Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/16nrOt17hZ1AZ2rbymVzCwBbT7s.roa
File: 16nrOt17hZ1AZ2rbymVzCwBbT7s.roa (raw, json)
Hash identifier: g2WQdtjQynAE8UPOyiD7v/vN8Ha9qLkkkQyuaamGfmw=
Subject key identifier: D7:A9:EB:3A:DD:7B:85:9D:40:67:6A:DB:CA:65:73:0B:00:5B:4F:BB
Certificate issuer: /CN=6d085d177eeb0cb91a42f43e2d4c3c808dec5708
Certificate serial: 019B7758D4AB4AFC54BE541EF09772D95A7E
Authority key identifier: 6D:08:5D:17:7E:EB:0C:B9:1A:42:F4:3E:2D:4C:3C:80:8D:EC:57:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQhdF37rDLkaQvQ-LUw8gI3sVwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/16nrOt17hZ1AZ2rbymVzCwBbT7s.roa
Signing time: Thu 01 Jan 2026 02:17:48 +0000
ROA not before: Thu 01 Jan 2026 02:17:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60153
IP address blocks: 185.55.196.0/24 maxlen: 24
185.55.197.0/24 maxlen: 24
185.55.198.0/24 maxlen: 24
185.55.199.0/24 maxlen: 24
185.182.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/bQhdF37rDLkaQvQ-LUw8gI3sVwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/bQhdF37rDLkaQvQ-LUw8gI3sVwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQhdF37rDLkaQvQ-LUw8gI3sVwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:d4:ab:4a:fc:54:be:54:1e:f0:97:72:d9:5a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d085d177eeb0cb91a42f43e2d4c3c808dec5708
Validity
Not Before: Jan 1 02:17:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d7a9eb3add7b859d40676adbca65730b005b4fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4c:b1:2a:3e:b8:94:66:b3:45:19:51:0b:ca:
20:04:c0:79:58:a1:43:5c:52:2a:72:65:7f:08:b5:
7d:7a:5f:3a:c3:34:3e:97:f3:d9:74:a8:4d:5e:06:
38:0b:3d:84:c4:b6:e1:ba:cc:d2:37:3d:a5:2c:cd:
62:2f:e3:b1:20:25:38:b9:ee:54:ad:09:12:d4:4a:
e5:08:dc:81:0c:7d:7a:ce:1c:59:4c:d9:b9:a5:49:
7c:f0:7e:65:6e:3e:7f:7a:33:87:5e:cd:8e:cc:5c:
92:df:2a:c9:12:0f:9a:53:d9:b3:ea:aa:e6:f3:ab:
c6:b6:08:a5:b5:15:cf:3c:a0:c3:fd:f6:44:6c:89:
7c:59:ad:83:15:58:89:44:ed:5c:4d:5b:15:d1:26:
96:1f:c5:f8:1a:62:1f:b9:8a:e6:df:bd:9b:a4:f3:
7f:94:4f:37:17:bf:00:89:5b:a5:77:37:ec:04:aa:
95:a8:4c:24:2e:bb:fe:9f:27:69:50:77:68:b5:35:
2c:59:73:f6:29:07:05:ac:32:65:d1:ef:f1:f9:11:
07:95:d2:3e:48:c9:9a:72:f7:ac:06:1e:e2:25:6e:
af:64:4e:49:77:2c:a4:44:c9:29:1a:64:e0:68:94:
05:7f:4c:d6:83:b3:3b:81:49:de:6f:38:23:98:a5:
7b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A9:EB:3A:DD:7B:85:9D:40:67:6A:DB:CA:65:73:0B:00:5B:4F:BB
X509v3 Authority Key Identifier:
keyid:6D:08:5D:17:7E:EB:0C:B9:1A:42:F4:3E:2D:4C:3C:80:8D:EC:57:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQhdF37rDLkaQvQ-LUw8gI3sVwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/16nrOt17hZ1AZ2rbymVzCwBbT7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/053892-73be-412e-9559-97d49348cc01/1/bQhdF37rDLkaQvQ-LUw8gI3sVwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.196.0/22
