1b:57:39:64:43:3c:4d:ad:f5:13:18:84:fb:
7c:a4:4e:f2:97:90:8f:29:80:de:04:52:6f:ff:4f:8a:d1:bf:
3a:03:4d:49:5a:86:51:01:15:85:d8:9f:38:91:b8:be:a7:e0:
07:49:35:c8:cb:80:5f:8f:f1:cf:09:4c:a4:b8:ee:76:67:28:
12:4d:1c:e9:bf:e0:60:55:ec:27:04:27:c8:89:f4:e7:23:1a:
01:69:ec:0e:1d:d1:ae:c7:b8:d4:fd:a9:1e:22:4a:a7:8f:ed:
5a:fe:ac:c8:c1:17:55:f2:27:51:9c:81:2e:6a:35:2f:cc:9b:
4d:c9:d8:c3:73:f8:1c:72:74:50:c1:72:43:f2:9c:ce:c3:b7:
83:6e:11:79:4a:c0:ad:a2:d0:78:95:05:3d:ba:bf:df:81:ed:
ab:93:49:ff:c0:56:08:f3:2e:9e:be:8b:09:21:43:ed:a4:33:
be:11:91:a1:f9:48:f3:78:51:0f:6a:84:d1:83:2d:af:f2:b0:
58:af:1a:65:60:bd:d5:5b:32:72:3e:3f:f5:c5:1a:ef:59:93:
82:f5:97:08:75:1c:28:55:9b:d6:5f:f3:23:f8:44:ae:9f:a1:
a0:32:26:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZyRJyHDkakD9Ok6QtXS1t60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Nzk2ZDhjMTlmMzJhMWNhZmJkNWI3OGY1Mjc2Y2U4ZGY5
OTVkMGEwHhcNMjYwMjI0MTkzNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjhjYTVhZTJhMzVjMmQzOGE3YTM5MjZlYjBmNjAwMmY0MDA3YmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl5sdDgjjOeyZ6xA0zzyhLlZ/oWT
TQLcUbXsL9Muf8/s2LEx/M6HOBbL6hsmnCI9hOhDi21kprGOCskPoiWgyglE8mDn
pK2sUtJ8RqErSc6CC2ZzLTpHk0It+GqNRpveKsT6Ml81ljtGfsoEyyTiP8tFUkO1
KlRkoRjiJXUL/CQLec6dCMc7TUegtIzinBtTtWqyBoeLCfdBsrld7xSdbI6ifIwL
qnYdTicZiyyY4/A2nbfvZO+Ior0iq+JRVbBACExjalqakPdf0mI8+KsAoeyQh8Ty
Smtf5p14nJANBMhsFeTC926yDmXiCW2I/RBUTlGUEE8rWbPJNi2n+vkxiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA+Mpa4qNcLTino5JusPYAL0AHvWMB8GA1UdIwQY
MBaAFOd5bYwZ8yocr71bePUnbOjfmV0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTNsdGpCbnpLaHl2dlZ0NDlTZHM2Ti1aWFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81ZWM5NzAtNzk2NS00ZTBiLWI5NDct
Mjg1N2U4YTIzNTU4LzEvRDR5bHJpbzF3dE9LZWprbTZ3OWdBdlFBZTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81ZWM5NzAtNzk2NS00ZTBiLWI5NDctMjg1N2U4YTIzNTU4
LzEvNTNsdGpCbnpLaHl2dlZ0NDlTZHM2Ti1aWFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFTp3gAwQC
udOkAwQEvL8AMA0GCSqGSIb3DQEBCwUAA4IBAQCZtm6RgANd+YoXSZZCfceVJU1M
YXYlZRtXOWRDPE2t9RMYhPt8pE7yl5CPKYDeBFJv/0+K0b86A01JWoZRARWF2J84
kbi+p+AHSTXIy4Bfj/HPCUykuO52ZygSTRzpv+BgVewnBCfIifTnIxoBaewOHdGu
x7jU/akeIkqnj+1a/qzIwRdV8idRnIEuajUvzJtNydjDc/gccnRQwXJD8pzOw7eD
bhF5SsCtotB4lQU9ur/fge2rk0n/wFYI8y6evosJIUPtpDO+EZGh+UjzeFEPaoTR
gy2v8rBYrxplYL3VWzJyPj/1xRrvWZOC9ZcIdRwoVZvWX/Mj+ESun6GgMiYU
-----END CERTIFICATE-----
Generated at Mon Mar 2 22:44:45 2026 by rpki-client