Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/04e22e-e555-4ece-85cf-ce59522ef66f/1/7L3jabJVXCeMYdguJAk56OnOf0s.roa
File: 7L3jabJVXCeMYdguJAk56OnOf0s.roa (raw, json)
Hash identifier: zKJ6sVcsdmaKTPMpp3VLcnAbIYBseDkvGgkaaioaY7A=
Subject key identifier: EC:BD:E3:69:B2:55:5C:27:8C:61:D8:2E:24:09:39:E8:E9:CE:7F:4B
Certificate issuer: /CN=4b70cb0a5e3a4e53089b51de9a370a5f233874c6
Certificate serial: 019D8866EDCE34BAB2234BCE20DFDC261E93
Authority key identifier: 4B:70:CB:0A:5E:3A:4E:53:08:9B:51:DE:9A:37:0A:5F:23:38:74:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3DLCl46TlMIm1HemjcKXyM4dMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/04e22e-e555-4ece-85cf-ce59522ef66f/1/7L3jabJVXCeMYdguJAk56OnOf0s.roa
Signing time: Mon 13 Apr 2026 19:52:20 +0000
ROA not before: Mon 13 Apr 2026 19:52:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19905
IP address blocks: 163.62.72.0/21 maxlen: 21
163.62.80.0/22 maxlen: 22
163.62.92.0/22 maxlen: 22
163.62.96.0/21 maxlen: 21
163.62.112.0/22 maxlen: 22
163.62.116.0/24 maxlen: 24
163.62.118.0/23 maxlen: 23
163.62.120.0/21 maxlen: 21
163.62.128.0/23 maxlen: 23
163.62.132.0/22 maxlen: 22
163.62.240.0/20 maxlen: 20
163.114.20.0/22 maxlen: 22
163.116.0.0/21 maxlen: 21
163.116.8.0/22 maxlen: 22
192.54.192.0/23 maxlen: 23
192.196.12.0/23 maxlen: 23
192.196.36.0/22 maxlen: 22
192.196.40.0/22 maxlen: 22
192.196.70.0/23 maxlen: 23
192.196.72.0/23 maxlen: 23
192.196.90.0/23 maxlen: 23
192.196.92.0/23 maxlen: 23
192.196.98.0/23 maxlen: 23
192.196.114.0/23 maxlen: 23
192.196.118.0/23 maxlen: 23
192.196.120.0/22 maxlen: 22
192.196.124.0/23 maxlen: 23
192.196.140.0/22 maxlen: 22
192.196.140.0/24 maxlen: 24
192.196.148.0/23 maxlen: 23
2a00:7e40::/36 maxlen: 36
2a00:7e40:7000::/64 maxlen: 64
2a00:7e40:9ac1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/04e22e-e555-4ece-85cf-ce59522ef66f/1/S3DLCl46TlMIm1HemjcKXyM4dMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/04e22e-e555-4ece-85cf-ce59522ef66f/1/S3DLCl46TlMIm1HemjcKXyM4dMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/S3DLCl46TlMIm1HemjcKXyM4dMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:88:66:ed:ce:34:ba:b2:23:4b:ce:20:df:dc:26:1e:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b70cb0a5e3a4e53089b51de9a370a5f233874c6
Validity
