Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/16U2Zcvc6E7UFGeywJvIx4XiVgQ.roa
File: 16U2Zcvc6E7UFGeywJvIx4XiVgQ.roa (raw, json)
Hash identifier: B22/eCk44cDYUs5H7aJKFJrAI0Ca0WhxkwmE6m9DyGw=
Subject key identifier: D7:A5:36:65:CB:DC:E8:4E:D4:14:67:B2:C0:9B:C8:C7:85:E2:56:04
Certificate issuer: /CN=4f123e248e6ec0368e0712345f726d71f60f826b
Certificate serial: 019B7BA54111259347489E52A39D730B1A8F
Authority key identifier: 4F:12:3E:24:8E:6E:C0:36:8E:07:12:34:5F:72:6D:71:F6:0F:82:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/16U2Zcvc6E7UFGeywJvIx4XiVgQ.roa
Signing time: Thu 01 Jan 2026 22:19:46 +0000
ROA not before: Thu 01 Jan 2026 22:19:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201597
IP address blocks: 185.66.92.0/22 maxlen: 22
185.232.252.0/22 maxlen: 22
185.232.254.0/24 maxlen: 24
2a05:680::/29 maxlen: 29
2a05:687::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/TxI-JI5uwDaOBxI0X3JtcfYPgms.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/TxI-JI5uwDaOBxI0X3JtcfYPgms.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:a5:41:11:25:93:47:48:9e:52:a3:9d:73:0b:1a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f123e248e6ec0368e0712345f726d71f60f826b
Validity
Not Before: Jan 1 22:19:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d7a53665cbdce84ed41467b2c09bc8c785e25604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e7:23:e8:f8:5d:8e:7a:93:68:86:8d:c1:64:
26:81:ec:74:1f:36:eb:66:55:8a:0d:15:df:ad:35:
a0:61:9e:34:ac:a0:57:ee:66:98:59:9a:37:0e:14:
cd:e7:6e:2a:33:67:78:aa:d3:7d:ee:fe:03:cf:3e:
da:31:5a:87:dc:8e:45:08:06:ac:a8:74:1d:5b:09:
81:a3:75:6a:d7:cf:04:ca:86:99:3e:a4:fe:11:1e:
e8:a7:e9:6a:50:fc:4d:0d:6b:ee:fe:2d:33:22:81:
00:b5:bd:51:e7:a7:ed:33:5b:36:5e:82:b2:cc:ca:
78:a3:8e:d5:8c:d0:c6:1a:9b:27:b0:99:f7:0b:a6:
cf:ca:b2:9d:c8:cb:26:79:d3:48:8c:73:a6:25:08:
d4:77:52:97:7e:d3:23:17:14:df:49:dc:a4:40:fa:
5e:61:8c:f3:b3:99:67:67:cb:5f:e9:b3:39:69:60:
d9:a9:83:69:b0:f4:24:28:a2:a6:ab:b7:47:24:26:
26:23:ca:08:79:57:dd:8e:66:9b:4f:a1:91:e3:c9:
28:4f:80:51:50:cb:05:3f:4d:6a:82:aa:9b:cd:30:
d5:21:7d:ae:ce:c0:f2:04:80:42:6b:df:0e:c8:17:
83:6b:f6:90:06:e9:e4:3c:dd:7e:55:c1:40:56:62:
47:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A5:36:65:CB:DC:E8:4E:D4:14:67:B2:C0:9B:C8:C7:85:E2:56:04
X509v3 Authority Key Identifier:
keyid:4F:12:3E:24:8E:6E:C0:36:8E:07:12:34:5F:72:6D:71:F6:0F:82:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/16U2Zcvc6E7UFGeywJvIx4XiVgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/TxI-JI5uwDaOBxI0X3JtcfYPgms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.92.0/22
