Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/Pxtr7Gbm8FoWkqDWUIVtrs362Ec.roa
File: Pxtr7Gbm8FoWkqDWUIVtrs362Ec.roa (raw, json)
Hash identifier: Hjsu0JAwI6gJ3DPtZLzsxv8mvLUzo+rKbsqMaxC3bYY=
Subject key identifier: 3F:1B:6B:EC:66:E6:F0:5A:16:92:A0:D6:50:85:6D:AE:CD:FA:D8:47
Certificate issuer: /CN=52c48e1bb672cda6846400e8bf8d6d696835d7bf
Certificate serial: 019B7758E4C3A3ACFF934D9FE0531BEC225B
Authority key identifier: 52:C4:8E:1B:B6:72:CD:A6:84:64:00:E8:BF:8D:6D:69:68:35:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/Pxtr7Gbm8FoWkqDWUIVtrs362Ec.roa
Signing time: Thu 01 Jan 2026 02:17:52 +0000
ROA not before: Thu 01 Jan 2026 02:17:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209378
IP address blocks: 85.208.0.0/22 maxlen: 22
2a09:7f40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.mft
rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 20:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:e4:c3:a3:ac:ff:93:4d:9f:e0:53:1b:ec:22:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52c48e1bb672cda6846400e8bf8d6d696835d7bf
Validity
Not Before: Jan 1 02:17:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3f1b6bec66e6f05a1692a0d650856daecdfad847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:15:9e:a3:de:3c:cd:da:07:eb:cd:94:09:d3:
b6:98:5f:eb:79:5f:86:94:46:29:f8:ae:84:e0:56:
64:b2:94:72:d3:b8:64:4f:ac:93:62:d4:74:60:c5:
ec:7f:a3:3a:ca:d8:c0:01:b7:73:b0:f5:45:61:0c:
79:15:c0:d8:a2:ee:45:1b:b9:e6:fb:0a:17:41:4e:
fb:9a:ef:13:a4:08:fe:d4:88:6a:18:db:01:e2:e0:
8f:81:5b:ea:da:f5:65:a2:ad:4d:b0:5b:f6:56:8c:
10:1e:3b:50:1d:3d:d8:36:36:43:53:33:d5:ed:22:
01:11:cd:de:5f:a3:9d:c2:bd:fc:85:ff:44:d0:3e:
c4:ff:66:7a:ce:87:7c:a6:57:e6:19:c4:fd:ad:e4:
8e:c4:66:50:60:45:d8:23:6d:05:9f:b7:df:1b:7e:
0e:fb:4d:42:0e:83:71:83:00:fe:6b:50:28:ff:f4:
dc:21:f9:54:85:95:c6:76:a9:7d:d8:ad:41:d2:76:
bb:cd:f9:4f:84:d1:f4:61:18:95:33:05:1c:e9:9f:
ff:d9:04:8c:0a:e6:af:bd:51:6c:e8:15:2c:0e:16:
fc:ba:33:41:43:09:00:d2:15:f2:5c:c5:bb:0d:5b:
76:38:8b:e8:03:f3:5b:f6:93:cd:6a:c7:70:5d:fd:
1d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:1B:6B:EC:66:E6:F0:5A:16:92:A0:D6:50:85:6D:AE:CD:FA:D8:47
X509v3 Authority Key Identifier:
keyid:52:C4:8E:1B:B6:72:CD:A6:84:64:00:E8:BF:8D:6D:69:68:35:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/Pxtr7Gbm8FoWkqDWUIVtrs362Ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.0.0/22
IPv6:
2a09:7f40::/29
Signature Algorithm: sha256WithRSAEncryption
