Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/tW7szAGx78Vu3gmMXD8CS0kwBPg.roa
File: tW7szAGx78Vu3gmMXD8CS0kwBPg.roa (raw, json)
Hash identifier: wVNftbbAGJFJXt/ZBZB8PEiX2GFvQCOLRkVpCNkT1Zc=
Subject key identifier: B5:6E:EC:CC:01:B1:EF:C5:6E:DE:09:8C:5C:3F:02:4B:49:30:04:F8
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 019C8EAEC04A3AC84AA7D80ADB3FD4E1B817
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/tW7szAGx78Vu3gmMXD8CS0kwBPg.roa
Signing time: Tue 24 Feb 2026 08:05:42 +0000
ROA not before: Tue 24 Feb 2026 08:05:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209178
IP address blocks: 103.100.168.0/24 maxlen: 24
185.233.19.0/24 maxlen: 24
185.235.164.0/24 maxlen: 24
185.235.165.0/24 maxlen: 24
2a06:da40::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:ae:c0:4a:3a:c8:4a:a7:d8:0a:db:3f:d4:e1:b8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Feb 24 08:05:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b56eeccc01b1efc56ede098c5c3f024b493004f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:17:f2:9b:13:76:c5:b6:81:ee:55:a8:2a:11:
73:fc:01:09:0b:10:19:cf:98:2f:e5:1a:12:12:63:
82:da:ba:3e:73:9e:2c:7b:c9:04:d2:cd:e3:f1:2d:
80:f4:ef:78:2e:22:81:5a:ee:a6:ea:87:cf:9f:e4:
18:18:d3:3f:10:04:83:64:43:0a:51:07:d3:91:4c:
3d:3d:78:d0:40:77:82:bc:6e:a1:77:2f:bd:95:8f:
db:95:c5:dd:c1:51:be:76:3f:48:7e:d9:7f:a4:ef:
1b:77:40:a2:6b:dd:ac:58:07:85:af:78:02:1c:61:
0d:bd:71:65:b5:c3:40:ff:81:e1:bc:37:8e:c0:b8:
96:fc:14:63:6e:a5:c4:c4:41:a9:32:c3:5f:de:2e:
26:25:00:88:e3:a0:a2:93:b3:9e:ab:9e:66:f9:da:
ee:44:df:47:d9:9b:3f:8c:24:b1:13:68:8c:a3:1b:
50:55:7c:53:be:5b:bc:c1:e1:19:c3:64:3d:82:67:
e2:db:4a:72:ca:0d:86:a2:f9:1b:2a:6b:d6:23:5c:
f4:4f:0c:97:55:4f:59:d3:5c:20:ae:9b:5d:9d:0b:
0f:f2:53:98:a7:33:ef:4d:ef:5e:3c:c7:e5:79:76:
a7:2b:ed:0a:1e:07:ca:42:12:95:53:ca:cb:d4:fb:
06:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6E:EC:CC:01:B1:EF:C5:6E:DE:09:8C:5C:3F:02:4B:49:30:04:F8
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/tW7szAGx78Vu3gmMXD8CS0kwBPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.100.168.0/24
185.233.19.0/24
185.235.164.0/23
IPv6:
2a06:da40::/40
Signature Algorithm: sha256WithRSAEncryption
52:e3:47:db:97:1f:83:b0:4c:f0:e2:d1:f6:d4:77:d8:5e:9d:
0e:2d:ba:22:15:7e:80:2e:82:8c:ae:20:1d:7d:6f:c3:09:5e:
61:62:47:bb:c9:f1:47:eb:f2:92:8b:27:ec:d6:15:40:c8:33:
b0:29:3e:1c:fc:bb:a1:42:85:50:b0:35:52:1a:b5:21:e5:ea:
94:16:72:d2:a6:84:ac:93:35:32:ea:61:7c:46:cc:21:50:50:
41:07:2e:fa:1e:7d:b7:18:b2:3f:cb:a6:b2:44:04:18:54:aa:
8e:3f:bf:1d:6a:ec:20:80:65:eb:97:b3:9d:1e:9c:47:44:fe:
c4:eb:ef:cc:ca:e0:65:26:2f:0c:ab:33:2d:f8:66:50:8d:10:
04:eb:da:01:b5:05:6b:1c:c1:ff:d2:6f:d0:3a:88:51:be:87:
7e:33:8d:07:fc:a5:ff:cf:22:2a:4d:b7:e1:4d:02:2b:49:9a:
c6:73:08:4e:f2:7d:ee:fe:c4:b9:71:fb:c3:59:c7:75:56:e2:
21:6a:43:d5:57:04:cd:7d:93:13:60:08:12:c4:e5:2e:9d:7f:
5b:81:c5:a2:ca:ca:8c:38:d3:df:44:3f:3d:09:4a:24:60:13:
2c:d9:f8:15:9a:86:5c:6b:fe:4e:2c:1b:ea:63:12:f6:d0:d3:
d5:d7:7a:ba
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZyOrsBKOshKp9gK2z/U4bgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjYwMjI0MDgwNTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZlZWNjYzAxYjFlZmM1NmVkZTA5OGM1YzNmMDI0YjQ5MzAwNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBfymxN2xbaB7lWoKhFz/AEJCxAZ
z5gv5RoSEmOC2ro+c54se8kE0s3j8S2A9O94LiKBWu6m6ofPn+QYGNM/EASDZEMK
UQfTkUw9PXjQQHeCvG6hdy+9lY/blcXdwVG+dj9Iftl/pO8bd0Cia92sWAeFr3gC
HGENvXFltcNA/4HhvDeOwLiW/BRjbqXExEGpMsNf3i4mJQCI46Cik7Oeq55m+dru
RN9H2Zs/jCSxE2iMoxtQVXxTvlu8weEZw2Q9gmfi20pyyg2GovkbKmvWI1z0TwyX
VU9Z01wgrptdnQsP8lOYpzPvTe9ePMfleXanK+0KHgfKQhKVU8rL1PsGXwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLVu7MwBse/Fbt4JjFw/AktJMAT4MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvdFc3c3pBR3g3OFZ1M2dtTVhEOENTMGt3QlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAZ2SoAwQA
uekTAwQBueukMA4EAgACMAgDBgAqBtpAADANBgkqhkiG9w0BAQsFAAOCAQEAUuNH
25cfg7BM8OLR9tR32F6dDi26IhV+gC6CjK4gHX1vwwleYWJHu8nxR+vykosn7NYV
QMgzsCk+HPy7oUKFULA1Uhq1IeXqlBZy0qaErJM1MuphfEbMIVBQQQcu+h59txiy
P8umskQEGFSqjj+/HWrsIIBl65eznR6cR0T+xOvvzMrgZSYvDKszLfhmUI0QBOva
AbUFaxzB/9Jv0DqIUb6HfjONB/yl/88iKk234U0CK0maxnMITvJ97v7EuXH7w1nH
dVbiIWpD1VcEzX2TE2AIEsTlLp1/W4HFosrKjDjT30Q/PQlKJGATLNn4FZqGXGv+
Tiwb6mMS9tDT1dd6ug==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:17:39 2026 by rpki-client