Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/oQ_KE9PwO8rtARvYNMIq29bG_kw.roa
File: oQ_KE9PwO8rtARvYNMIq29bG_kw.roa (raw, json)
Hash identifier: fD+hSNE7/TxZ3JitmRrU2Ab6kP20foK2b96iquwU1Z8=
Subject key identifier: A1:0F:CA:13:D3:F0:3B:CA:ED:01:1B:D8:34:C2:2A:DB:D6:C6:FE:4C
Certificate issuer: /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial: 019C9F803B08143290D2F4ADA22B50F1A3D7
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/oQ_KE9PwO8rtARvYNMIq29bG_kw.roa
Signing time: Fri 27 Feb 2026 14:28:26 +0000
ROA not before: Fri 27 Feb 2026 14:28:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48467
IP address blocks: 94.228.160.0/24 maxlen: 24
94.228.167.0/24 maxlen: 24
94.228.171.0/24 maxlen: 24
94.228.172.0/22 maxlen: 22
94.228.172.0/24 maxlen: 24
178.236.241.0/24 maxlen: 24
178.236.242.0/24 maxlen: 24
178.236.248.0/22 maxlen: 22
178.236.255.0/24 maxlen: 24
185.46.44.0/22 maxlen: 22
185.46.44.0/23 maxlen: 23
185.46.44.0/24 maxlen: 24
185.46.45.0/24 maxlen: 24
185.46.46.0/23 maxlen: 23
185.46.46.0/24 maxlen: 24
185.46.47.0/24 maxlen: 24
2a02:2070::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:80:3b:08:14:32:90:d2:f4:ad:a2:2b:50:f1:a3:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Validity
Not Before: Feb 27 14:28:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a10fca13d3f03bcaed011bd834c22adbd6c6fe4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c2:34:cd:98:e4:54:41:6a:33:09:62:8e:b9:
66:69:7e:12:08:f2:ab:5b:8c:70:6c:3f:13:8f:62:
fb:12:84:d3:b0:10:97:c0:29:79:46:8d:35:80:d5:
13:11:ec:20:97:df:46:1f:03:80:8a:16:0e:4c:81:
ef:60:55:9a:b2:36:25:2c:11:ce:0f:29:04:da:4e:
66:55:f0:72:1e:3b:c0:32:e4:e4:53:d9:bc:32:9f:
37:14:06:dd:25:7f:fe:40:e2:22:c3:4e:61:bc:a4:
d3:d2:01:83:71:d8:be:4c:38:68:9c:7e:1c:23:09:
4b:ec:55:be:35:73:e2:15:e8:eb:37:59:1e:e7:6c:
00:c5:a6:c6:23:92:25:06:00:02:6f:8e:6c:de:0f:
2e:96:46:94:76:b6:09:45:57:fa:72:0f:37:8c:28:
5a:dc:98:40:f2:ad:32:c8:32:9f:5f:a4:be:20:40:
b3:5a:6b:4f:40:3c:d2:44:39:5f:35:f0:e6:7a:d6:
b9:6a:e6:22:98:bf:03:a8:0e:94:4e:54:96:ef:68:
f6:7a:fa:e0:1a:61:a6:03:9c:8b:6f:b0:ef:b8:fb:
e9:db:bf:05:8d:75:c2:a8:bf:a8:5d:90:ac:36:54:
88:85:97:f8:f8:b3:b2:a5:4d:b2:6a:6f:78:27:fe:
85:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:0F:CA:13:D3:F0:3B:CA:ED:01:1B:D8:34:C2:2A:DB:D6:C6:FE:4C
X509v3 Authority Key Identifier:
keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/oQ_KE9PwO8rtARvYNMIq29bG_kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.160.0/24