a9:eb:8d:7d:c6:65:0b:5c:b9:7c:1d:76:ae:2e:7b:68:7f:9d:
95:39:8f:14:6c:85:04:e5:7b:01:5f:bb:52:24:73:4d:89:2d:
68:bc:a8:7e:64:2b:95:c6:2c:37:41:53:77:6c:56:18:90:4d:
7a:8b:b5:be:f8:ef:d0:2d:d4:30:ce:6c:1f:7b:74:01:91:47:
bd:3f:72:9b:a0:48:d4:33:09:80:71:e2:70:fa:13:33:60:e0:
c4:86:49:31:af:da:6b:8e:ab:a8:cb:7d:42:82:eb:94:14:4d:
dc:90:b3:e4:d6:89:3e:9e:ea:b9:61:5e:77:1d:71:cb:04:e1:
a6:72:3b:07:5e:17:42:c1:32:4d:03:f5:fc:90:a0:e1:16:55:
41:10:1c:44:69:26:06:96:15:3e:b3:05:cc:0f:b5:21:23:5b:
2b:6e:17:e9:ad:86:c1:41:e4:fb:56:1b:94:46:dc:0a:69:a9:
09:7e:f2:82:ec:2d:18:d2:ca:00:12:bf:f3:b6:c3:38:e7:72:
04:bd:84:cb:37:53:01:a1:07:5c:2a:df:46:af:83:51:97:5a:
1e:79:f5:d9:57:1d:83:7c:20:5e:de:44:e6:0f:96:d8:10:9c:
af:18:4d:89:7c:a3:4d:37:7e:fb:d2:2c:dc:ba:7c:a3:e4:4d:
c8:3d:71:df
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt3WOTDo6z/k02f4FMb7CJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYzQ4ZTFiYjY3MmNkYTY4NDY0MDBlOGJmOGQ2ZDY5Njgz
NWQ3YmYwHhcNMjYwMTAxMDIxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjFiNmJlYzY2ZTZmMDVhMTY5MmEwZDY1MDg1NmRhZWNkZmFkODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshWeo948zdoH682UCdO2mF/reV+G
lEYp+K6E4FZkspRy07hkT6yTYtR0YMXsf6M6ytjAAbdzsPVFYQx5FcDYou5FG7nm
+woXQU77mu8TpAj+1IhqGNsB4uCPgVvq2vVloq1NsFv2VowQHjtQHT3YNjZDUzPV
7SIBEc3eX6Odwr38hf9E0D7E/2Z6zod8plfmGcT9reSOxGZQYEXYI20Fn7ffG34O
+01CDoNxgwD+a1Ao//TcIflUhZXGdql92K1B0na7zflPhNH0YRiVMwUc6Z//2QSM
CuavvVFs6BUsDhb8ujNBQwkA0hXyXMW7DVt2OIvoA/Nb9pPNasdwXf0dMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD8ba+xm5vBaFpKg1lCFba7N+thHMB8GA1UdIwQY
MBaAFFLEjhu2cs2mhGQA6L+NbWloNde/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXNTT0c3Wnl6YWFFWkFEb3Y0MXRhV2cxMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hNWU5NGMtMDhiZS00ZmNlLThlYzkt
MThlY2UzNjgyNjZmLzEvUHh0cjdHYm04Rm9Xa3FEV1VJVnRyczM2MkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hNWU5NGMtMDhiZS00ZmNlLThlYzktMThlY2UzNjgyNjZm
LzEvVXNTT0c3Wnl6YWFFWkFEb3Y0MXRhV2cxMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdAAMA0E
AgACMAcDBQMqCX9AMA0GCSqGSIb3DQEBCwUAA4IBAQCp6419xmULXLl8HXauLnto
f52VOY8UbIUE5XsBX7tSJHNNiS1ovKh+ZCuVxiw3QVN3bFYYkE16i7W++O/QLdQw
zmwfe3QBkUe9P3KboEjUMwmAceJw+hMzYODEhkkxr9prjquoy31CguuUFE3ckLPk
1ok+nuq5YV53HXHLBOGmcjsHXhdCwTJNA/X8kKDhFlVBEBxEaSYGlhU+swXMD7Uh
I1srbhfprYbBQeT7VhuURtwKaakJfvKC7C0Y0soAEr/ztsM453IEvYTLN1MBoQdc
Kt9Gr4NRl1oeefXZVx2DfCBe3kTmD5bYEJyvGE2JfKNNN3770izcunyj5E3IPXHf
-----END CERTIFICATE-----
Generated at Tue Mar 3 02:02:58 2026 by rpki-client