Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/VZ7z_66W0Gwq7Q2xgm7rf3lnyDU.roa
File: VZ7z_66W0Gwq7Q2xgm7rf3lnyDU.roa (raw, json)
Hash identifier: vCO6ni/+HVNjCk8QlfQGWTW7JVnnGg4EhL7+QoU1Ffc=
Subject key identifier: 55:9E:F3:FF:AE:96:D0:6C:2A:ED:0D:B1:82:6E:EB:7F:79:67:C8:35
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 019C2909B0F240B1972A201F7230FC81CB66
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/VZ7z_66W0Gwq7Q2xgm7rf3lnyDU.roa
Signing time: Wed 04 Feb 2026 14:23:46 +0000
ROA not before: Wed 04 Feb 2026 14:23:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207990
IP address blocks: 91.132.114.0/23 maxlen: 32
103.240.180.0/22 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
193.28.237.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.mft
rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:29:09:b0:f2:40:b1:97:2a:20:1f:72:30:fc:81:cb:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Feb 4 14:23:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=559ef3ffae96d06c2aed0db1826eeb7f7967c835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e7:ba:8b:85:6e:99:21:37:f4:36:cc:f0:89:
ce:ee:5a:2f:c9:a7:6a:c8:ac:68:52:49:ab:7f:11:
37:55:b5:ce:11:1b:f8:8b:c7:70:96:ea:b2:07:5b:
29:1a:1f:0e:9b:49:1e:5e:4c:19:a7:5e:56:de:a4:
0f:f4:d7:ef:bc:45:23:b2:7b:a2:62:6f:f1:25:f3:
4a:ba:2d:14:2c:90:0a:6a:97:6f:27:6b:dd:4a:e6:
16:81:85:02:58:08:34:53:bc:b9:a6:cb:bb:2b:8d:
e7:77:83:7f:7c:c5:97:f6:2b:89:41:23:b2:4d:3c:
5f:fd:c4:b1:a8:ee:52:dd:9d:1f:e4:ac:e3:44:82:
a7:c5:ea:f4:3f:87:27:8e:10:0e:3b:7e:08:d4:94:
1f:26:08:df:8a:bd:06:8d:8e:9b:c5:54:96:ee:61:
c3:66:23:55:0c:48:2b:7e:6d:fb:95:54:da:b7:af:
43:3b:05:3a:39:44:92:33:ed:03:7e:b8:9f:34:24:
01:10:61:c4:1b:62:87:96:ee:f8:0a:43:49:bf:cb:
b7:3a:d7:08:3f:d9:f9:61:b3:e7:4f:8e:c5:ce:6f:
0a:4e:70:18:1f:40:71:84:11:74:fe:42:53:07:e4:
74:1f:90:d6:bd:bc:a8:44:5f:a6:a3:98:9c:12:7e:
e2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9E:F3:FF:AE:96:D0:6C:2A:ED:0D:B1:82:6E:EB:7F:79:67:C8:35
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/VZ7z_66W0Gwq7Q2xgm7rf3lnyDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.114.0/23
103.240.180.0/22
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
45:d6:5f:11:a6:7d:22:01:91:ee:47:95:de:57:ae:1a:88:ac:
74:1d:ef:df:76:d1:73:3f:60:9f:e1:cc:23:56:fe:bd:cf:bb:
9f:37:e1:a6:22:aa:9f:69:8e:97:67:90:7a:2a:25:b1:fb:6a:
a3:21:12:99:a5:d6:07:79:37:52:bc:b9:7a:0f:bf:d7:c6:44:
2c:dd:81:52:ff:5a:51:5d:cf:7c:03:68:ec:3e:d8:49:48:f1:
b0:d3:4e:f5:0c:26:79:82:f2:d7:03:df:d4:21:b6:89:65:b7:
65:df:e2:66:b9:9d:77:9f:dc:90:c2:2d:c1:16:6e:e5:93:0e:
d7:e3:8a:95:99:56:d0:64:0e:50:77:41:69:9d:79:0d:2a:99:
14:9b:98:69:1f:02:d9:88:6d:ba:c9:a4:85:08:d9:80:c2:6a:
19:43:56:16:23:18:fa:90:57:95:f5:fa:4c:b3:86:4c:ca:f4:
81:86:5b:ba:35:92:8a:65:13:da:58:82:f0:85:7a:b6:44:a0:
64:a6:ad:ed:bf:1e:5e:9f:4b:a5:44:51:25:9d:90:8f:79:f0:
d6:5a:63:e8:fc:ca:86:92:15:d2:d7:3f:5a:19:21:59:ee:52:
27:a0:5a:6b:45:b4:35:35:04:6b:dd:93:8c:b0:3d:0f:ec:59:
ed:99:c4:46
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZwpCbDyQLGXKiAfcjD8gctmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjYwMjA0MTQyMzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTllZjNmZmFlOTZkMDZjMmFlZDBkYjE4MjZlZWI3Zjc5NjdjODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAree6i4VumSE39DbM8InO7lovyadq
yKxoUkmrfxE3VbXOERv4i8dwluqyB1spGh8Om0keXkwZp15W3qQP9NfvvEUjsnui
Ym/xJfNKui0ULJAKapdvJ2vdSuYWgYUCWAg0U7y5psu7K43nd4N/fMWX9iuJQSOy
TTxf/cSxqO5S3Z0f5KzjRIKnxer0P4cnjhAOO34I1JQfJgjfir0GjY6bxVSW7mHD
ZiNVDEgrfm37lVTat69DOwU6OUSSM+0DfrifNCQBEGHEG2KHlu74CkNJv8u3OtcI
P9n5YbPnT47Fzm8KTnAYH0BxhBF0/kJTB+R0H5DWvbyoRF+mo5icEn7ivQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFWe8/+ultBsKu0NsYJu6395Z8g1MB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvVlo3el82NlcwR3dxN1EyeGdtN3JmM2xueURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBW4RyAwQC
Z/C0AwQAwRy2AwQAwRy/AwQAwRzKAwQAwRztMA0GCSqGSIb3DQEBCwUAA4IBAQBF
1l8Rpn0iAZHuR5XeV64aiKx0He/fdtFzP2Cf4cwjVv69z7ufN+GmIqqfaY6XZ5B6
KiWx+2qjIRKZpdYHeTdSvLl6D7/XxkQs3YFS/1pRXc98A2jsPthJSPGw0071DCZ5
gvLXA9/UIbaJZbdl3+JmuZ13n9yQwi3BFm7lkw7X44qVmVbQZA5Qd0FpnXkNKpkU
m5hpHwLZiG26yaSFCNmAwmoZQ1YWIxj6kFeV9fpMs4ZMyvSBhlu6NZKKZRPaWILw
hXq2RKBkpq3tvx5en0ulRFElnZCPefDWWmPo/MqGkhXS1z9aGSFZ7lInoFprRbQ1
NQRr3ZOMsD0P7FntmcRG
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:05:06 2026 by rpki-client