Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/7I7TlcgX7xcN8HaJ0hTNEavDLpM.roa
File: 7I7TlcgX7xcN8HaJ0hTNEavDLpM.roa (raw, json)
Hash identifier: dC40Bx0/X1a2T3sASwcPlM6oNlnL7MOSDhJdCPRN3aw=
Subject key identifier: EC:8E:D3:95:C8:17:EF:17:0D:F0:76:89:D2:14:CD:11:AB:C3:2E:93
Certificate issuer: /CN=580dddb511603e41c2b7abba3d249d5ef5ed4d11
Certificate serial: 019A269754ADBC0F95DCDFA67B09288F2428
Authority key identifier: 58:0D:DD:B5:11:60:3E:41:C2:B7:AB:BA:3D:24:9D:5E:F5:ED:4D:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/7I7TlcgX7xcN8HaJ0hTNEavDLpM.roa
Signing time: Mon 27 Oct 2025 16:54:02 +0000
ROA not before: Mon 27 Oct 2025 16:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201119
IP address blocks: 185.195.144.0/24 maxlen: 24
185.195.145.0/24 maxlen: 24
185.195.146.0/24 maxlen: 24
185.195.147.0/24 maxlen: 24
2a0a:5bc0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/WA3dtRFgPkHCt6u6PSSdXvXtTRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/WA3dtRFgPkHCt6u6PSSdXvXtTRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:26:97:54:ad:bc:0f:95:dc:df:a6:7b:09:28:8f:24:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=580dddb511603e41c2b7abba3d249d5ef5ed4d11
Validity
Not Before: Oct 27 16:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec8ed395c817ef170df07689d214cd11abc32e93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e2:55:9a:0c:7c:d6:94:d6:a9:12:b0:8a:2d:
e7:b5:63:95:98:2a:ed:d0:72:d7:7f:e5:b6:2d:a7:
1d:52:6a:5d:94:41:5f:0d:0e:01:af:30:85:27:13:
5d:c4:f5:f4:a5:c5:b2:44:0c:91:0c:da:0d:12:14:
ab:de:06:1b:16:f8:cb:d4:c8:df:62:92:d2:00:d2:
9f:51:7f:22:88:e9:42:e1:e9:04:0c:59:13:68:1e:
cc:77:d7:39:c7:36:24:de:65:b8:67:f2:86:fa:f0:
8e:37:58:c5:c8:d2:95:05:7b:b0:66:3a:25:04:3a:
85:95:fa:c0:3e:23:38:7a:45:ea:67:91:3d:b0:3b:
a2:4f:62:e0:26:f0:17:91:66:0e:94:05:ea:10:d8:
14:57:76:3c:c8:b9:d2:df:39:1c:f3:d9:b7:b5:14:
3a:73:e0:53:20:a4:50:21:95:12:ff:6f:4d:b3:bf:
c6:e8:4a:5e:4b:b7:25:69:f9:81:e2:d7:5e:56:da:
17:50:3b:fe:fa:da:5f:75:4d:7c:ac:00:93:93:d3:
d6:df:1c:ea:3b:c9:1a:fa:94:0b:eb:5e:13:6f:d5:
45:2c:61:74:18:39:90:e6:73:7b:62:a1:d8:93:b8:
03:c0:c0:e6:22:da:7d:f5:ef:09:4e:a5:8e:66:e5:
1e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8E:D3:95:C8:17:EF:17:0D:F0:76:89:D2:14:CD:11:AB:C3:2E:93
X509v3 Authority Key Identifier:
keyid:58:0D:DD:B5:11:60:3E:41:C2:B7:AB:BA:3D:24:9D:5E:F5:ED:4D:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/7I7TlcgX7xcN8HaJ0hTNEavDLpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/WA3dtRFgPkHCt6u6PSSdXvXtTRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.144.0/22
