Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/7xF1eBazbFn49vs2BNwnpcCQbU8.roa
File: 7xF1eBazbFn49vs2BNwnpcCQbU8.roa (raw, json)
Hash identifier: tqiV+OVtmDFe9Ok2QIOHbnLYBuKbyGIp9NdmnWlMMuw=
Subject key identifier: EF:11:75:78:16:B3:6C:59:F8:F6:FB:36:04:DC:27:A5:C0:90:6D:4F
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 019D4940A3A07806A7698ABEC0097FD9C8B7
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/7xF1eBazbFn49vs2BNwnpcCQbU8.roa
Signing time: Wed 01 Apr 2026 13:34:26 +0000
ROA not before: Wed 01 Apr 2026 13:34:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 135402
IP address blocks: 95.170.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:49:40:a3:a0:78:06:a7:69:8a:be:c0:09:7f:d9:c8:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Apr 1 13:34:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ef11757816b36c59f8f6fb3604dc27a5c0906d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f5:a4:55:42:2f:20:2e:14:44:b7:4d:62:f2:
c7:a3:fe:08:ca:21:00:2e:9e:ff:a3:0d:c4:c0:8d:
fb:a4:34:e0:e6:4a:35:a2:8a:a0:51:08:34:52:8d:
be:9a:e7:ee:b6:8d:5e:d4:20:0e:c9:42:84:7e:3c:
70:cf:0b:78:5d:aa:07:fc:af:22:c7:08:ba:fc:b7:
28:e0:74:c1:cf:6b:69:88:05:e6:56:36:b7:75:dc:
43:99:35:dd:ee:74:38:62:19:21:9a:84:e2:34:92:
19:02:d3:9f:6a:86:69:9f:dd:39:73:f6:95:8d:75:
d9:e2:fd:79:f5:d1:6d:c3:3a:d4:20:ef:86:cb:7d:
f3:b9:55:68:e2:d9:c1:a7:cd:5b:57:8f:9a:8f:95:
62:12:9f:73:2e:af:ba:91:2e:38:90:01:9c:69:a8:
75:47:8c:11:c7:bf:77:48:56:38:20:be:54:1f:a0:
43:93:5f:4e:c6:8c:40:40:d8:28:a5:90:4c:2c:47:
a6:4e:73:df:77:03:52:1d:b4:3c:cc:76:03:0e:0c:
5a:98:2c:ff:3e:c6:95:de:c9:6e:37:e3:32:a6:67:
d7:2c:e8:d3:52:ee:b6:f0:a4:7a:a1:05:b2:5f:5e:
48:24:0e:54:27:96:58:39:9b:d4:9d:ad:a0:12:a0:
37:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:11:75:78:16:B3:6C:59:F8:F6:FB:36:04:DC:27:A5:C0:90:6D:4F
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/7xF1eBazbFn49vs2BNwnpcCQbU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.18.0/24
Signature Algorithm: sha256WithRSAEncryption
19:35:91:f4:57:28:ca:d6:f0:86:e8:54:30:f2:81:d2:05:34:
24:90:37:af:4c:61:1a:58:db:01:18:aa:a2:9c:4d:00:b0:54:
2d:a6:28:f2:fd:65:71:b1:4b:74:7f:87:75:9c:2e:9d:17:0e:
47:1e:6d:2e:20:00:ba:e2:b9:bb:77:f0:9d:49:f0:7f:c8:4e:
4a:6e:1c:c5:0c:5d:58:2a:e1:3e:51:14:f4:45:0e:f4:ba:65:
17:90:ea:76:d1:30:98:0f:f7:46:90:6c:b9:f4:dc:33:53:ee:
cc:05:94:db:48:cf:e7:de:de:97:10:3e:8c:76:27:d2:71:13:
70:3c:37:6e:4a:33:e4:e0:39:d2:17:79:cb:4a:d0:4d:ee:01:
80:a1:85:28:46:65:24:f8:2d:45:f2:81:f1:14:e5:23:ae:ee:
f4:8c:03:f0:c4:13:bb:30:ae:32:80:b8:57:92:45:cf:19:b1:
0c:98:34:3d:0d:bc:59:5e:44:49:aa:64:d8:1b:9a:a8:8e:7f:
ec:56:87:e3:27:9e:71:d4:1c:ac:94:4b:0d:7b:e8:63:26:bd:
d5:46:1f:61:16:91:5e:2c:3b:a8:3e:f2:d3:3d:27:ed:1c:a2:
af:af:c9:1a:c8:7c:1d:f1:ca:0f:b3:eb:57:40:ca:07:68:b9:
2c:11:59:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1JQKOgeAanaYq+wAl/2ci3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjYwNDAxMTMzNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjExNzU3ODE2YjM2YzU5ZjhmNmZiMzYwNGRjMjdhNWMwOTA2ZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPWkVUIvIC4URLdNYvLHo/4IyiEA
Lp7/ow3EwI37pDTg5ko1ooqgUQg0Uo2+mufuto1e1CAOyUKEfjxwzwt4XaoH/K8i
xwi6/Lco4HTBz2tpiAXmVja3ddxDmTXd7nQ4YhkhmoTiNJIZAtOfaoZpn905c/aV
jXXZ4v159dFtwzrUIO+Gy33zuVVo4tnBp81bV4+aj5ViEp9zLq+6kS44kAGcaah1
R4wRx793SFY4IL5UH6BDk19OxoxAQNgopZBMLEemTnPfdwNSHbQ8zHYDDgxamCz/
PsaV3sluN+MypmfXLOjTUu628KR6oQWyX15IJA5UJ5ZYOZvUna2gEqA3uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO8RdXgWs2xZ+Pb7NgTcJ6XAkG1PMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEvN3hGMWVCYXpiRm40OXZzMkJOd25wY0NRYlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6oSMA0G
CSqGSIb3DQEBCwUAA4IBAQAZNZH0VyjK1vCG6FQw8oHSBTQkkDevTGEaWNsBGKqi
nE0AsFQtpijy/WVxsUt0f4d1nC6dFw5HHm0uIAC64rm7d/CdSfB/yE5KbhzFDF1Y
KuE+URT0RQ70umUXkOp20TCYD/dGkGy59NwzU+7MBZTbSM/n3t6XED6MdifScRNw
PDduSjPk4DnSF3nLStBN7gGAoYUoRmUk+C1F8oHxFOUjru70jAPwxBO7MK4ygLhX
kkXPGbEMmDQ9DbxZXkRJqmTYG5qojn/sVofjJ55x1ByslEsNe+hjJr3VRh9hFpFe
LDuoPvLTPSftHKKvr8kayHwd8coPs+tXQMoHaLksEVk7
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:11:20 2026 by rpki-client