Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/PN7atO__-ZMvXqwV_bFdzw1zt5o.roa
File: PN7atO__-ZMvXqwV_bFdzw1zt5o.roa (raw, json)
Hash identifier: QLDHbXan4aRAzvTnnr4j80FyWIGsS7o1j3Y9hdyDE4Y=
Subject key identifier: 3C:DE:DA:B4:EF:FF:F9:93:2F:5E:AC:15:FD:B1:5D:CF:0D:73:B7:9A
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 019D93854F04F08D5521C2B61AFCA4F38928
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/PN7atO__-ZMvXqwV_bFdzw1zt5o.roa
Signing time: Wed 15 Apr 2026 23:41:20 +0000
ROA not before: Wed 15 Apr 2026 23:41:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35661
IP address blocks: 45.157.116.0/22 maxlen: 24
185.10.16.0/22 maxlen: 24
185.154.152.0/22 maxlen: 24
188.214.24.0/24 maxlen: 24
194.147.97.0/24 maxlen: 24
194.147.105.0/24 maxlen: 24
194.147.109.0/24 maxlen: 24
2a03:5840::/32 maxlen: 32
2a07:8dc0::/29 maxlen: 32
2a0d:e680::/29 maxlen: 48
2a0d:e680:30::/48 maxlen: 48
2a0d:e680:40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:93:85:4f:04:f0:8d:55:21:c2:b6:1a:fc:a4:f3:89:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Apr 15 23:41:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3cdedab4effff9932f5eac15fdb15dcf0d73b79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9e:c6:8e:53:70:f1:d9:a7:32:f7:4c:f5:5d:
21:d9:df:48:40:ef:72:31:d3:b0:2e:70:ea:fc:4d:
c5:fb:c6:33:a3:33:71:66:5b:c1:65:8d:08:8f:12:
3e:6b:ec:e9:99:a9:10:26:c2:00:f6:fa:fd:c2:e1:
1c:2d:3a:ff:1f:dd:16:f3:b8:ef:6c:f1:e9:60:40:
1f:41:a2:3f:71:13:c8:eb:05:5a:1e:87:41:6c:0f:
e9:71:3d:ce:ff:02:61:35:88:5b:b5:ef:06:2f:bc:
2a:28:eb:5f:3f:db:63:b2:d7:5b:a8:af:9c:35:35:
e7:0f:e0:a0:87:63:37:ec:e1:b6:9a:32:01:1d:40:
d7:c0:3b:77:23:16:8f:b6:fa:56:32:43:3b:53:c0:
e9:b6:fe:75:ca:8b:64:ab:d3:6d:f7:fe:34:d5:65:
06:a1:7f:5a:d0:8b:09:a0:97:c1:ec:00:7a:58:4a:
c9:1d:63:2e:dc:69:af:b8:4f:e7:56:25:e8:77:f4:
c1:ac:e1:81:e9:14:60:d6:b5:d6:39:c3:c4:d3:75:
66:f8:8f:b8:e8:cc:83:7b:14:f4:43:3e:e4:42:33:
82:05:b0:cb:25:8b:56:5f:71:db:2b:98:dc:8f:65:
c1:e6:05:28:7c:f5:d2:c8:52:32:19:27:6f:32:7d:
e4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DE:DA:B4:EF:FF:F9:93:2F:5E:AC:15:FD:B1:5D:CF:0D:73:B7:9A
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/PN7atO__-ZMvXqwV_bFdzw1zt5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.116.0/22
185.10.16.0/22
185.154.152.0/22
188.214.24.0/24
194.147.97.0/24
