Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/7f9HWbHfqhKkMVw2UaE7IDcT5xA.roa
File: 7f9HWbHfqhKkMVw2UaE7IDcT5xA.roa (raw, json)
Hash identifier: MU6q45G8RIkk6hXpuabfnJu9W348nwIp4jrNhUdqsUE=
Subject key identifier: ED:FF:47:59:B1:DF:AA:12:A4:31:5C:36:51:A1:3B:20:37:13:E7:10
Certificate issuer: /CN=90a065eef40dc016a1be7f28d6e66ca7a87e7fe5
Certificate serial: 019B7758F779FF4A4137EDA55DEF54FE9168
Authority key identifier: 90:A0:65:EE:F4:0D:C0:16:A1:BE:7F:28:D6:E6:6C:A7:A8:7E:7F:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/7f9HWbHfqhKkMVw2UaE7IDcT5xA.roa
Signing time: Thu 01 Jan 2026 02:17:57 +0000
ROA not before: Thu 01 Jan 2026 02:17:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60157
IP address blocks: 185.54.168.0/22 maxlen: 22
185.54.168.0/23 maxlen: 23
185.54.168.0/24 maxlen: 24
185.54.169.0/24 maxlen: 24
185.54.170.0/24 maxlen: 24
185.54.171.0/24 maxlen: 24
2a02:4560::/32 maxlen: 64
2a02:4560::/48 maxlen: 48
2a02:4560:3::/48 maxlen: 48
2a02:4560:24::/48 maxlen: 48
2a02:4560:24::/64 maxlen: 64
2a02:4560:25::/48 maxlen: 48
2a02:4560:25::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/kKBl7vQNwBahvn8o1uZsp6h-f-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/kKBl7vQNwBahvn8o1uZsp6h-f-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:f7:79:ff:4a:41:37:ed:a5:5d:ef:54:fe:91:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90a065eef40dc016a1be7f28d6e66ca7a87e7fe5
Validity
Not Before: Jan 1 02:17:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=edff4759b1dfaa12a4315c3651a13b203713e710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:51:06:d5:6c:0f:c4:b9:99:6b:63:7b:83:c0:
e3:3d:ca:be:2b:2b:63:f8:38:89:f3:55:58:e8:a6:
f2:d1:b8:b2:57:be:06:47:a3:70:fa:b2:1c:49:d3:
37:eb:6b:a5:c1:0a:31:24:1b:bf:77:2a:3d:f4:82:
06:e7:77:70:1c:a6:e5:a7:f6:eb:d2:db:40:11:2e:
76:76:f6:ea:9a:94:30:e7:fa:ca:94:f7:80:82:c5:
f9:19:94:25:32:9b:61:11:ae:f9:97:23:b9:d4:f7:
ff:ae:22:08:08:2f:33:96:2e:b1:a6:56:c4:47:ee:
4c:cc:78:71:5d:e7:df:45:cc:ff:c2:69:7a:40:6b:
e8:69:6d:e2:8d:8f:f2:48:a8:ea:f4:e6:65:c5:6f:
6d:83:93:18:78:11:ab:3a:57:9a:c0:fa:a1:b5:4b:
c9:20:49:1a:87:59:6f:9c:67:86:35:f8:31:b0:e4:
f4:7a:4b:80:de:21:fc:ec:41:b3:93:03:ab:76:8f:
5b:c7:c2:c0:fc:f1:57:b0:60:a7:ba:5a:80:18:9f:
52:53:47:94:35:0e:8c:21:e3:8a:51:cb:f1:7a:2e:
5f:9a:0e:5f:4d:fe:58:5a:8a:b6:28:95:23:2f:db:
51:26:1d:d5:e0:11:aa:89:8b:68:9e:38:74:b1:9f:
4c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:FF:47:59:B1:DF:AA:12:A4:31:5C:36:51:A1:3B:20:37:13:E7:10
X509v3 Authority Key Identifier:
keyid:90:A0:65:EE:F4:0D:C0:16:A1:BE:7F:28:D6:E6:6C:A7:A8:7E:7F:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKBl7vQNwBahvn8o1uZsp6h-f-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/7f9HWbHfqhKkMVw2UaE7IDcT5xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/768aa2-0b44-4cf4-b984-924cdf276d8d/1/kKBl7vQNwBahvn8o1uZsp6h-f-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.168.0/22
