Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/hra2oS8GjvkRZ6lA17Gv6KzPleE.roa
File: hra2oS8GjvkRZ6lA17Gv6KzPleE.roa (raw, json)
Hash identifier: yB0/gWtNRp6jlodgk2x1P2pRJYaoZNbHAqS9P1Nn5Sk=
Subject key identifier: 86:B6:B6:A1:2F:06:8E:F9:11:67:A9:40:D7:B1:AF:E8:AC:CF:95:E1
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019CAAA6D9FD4D6A47E482FCA99764244220
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/hra2oS8GjvkRZ6lA17Gv6KzPleE.roa
Signing time: Sun 01 Mar 2026 18:26:27 +0000
ROA not before: Sun 01 Mar 2026 18:26:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 79.172.192.0/24 maxlen: 24
79.172.193.0/24 maxlen: 24
79.172.200.0/23 maxlen: 24
79.172.200.0/24 maxlen: 24
79.172.214.0/24 maxlen: 24
79.172.242.0/24 maxlen: 24
79.172.250.0/23 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.8.0/24 maxlen: 24
87.229.11.0/24 maxlen: 24
87.229.25.0/24 maxlen: 24
87.229.35.0/24 maxlen: 24
87.229.37.0/24 maxlen: 24
87.229.40.0/24 maxlen: 24
87.229.52.0/24 maxlen: 24
87.229.56.0/24 maxlen: 24
87.229.64.0/24 maxlen: 24
87.229.80.0/23 maxlen: 24
87.229.112.0/24 maxlen: 24
87.229.124.0/23 maxlen: 24
87.229.124.0/24 maxlen: 24
87.229.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:a6:d9:fd:4d:6a:47:e4:82:fc:a9:97:64:24:42:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Mar 1 18:26:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86b6b6a12f068ef91167a940d7b1afe8accf95e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:81:11:ad:58:26:b4:e0:8d:bb:75:58:b2:9c:
43:e4:0f:43:4f:33:65:62:13:ea:d0:fd:85:ba:31:
81:29:32:53:c9:5b:99:4f:43:10:53:e5:89:91:35:
99:b0:52:eb:8d:27:45:84:7a:0a:d5:33:e7:8b:af:
66:ea:52:4c:1c:23:b8:15:1c:0a:1f:77:e7:46:c1:
8e:30:3c:da:9e:fd:1c:77:ee:6b:1e:b2:cb:aa:47:
30:ef:39:25:54:e5:e6:c3:ed:5c:0f:0b:88:9b:62:
d4:d9:7d:11:7c:6b:78:2b:c5:b8:36:f0:aa:5e:d7:
64:2e:cc:1d:cb:13:cf:99:fb:b6:88:88:d6:46:6a:
b6:8d:c4:ef:25:df:db:9b:42:d5:c0:4f:3f:33:a8:
c9:13:5d:7a:d1:76:8f:d0:62:89:df:00:3d:19:65:
59:7e:5f:a9:f2:28:5d:eb:d5:77:18:75:05:95:ce:
46:df:72:77:07:eb:32:90:f1:19:8d:ce:a0:d0:ee:
94:62:d3:00:28:2c:96:b5:f5:d4:78:51:0f:40:3f:
b4:52:46:0f:99:ed:a3:4b:75:88:cb:3a:41:8b:a3:
6c:55:c3:b7:89:33:e1:59:53:b3:1e:2d:38:23:b8:
28:67:c7:54:3d:98:21:6a:78:16:92:c7:61:a6:94:
ee:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B6:B6:A1:2F:06:8E:F9:11:67:A9:40:D7:B1:AF:E8:AC:CF:95:E1
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/hra2oS8GjvkRZ6lA17Gv6KzPleE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/23
