Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/7zdL4YQGJFDUNgolkXTpwhIf2Fw.roa
File: 7zdL4YQGJFDUNgolkXTpwhIf2Fw.roa (raw, json)
Hash identifier: ZFZpl3XDKuuhGmPsndE03Wv8sKTzQDPR9YKcisjI36I=
Subject key identifier: EF:37:4B:E1:84:06:24:50:D4:36:0A:25:91:74:E9:C2:12:1F:D8:5C
Certificate issuer: /CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Certificate serial: 019D2F3CF640B46E9B36D0DBD7600B7532D5
Authority key identifier: 77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/7zdL4YQGJFDUNgolkXTpwhIf2Fw.roa
Signing time: Fri 27 Mar 2026 12:20:17 +0000
ROA not before: Fri 27 Mar 2026 12:20:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62371
IP address blocks: 79.135.106.0/24 maxlen: 24
79.135.107.0/24 maxlen: 24
95.36.96.0/24 maxlen: 24
95.36.97.0/24 maxlen: 24
95.36.98.0/24 maxlen: 24
95.36.99.0/24 maxlen: 24
185.70.40.0/22 maxlen: 22
185.70.40.0/24 maxlen: 24
185.70.41.0/24 maxlen: 24
185.70.42.0/24 maxlen: 24
185.70.43.0/24 maxlen: 24
2a05:2700::/29 maxlen: 29
2a05:2700::/32 maxlen: 32
2a05:2701::/32 maxlen: 32
2a05:2701:f00::/40 maxlen: 40
2a05:2701:f00::/44 maxlen: 44
2a05:2701:f10::/44 maxlen: 44
2a05:2701:f40::/44 maxlen: 44
2a05:2701:f50::/44 maxlen: 44
2a05:2701:fe00::/48 maxlen: 48
2a05:2701:fe01::/48 maxlen: 48
2a05:2701:fe02::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2f:3c:f6:40:b4:6e:9b:36:d0:db:d7:60:0b:75:32:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Validity
Not Before: Mar 27 12:20:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ef374be184062450d4360a259174e9c2121fd85c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b4:cf:6f:91:3b:9f:67:ae:79:5d:cf:71:15:
c2:94:19:c8:6f:4d:ae:2a:f7:b1:db:3d:c8:b1:17:
90:45:12:da:69:ba:b7:f8:9d:60:2f:10:e0:e2:6c:
47:63:b6:f0:20:5f:ec:00:ad:35:42:e3:d7:3d:53:
fb:65:51:9b:dc:0d:65:0f:1a:11:e8:c2:4e:67:cf:
94:50:44:c9:a6:35:ce:ce:21:c7:d8:26:d7:b3:80:
9e:6c:dd:c2:15:73:be:ee:ce:bb:18:ac:a2:7e:e4:
76:b1:62:16:dc:f0:e4:12:be:50:a3:e4:9f:85:ba:
05:11:56:a4:22:67:93:dd:f5:10:47:76:02:20:0a:
25:e5:d6:64:9c:50:7b:f8:d8:0c:3f:a8:7c:0f:51:
df:e9:6c:7e:46:40:14:8a:27:91:b7:a5:60:bd:e6:
1e:fb:4e:a5:b3:71:7c:18:fc:e8:7f:44:c0:ff:e9:
c2:c0:c3:58:f7:cc:73:ee:54:89:56:e6:29:b7:cd:
40:ce:0e:95:94:67:15:a3:e4:0e:8a:4c:26:bf:6d:
13:92:d9:ef:1c:7a:c3:99:d4:e2:17:cb:0b:dc:47:
fd:0b:63:03:fd:8e:5f:4a:ea:62:37:1b:bc:5e:5e:
0e:e5:74:b2:ee:0c:6f:63:da:5d:06:16:33:6c:19:
14:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:37:4B:E1:84:06:24:50:D4:36:0A:25:91:74:E9:C2:12:1F:D8:5C
X509v3 Authority Key Identifier:
