Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/N_rd1-iO2Zco7czWxcygCkfPMco.roa
File: N_rd1-iO2Zco7czWxcygCkfPMco.roa (raw, json)
Hash identifier: fNgSQr1pcqvcbsbdFSVdiphe05QVeyRTAnd6yBvX/h0=
Subject key identifier: 37:FA:DD:D7:E8:8E:D9:97:28:ED:CC:D6:C5:CC:A0:0A:47:CF:31:CA
Certificate issuer: /CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Certificate serial: 019C2467D44E9A750F2F4873FEAE3C185104
Authority key identifier: 7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/N_rd1-iO2Zco7czWxcygCkfPMco.roa
Signing time: Tue 03 Feb 2026 16:48:30 +0000
ROA not before: Tue 03 Feb 2026 16:48:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43298
IP address blocks: 160.79.121.0/24 maxlen: 24
185.121.243.0/24 maxlen: 24
2a06:a180:20::/48 maxlen: 48
2a06:a180:21::/48 maxlen: 48
2a06:a180:22::/48 maxlen: 48
2a06:a180:90::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:24:67:d4:4e:9a:75:0f:2f:48:73:fe:ae:3c:18:51:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Validity
Not Before: Feb 3 16:48:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=37faddd7e88ed99728edccd6c5cca00a47cf31ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5d:e5:b7:e5:5b:d8:ff:88:b0:10:9d:52:48:
8f:f8:bc:c4:3e:34:fb:51:f3:2d:bb:4b:bf:bf:fd:
e1:1b:da:bc:a4:42:7b:9e:c4:6d:06:bb:02:f0:6a:
e7:0b:97:9e:f5:ee:f1:ee:d4:b3:c4:ba:35:07:51:
de:a5:51:7b:2a:da:60:69:68:81:63:85:97:2b:54:
90:44:10:7f:a9:fa:2a:d8:ed:86:92:8e:f5:58:60:
70:bf:fa:8d:a8:0b:1a:35:ef:f4:e9:c8:d5:94:a9:
be:3e:87:da:73:42:a5:04:74:5b:69:b1:f3:64:9c:
cd:10:bf:b0:19:75:47:34:7d:3d:37:7b:ae:95:b6:
29:9f:84:12:d2:13:e0:a1:98:01:5d:2d:ef:43:c5:
d3:32:d4:78:e3:79:70:23:7a:57:3a:91:d6:3e:7f:
10:c1:dc:18:5d:28:45:20:16:9f:c9:fd:ce:b3:37:
1d:e6:80:1d:cc:0e:ce:85:60:f6:26:06:e4:2b:f1:
fb:54:36:ae:3a:14:4f:dc:09:da:bc:ab:f0:47:98:
5b:38:44:3e:24:c7:a3:e6:4f:3b:83:62:3f:f5:36:
7a:66:ba:56:49:8c:39:1e:0b:2c:0e:0a:94:92:ee:
1b:2c:6a:4e:b2:87:4a:0e:cb:c4:4c:01:7f:f2:3f:
80:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:FA:DD:D7:E8:8E:D9:97:28:ED:CC:D6:C5:CC:A0:0A:47:CF:31:CA
X509v3 Authority Key Identifier:
keyid:7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/N_rd1-iO2Zco7czWxcygCkfPMco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.79.121.0/24
185.121.243.0/24
IPv6:
2a06:a180:20::-2a06:a180:22:ffff:ffff:ffff:ffff:ffff
2a06:a180:90::/48
Signature Algorithm: sha256WithRSAEncryption
