Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/7sslS3RUIuhf5Zaqe2lYWrmi-zg.roa
File: 7sslS3RUIuhf5Zaqe2lYWrmi-zg.roa (raw, json)
Hash identifier: vaQFknxSj3T9Lsw68a9dNOcrY1wtAS0N77E0Dy/WJXw=
Subject key identifier: EE:CB:25:4B:74:54:22:E8:5F:E5:96:AA:7B:69:58:5A:B9:A2:FB:38
Certificate issuer: /CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Certificate serial: 019C2E6A214754958005403F9334F99EC83C
Authority key identifier: 07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/7sslS3RUIuhf5Zaqe2lYWrmi-zg.roa
Signing time: Thu 05 Feb 2026 15:27:12 +0000
ROA not before: Thu 05 Feb 2026 15:27:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62353
IP address blocks: 185.22.12.0/22 maxlen: 24
185.22.12.0/23 maxlen: 24
185.22.14.0/23 maxlen: 24
185.81.8.0/22 maxlen: 24
185.81.8.0/23 maxlen: 24
185.81.8.0/24 maxlen: 24
185.81.10.0/23 maxlen: 24
185.81.11.0/24 maxlen: 24
213.159.16.0/21 maxlen: 24
213.159.16.0/22 maxlen: 24
213.159.20.0/22 maxlen: 24
2a00:5d60::/32 maxlen: 48
2a05:8400::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.mft
rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2e:6a:21:47:54:95:80:05:40:3f:93:34:f9:9e:c8:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Validity
Not Before: Feb 5 15:27:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eecb254b745422e85fe596aa7b69585ab9a2fb38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:02:ca:c7:54:be:4b:c2:f1:2b:d8:d4:e2:24:
89:83:ed:f0:27:a2:6d:86:75:10:7e:76:b8:7d:24:
05:41:2e:55:d4:aa:40:5c:7b:e1:a8:ea:a5:aa:40:
29:8f:a3:c0:2b:ec:61:5b:0b:81:26:a5:4f:18:57:
86:91:7d:f2:1e:6b:c4:77:15:0e:1d:0d:89:38:4f:
e9:b1:f4:1d:0c:17:3e:33:42:ef:30:f4:b5:63:fb:
ba:cb:cc:6f:ca:03:26:8f:43:4a:86:fc:08:50:53:
9e:23:2a:45:67:a1:d6:2d:e6:36:0b:90:3b:7c:87:
60:d9:be:76:4d:e7:64:4d:df:64:ac:51:c8:b4:75:
e1:93:86:38:20:5c:7a:e7:1c:38:07:64:9a:17:5a:
bc:7a:39:7d:59:d1:f0:40:e8:a6:f5:34:b0:16:35:
20:e5:e9:46:e8:7a:a6:87:6f:00:6e:6d:00:3c:c2:
ef:c4:7a:80:fc:00:c8:79:cc:04:85:cd:9c:5e:b1:
4b:97:e5:92:2b:3f:46:2f:be:b4:d9:3f:fb:f3:7c:
15:ea:ce:f7:5d:0a:01:b6:f5:d0:3f:62:50:a7:c6:
d0:f7:ca:c0:37:0b:87:73:0a:c8:89:2b:29:86:e6:
2a:2e:77:c6:0e:4b:14:ae:71:d2:df:f2:4d:fa:b9:
cc:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:CB:25:4B:74:54:22:E8:5F:E5:96:AA:7B:69:58:5A:B9:A2:FB:38
X509v3 Authority Key Identifier:
keyid:07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/7sslS3RUIuhf5Zaqe2lYWrmi-zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.12.0/22