94.228.167.0/24
94.228.171.0-94.228.175.255
178.236.241.0-178.236.242.255
178.236.248.0/22
178.236.255.0/24
185.46.44.0/22
IPv6:
2a02:2070::/32
Signature Algorithm: sha256WithRSAEncryption
7a:74:5c:ad:23:96:f2:c2:5e:6d:ba:3f:0e:f1:a7:f5:dc:67:
83:85:d9:05:fa:71:ca:ae:3d:59:b6:57:e6:62:e2:75:9c:ff:
d5:d8:1f:88:b4:33:55:94:a4:0c:8a:4a:de:db:c0:c0:4d:a6:
0b:cc:0e:b5:04:af:af:0f:28:24:6c:79:01:25:2d:91:3b:32:
6e:66:7e:06:3f:44:c8:c0:d5:5f:31:d1:ff:3e:e4:71:8f:24:
62:5b:1c:d4:2e:7a:fc:50:78:98:d0:eb:d1:9f:fe:69:48:a5:
b1:bd:24:ed:de:12:3d:3b:c3:a0:63:c0:d8:7c:ff:f3:45:04:
03:37:71:98:8d:9f:cb:eb:d6:26:76:65:66:e6:20:28:9c:66:
48:50:94:14:1a:b0:bf:88:8d:6a:63:a5:94:2c:67:8b:05:c0:
6f:d4:5b:67:8d:d0:a8:dc:20:ae:e5:61:dc:a6:4b:78:a6:36:
7e:61:59:45:a1:54:c4:1e:0e:e4:c8:5a:45:45:36:fa:0b:62:
f2:da:6d:e8:74:81:25:e7:33:24:c1:5f:91:d8:50:66:89:d2:
38:9a:35:c5:5a:c1:36:76:a8:6d:83:4e:b5:1d:d3:7d:43:cb:
a2:9b:2a:48:49:f0:d1:e2:70:eb:28:c0:43:ef:1b:8d:21:4f:
fe:1f:c7:16
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZyfgDsIFDKQ0vStoitQ8aPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjYwMjI3MTQyODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTBmY2ExM2QzZjAzYmNhZWQwMTFiZDgzNGMyMmFkYmQ2YzZmZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcI0zZjkVEFqMwlijrlmaX4SCPKr
W4xwbD8Tj2L7EoTTsBCXwCl5Ro01gNUTEewgl99GHwOAihYOTIHvYFWasjYlLBHO
DykE2k5mVfByHjvAMuTkU9m8Mp83FAbdJX/+QOIiw05hvKTT0gGDcdi+TDhonH4c
IwlL7FW+NXPiFejrN1ke52wAxabGI5IlBgACb45s3g8ulkaUdrYJRVf6cg83jCha
3JhA8q0yyDKfX6S+IECzWmtPQDzSRDlfNfDmeta5auYimL8DqA6UTlSW72j2evrg
GmGmA5yLb7DvuPvp278FjXXCqL+oXZCsNlSIhZf4+LOypU2yam94J/6FFQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFKEPyhPT8DvK7QEb2DTCKtvWxv5MMB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvb1FfS0U5UHdPOHJ0QVJ2WU5NSXEyOWJHX2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6AwQAXuSgAwQA
XuSnMAwDBABe5KsDBARe5KAwDAMEALLs8QMEALLs8gMEArLs+AMEALLs/wMEArku
LDANBAIAAjAHAwUAKgIgcDANBgkqhkiG9w0BAQsFAAOCAQEAenRcrSOW8sJebbo/
DvGn9dxng4XZBfpxyq49WbZX5mLidZz/1dgfiLQzVZSkDIpK3tvAwE2mC8wOtQSv
rw8oJGx5ASUtkTsybmZ+Bj9EyMDVXzHR/z7kcY8kYlsc1C56/FB4mNDr0Z/+aUil
sb0k7d4SPTvDoGPA2Hz/80UEAzdxmI2fy+vWJnZlZuYgKJxmSFCUFBqwv4iNamOl
lCxniwXAb9RbZ43QqNwgruVh3KZLeKY2fmFZRaFUxB4O5MhaRUU2+gti8tpt6HSB
JeczJMFfkdhQZonSOJo1xVrBNnaobYNOtR3TfUPLopsqSEnw0eJw6yjAQ+8bjSFP
/h/HFg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:12:43 2026 by rpki-client