Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/x7f937Xy_FUIHRQkUrkm9MCxGxs.roa
File: x7f937Xy_FUIHRQkUrkm9MCxGxs.roa (raw, json)
Hash identifier: 0WmyBcbNw17aY5NG33htiVCGPfaVOrCshbMwX66ND3Q=
Subject key identifier: C7:B7:FD:DF:B5:F2:FC:55:08:1D:14:24:52:B9:26:F4:C0:B1:1B:1B
Certificate issuer: /CN=220a9859fbf2e6bc3ed8273911762bd8fa5e802e
Certificate serial: 019C8ACFE72A3954B8495317FA48458788F7
Authority key identifier: 22:0A:98:59:FB:F2:E6:BC:3E:D8:27:39:11:76:2B:D8:FA:5E:80:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IgqYWfvy5rw-2Cc5EXYr2PpegC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/x7f937Xy_FUIHRQkUrkm9MCxGxs.roa
Signing time: Mon 23 Feb 2026 14:03:26 +0000
ROA not before: Mon 23 Feb 2026 14:03:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39399
IP address blocks: 91.199.194.0/24 maxlen: 24
91.215.24.0/22 maxlen: 22
91.224.84.0/23 maxlen: 23
178.215.176.0/20 maxlen: 20
195.182.192.0/23 maxlen: 23
2001:67c:2280::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/IgqYWfvy5rw-2Cc5EXYr2PpegC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/IgqYWfvy5rw-2Cc5EXYr2PpegC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IgqYWfvy5rw-2Cc5EXYr2PpegC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:cf:e7:2a:39:54:b8:49:53:17:fa:48:45:87:88:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220a9859fbf2e6bc3ed8273911762bd8fa5e802e
Validity
Not Before: Feb 23 14:03:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c7b7fddfb5f2fc55081d142452b926f4c0b11b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7d:1b:eb:a8:1b:e1:8a:55:dd:20:30:fd:f9:
13:27:17:1b:f9:fd:ca:31:3a:21:23:e2:17:0c:b3:
1b:07:1e:c4:98:6e:f3:5f:8a:72:a3:22:3e:da:ba:
aa:9d:3e:18:64:e9:82:8f:e3:53:f6:bf:51:84:e3:
74:0e:e9:15:5d:fa:c5:b1:f5:a6:37:de:be:4d:75:
88:12:9b:aa:f1:73:cb:c5:19:4a:cb:52:d1:f0:25:
35:45:53:85:c4:46:e0:15:7c:72:ba:e3:83:2c:42:
01:05:75:39:79:a0:dd:5a:32:24:1b:9b:5b:d4:1e:
ee:7a:4d:9a:e8:72:42:f7:76:95:3d:72:9f:4d:cb:
f1:d3:47:df:65:bb:7c:41:ee:fb:ed:4e:ea:ec:b8:
ae:a9:94:45:eb:26:95:64:ea:2c:7f:ac:f3:2a:c5:
f6:3c:0d:5f:78:3d:8d:c0:61:0a:c5:6b:3b:c7:71:
49:8e:28:22:7f:aa:ce:5d:20:36:21:6b:41:bf:0f:
5e:ed:bc:b4:a9:7a:fd:ce:97:77:c3:4a:96:b4:38:
90:cf:8f:2c:87:9d:e0:78:20:0d:74:d5:33:4b:0a:
d9:02:7e:c9:04:d4:ce:ac:eb:a4:19:7d:70:01:9e:
ff:3e:30:a2:65:c8:43:30:b3:a5:81:5b:b2:5e:9b:
69:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B7:FD:DF:B5:F2:FC:55:08:1D:14:24:52:B9:26:F4:C0:B1:1B:1B
X509v3 Authority Key Identifier:
keyid:22:0A:98:59:FB:F2:E6:BC:3E:D8:27:39:11:76:2B:D8:FA:5E:80:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgqYWfvy5rw-2Cc5EXYr2PpegC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/x7f937Xy_FUIHRQkUrkm9MCxGxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e8281f-cd17-4e02-8fca-8c5ac06c14a8/1/IgqYWfvy5rw-2Cc5EXYr2PpegC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.194.0/24