Not Before: Apr 13 19:52:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ecbde369b2555c278c61d82e240939e8e9ce7f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:70:ed:a8:12:bb:e7:71:4d:0f:6c:2f:d5:f0:
33:2b:5e:45:6d:fd:19:a3:5e:87:1a:ed:5d:42:0d:
bb:f3:5d:66:9c:aa:ce:4d:9e:fc:ce:c8:11:f0:7b:
14:5e:38:5a:68:91:9a:14:93:4c:96:68:a2:f2:09:
db:c9:92:b2:75:cc:d6:09:dc:8d:15:a5:3b:2b:a0:
b1:68:67:10:0f:62:90:d2:6a:2a:d8:a9:43:28:b7:
f5:8a:c9:ed:bf:6f:be:d1:9e:66:74:d2:db:40:26:
e1:6e:fe:9b:39:d6:52:08:77:25:2b:3e:1a:5d:a0:
c0:55:79:22:dd:29:2b:be:3a:30:d6:af:17:32:62:
3d:fa:73:33:fa:70:5d:f7:35:bf:b0:9f:cd:82:d6:
84:8e:c3:b2:f8:75:b7:c9:2a:0f:e5:2e:42:5a:63:
33:69:25:a4:dc:f5:7c:03:37:4b:38:3e:2b:42:b3:
fc:11:b5:b9:b1:f2:25:bc:61:3a:7f:71:1a:ae:2b:
55:57:05:c2:34:de:74:6e:d0:3e:bf:42:92:59:75:
a5:45:41:b7:be:f8:dd:0b:35:57:47:58:f4:51:27:
dc:9b:b8:21:ab:aa:72:55:ec:a5:f9:4d:ed:d8:72:
ff:e1:68:07:7a:01:ca:c4:be:bf:00:b9:ee:d3:21:
e2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:BD:E3:69:B2:55:5C:27:8C:61:D8:2E:24:09:39:E8:E9:CE:7F:4B
X509v3 Authority Key Identifier:
keyid:4B:70:CB:0A:5E:3A:4E:53:08:9B:51:DE:9A:37:0A:5F:23:38:74:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3DLCl46TlMIm1HemjcKXyM4dMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/04e22e-e555-4ece-85cf-ce59522ef66f/1/7L3jabJVXCeMYdguJAk56OnOf0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/04e22e-e555-4ece-85cf-ce59522ef66f/1/S3DLCl46TlMIm1HemjcKXyM4dMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.62.72.0-163.62.83.255
163.62.92.0-163.62.103.255
163.62.112.0-163.62.116.255
163.62.118.0-163.62.129.255
163.62.132.0/22
163.62.240.0/20
163.114.20.0/22
163.116.0.0-163.116.11.255
192.54.192.0/23
192.196.12.0/23
192.196.36.0-192.196.43.255
192.196.70.0-192.196.73.255
192.196.90.0-192.196.93.255
192.196.98.0/23
192.196.114.0/23
192.196.118.0-192.196.125.255
192.196.140.0/22
192.196.148.0/23
IPv6:
2a00:7e40::/36
2a00:7e40:7000::/64
2a00:7e40:9ac1::/48
Signature Algorithm: sha256WithRSAEncryption
75:14:56:c3:67:86:b1:bd:17:55:5f:f4:c5:c6:2e:64:04:75:
e2:25:93:fc:ea:72:61:f8:1d:11:90:0d:bb:38:30:98:4f:c9:
21:de:b3:fb:96:1b:82:cb:6b:35:3a:0c:1b:25:db:4f:f1:71:
d4:54:2c:8c:b5:90:5a:3c:dd:44:2a:a4:f1:e8:3f:93:f6:96:
f2:9a:9e:01:d3:54:9d:cf:ab:61:f7:ac:9e:72:04:a9:ab:9f:
1e:d6:3b:75:10:7f:d0:ba:88:78:7f:f1:5c:dc:28:bb:01:83:
54:c3:2d:26:32:88:58:5d:0a:06:69:2d:a7:f6:dd:4c:a4:62:
8b:7a:30:71:c3:68:3e:58:51:3a:b8:4d:c3:83:54:a5:cb:8a:
71:c8:31:4f:06:4f:02:98:33:c3:d0:a1:9e:f7:6b:9d:42:5a:
2f:64:0b:d5:9f:64:e0:b4:04:c5:c0:fa:30:76:3f:ff:64:27:
81:f8:2a:b5:79:13:98:5a:4a:c4:63:8e:d4:60:86:a5:13:3f:
44:3b:c8:e0:6f:b0:f4:2a:b7:64:03:58:36:1f:6c:57:2b:3a:
20:db:b0:9a:8c:ae:a6:3f:c8:66:1f:d2:c2:84:0e:55:33:b4:
40:fd:21:76:83:d2:a0:3b:49:e7:85:a5:54:b3:28:01:35:26:
89:91:0f:db
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAZ2IZu3ONLqyI0vOIN/cJh6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzBjYjBhNWUzYTRlNTMwODliNTFkZTlhMzcwYTVmMjMz
ODc0YzYwHhcNMjYwNDEzMTk1MjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2JkZTM2OWIyNTU1YzI3OGM2MWQ4MmUyNDA5MzllOGU5Y2U3ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXDtqBK753FND2wv1fAzK15Fbf0Z
o16HGu1dQg27811mnKrOTZ78zsgR8HsUXjhaaJGaFJNMlmii8gnbyZKydczWCdyN
FaU7K6CxaGcQD2KQ0moq2KlDKLf1isntv2++0Z5mdNLbQCbhbv6bOdZSCHclKz4a
XaDAVXki3Skrvjow1q8XMmI9+nMz+nBd9zW/sJ/NgtaEjsOy+HW3ySoP5S5CWmMz
aSWk3PV8AzdLOD4rQrP8EbW5sfIlvGE6f3EaritVVwXCNN50btA+v0KSWXWlRUG3
vvjdCzVXR1j0USfcm7ghq6pyVeyl+U3t2HL/4WgHegHKxL6/ALnu0yHiqQIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFOy942myVVwnjGHYLiQJOejpzn9LMB8GA1UdIwQY
MBaAFEtwywpeOk5TCJtR3po3Cl8jOHTGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNETENsNDZUbE1JbTFIZW1qY0tYeU00ZE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8wNGUyMmUtZTU1NS00ZWNlLTg1Y2Yt
Y2U1OTUyMmVmNjZmLzEvN0wzamFiSlZYQ2VNWWRndUpBazU2T25PZjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8wNGUyMmUtZTU1NS00ZWNlLTg1Y2YtY2U1OTUyMmVmNjZm
LzEvUzNETENsNDZUbE1JbTFIZW1qY0tYeU00ZE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH0BggrBgEFBQcBBwEB/wSB5DCB4TCBugQCAAEwgbMwDAME
A6M+SAMEAqM+UDAMAwQCoz5cAwQDoz5gMAwDBASjPnADBACjPnQwDAMEAaM+dgME
AaM+gAMEAqM+hAMEBKM+8AMEAqNyFDALAwMCo3QDBAKjdAgDBAHANsADBAHAxAww
DAMEAsDEJAMEAsDEKDAMAwQBwMRGAwQBwMRIMAwDBAHAxFoDBAHAxFwDBAHAxGID
BAHAxHIwDAMEAcDEdgMEAcDEfAMEAsDEjAMEAcDElDAiBAIAAjAcAwYEKgB+QAAD
CQAqAH5AcAAAAAMHACoAfkCawTANBgkqhkiG9w0BAQsFAAOCAQEAdRRWw2eGsb0X
VV/0xcYuZAR14iWT/OpyYfgdEZANuzgwmE/JId6z+5YbgstrNToMGyXbT/Fx1FQs
jLWQWjzdRCqk8eg/k/aW8pqeAdNUnc+rYfesnnIEqaufHtY7dRB/0LqIeH/xXNwo
uwGDVMMtJjKIWF0KBmktp/bdTKRii3owccNoPlhROrhNw4NUpcuKccgxTwZPApgz
w9ChnvdrnUJaL2QL1Z9k4LQExcD6MHY//2QngfgqtXkTmFpKxGOO1GCGpRM/RDvI
4G+w9Cq3ZANYNh9sVys6INuwmoyupj/IZh/SwoQOVTO0QP0hdoPSoDtJ54WlVLMo
ATUmiZEP2w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:48:46 2026 by rpki-client