IPv6:
2a02:4560::/32
Signature Algorithm: sha256WithRSAEncryption
70:fe:30:98:01:ec:64:0e:bf:e8:02:2d:74:42:dc:84:b2:c8:
04:ef:5d:71:13:04:a9:5e:19:04:ba:f6:47:9d:ce:63:30:f1:
56:bd:d4:2a:5c:46:4c:cd:a4:df:58:24:b2:d3:fc:9a:7e:0a:
cb:d6:57:ba:42:1d:e9:40:9c:d9:4b:61:3f:e5:37:82:5d:e7:
7c:65:6e:b4:d6:9c:5e:c1:40:2d:8c:60:df:8b:a1:8a:8f:b2:
97:81:68:b0:81:26:cf:2d:5a:f9:1b:4a:ee:a1:a6:f9:fb:5b:
89:3f:47:36:02:86:04:14:8a:86:86:ba:90:22:fd:39:82:57:
29:19:a5:2a:f2:23:e5:44:2a:1c:9c:57:1a:ba:90:03:7d:f7:
cf:08:60:b5:ef:f9:3f:e1:f0:ab:da:0c:81:9d:6b:67:73:5f:
e9:06:ac:ef:f9:41:9c:ed:b8:da:71:1e:ec:30:6f:1a:43:22:
82:48:91:52:07:e2:12:e6:d1:18:ac:3d:65:68:1d:75:a8:1e:
e7:10:23:23:92:00:4f:8a:5c:41:04:63:2f:16:a1:05:46:86:
08:79:4b:3d:30:f2:4e:7c:80:f8:04:f6:5f:c6:cd:75:d3:e4:
81:7e:08:31:09:4b:ed:a0:7d:15:de:c4:71:eb:26:34:48:0b:
c3:5e:51:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt3WPd5/0pBN+2lXe9U/pFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYTA2NWVlZjQwZGMwMTZhMWJlN2YyOGQ2ZTY2Y2E3YTg3
ZTdmZTUwHhcNMjYwMTAxMDIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGZmNDc1OWIxZGZhYTEyYTQzMTVjMzY1MWExM2IyMDM3MTNlNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VEG1WwPxLmZa2N7g8DjPcq+Kytj
+DiJ81VY6Kby0biyV74GR6Nw+rIcSdM362ulwQoxJBu/dyo99IIG53dwHKblp/br
0ttAES52dvbqmpQw5/rKlPeAgsX5GZQlMpthEa75lyO51Pf/riIICC8zli6xplbE
R+5MzHhxXeffRcz/wml6QGvoaW3ijY/ySKjq9OZlxW9tg5MYeBGrOleawPqhtUvJ
IEkah1lvnGeGNfgxsOT0ekuA3iH87EGzkwOrdo9bx8LA/PFXsGCnulqAGJ9SU0eU
NQ6MIeOKUcvxei5fmg5fTf5YWoq2KJUjL9tRJh3V4BGqiYtonjh0sZ9MQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO3/R1mx36oSpDFcNlGhOyA3E+cQMB8GA1UdIwQY
MBaAFJCgZe70DcAWob5/KNbmbKeofn/lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0tCbDd2UU53QmFodm44bzF1WnNwNmgtZi1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83NjhhYTItMGI0NC00Y2Y0LWI5ODQt
OTI0Y2RmMjc2ZDhkLzEvN2Y5SFdiSGZxaEtrTVZ3MlVhRTdJRGNUNXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83NjhhYTItMGI0NC00Y2Y0LWI5ODQtOTI0Y2RmMjc2ZDhk
LzEva0tCbDd2UU53QmFodm44bzF1WnNwNmgtZi1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTaoMA0E
AgACMAcDBQAqAkVgMA0GCSqGSIb3DQEBCwUAA4IBAQBw/jCYAexkDr/oAi10QtyE
ssgE711xEwSpXhkEuvZHnc5jMPFWvdQqXEZMzaTfWCSy0/yafgrL1le6Qh3pQJzZ
S2E/5TeCXed8ZW601pxewUAtjGDfi6GKj7KXgWiwgSbPLVr5G0ruoab5+1uJP0c2
AoYEFIqGhrqQIv05glcpGaUq8iPlRCocnFcaupADfffPCGC17/k/4fCr2gyBnWtn
c1/pBqzv+UGc7bjacR7sMG8aQyKCSJFSB+IS5tEYrD1laB11qB7nECMjkgBPilxB
BGMvFqEFRoYIeUs9MPJOfID4BPZfxs110+SBfggxCUvtoH0V3sRx6yY0SAvDXlER
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:29:43 2026 by rpki-client