194.147.105.0/24
194.147.109.0/24
IPv6:
2a03:5840::/32
2a07:8dc0::/29
2a0d:e680::/29
Signature Algorithm: sha256WithRSAEncryption
97:ae:9a:2b:82:00:57:22:32:8e:25:dc:53:0e:81:d5:9f:8c:
4a:87:e0:73:3d:92:d5:3f:cc:1b:d9:24:5c:e2:6b:ec:4b:a6:
8e:5e:99:85:a6:00:8f:3d:97:de:94:2d:56:2d:19:b5:b3:ff:
3a:fb:de:be:06:23:3e:49:4a:f8:54:c6:d2:ac:26:45:66:68:
8a:5a:6c:9a:0e:3b:43:75:61:6f:c7:a6:52:1c:85:56:c3:45:
00:62:39:30:00:5b:23:56:10:e3:28:11:1f:ae:57:ab:3a:fa:
b8:56:13:d8:bb:9e:53:6d:bf:12:92:a4:d9:4f:ec:6d:8a:9d:
4f:42:c6:ef:84:85:e5:2c:7a:0a:12:4e:69:cb:e5:92:bd:24:
a8:b5:5c:29:33:d2:66:ad:03:a2:20:8d:3b:f0:12:88:0c:61:
60:b4:20:7a:17:35:e0:3f:34:ff:2a:01:03:7f:fe:28:c3:9f:
9e:5b:af:d2:60:3d:58:83:43:3d:97:f6:cf:f8:44:49:84:07:
69:aa:09:2f:76:7f:d3:a7:3a:82:26:4d:ac:d6:48:a0:42:4c:
4c:c6:eb:d9:f3:92:ec:7b:87:7d:db:51:7f:a5:37:26:03:68:
32:70:c9:3e:b7:ba:b8:c7:31:e7:3e:fb:b5:05:70:5f:d4:d7:
8c:9c:53:89
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZ2ThU8E8I1VIcK2Gvyk84koMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjYwNDE1MjM0MTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RlZGFiNGVmZmZmOTkzMmY1ZWFjMTVmZGIxNWRjZjBkNzNiNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt57GjlNw8dmnMvdM9V0h2d9IQO9y
MdOwLnDq/E3F+8YzozNxZlvBZY0IjxI+a+zpmakQJsIA9vr9wuEcLTr/H90W87jv
bPHpYEAfQaI/cRPI6wVaHodBbA/pcT3O/wJhNYhbte8GL7wqKOtfP9tjstdbqK+c
NTXnD+Cgh2M37OG2mjIBHUDXwDt3IxaPtvpWMkM7U8Dptv51yotkq9Nt9/401WUG
oX9a0IsJoJfB7AB6WErJHWMu3GmvuE/nViXod/TBrOGB6RRg1rXWOcPE03Vm+I+4
6MyDexT0Qz7kQjOCBbDLJYtWX3HbK5jcj2XB5gUofPXSyFIyGSdvMn3kBQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDze2rTv//mTL16sFf2xXc8Nc7eaMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvUE43YXRPX18tWk12WHF3Vl9iRmR6dzF6dDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQCLZ10AwQC
uQoQAwQCuZqYAwQAvNYYAwQAwpNhAwQAwpNpAwQAwpNtMBsEAgACMBUDBQAqA1hA
AwUDKgeNwAMFAyoN5oAwDQYJKoZIhvcNAQELBQADggEBAJeumiuCAFciMo4l3FMO
gdWfjEqH4HM9ktU/zBvZJFzia+xLpo5emYWmAI89l96ULVYtGbWz/zr73r4GIz5J
SvhUxtKsJkVmaIpabJoOO0N1YW/HplIchVbDRQBiOTAAWyNWEOMoER+uV6s6+rhW
E9i7nlNtvxKSpNlP7G2KnU9Cxu+EheUsegoSTmnL5ZK9JKi1XCkz0matA6IgjTvw
EogMYWC0IHoXNeA/NP8qAQN//ijDn55br9JgPViDQz2X9s/4REmEB2mqCS92f9On
OoImTazWSKBCTEzG69nzkux7h33bUX+lNyYDaDJwyT63urjHMec++7UFcF/U14yc
U4k=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:13:25 2026 by rpki-client