91.215.24.0/22
91.224.84.0/23
178.215.176.0/20
195.182.192.0/23
IPv6:
2001:67c:2280::/48
Signature Algorithm: sha256WithRSAEncryption
80:a6:33:20:0f:94:d6:ab:da:fc:94:f8:81:68:a1:16:35:5e:
5c:76:62:d0:2d:df:a3:d3:c5:15:87:74:90:f1:e1:37:d8:43:
f6:fc:17:aa:9e:33:31:50:5b:06:40:69:1f:ca:6c:b5:13:64:
97:9c:69:86:a5:ee:a3:a4:c7:79:07:28:63:d2:e9:8f:8d:01:
04:b5:a1:3f:08:83:91:b5:8d:e2:05:3a:25:47:7a:01:e8:07:
a4:1a:4d:94:6f:2b:8f:ed:a8:81:da:6b:51:97:ac:2f:e0:4f:
94:e0:8a:04:6b:86:cc:03:b9:69:80:bb:48:6c:48:d7:56:e7:
73:9f:dd:30:f7:5a:a3:44:31:88:b0:bc:57:63:ad:a6:89:11:
20:69:cf:d9:e2:ff:c8:9d:39:07:8e:d5:4f:47:66:51:6b:fc:
b8:bb:5e:08:2f:15:15:39:5a:8c:57:83:57:fd:62:68:35:4e:
bf:58:8f:71:99:bc:54:7a:9a:7c:b0:08:26:c8:7e:fc:fc:f6:
06:14:8b:a4:7b:03:40:80:53:fe:64:6e:dd:24:bf:f5:09:11:
16:9c:bd:cf:4d:2a:26:31:74:67:66:1f:ef:95:2f:20:98:50:
87:a0:be:79:63:bb:54:11:6d:0a:1a:d2:8f:23:bf:30:00:03:
0b:92:42:c9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZyKz+cqOVS4SVMX+khFh4j3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGE5ODU5ZmJmMmU2YmMzZWQ4MjczOTExNzYyYmQ4ZmE1
ZTgwMmUwHhcNMjYwMjIzMTQwMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2I3ZmRkZmI1ZjJmYzU1MDgxZDE0MjQ1MmI5MjZmNGMwYjExYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq30b66gb4YpV3SAw/fkTJxcb+f3K
MTohI+IXDLMbBx7EmG7zX4pyoyI+2rqqnT4YZOmCj+NT9r9RhON0DukVXfrFsfWm
N96+TXWIEpuq8XPLxRlKy1LR8CU1RVOFxEbgFXxyuuODLEIBBXU5eaDdWjIkG5tb
1B7uek2a6HJC93aVPXKfTcvx00ffZbt8Qe777U7q7LiuqZRF6yaVZOosf6zzKsX2
PA1feD2NwGEKxWs7x3FJjigif6rOXSA2IWtBvw9e7by0qXr9zpd3w0qWtDiQz48s
h53geCANdNUzSwrZAn7JBNTOrOukGX1wAZ7/PjCiZchDMLOlgVuyXptpdQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMe3/d+18vxVCB0UJFK5JvTAsRsbMB8GA1UdIwQY
MBaAFCIKmFn78ua8PtgnORF2K9j6XoAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdxWVdmdnk1cnctMkNjNUVYWXIyUHBlZ0M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lODI4MWYtY2QxNy00ZTAyLThmY2Et
OGM1YWMwNmMxNGE4LzEveDdmOTM3WHlfRlVJSFJRa1Vya205TUN4R3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lODI4MWYtY2QxNy00ZTAyLThmY2EtOGM1YWMwNmMxNGE4
LzEvSWdxWVdmdnk1cnctMkNjNUVYWXIyUHBlZ0M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW8fCAwQC
W9cYAwQBW+BUAwQEstewAwQBw7bAMA8EAgACMAkDBwAgAQZ8IoAwDQYJKoZIhvcN
AQELBQADggEBAICmMyAPlNar2vyU+IFooRY1Xlx2YtAt36PTxRWHdJDx4TfYQ/b8
F6qeMzFQWwZAaR/KbLUTZJecaYal7qOkx3kHKGPS6Y+NAQS1oT8Ig5G1jeIFOiVH
egHoB6QaTZRvK4/tqIHaa1GXrC/gT5TgigRrhswDuWmAu0hsSNdW53Of3TD3WqNE
MYiwvFdjraaJESBpz9ni/8idOQeO1U9HZlFr/Li7XggvFRU5WoxXg1f9Ymg1Tr9Y
j3GZvFR6mnywCCbIfvz89gYUi6R7A0CAU/5kbt0kv/UJERacvc9NKiYxdGdmH++V
LyCYUIegvnlju1QRbQoa0o8jvzAAAwuSQsk=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:24:12 2026 by rpki-client