keyid:77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/7zdL4YQGJFDUNgolkXTpwhIf2Fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.106.0/23
95.36.96.0/22
185.70.40.0/22
IPv6:
2a05:2700::/29
Signature Algorithm: sha256WithRSAEncryption
0f:88:06:bc:0e:3c:aa:d9:09:41:23:7f:5f:36:32:6c:b5:8a:
9a:39:1f:8c:55:8d:c0:15:bc:e2:c1:9f:52:14:88:50:55:7e:
97:47:8f:ac:a7:e5:b3:f5:8e:49:16:de:c4:56:47:e5:0a:5e:
2f:82:29:4a:63:d7:63:e9:f7:2d:37:db:25:de:22:4a:5e:23:
31:b4:36:ce:5b:2f:d5:8a:1c:58:2e:1b:69:65:15:96:c6:f3:
b5:ce:92:79:cf:ae:aa:c0:d9:f9:b6:64:bb:98:0d:c7:a8:a6:
6b:97:dc:d7:ab:a8:c3:67:b0:37:1a:e4:fb:b3:38:59:84:cf:
53:ad:d0:3c:65:57:50:a8:27:1b:c7:a8:dc:90:c6:d5:29:2c:
b6:e6:f4:be:0d:cd:dc:10:45:90:13:5c:16:dc:cb:97:52:50:
75:2e:ba:a8:68:6d:80:39:f9:d6:30:dc:05:e1:bf:aa:14:b9:
4f:ab:78:1c:d9:ef:27:78:62:9b:8a:a1:f0:32:8b:3e:cb:fb:
ea:e6:d3:1a:c1:dd:41:da:0f:fc:1b:b8:36:46:fa:ff:05:15:
10:f7:0f:78:ba:96:cf:31:dd:ef:dd:b6:79:e5:0a:b7:30:31:
d6:7f:d3:76:03:75:60:8b:83:10:af:92:77:a1:f4:5e:b2:46:
03:3b:19:d8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ0vPPZAtG6bNtDb12ALdTLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzZhNWM4NWEwOGQ4MDc0OTA0MWNiOWNmYTUxN2ZiN2Q1
ODliYTgwHhcNMjYwMzI3MTIyMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjM3NGJlMTg0MDYyNDUwZDQzNjBhMjU5MTc0ZTljMjEyMWZkODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLTPb5E7n2eueV3PcRXClBnIb02u
Kvex2z3IsReQRRLaabq3+J1gLxDg4mxHY7bwIF/sAK01QuPXPVP7ZVGb3A1lDxoR
6MJOZ8+UUETJpjXOziHH2CbXs4CebN3CFXO+7s67GKyifuR2sWIW3PDkEr5Qo+Sf
hboFEVakImeT3fUQR3YCIAol5dZknFB7+NgMP6h8D1Hf6Wx+RkAUiieRt6VgveYe
+06ls3F8GPzof0TA/+nCwMNY98xz7lSJVuYpt81Azg6VlGcVo+QOikwmv20Tktnv
HHrDmdTiF8sL3Ef9C2MD/Y5fSupiNxu8Xl4O5XSy7gxvY9pdBhYzbBkUUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFO83S+GEBiRQ1DYKJZF06cISH9hcMB8GA1UdIwQY
MBaAFHc2pchaCNgHSQQcuc+lF/t9WJuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTkt
Y2YxZjRjN2M5MjIyLzEvN3pkTDRZUUdKRkRVTmdvbGtYVHB3aElmMkZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTktY2YxZjRjN2M5MjIy
LzEvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBT4dqAwQC
XyRgAwQCuUYoMA0EAgACMAcDBQMqBScAMA0GCSqGSIb3DQEBCwUAA4IBAQAPiAa8
Djyq2QlBI39fNjJstYqaOR+MVY3AFbziwZ9SFIhQVX6XR4+sp+Wz9Y5JFt7EVkfl
Cl4vgilKY9dj6fctN9sl3iJKXiMxtDbOWy/VihxYLhtpZRWWxvO1zpJ5z66qwNn5
tmS7mA3HqKZrl9zXq6jDZ7A3GuT7szhZhM9TrdA8ZVdQqCcbx6jckMbVKSy25vS+
Dc3cEEWQE1wW3MuXUlB1LrqoaG2AOfnWMNwF4b+qFLlPq3gc2e8neGKbiqHwMos+
y/vq5tMawd1B2g/8G7g2Rvr/BRUQ9w94upbPMd3v3bZ55Qq3MDHWf9N2A3Vgi4MQ
r5J3ofReskYDOxnY
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:07:40 2026 by rpki-client