IPv6:
2a0a:5bc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
58:6d:46:45:15:84:28:d0:da:8b:9f:28:29:bd:de:77:0b:86:
76:51:8a:d6:86:0c:a7:02:2d:9e:88:c5:92:62:57:aa:f9:e2:
85:36:96:3f:b5:a8:cb:2a:aa:ac:f8:6d:ec:af:91:35:0d:e3:
7a:23:96:1f:eb:16:f6:07:72:71:de:bf:3d:d8:e8:ba:0e:a8:
bb:3e:68:fc:8d:f3:97:5d:67:40:f2:bc:28:ab:e7:a6:9e:6e:
6c:ec:9d:c6:9c:c1:85:42:3a:72:1b:8f:aa:ff:af:e2:f8:c4:
ce:12:e4:36:95:37:a3:15:c3:7f:b3:a5:8e:80:2a:e8:ad:6f:
db:2b:95:f2:d8:7b:6d:4e:64:d4:b6:3c:d8:2b:37:c8:b4:f4:
39:08:c4:82:59:00:fe:7f:5e:5f:aa:46:a9:6e:c4:d8:72:fd:
37:8e:dc:e2:8d:c9:94:e3:79:cf:76:31:4a:8a:70:c9:be:d3:
64:e1:e5:e2:85:a2:70:1b:50:2e:c9:16:ae:3f:3f:21:bd:5b:
e4:17:23:4f:d6:33:2f:13:0e:64:3c:35:64:a2:b3:d1:84:d2:
99:74:ac:f2:99:65:b9:b6:06:12:98:70:07:9e:be:2a:c7:4a:
f9:51:bc:43:9e:19:dd:15:5e:fd:b4:1e:0f:db:a6:e6:51:da:
8a:25:ea:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZoml1StvA+V3N+mewkojyQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MGRkZGI1MTE2MDNlNDFjMmI3YWJiYTNkMjQ5ZDVlZjVl
ZDRkMTEwHhcNMjUxMDI3MTY1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzhlZDM5NWM4MTdlZjE3MGRmMDc2ODlkMjE0Y2QxMWFiYzMyZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOJVmgx81pTWqRKwii3ntWOVmCrt
0HLXf+W2LacdUmpdlEFfDQ4BrzCFJxNdxPX0pcWyRAyRDNoNEhSr3gYbFvjL1Mjf
YpLSANKfUX8iiOlC4ekEDFkTaB7Md9c5xzYk3mW4Z/KG+vCON1jFyNKVBXuwZjol
BDqFlfrAPiM4ekXqZ5E9sDuiT2LgJvAXkWYOlAXqENgUV3Y8yLnS3zkc89m3tRQ6
c+BTIKRQIZUS/29Ns7/G6EpeS7clafmB4tdeVtoXUDv++tpfdU18rACTk9PW3xzq
O8ka+pQL614Tb9VFLGF0GDmQ5nN7YqHYk7gDwMDmItp99e8JTqWOZuUeGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOyO05XIF+8XDfB2idIUzRGrwy6TMB8GA1UdIwQY
MBaAFFgN3bURYD5Bwreruj0knV717U0RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0EzZHRSRmdQa0hDdDZ1NlBTU2RYdlh0VFJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9mYzk2YTQtMzZkMS00YzNkLTg1MGIt
M2NkNDE3YWVlOWNlLzEvN0k3VGxjZ1g3eGNOOEhhSjBoVE5FYXZETHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9mYzk2YTQtMzZkMS00YzNkLTg1MGItM2NkNDE3YWVlOWNl
LzEvV0EzZHRSRmdQa0hDdDZ1NlBTU2RYdlh0VFJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCucOQMA8E
AgACMAkDBwAqClvAAAEwDQYJKoZIhvcNAQELBQADggEBAFhtRkUVhCjQ2oufKCm9
3ncLhnZRitaGDKcCLZ6IxZJiV6r54oU2lj+1qMsqqqz4beyvkTUN43ojlh/rFvYH
cnHevz3Y6LoOqLs+aPyN85ddZ0DyvCir56aebmzsncacwYVCOnIbj6r/r+L4xM4S
5DaVN6MVw3+zpY6AKuitb9srlfLYe21OZNS2PNgrN8i09DkIxIJZAP5/Xl+qRqlu
xNhy/TeO3OKNyZTjec92MUqKcMm+02Th5eKFonAbUC7JFq4/PyG9W+QXI0/WMy8T
DmQ8NWSis9GE0pl0rPKZZbm2BhKYcAeevirHSvlRvEOeGd0VXv20Hg/bpuZR2ool
6qs=
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:36:58 2025 by rpki-client