34:c8:1f:94:f6:4c:ab:0a:6c:cc:c2:0c:75:68:e6:77:76:4c:
fd:43:9b:6d:6d:ac:b9:5d:b1:cb:f0:dc:e2:50:37:a2:89:57:
63:a3:fc:dd:4d:6e:46:0b:47:00:44:e7:5c:22:a7:6a:55:93:
52:1b:df:b3:1d:04:d3:51:65:06:98:b9:6c:38:a4:42:1b:9a:
97:01:15:92:e6:32:0d:57:e5:af:06:f4:5d:55:c6:c2:29:df:
98:c8:ee:f7:f6:36:08:d8:87:4a:92:5b:0d:9c:b9:f6:49:7c:
85:a4:9c:86:bc:c2:43:c2:2f:b3:31:c1:25:e8:dd:87:40:e3:
55:07:da:f2:cf:32:f3:8f:80:03:7b:b4:31:f2:c3:6f:6d:05:
14:1b:35:bb:0a:08:81:1e:bf:26:84:e0:ee:20:c8:af:ef:cf:
f1:8c:b2:a9:a8:aa:b5:58:fd:09:96:09:f6:cd:8f:dc:69:f4:
e0:97:05:15:26:6d:a6:e0:eb:ac:4e:6f:60:49:2d:ba:65:6c:
96:5f:42:60:2f:2f:13:33:39:a7:8e:70:fa:2c:c5:4a:d8:a6:
30:83:5c:eb:0f:74:28:a7:76:7e:53:08:d5:a6:e0:56:46:ee:
f5:d9:a5:0f:ca:8d:7c:7a:1c:e4:a0:21:da:7d:55:38:21:38:
54:c5:99:01
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZwkZ9ROmnUPL0hz/q48GFEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjZiMWVmNzQxMDA3MmNlOTZlODJkNzU4MWJlNDM2ZTYz
OWE3YzQwHhcNMjYwMjAzMTY0ODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2ZhZGRkN2U4OGVkOTk3MjhlZGNjZDZjNWNjYTAwYTQ3Y2YzMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvl3lt+Vb2P+IsBCdUkiP+LzEPjT7
UfMtu0u/v/3hG9q8pEJ7nsRtBrsC8GrnC5ee9e7x7tSzxLo1B1HepVF7KtpgaWiB
Y4WXK1SQRBB/qfoq2O2Gko71WGBwv/qNqAsaNe/06cjVlKm+Pofac0KlBHRbabHz
ZJzNEL+wGXVHNH09N3uulbYpn4QS0hPgoZgBXS3vQ8XTMtR443lwI3pXOpHWPn8Q
wdwYXShFIBafyf3Oszcd5oAdzA7OhWD2JgbkK/H7VDauOhRP3AnavKvwR5hbOEQ+
JMej5k87g2I/9TZ6ZrpWSYw5HgssDgqUku4bLGpOsodKDsvETAF/8j+ArwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDf63dfojtmXKO3M1sXMoApHzzHKMB8GA1UdIwQY
MBaAFH4mse90EAcs6W6C11gb5DbmOafEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYt
OGMzMmMzNTFlZTcwLzEvTl9yZDEtaU8yWmNvN2N6V3hjeWdDa2ZQTWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYtOGMzMmMzNTFlZTcw
LzEvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQAoE95AwQA
uXnzMCMEAgACMB0wEgMHBSoGoYAAIAMHACoGoYAAIgMHACoGoYAAkDANBgkqhkiG
9w0BAQsFAAOCAQEANMgflPZMqwpszMIMdWjmd3ZM/UObbW2suV2xy/Dc4lA3oolX
Y6P83U1uRgtHAETnXCKnalWTUhvfsx0E01FlBpi5bDikQhualwEVkuYyDVflrwb0
XVXGwinfmMju9/Y2CNiHSpJbDZy59kl8haSchrzCQ8IvszHBJejdh0DjVQfa8s8y
84+AA3u0MfLDb20FFBs1uwoIgR6/JoTg7iDIr+/P8YyyqaiqtVj9CZYJ9s2P3Gn0
4JcFFSZtpuDrrE5vYEktumVsll9CYC8vEzM5p45w+izFStimMINc6w90KKd2flMI
1abgVkbu9dmlD8qNfHoc5KAh2n1VOCE4VMWZAQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:04:49 2026 by rpki-client