Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/7Pk7KYpBgrXhzZ9T9EUC-2AyfZc.roa
File: 7Pk7KYpBgrXhzZ9T9EUC-2AyfZc.roa (raw, json)
Hash identifier: r2nNKYzdLBiZMXatYZfeprZ5fJJyOhyqA50EGp5gsWs=
Subject key identifier: EC:F9:3B:29:8A:41:82:B5:E1:CD:9F:53:F4:45:02:FB:60:32:7D:97
Certificate issuer: /CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Certificate serial: 019C099F727DA9A64EC2F964114F1BE2FA7F
Authority key identifier: 2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/7Pk7KYpBgrXhzZ9T9EUC-2AyfZc.roa
Signing time: Thu 29 Jan 2026 11:59:30 +0000
ROA not before: Thu 29 Jan 2026 11:59:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201167
IP address blocks: 62.212.235.0/24 maxlen: 24
85.132.8.0/24 maxlen: 24
85.132.9.0/24 maxlen: 24
85.132.10.0/24 maxlen: 24
85.132.11.0/24 maxlen: 24
85.132.97.0/24 maxlen: 24
94.20.42.0/24 maxlen: 24
94.20.52.0/24 maxlen: 24
94.20.96.0/24 maxlen: 24
94.20.97.0/24 maxlen: 24
94.20.98.0/24 maxlen: 24
94.20.99.0/24 maxlen: 24
94.20.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.mft
rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:09:9f:72:7d:a9:a6:4e:c2:f9:64:11:4f:1b:e2:fa:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Validity
Not Before: Jan 29 11:59:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ecf93b298a4182b5e1cd9f53f44502fb60327d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:96:66:23:e3:32:41:82:67:a9:ce:24:74:70:
c0:7d:f0:87:af:1a:e6:1f:f7:3b:85:07:ac:02:f6:
80:4c:b7:1f:db:43:15:b4:ca:30:bc:d7:35:7f:c8:
d2:71:6e:4c:33:39:49:b8:3e:c5:0f:32:6d:50:11:
05:7b:e6:01:73:9f:49:28:f3:27:30:1d:ee:80:57:
dd:f4:11:ab:bc:06:e4:23:83:93:d1:96:e2:f3:e6:
49:56:30:bd:6a:77:b1:ae:b3:ab:92:f3:4a:2e:69:
0b:35:5f:24:b7:d8:a8:8e:89:32:cf:61:e7:9c:b4:
2b:2d:d1:e4:02:4f:73:50:4f:d5:20:a1:f6:2b:47:
fa:7b:58:a2:06:b4:52:f1:ac:91:60:dc:9d:53:00:
f9:64:ef:77:8c:1d:29:45:43:62:ee:fb:f5:9f:aa:
8a:d8:2d:1a:2f:04:76:23:c2:38:13:bf:f3:4c:65:
b2:1f:ca:dd:9c:de:4c:c5:ce:d3:11:55:14:42:93:
da:e0:e7:bc:72:bf:35:dc:1d:83:d3:db:d0:14:8b:
2f:05:6d:1f:50:d7:5f:40:ae:64:71:27:61:0a:e8:
43:58:e3:a5:e5:fd:09:fe:3c:ef:3c:a1:a2:4d:7c:
71:b9:ab:69:7b:5f:8c:2b:ca:75:9d:a4:5d:41:77:
43:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:F9:3B:29:8A:41:82:B5:E1:CD:9F:53:F4:45:02:FB:60:32:7D:97
X509v3 Authority Key Identifier:
keyid:2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/7Pk7KYpBgrXhzZ9T9EUC-2AyfZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.212.235.0/24
85.132.8.0/22
