Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/7W79sTA0NxFZ4zMhc8AztOa-azo.roa
File: 7W79sTA0NxFZ4zMhc8AztOa-azo.roa (raw, json)
Hash identifier: tcnWpiANUyetrxx26pyTnP9yDe9GvVdkOz2GPw7slj8=
Subject key identifier: ED:6E:FD:B1:30:34:37:11:59:E3:33:21:73:C0:33:B4:E6:BE:6B:3A
Certificate issuer: /CN=4adcf19672965f51b16d87afab1b149082e6c3ee
Certificate serial: 019B7E37581CF94C31D974B28AAE97D6B5DF
Authority key identifier: 4A:DC:F1:96:72:96:5F:51:B1:6D:87:AF:AB:1B:14:90:82:E6:C3:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StzxlnKWX1GxbYevqxsUkILmw-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/7W79sTA0NxFZ4zMhc8AztOa-azo.roa
Signing time: Fri 02 Jan 2026 10:18:34 +0000
ROA not before: Fri 02 Jan 2026 10:18:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205174
IP address blocks: 185.217.220.0/22 maxlen: 22
185.217.222.0/24 maxlen: 24
2a0c:e200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/StzxlnKWX1GxbYevqxsUkILmw-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:37:58:1c:f9:4c:31:d9:74:b2:8a:ae:97:d6:b5:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4adcf19672965f51b16d87afab1b149082e6c3ee
Validity
Not Before: Jan 2 10:18:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ed6efdb13034371159e3332173c033b4e6be6b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:82:db:eb:c1:79:9b:d6:2e:7f:cb:dc:0c:2e:
d5:c9:46:58:39:8d:77:04:b2:76:ea:ec:6a:d5:5e:
f0:c4:31:9b:3a:0a:62:a3:47:9c:e7:51:14:65:79:
05:35:c1:43:e6:e3:23:56:fc:f6:d5:8f:16:38:35:
f2:16:e5:2d:40:aa:47:4d:4c:3c:93:aa:c5:0d:5f:
2a:43:47:7f:0d:ec:48:c6:99:2d:82:82:fe:01:b3:
d4:ed:7a:2d:f1:21:d3:cf:8b:15:a4:d8:d2:47:fa:
80:47:6a:b2:25:58:db:65:14:7d:8e:46:ea:1e:6f:
e9:72:e6:57:ce:84:9a:d4:ea:bf:90:5b:94:93:75:
fd:77:0c:2b:dc:59:83:1d:5b:0a:58:17:45:3b:26:
b9:4a:52:8a:31:3b:d0:b8:c1:96:07:e3:52:a1:28:
ec:fd:d2:cf:08:d4:24:4a:4f:bb:78:8b:d5:1b:59:
2b:f5:e0:fc:f1:bc:a5:3c:63:f9:41:c2:e1:f9:ab:
65:96:67:53:02:93:ef:0d:55:10:d1:18:24:a7:63:
fc:92:35:99:6f:df:19:11:cf:dc:b7:57:62:a3:b0:
6a:89:df:71:55:85:40:2b:8d:36:21:ee:3f:5c:5b:
a4:3a:db:14:01:71:46:7e:ec:be:d6:5c:a3:24:19:
2d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6E:FD:B1:30:34:37:11:59:E3:33:21:73:C0:33:B4:E6:BE:6B:3A
X509v3 Authority Key Identifier:
keyid:4A:DC:F1:96:72:96:5F:51:B1:6D:87:AF:AB:1B:14:90:82:E6:C3:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StzxlnKWX1GxbYevqxsUkILmw-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/7W79sTA0NxFZ4zMhc8AztOa-azo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/2d2eb6-05d5-47a0-8fed-ebf32a0469c7/1/StzxlnKWX1GxbYevqxsUkILmw-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.220.0/22