185.182.64.0/24
Signature Algorithm: sha256WithRSAEncryption
51:66:63:ac:26:fd:e3:8b:fb:92:31:fe:75:37:8e:20:d2:62:
78:25:07:94:2e:92:32:3b:8a:6b:37:c8:0d:7c:f9:e1:82:d2:
ff:60:66:c3:69:5c:c3:cd:b0:2f:58:85:a8:8d:0d:4c:90:de:
a4:6e:cd:1b:05:a3:41:0b:48:f7:4b:e6:bf:53:9c:d4:b3:2c:
6b:7d:e2:65:27:8c:10:d9:fb:a2:f3:02:32:e7:32:1e:ec:2b:
ad:84:d7:58:c9:4a:59:a0:27:df:20:7d:46:e3:5d:77:c9:64:
52:1f:42:36:b9:e6:4d:11:79:e3:6a:53:e5:4d:aa:31:4e:7d:
65:4d:00:ab:a4:df:f9:28:d3:a8:22:3c:3b:37:a6:9b:a5:e6:
24:5e:1b:f5:53:f2:a5:3f:1b:a6:21:a6:1f:fd:3b:ce:db:9f:
2d:8a:0e:9b:aa:46:52:25:2d:03:70:68:c2:d7:bc:50:9c:1d:
e7:63:72:47:60:96:0d:51:7b:cb:49:1d:15:10:b0:f6:db:37:
d6:5b:fb:a4:9f:f2:23:9f:f2:dc:a5:7b:8c:46:60:d8:96:7f:
b8:93:aa:d6:11:36:e9:64:48:04:e0:b2:16:59:d1:53:29:c8:
07:35:48:d2:f7:b4:df:c0:c5:07:5f:f1:9d:82:d8:46:d9:47:
f2:36:7d:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZt3WNSrSvxUvlQe8Jdy2Vp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg1ZDE3N2VlYjBjYjkxYTQyZjQzZTJkNGMzYzgwOGRl
YzU3MDgwHhcNMjYwMTAxMDIxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2E5ZWIzYWRkN2I4NTlkNDA2NzZhZGJjYTY1NzMwYjAwNWI0ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUyxKj64lGazRRlRC8ogBMB5WKFD
XFIqcmV/CLV9el86wzQ+l/PZdKhNXgY4Cz2ExLbhuszSNz2lLM1iL+OxICU4ue5U
rQkS1ErlCNyBDH16zhxZTNm5pUl88H5lbj5/ejOHXs2OzFyS3yrJEg+aU9mz6qrm
86vGtgiltRXPPKDD/fZEbIl8Wa2DFViJRO1cTVsV0SaWH8X4GmIfuYrm372bpPN/
lE83F78AiVuldzfsBKqVqEwkLrv+nydpUHdotTUsWXP2KQcFrDJl0e/x+REHldI+
SMmacvesBh7iJW6vZE5JdyykRMkpGmTgaJQFf0zWg7M7gUnebzgjmKV7fwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNep6zrde4WdQGdq28plcwsAW0+7MB8GA1UdIwQY
MBaAFG0IXRd+6wy5GkL0Pi1MPICN7FcIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFoZEYzN3JETGthUXZRLUxVdzhnSTNzVndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wNTM4OTItNzNiZS00MTJlLTk1NTkt
OTdkNDkzNDhjYzAxLzEvMTZuck90MTdoWjFBWjJyYnltVnpDd0JiVDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wNTM4OTItNzNiZS00MTJlLTk1NTktOTdkNDkzNDhjYzAx
LzEvYlFoZEYzN3JETGthUXZRLUxVdzhnSTNzVndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuTfEAwQA
ubZAMA0GCSqGSIb3DQEBCwUAA4IBAQBRZmOsJv3ji/uSMf51N44g0mJ4JQeULpIy
O4prN8gNfPnhgtL/YGbDaVzDzbAvWIWojQ1MkN6kbs0bBaNBC0j3S+a/U5zUsyxr
feJlJ4wQ2fui8wIy5zIe7CuthNdYyUpZoCffIH1G4113yWRSH0I2ueZNEXnjalPl
TaoxTn1lTQCrpN/5KNOoIjw7N6abpeYkXhv1U/KlPxumIaYf/TvO258tig6bqkZS
JS0DcGjC17xQnB3nY3JHYJYNUXvLSR0VELD22zfWW/ukn/Ijn/LcpXuMRmDYln+4
k6rWETbpZEgE4LIWWdFTKcgHNUjS97TfwMUHX/GdgthG2UfyNn0J
-----END CERTIFICATE-----
Generated at Mon Mar 2 22:32:57 2026 by rpki-client