Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/L7X-dPadfDyqsml5uaLmtXl56Kk.roa
File: L7X-dPadfDyqsml5uaLmtXl56Kk.roa (raw, json)
Hash identifier: /6B0qNK7K7/Q2n1ppduNVDvL664tWHJJr6Qb1VYY0TE=
Subject key identifier: 2F:B5:FE:74:F6:9D:7C:3C:AA:B2:69:79:B9:A2:E6:B5:79:79:E8:A9
Certificate issuer: /CN=4593b9ac0a486b0037765d605c8b1c8104046f0a
Certificate serial: 019C95039504CFF4BA4226E882ED5D3E0C10
Authority key identifier: 45:93:B9:AC:0A:48:6B:00:37:76:5D:60:5C:8B:1C:81:04:04:6F:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/L7X-dPadfDyqsml5uaLmtXl56Kk.roa
Signing time: Wed 25 Feb 2026 13:36:05 +0000
ROA not before: Wed 25 Feb 2026 13:36:05 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13335
IP address blocks: 144.124.208.0/24 maxlen: 24
144.124.209.0/24 maxlen: 24
144.124.210.0/24 maxlen: 24
144.124.211.0/24 maxlen: 24
144.124.214.0/24 maxlen: 24
158.94.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/RZO5rApIawA3dl1gXIscgQQEbwo.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/RZO5rApIawA3dl1gXIscgQQEbwo.mft
rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:95:03:95:04:cf:f4:ba:42:26:e8:82:ed:5d:3e:0c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4593b9ac0a486b0037765d605c8b1c8104046f0a
Validity
Not Before: Feb 25 13:36:05 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2fb5fe74f69d7c3caab26979b9a2e6b57979e8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:78:65:19:ef:62:53:02:41:19:4b:20:9d:48:
41:ae:cf:0f:60:b0:4b:f3:52:80:6e:65:70:61:11:
f9:9d:89:58:f3:6e:bb:4a:82:c1:e1:08:74:fc:a6:
57:b7:d1:a2:10:ed:18:87:51:6a:d5:45:41:f9:70:
e5:82:f9:6d:84:1e:25:25:4d:d1:32:d3:1f:4e:d8:
34:d8:c9:48:b2:1b:f7:f8:3a:7d:8a:20:a1:fd:db:
f7:a5:e4:1a:54:24:2d:3c:96:a4:03:c4:fb:e5:28:
48:b9:a8:95:64:64:21:af:82:c3:03:20:44:1a:94:
88:18:6e:8d:9b:5d:59:bf:23:c1:65:a8:a2:9a:c5:
0a:42:47:ac:31:05:ba:cb:c9:4d:e3:1f:8f:e9:53:
a8:e1:32:2a:96:32:a3:ac:6a:e9:a8:9b:17:a0:a5:
79:29:e7:61:87:c9:44:93:b5:0f:c4:62:49:b0:bf:
ad:67:09:25:33:92:a9:e2:27:1c:c9:53:2f:69:6b:
f7:63:e6:90:26:a2:5d:bd:33:e1:90:54:e4:c7:4f:
3b:77:f5:55:40:9b:af:0a:26:4f:67:01:93:06:65:
fb:a0:58:dc:31:f8:e2:42:2b:67:31:71:fd:ef:90:
0e:4b:52:ba:2f:d6:47:4e:b6:ae:3e:d5:ea:85:91:
3b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B5:FE:74:F6:9D:7C:3C:AA:B2:69:79:B9:A2:E6:B5:79:79:E8:A9
X509v3 Authority Key Identifier:
keyid:45:93:B9:AC:0A:48:6B:00:37:76:5D:60:5C:8B:1C:81:04:04:6F:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/L7X-dPadfDyqsml5uaLmtXl56Kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/RZO5rApIawA3dl1gXIscgQQEbwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.124.208.0/22