79.172.200.0/23
79.172.214.0/24
79.172.242.0/24
79.172.250.0/23
87.229.8.0/22
87.229.25.0/24
87.229.35.0/24
87.229.37.0/24
87.229.40.0/24
87.229.52.0/24
87.229.56.0/24
87.229.64.0/24
87.229.80.0/23
87.229.112.0/24
87.229.124.0/23
Signature Algorithm: sha256WithRSAEncryption
27:15:d7:bb:bf:fa:2c:f4:02:a3:54:e7:c9:1c:3b:bd:e1:81:
81:b4:9d:41:55:97:34:b5:75:4a:a8:e6:53:1f:48:78:d0:84:
aa:62:ed:ee:01:cf:e2:64:04:b3:c6:d2:6c:33:1c:5f:a9:d5:
3d:46:47:aa:ee:22:93:9a:55:79:af:12:89:f2:9b:54:c3:2d:
0d:c7:2c:a9:7a:d8:57:65:ab:76:12:e0:9a:ab:93:4c:a1:52:
1d:5f:51:51:31:d1:56:ed:15:ac:b4:44:8d:62:42:50:12:f1:
5d:ca:23:f9:57:b9:33:d7:67:ed:24:00:76:34:93:50:43:39:
e9:00:02:cd:e7:ef:cb:59:5f:f8:d9:0f:a5:c9:b0:0f:f3:2e:
2b:2c:db:a5:af:1f:07:e6:db:c0:e0:93:5e:70:95:89:5b:fe:
f3:34:40:1f:00:95:97:19:49:32:8e:2b:62:d3:15:fd:2c:c7:
12:9e:b3:14:71:29:f5:bc:bc:8e:fb:15:e0:aa:87:6d:1f:0e:
6c:9c:1e:a1:1b:eb:83:75:87:40:65:79:2e:15:3d:8b:52:0e:
7f:29:2c:0e:28:0e:40:41:d4:70:fd:67:84:3c:3c:af:15:a3:
36:34:1b:1d:ab:2a:30:b3:61:0a:cc:1d:1c:31:e9:72:6a:bc:
76:24:58:b2
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZyqptn9TWpH5IL8qZdkJEIgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjYwMzAxMTgyNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmI2YjZhMTJmMDY4ZWY5MTE2N2E5NDBkN2IxYWZlOGFjY2Y5NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IERrVgmtOCNu3VYspxD5A9DTzNl
YhPq0P2FujGBKTJTyVuZT0MQU+WJkTWZsFLrjSdFhHoK1TPni69m6lJMHCO4FRwK
H3fnRsGOMDzanv0cd+5rHrLLqkcw7zklVOXmw+1cDwuIm2LU2X0RfGt4K8W4NvCq
XtdkLswdyxPPmfu2iIjWRmq2jcTvJd/bm0LVwE8/M6jJE1160XaP0GKJ3wA9GWVZ
fl+p8ihd69V3GHUFlc5G33J3B+sykPEZjc6g0O6UYtMAKCyWtfXUeFEPQD+0UkYP
me2jS3WIyzpBi6NsVcO3iTPhWVOzHi04I7goZ8dUPZghangWksdhppTuwQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFIa2tqEvBo75EWepQNexr+isz5XhMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvaHJhMm9TOEdqdmtSWjZsQTE3R3Y2S3pQbGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBT6zAAwQB
T6zIAwQAT6zWAwQAT6zyAwQBT6z6AwQCV+UIAwQAV+UZAwQAV+UjAwQAV+UlAwQA
V+UoAwQAV+U0AwQAV+U4AwQAV+VAAwQBV+VQAwQAV+VwAwQBV+V8MA0GCSqGSIb3
DQEBCwUAA4IBAQAnFde7v/os9AKjVOfJHDu94YGBtJ1BVZc0tXVKqOZTH0h40ISq
Yu3uAc/iZASzxtJsMxxfqdU9Rkeq7iKTmlV5rxKJ8ptUwy0NxyypethXZat2EuCa
q5NMoVIdX1FRMdFW7RWstESNYkJQEvFdyiP5V7kz12ftJAB2NJNQQznpAALN5+/L
WV/42Q+lybAP8y4rLNulrx8H5tvA4JNecJWJW/7zNEAfAJWXGUkyjiti0xX9LMcS
nrMUcSn1vLyO+xXgqodtHw5snB6hG+uDdYdAZXkuFT2LUg5/KSwOKA5AQdRw/WeE
PDyvFaM2NBsdqyows2EKzB0cMelyarx2JFiy
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:44:55 2026 by rpki-client