IPv6:
2a0c:e200::/29
Signature Algorithm: sha256WithRSAEncryption
18:b0:52:2d:c0:7b:c2:fa:13:41:34:f8:0d:e7:df:35:a2:25:
1f:41:28:99:a1:c1:bb:21:4b:c9:46:3e:8f:aa:72:dc:6e:d8:
57:75:e5:57:e3:fd:c8:8f:45:78:9b:59:5a:cd:40:ee:64:25:
a7:ca:8a:0b:4d:7c:a1:ef:1a:27:94:7d:0a:af:09:15:d6:af:
96:48:40:20:37:ca:e7:5f:54:91:3e:da:c7:f3:1d:f2:1c:f5:
e1:33:3b:e7:b1:f0:9a:f5:fd:a2:09:de:f6:bd:80:cc:5e:9e:
1d:aa:67:10:cb:3a:1d:cf:9a:84:3d:a2:25:2c:f8:19:38:8e:
63:14:91:ee:ae:2d:4a:d8:41:d5:64:7c:96:bf:7e:7e:d3:24:
95:e4:f9:7a:8e:b9:d4:05:12:11:6b:87:29:ee:b8:e3:5d:4b:
f1:c2:48:51:5d:4e:ee:58:5b:ed:dd:8b:25:a6:53:d7:3f:b5:
4b:0f:87:d3:c7:62:a9:c6:87:21:89:57:bb:32:e0:05:b5:df:
19:d3:6f:84:00:7f:a4:b5:ea:90:55:5c:8f:07:18:e5:80:3a:
58:f5:1b:c7:3f:05:5b:d0:8a:ad:1e:5e:f9:e1:2e:75:9f:94:
f3:e5:86:99:87:7d:b3:70:1c:0d:31:3a:4d:0d:17:80:20:87:
21:ef:f1:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt+N1gc+Uwx2XSyiq6X1rXfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZGNmMTk2NzI5NjVmNTFiMTZkODdhZmFiMWIxNDkwODJl
NmMzZWUwHhcNMjYwMTAyMTAxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDZlZmRiMTMwMzQzNzExNTllMzMzMjE3M2MwMzNiNGU2YmU2YjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4Lb68F5m9Yuf8vcDC7VyUZYOY13
BLJ26uxq1V7wxDGbOgpio0ec51EUZXkFNcFD5uMjVvz21Y8WODXyFuUtQKpHTUw8
k6rFDV8qQ0d/DexIxpktgoL+AbPU7Xot8SHTz4sVpNjSR/qAR2qyJVjbZRR9jkbq
Hm/pcuZXzoSa1Oq/kFuUk3X9dwwr3FmDHVsKWBdFOya5SlKKMTvQuMGWB+NSoSjs
/dLPCNQkSk+7eIvVG1kr9eD88bylPGP5QcLh+atllmdTApPvDVUQ0Rgkp2P8kjWZ
b98ZEc/ct1dio7Bqid9xVYVAK402Ie4/XFukOtsUAXFGfuy+1lyjJBktLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO1u/bEwNDcRWeMzIXPAM7Tmvms6MB8GA1UdIwQY
MBaAFErc8ZZyll9RsW2Hr6sbFJCC5sPuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3R6eGxuS1dYMUd4YllldnF4c1VrSUxtdy00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yZDJlYjYtMDVkNS00N2EwLThmZWQt
ZWJmMzJhMDQ2OWM3LzEvN1c3OXNUQTBOeEZaNHpNaGM4QXp0T2EtYXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yZDJlYjYtMDVkNS00N2EwLThmZWQtZWJmMzJhMDQ2OWM3
LzEvU3R6eGxuS1dYMUd4YllldnF4c1VrSUxtdy00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudncMA0E
AgACMAcDBQMqDOIAMA0GCSqGSIb3DQEBCwUAA4IBAQAYsFItwHvC+hNBNPgN5981
oiUfQSiZocG7IUvJRj6PqnLcbthXdeVX4/3Ij0V4m1lazUDuZCWnyooLTXyh7xon
lH0KrwkV1q+WSEAgN8rnX1SRPtrH8x3yHPXhMzvnsfCa9f2iCd72vYDMXp4dqmcQ
yzodz5qEPaIlLPgZOI5jFJHuri1K2EHVZHyWv35+0ySV5Pl6jrnUBRIRa4cp7rjj
XUvxwkhRXU7uWFvt3YslplPXP7VLD4fTx2KpxochiVe7MuAFtd8Z02+EAH+kteqQ
VVyPBxjlgDpY9RvHPwVb0IqtHl754S51n5Tz5YaZh32zcBwNMTpNDReAIIch7/G8
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:14:51 2026 by rpki-client