144.124.214.0/24
158.94.212.0/24
Signature Algorithm: sha256WithRSAEncryption
84:27:14:ce:07:59:f2:47:eb:01:2f:1d:18:80:34:69:b1:dd:
2d:ed:df:e3:98:a5:f2:96:f3:c7:79:4c:1f:0c:c2:56:be:b0:
71:cb:4f:c9:8d:24:f7:9d:c1:bb:49:31:a0:16:2a:05:81:fb:
00:6b:ee:15:fe:d0:de:f9:2c:ec:3f:2e:d7:18:45:10:2d:9b:
8a:20:46:7f:c9:8a:b0:e6:83:aa:6f:e9:15:11:36:12:88:8f:
77:18:be:63:d4:31:92:ed:67:57:5b:bc:70:67:a7:eb:da:5d:
ad:a7:d1:9c:16:fc:d7:b5:1a:15:01:c6:0f:82:08:dd:95:d5:
74:3f:4a:f8:8a:d0:7a:7d:04:0f:b0:d5:85:e4:b4:42:27:81:
e8:9e:7e:9f:10:31:00:2f:b3:91:6c:35:58:cc:b9:1e:be:f1:
74:3f:44:c9:cb:53:0b:5f:b5:51:1b:bc:0d:89:25:84:90:f0:
2f:a5:2b:cc:76:a4:78:79:88:2e:31:5d:1b:3c:a5:5f:86:f6:
cf:ec:e8:66:b0:d0:b4:25:d9:3e:e1:16:73:e4:02:cb:60:8d:
12:0c:6c:40:c3:7a:1a:66:95:2c:72:65:c2:7c:c5:43:f1:b8:
c3:d4:cc:ee:73:64:59:64:ef:d1:7c:18:0d:fc:f4:8f:09:8f:
0f:18:c7:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZyVA5UEz/S6Qibogu1dPgwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OTNiOWFjMGE0ODZiMDAzNzc2NWQ2MDVjOGIxYzgxMDQw
NDZmMGEwHhcNMjYwMjI1MTMzNjA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmI1ZmU3NGY2OWQ3YzNjYWFiMjY5NzliOWEyZTZiNTc5NzllOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13hlGe9iUwJBGUsgnUhBrs8PYLBL
81KAbmVwYRH5nYlY8267SoLB4Qh0/KZXt9GiEO0Yh1Fq1UVB+XDlgvlthB4lJU3R
MtMfTtg02MlIshv3+Dp9iiCh/dv3peQaVCQtPJakA8T75ShIuaiVZGQhr4LDAyBE
GpSIGG6Nm11ZvyPBZaiimsUKQkesMQW6y8lN4x+P6VOo4TIqljKjrGrpqJsXoKV5
Kedhh8lEk7UPxGJJsL+tZwklM5Kp4iccyVMvaWv3Y+aQJqJdvTPhkFTkx087d/VV
QJuvCiZPZwGTBmX7oFjcMfjiQitnMXH975AOS1K6L9ZHTrauPtXqhZE7DwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC+1/nT2nXw8qrJpebmi5rV5eeipMB8GA1UdIwQY
MBaAFEWTuawKSGsAN3ZdYFyLHIEEBG8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlpPNXJBcElhd0EzZGwxZ1hJc2NnUVFFYndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWIwZDItMTZiYS00ZDcxLWEyMTgt
NDNlNmJmZjlhMjVlLzEvTDdYLWRQYWRmRHlxc21sNXVhTG10WGw1NktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWIwZDItMTZiYS00ZDcxLWEyMTgtNDNlNmJmZjlhMjVl
LzEvUlpPNXJBcElhd0EzZGwxZ1hJc2NnUVFFYndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCkHzQAwQA
kHzWAwQAnl7UMA0GCSqGSIb3DQEBCwUAA4IBAQCEJxTOB1nyR+sBLx0YgDRpsd0t
7d/jmKXylvPHeUwfDMJWvrBxy0/JjST3ncG7STGgFioFgfsAa+4V/tDe+SzsPy7X
GEUQLZuKIEZ/yYqw5oOqb+kVETYSiI93GL5j1DGS7WdXW7xwZ6fr2l2tp9GcFvzX
tRoVAcYPggjdldV0P0r4itB6fQQPsNWF5LRCJ4Honn6fEDEAL7ORbDVYzLkevvF0
P0TJy1MLX7VRG7wNiSWEkPAvpSvMdqR4eYguMV0bPKVfhvbP7OhmsNC0Jdk+4RZz
5ALLYI0SDGxAw3oaZpUscmXCfMVD8bjD1Mzuc2RZZO/RfBgN/PSPCY8PGMck
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:32:09 2026 by rpki-client