185.232.252.0/22
IPv6:
2a05:680::/29
Signature Algorithm: sha256WithRSAEncryption
b6:40:42:79:bc:44:e1:fb:89:c1:c7:50:17:86:22:cb:99:a5:
5e:73:75:e1:3b:1b:c9:c9:75:a0:a1:38:81:6e:94:81:7e:8c:
21:6c:05:90:ba:3f:7a:72:ab:5a:49:9a:de:a1:2d:9e:31:9b:
f2:4c:c0:12:88:1e:37:c9:13:c2:c4:29:d2:e1:ac:0b:03:85:
86:26:a4:c7:1c:4c:fe:0b:d6:5c:ce:19:b2:20:a0:60:75:3a:
a7:84:b6:77:17:01:e7:6e:f8:ec:18:aa:e0:87:2b:7c:e0:0b:
e5:ef:0e:05:f3:45:21:bb:75:59:97:d4:ef:89:50:c1:15:96:
be:68:61:d8:28:a1:e9:30:da:02:49:1b:9a:9d:1f:ae:62:74:
b5:a5:da:74:6d:9b:1c:9f:d3:25:0b:1b:d7:d0:2c:e5:49:6f:
70:fe:dd:de:ec:7f:04:58:f7:69:74:7b:6f:4e:b5:ed:8d:8f:
7f:8b:34:7c:6c:40:0e:ba:70:4c:e3:b9:1c:6f:0f:1b:a8:e3:
a6:77:4c:2d:40:67:11:a2:98:c3:0f:60:bd:b1:77:4b:95:2a:
92:7c:3e:7f:98:00:2e:4a:46:73:6c:fa:43:5b:c9:1c:88:8b:
b8:85:8a:07:6c:fe:d8:64:a0:2b:33:f4:8f:33:b6:b0:5d:ce:
90:f6:75:4c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt7pUERJZNHSJ5So51zCxqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTIzZTI0OGU2ZWMwMzY4ZTA3MTIzNDVmNzI2ZDcxZjYw
ZjgyNmIwHhcNMjYwMTAxMjIxOTQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2E1MzY2NWNiZGNlODRlZDQxNDY3YjJjMDliYzhjNzg1ZTI1NjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+cj6PhdjnqTaIaNwWQmgex0Hzbr
ZlWKDRXfrTWgYZ40rKBX7maYWZo3DhTN524qM2d4qtN97v4Dzz7aMVqH3I5FCAas
qHQdWwmBo3Vq188EyoaZPqT+ER7op+lqUPxNDWvu/i0zIoEAtb1R56ftM1s2XoKy
zMp4o47VjNDGGpsnsJn3C6bPyrKdyMsmedNIjHOmJQjUd1KXftMjFxTfSdykQPpe
YYzzs5lnZ8tf6bM5aWDZqYNpsPQkKKKmq7dHJCYmI8oIeVfdjmabT6GR48koT4BR
UMsFP01qgqqbzTDVIX2uzsDyBIBCa98OyBeDa/aQBunkPN1+VcFAVmJHfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNelNmXL3OhO1BRnssCbyMeF4lYEMB8GA1UdIwQY
MBaAFE8SPiSObsA2jgcSNF9ybXH2D4JrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhJLUpJNXV3RGFPQnhJMFgzSnRjZllQZ21zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82ZDljZTItNmQ4OC00OTc3LWFlMDYt
YzFlOTQxZTU5YzE0LzEvMTZVMlpjdmM2RTdVRkdleXdKdkl4NFhpVmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82ZDljZTItNmQ4OC00OTc3LWFlMDYtYzFlOTQxZTU5YzE0
LzEvVHhJLUpJNXV3RGFPQnhJMFgzSnRjZllQZ21zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUJcAwQC
uej8MA0EAgACMAcDBQMqBQaAMA0GCSqGSIb3DQEBCwUAA4IBAQC2QEJ5vETh+4nB
x1AXhiLLmaVec3XhOxvJyXWgoTiBbpSBfowhbAWQuj96cqtaSZreoS2eMZvyTMAS
iB43yRPCxCnS4awLA4WGJqTHHEz+C9ZczhmyIKBgdTqnhLZ3FwHnbvjsGKrghyt8
4Avl7w4F80Uhu3VZl9TviVDBFZa+aGHYKKHpMNoCSRuanR+uYnS1pdp0bZscn9Ml
CxvX0CzlSW9w/t3e7H8EWPdpdHtvTrXtjY9/izR8bEAOunBM47kcbw8bqOOmd0wt
QGcRopjDD2C9sXdLlSqSfD5/mAAuSkZzbPpDW8kciIu4hYoHbP7YZKArM/SPM7aw
Xc6Q9nVM
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:50:29 2026 by rpki-client