Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/5e77bc-117a-4389-9dad-4ace3dc5a262/1/7MZulerbD7rrnRyO5pl6nQ4UWKg.roa
File: 7MZulerbD7rrnRyO5pl6nQ4UWKg.roa (raw, json)
Hash identifier: JvSc1wrTWV3xUt9woo6ibl9xX/CG6GvitmSt5KHe+L4=
Subject key identifier: EC:C6:6E:95:EA:DB:0F:BA:EB:9D:1C:8E:E6:99:7A:9D:0E:14:58:A8
Certificate issuer: /CN=4840325995428043b5d905d8d2c17c302b8b3465
Certificate serial: 019B79ED2C752E35A5FE6E6CE0D8EE68072B
Authority key identifier: 48:40:32:59:95:42:80:43:B5:D9:05:D8:D2:C1:7C:30:2B:8B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SEAyWZVCgEO12QXY0sF8MCuLNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/5e77bc-117a-4389-9dad-4ace3dc5a262/1/7MZulerbD7rrnRyO5pl6nQ4UWKg.roa
Signing time: Thu 01 Jan 2026 14:19:05 +0000
ROA not before: Thu 01 Jan 2026 14:19:05 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49322
IP address blocks: 92.43.96.0/21 maxlen: 21
2a00:1638::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/5e77bc-117a-4389-9dad-4ace3dc5a262/1/SEAyWZVCgEO12QXY0sF8MCuLNGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/5e77bc-117a-4389-9dad-4ace3dc5a262/1/SEAyWZVCgEO12QXY0sF8MCuLNGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/SEAyWZVCgEO12QXY0sF8MCuLNGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:ed:2c:75:2e:35:a5:fe:6e:6c:e0:d8:ee:68:07:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4840325995428043b5d905d8d2c17c302b8b3465
Validity
Not Before: Jan 1 14:19:05 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ecc66e95eadb0fbaeb9d1c8ee6997a9d0e1458a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f7:5b:57:ff:e8:b2:74:e8:6c:e3:cb:1a:9d:
5c:9f:5b:af:2f:9b:ec:87:64:74:e7:af:a1:16:b1:
4e:32:5d:24:1a:60:90:05:6c:1b:74:ea:0a:04:51:
39:16:cc:a6:b1:f2:c0:8d:8c:88:62:d3:76:dd:de:
5e:d4:0a:b7:e3:c4:73:3e:54:c9:9d:bb:ef:8a:1e:
2a:8f:85:23:cb:b6:8b:d3:a9:30:1d:ea:eb:c8:cf:
0e:af:11:0e:78:73:f2:85:a0:79:53:45:ca:5f:3e:
13:ad:68:81:cb:1f:0a:5b:47:69:6e:15:a3:bc:e2:
2b:87:b7:28:ee:47:73:3f:03:58:26:76:af:ad:35:
7b:3c:87:8e:47:3a:f5:6b:1e:21:2f:fa:50:1d:7f:
25:2b:be:d3:32:0b:02:d7:a9:69:5f:e6:fa:72:b9:
a9:ac:0f:41:72:2e:62:06:cd:dc:f6:2a:07:24:2c:
fa:84:dc:99:3f:24:f7:49:e1:14:3c:d7:38:c8:9a:
cb:8c:ad:c1:93:a1:91:2f:93:ca:14:e1:8b:78:35:
01:89:86:e1:a7:43:6b:c0:43:94:58:4d:d8:ea:85:
ce:6f:4c:37:a2:11:7e:17:2b:83:9a:79:c6:48:bd:
92:39:9e:dc:a0:4c:a6:15:1e:ec:2c:8c:f5:78:7c:
a8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C6:6E:95:EA:DB:0F:BA:EB:9D:1C:8E:E6:99:7A:9D:0E:14:58:A8
X509v3 Authority Key Identifier:
keyid:48:40:32:59:95:42:80:43:B5:D9:05:D8:D2:C1:7C:30:2B:8B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SEAyWZVCgEO12QXY0sF8MCuLNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5e77bc-117a-4389-9dad-4ace3dc5a262/1/7MZulerbD7rrnRyO5pl6nQ4UWKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5e77bc-117a-4389-9dad-4ace3dc5a262/1/SEAyWZVCgEO12QXY0sF8MCuLNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.96.0/21
