Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/xUsfdtgD1j1T7j6n66HdbJOfPDs.roa
File: xUsfdtgD1j1T7j6n66HdbJOfPDs.roa (raw, json)
Hash identifier: U4IhStPfUvQ+RWTW7WTK40Ox8axplO5trMxYdWn3hz4=
Subject key identifier: C5:4B:1F:76:D8:03:D6:3D:53:EE:3E:A7:EB:A1:DD:6C:93:9F:3C:3B
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 019C484871F9221F390A270CC2A515175091
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/xUsfdtgD1j1T7j6n66HdbJOfPDs.roa
Signing time: Tue 10 Feb 2026 16:00:33 +0000
ROA not before: Tue 10 Feb 2026 16:00:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50929
IP address blocks: 93.125.29.0/24 maxlen: 24
178.172.191.0/24 maxlen: 24
178.172.222.0/24 maxlen: 24
178.172.223.0/24 maxlen: 24
217.21.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:48:48:71:f9:22:1f:39:0a:27:0c:c2:a5:15:17:50:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Feb 10 16:00:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c54b1f76d803d63d53ee3ea7eba1dd6c939f3c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5d:f1:ee:6c:bf:9a:a5:d7:0c:b3:69:1c:68:
cc:86:44:a8:55:2e:91:3e:8a:97:6c:41:08:9d:5c:
b0:0a:66:fc:8e:21:eb:72:1c:61:eb:5b:28:d5:9b:
94:0d:6a:94:1a:3a:4d:4c:67:19:a9:3d:1d:f6:ea:
fd:25:b9:5f:01:58:42:bf:01:88:33:66:05:d8:36:
fb:f7:98:b3:d4:cb:c9:dc:2b:f2:d4:41:e4:9e:6b:
9a:dc:e4:ae:d3:53:f1:97:e2:9c:cf:10:e5:e2:78:
07:df:68:0b:84:e4:f5:cc:90:85:ae:84:5f:41:a2:
c6:ad:b4:21:4f:36:2c:18:c3:da:1d:32:16:5c:c6:
ab:42:8d:8b:fa:cd:da:cd:f7:57:ef:26:e0:2c:5c:
0f:63:56:09:1e:52:61:c7:a4:0b:89:b4:62:b9:44:
28:ec:95:e3:5c:b5:e9:95:d5:ad:3b:89:88:2c:c7:
21:7e:e2:01:32:cc:cb:48:c8:94:1c:1c:cc:91:15:
73:ad:61:00:e1:d2:ae:ef:e1:b0:d0:85:27:99:b3:
d9:63:c0:71:6a:4b:07:e0:f7:aa:0b:2e:6e:3e:c7:
1e:43:09:f9:77:52:f3:5e:a3:0e:85:cc:64:d8:48:
54:23:3d:d6:e6:1d:cd:0f:9e:5c:e6:5f:04:5e:56:
96:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4B:1F:76:D8:03:D6:3D:53:EE:3E:A7:EB:A1:DD:6C:93:9F:3C:3B
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/xUsfdtgD1j1T7j6n66HdbJOfPDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.125.29.0/24
178.172.191.0/24
178.172.222.0/23
217.21.37.0/24
Signature Algorithm: sha256WithRSAEncryption
41:dc:57:1e:e7:3f:0e:73:83:2b:67:54:1e:29:39:53:8a:e8:
91:d9:6e:50:54:a1:fe:cb:ba:c4:11:d2:04:49:c5:3c:17:c0:
59:1c:48:e5:30:a2:da:c0:6c:59:78:44:23:6c:e5:9f:95:84:
e2:d2:b9:80:3a:ae:32:70:af:c6:a0:44:d7:dd:2b:90:21:68:
03:69:f2:1e:2e:f5:de:53:69:30:47:e5:98:cd:8f:f1:69:58:
c8:e1:25:ff:68:68:47:5c:67:8e:07:5b:05:e4:74:42:8f:0c:
30:b2:29:41:13:36:b6:0d:41:24:3f:6d:ed:2b:66:d6:7e:c3:
1a:dc:28:00:2d:e0:ae:d7:f1:41:88:c6:c6:fd:e5:cf:bd:51:
52:c4:39:4a:e6:99:0a:af:79:91:57:ac:cb:3b:4b:50:63:63:
6f:96:57:8c:eb:41:cd:39:ce:22:c8:56:0d:52:73:45:30:74:
c4:2e:11:69:68:d5:d1:c3:46:49:d0:1d:bd:8b:42:5f:6d:c8:
56:4a:e7:55:dd:2b:eb:90:9b:79:a7:b2:32:e2:28:27:92:85:
1c:4e:a5:a7:91:68:d8:1c:a9:45:f3:2d:6e:3d:f8:82:3a:0a:
20:9e:15:ad:28:98:91:06:14:78:39:13:14:00:21:2f:ff:e4:
c1:c5:eb:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZxISHH5Ih85CicMwqUVF1CRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjYwMjEwMTYwMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRiMWY3NmQ4MDNkNjNkNTNlZTNlYTdlYmExZGQ2YzkzOWYzYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF3x7my/mqXXDLNpHGjMhkSoVS6R
PoqXbEEInVywCmb8jiHrchxh61so1ZuUDWqUGjpNTGcZqT0d9ur9JblfAVhCvwGI
M2YF2Db795iz1MvJ3Cvy1EHknmua3OSu01Pxl+KczxDl4ngH32gLhOT1zJCFroRf
QaLGrbQhTzYsGMPaHTIWXMarQo2L+s3azfdX7ybgLFwPY1YJHlJhx6QLibRiuUQo
7JXjXLXpldWtO4mILMchfuIBMszLSMiUHBzMkRVzrWEA4dKu7+Gw0IUnmbPZY8Bx
aksH4PeqCy5uPsceQwn5d1LzXqMOhcxk2EhUIz3W5h3ND55c5l8EXlaW+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMVLH3bYA9Y9U+4+p+uh3WyTnzw7MB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEveFVzZmR0Z0QxajFUN2o2bjY2SGRiSk9mUERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXX0dAwQA
sqy/AwQBsqzeAwQA2RUlMA0GCSqGSIb3DQEBCwUAA4IBAQBB3Fce5z8Oc4MrZ1Qe
KTlTiuiR2W5QVKH+y7rEEdIEScU8F8BZHEjlMKLawGxZeEQjbOWflYTi0rmAOq4y
cK/GoETX3SuQIWgDafIeLvXeU2kwR+WYzY/xaVjI4SX/aGhHXGeOB1sF5HRCjwww
silBEza2DUEkP23tK2bWfsMa3CgALeCu1/FBiMbG/eXPvVFSxDlK5pkKr3mRV6zL
O0tQY2NvlleM60HNOc4iyFYNUnNFMHTELhFpaNXRw0ZJ0B29i0JfbchWSudV3Svr
kJt5p7Iy4ignkoUcTqWnkWjYHKlF8y1uPfiCOgognhWtKJiRBhR4ORMUACEv/+TB
xesb
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:38:36 2026 by rpki-client