85.132.97.0/24
94.20.42.0/24
94.20.52.0/24
94.20.96.0/22
94.20.239.0/24
Signature Algorithm: sha256WithRSAEncryption
40:61:83:c7:c6:f5:c6:13:bd:b6:c4:36:5e:fe:b1:35:3f:cc:
fd:ce:a9:91:d8:70:44:75:45:03:d2:75:ef:54:79:5c:30:06:
ec:f2:3b:92:b5:66:9e:96:a4:01:5b:ad:f9:d3:8f:fc:ec:87:
30:ff:ee:c0:eb:71:90:99:1b:7f:c4:3f:5b:c2:e1:fd:6a:7f:
d7:97:18:1a:bc:dc:8c:86:b5:d6:95:15:fe:47:a1:b8:04:35:
29:8e:78:42:67:15:cb:d6:b6:24:d8:6d:6e:10:40:49:d3:c1:
58:6a:84:ed:4f:62:88:5a:3a:15:91:8b:4f:97:8c:28:34:df:
ad:84:ff:b6:4c:cb:5e:c3:75:8c:34:67:17:65:99:e2:22:f8:
1c:59:c0:94:6a:d0:b7:c0:77:7d:d5:11:e5:cb:46:e9:3b:f4:
2a:05:b9:ba:8b:a7:15:f5:e6:36:b9:45:0a:56:c7:1c:6d:15:
e7:dc:2c:1f:88:aa:b7:7e:be:ea:43:9f:2a:5b:c9:45:cf:48:
e6:88:f8:b7:0e:55:20:dd:1b:d7:18:ba:f7:b1:ed:84:db:8e:
1e:84:b3:81:f2:cf:16:2f:b2:8a:08:15:6a:95:7a:df:49:49:
b8:ac:de:b2:b7:6e:1b:66:3f:5e:4c:7a:69:3a:79:76:70:36:
a0:54:6f:b9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZwJn3J9qaZOwvlkEU8b4vp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjUyYTQ3NzI0MmZiNDVmMjBiYjA4MDIwYTQwM2EyYmI0
NjZhOWIwHhcNMjYwMTI5MTE1OTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2Y5M2IyOThhNDE4MmI1ZTFjZDlmNTNmNDQ1MDJmYjYwMzI3ZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZZmI+MyQYJnqc4kdHDAffCHrxrm
H/c7hQesAvaATLcf20MVtMowvNc1f8jScW5MMzlJuD7FDzJtUBEFe+YBc59JKPMn
MB3ugFfd9BGrvAbkI4OT0Zbi8+ZJVjC9anexrrOrkvNKLmkLNV8kt9iojokyz2Hn
nLQrLdHkAk9zUE/VIKH2K0f6e1iiBrRS8ayRYNydUwD5ZO93jB0pRUNi7vv1n6qK
2C0aLwR2I8I4E7/zTGWyH8rdnN5Mxc7TEVUUQpPa4Oe8cr813B2D09vQFIsvBW0f
UNdfQK5kcSdhCuhDWOOl5f0J/jzvPKGiTXxxuatpe1+MK8p1naRdQXdD0wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOz5OymKQYK14c2fU/RFAvtgMn2XMB8GA1UdIwQY
MBaAFC4lKkdyQvtF8guwgCCkA6K7RmqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmIt
MTZmMTQ2YmVmOTk1LzEvN1BrN0tZcEJnclhoelo5VDlFVUMtMkF5ZlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmItMTZmMTQ2YmVmOTk1
LzEvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPtTrAwQC
VYQIAwQAVYRhAwQAXhQqAwQAXhQ0AwQCXhRgAwQAXhTvMA0GCSqGSIb3DQEBCwUA
A4IBAQBAYYPHxvXGE722xDZe/rE1P8z9zqmR2HBEdUUD0nXvVHlcMAbs8juStWae
lqQBW63504/87Icw/+7A63GQmRt/xD9bwuH9an/XlxgavNyMhrXWlRX+R6G4BDUp
jnhCZxXL1rYk2G1uEEBJ08FYaoTtT2KIWjoVkYtPl4woNN+thP+2TMtew3WMNGcX
ZZniIvgcWcCUatC3wHd91RHly0bpO/QqBbm6i6cV9eY2uUUKVsccbRXn3CwfiKq3
fr7qQ58qW8lFz0jmiPi3DlUg3RvXGLr3se2E244ehLOB8s8WL7KKCBVqlXrfSUm4
rN6yt24bZj9eTHppOnl2cDagVG+5
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:43:33 2026 by rpki-client