185.81.8.0/22
213.159.16.0/21
IPv6:
2a00:5d60::/32
2a05:8400::/29
Signature Algorithm: sha256WithRSAEncryption
7a:59:3d:c5:9d:8e:13:2d:5f:ba:dd:37:b8:c0:e1:55:d9:ae:
21:71:82:5e:83:10:28:b1:86:a2:aa:2b:93:ff:19:99:ef:9e:
94:31:3f:4a:69:f0:4d:be:59:b4:19:47:78:01:fa:c2:b4:93:
d9:3f:2d:9d:d9:22:82:cc:c6:2b:43:8a:ba:fa:87:ed:0c:03:
c9:c7:2f:81:14:86:53:99:f5:d3:d8:83:21:3b:9c:30:18:0d:
0b:53:6d:73:cd:da:9f:16:8d:cc:f9:ff:a0:f1:d2:fa:09:e5:
f5:15:ff:f1:cc:a5:22:02:37:1b:fd:81:73:a0:11:9f:8b:3f:
3b:58:63:e7:75:c1:0a:51:6d:dd:aa:1d:5c:12:9f:79:8f:fe:
e4:d4:74:f8:f9:1b:df:73:7a:8b:75:15:ef:37:ae:96:c9:35:
38:bc:0e:9c:25:42:d8:52:f1:d1:5d:c2:23:83:cc:3e:fb:8a:
c7:ca:e5:64:bd:d0:98:90:11:ea:e1:25:c1:3d:02:4a:5e:ba:
0e:8a:d9:9d:4d:98:77:03:59:91:fa:3d:be:db:eb:ba:6d:81:
e8:0b:a0:d3:6f:1b:35:72:03:d5:fd:f5:64:c8:d4:52:eb:f5:
85:8b:98:30:49:8d:70:2e:8a:9f:ec:af:c5:a0:ad:be:4b:77:
85:29:69:89
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZwuaiFHVJWABUA/kzT5nsg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NTlmNmFjMTczZjc1ZWQ5ZTU4NWVjN2Q4NzJhNTg2NWNl
ZjI4MzUwHhcNMjYwMjA1MTUyNzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWNiMjU0Yjc0NTQyMmU4NWZlNTk2YWE3YjY5NTg1YWI5YTJmYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQLKx1S+S8LxK9jU4iSJg+3wJ6Jt
hnUQfna4fSQFQS5V1KpAXHvhqOqlqkApj6PAK+xhWwuBJqVPGFeGkX3yHmvEdxUO
HQ2JOE/psfQdDBc+M0LvMPS1Y/u6y8xvygMmj0NKhvwIUFOeIypFZ6HWLeY2C5A7
fIdg2b52TedkTd9krFHItHXhk4Y4IFx65xw4B2SaF1q8ejl9WdHwQOim9TSwFjUg
5elG6Hqmh28Abm0APMLvxHqA/ADIecwEhc2cXrFLl+WSKz9GL7602T/783wV6s73
XQoBtvXQP2JQp8bQ98rANwuHcwrIiSsphuYqLnfGDksUrnHS3/JN+rnMHQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFO7LJUt0VCLoX+WWqntpWFq5ovs4MB8GA1UdIwQY
MBaAFAdZ9qwXP3Xtnlhex9hypYZc7yg1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUt
N2JlM2JkYTA1OTI3LzEvN3NzbFMzUlVJdWhmNVphcWUybFlXcm1pLXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUtN2JlM2JkYTA1OTI3
LzEvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuRYMAwQC
uVEIAwQD1Z8QMBQEAgACMA4DBQAqAF1gAwUDKgWEADANBgkqhkiG9w0BAQsFAAOC
AQEAelk9xZ2OEy1fut03uMDhVdmuIXGCXoMQKLGGoqork/8Zme+elDE/SmnwTb5Z
tBlHeAH6wrST2T8tndkigszGK0OKuvqH7QwDyccvgRSGU5n109iDITucMBgNC1Nt
c83anxaNzPn/oPHS+gnl9RX/8cylIgI3G/2Bc6ARn4s/O1hj53XBClFt3aodXBKf
eY/+5NR0+Pkb33N6i3UV7zeulsk1OLwOnCVC2FLx0V3CI4PMPvuKx8rlZL3QmJAR
6uElwT0CSl66DorZnU2YdwNZkfo9vtvrum2B6Aug028bNXID1f31ZMjUUuv1hYuY
MEmNcC6Kn+yvxaCtvkt3hSlpiQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:03:15 2026 by rpki-client