IPv6:
2a00:1638::/32
Signature Algorithm: sha256WithRSAEncryption
84:1d:fb:17:07:a5:21:cb:4d:ba:2e:3b:64:8f:c0:14:d7:6f:
02:1c:fe:64:0a:50:20:5f:59:fc:fc:07:c2:5b:6b:f9:99:87:
32:d4:1a:d2:f2:c2:63:2f:2c:b7:7b:ae:8f:86:02:66:b4:74:
cf:b1:be:0b:16:3a:a7:31:47:f0:15:05:82:fe:1d:5e:13:2c:
77:d8:6c:3a:89:13:eb:0b:3c:40:9f:8d:63:a8:13:ab:5f:1b:
cd:8f:ae:ad:ea:73:3e:36:a1:bf:6e:9c:35:5f:ab:e4:c6:bf:
c7:72:e1:19:18:36:c6:10:22:38:6f:66:22:85:48:f8:ce:4f:
13:61:d3:f8:67:d4:d4:9b:01:d1:82:98:5c:75:aa:47:36:70:
c4:13:5e:94:75:67:42:5a:42:52:f0:4c:80:0b:1d:a9:b4:26:
b5:0f:3e:b4:fd:24:1f:b2:26:aa:a0:80:a9:a1:58:b7:83:db:
44:86:23:ac:c0:07:86:6a:a2:5c:33:eb:a1:19:a2:96:fa:e6:
93:e8:f8:c1:fa:17:ab:b5:c3:33:30:2c:f4:72:55:72:91:a4:
4e:44:12:a8:52:48:c1:4d:bf:20:f3:b3:61:4d:30:67:38:13:
10:0b:50:fb:75:03:4c:a4:0a:23:b0:cc:06:fc:d3:4e:42:d0:
a2:1e:73:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt57Sx1LjWl/m5s4NjuaAcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NDAzMjU5OTU0MjgwNDNiNWQ5MDVkOGQyYzE3YzMwMmI4
YjM0NjUwHhcNMjYwMTAxMTQxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2M2NmU5NWVhZGIwZmJhZWI5ZDFjOGVlNjk5N2E5ZDBlMTQ1OGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/dbV//osnTobOPLGp1cn1uvL5vs
h2R056+hFrFOMl0kGmCQBWwbdOoKBFE5FsymsfLAjYyIYtN23d5e1Aq348RzPlTJ
nbvvih4qj4Ujy7aL06kwHerryM8OrxEOeHPyhaB5U0XKXz4TrWiByx8KW0dpbhWj
vOIrh7co7kdzPwNYJnavrTV7PIeORzr1ax4hL/pQHX8lK77TMgsC16lpX+b6crmp
rA9Bci5iBs3c9ioHJCz6hNyZPyT3SeEUPNc4yJrLjK3Bk6GRL5PKFOGLeDUBiYbh
p0NrwEOUWE3Y6oXOb0w3ohF+FyuDmnnGSL2SOZ7coEymFR7sLIz1eHyoPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOzGbpXq2w+6650cjuaZep0OFFioMB8GA1UdIwQY
MBaAFEhAMlmVQoBDtdkF2NLBfDArizRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0VBeVdaVkNnRU8xMlFYWTBzRjhNQ3VMTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81ZTc3YmMtMTE3YS00Mzg5LTlkYWQt
NGFjZTNkYzVhMjYyLzEvN01adWxlcmJEN3JyblJ5TzVwbDZuUTRVV0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81ZTc3YmMtMTE3YS00Mzg5LTlkYWQtNGFjZTNkYzVhMjYy
LzEvU0VBeVdaVkNnRU8xMlFYWTBzRjhNQ3VMTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXCtgMA0E
AgACMAcDBQAqABY4MA0GCSqGSIb3DQEBCwUAA4IBAQCEHfsXB6Uhy026Ljtkj8AU
128CHP5kClAgX1n8/AfCW2v5mYcy1BrS8sJjLyy3e66PhgJmtHTPsb4LFjqnMUfw
FQWC/h1eEyx32Gw6iRPrCzxAn41jqBOrXxvNj66t6nM+NqG/bpw1X6vkxr/HcuEZ
GDbGECI4b2YihUj4zk8TYdP4Z9TUmwHRgphcdapHNnDEE16UdWdCWkJS8EyACx2p
tCa1Dz60/SQfsiaqoICpoVi3g9tEhiOswAeGaqJcM+uhGaKW+uaT6PjB+hertcMz
MCz0clVykaRORBKoUkjBTb8g87NhTTBnOBMQC1D7dQNMpAojsMwG/NNOQtCiHnNo
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:35:05 2026 by rpki-client