Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/7Y4WDciw2tBGHEkdp1tK8F7tUiI.roa
File: 7Y4WDciw2tBGHEkdp1tK8F7tUiI.roa (raw, json)
Hash identifier: 2aS8DDo6sgszWlU3xQOBJC1Dn6dMh4W3h/Ff6Q+ySeg=
Subject key identifier: ED:8E:16:0D:C8:B0:DA:D0:46:1C:49:1D:A7:5B:4A:F0:5E:ED:52:22
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 019C84D8D004FD87E26D90008973DB296B61
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/7Y4WDciw2tBGHEkdp1tK8F7tUiI.roa
Signing time: Sun 22 Feb 2026 10:15:27 +0000
ROA not before: Sun 22 Feb 2026 10:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198154
IP address blocks: 81.12.32.0/22 maxlen: 24
81.12.80.0/24 maxlen: 24
81.12.83.0/24 maxlen: 24
87.107.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 22:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:84:d8:d0:04:fd:87:e2:6d:90:00:89:73:db:29:6b:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Feb 22 10:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ed8e160dc8b0dad0461c491da75b4af05eed5222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e5:ed:a2:78:49:5d:9e:39:b4:9c:06:9c:fa:
19:3b:41:d4:fe:7e:b7:0f:86:c6:a5:9a:ba:b2:53:
0b:0b:2d:da:03:89:e3:0e:ee:7c:6c:4a:31:e9:ac:
2f:60:e0:48:3f:24:0a:68:8c:7e:4e:03:2a:5d:da:
af:63:29:c9:3c:0c:4a:4f:0c:bc:cb:4a:03:f7:05:
fe:d0:71:35:e2:fc:cc:7e:d4:b3:e3:10:1b:34:f2:
07:bf:03:13:eb:14:9a:4b:92:00:9f:ce:a2:c4:25:
03:a4:3c:f3:5d:e9:bd:3d:44:49:d9:dc:23:37:b7:
c1:4b:e6:cd:4f:a8:69:05:9f:bc:c3:a2:06:6a:8c:
dc:10:d3:63:2b:aa:ff:f3:d6:63:79:8a:c9:0f:8a:
bd:66:55:f6:a5:0e:4c:ea:35:40:d7:e1:4c:52:ef:
2f:90:ce:55:5d:04:88:46:04:26:94:62:0c:f3:6e:
b4:4a:83:d1:35:62:8a:97:af:e7:65:2f:59:0d:d1:
24:97:91:13:41:b9:4e:7f:3d:21:dd:9d:8f:e6:fc:
7d:f1:12:71:cf:86:18:01:33:c5:33:f6:6a:52:49:
17:31:0d:52:07:df:93:be:eb:66:7e:92:cc:b0:54:
2e:29:f1:35:64:93:be:3c:2e:d0:e6:47:a4:0a:cd:
3e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:8E:16:0D:C8:B0:DA:D0:46:1C:49:1D:A7:5B:4A:F0:5E:ED:52:22
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/7Y4WDciw2tBGHEkdp1tK8F7tUiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.32.0/22
81.12.80.0/24
81.12.83.0/24
87.107.156.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:31:24:5f:bf:32:1d:28:ed:11:48:fe:53:83:28:5a:99:30:
c7:dd:60:6c:9b:16:6a:71:d6:1b:6e:3f:23:a1:3a:0b:ea:1c:
4f:b5:38:72:ca:28:f2:fb:f7:d3:27:de:81:00:f1:93:c8:a8:
50:50:0f:be:08:52:f6:25:c6:7e:4b:a5:f9:11:92:a3:07:45:
3b:0a:d5:b5:b0:3c:18:f9:bf:00:1b:94:31:7f:ab:41:c9:24:
98:12:f8:1c:e7:8b:80:e8:12:0a:f3:9e:a0:df:a0:c1:e0:5e:
3a:9f:90:0e:f0:22:15:7b:7a:da:ed:40:43:48:f2:03:94:d8:
02:c8:de:fe:f6:23:bc:fe:d5:ad:19:2f:76:2d:92:4a:8a:36:
6b:5d:4e:e6:dc:28:2e:c8:cb:38:65:39:63:50:95:83:e5:df:
9e:b7:9a:03:ed:d7:41:32:53:90:66:cd:0b:6f:be:aa:d8:1a:
4d:f1:ea:6d:39:d1:fa:c8:37:15:2a:83:30:ee:f0:bc:03:fd:
68:58:6c:7b:aa:47:99:b2:0d:b5:21:1f:cf:15:68:6a:64:d5:
17:5d:94:cd:04:fe:36:1d:98:ef:12:35:24:80:d3:89:54:f3:
0e:18:45:fc:73:c7:2c:8e:44:f8:a8:d7:8a:f3:a9:73:d2:3e:
1e:a7:1c:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyE2NAE/YfibZAAiXPbKWthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjYwMjIyMTAxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDhlMTYwZGM4YjBkYWQwNDYxYzQ5MWRhNzViNGFmMDVlZWQ1MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OXtonhJXZ45tJwGnPoZO0HU/n63
D4bGpZq6slMLCy3aA4njDu58bEox6awvYOBIPyQKaIx+TgMqXdqvYynJPAxKTwy8
y0oD9wX+0HE14vzMftSz4xAbNPIHvwMT6xSaS5IAn86ixCUDpDzzXem9PURJ2dwj
N7fBS+bNT6hpBZ+8w6IGaozcENNjK6r/89ZjeYrJD4q9ZlX2pQ5M6jVA1+FMUu8v
kM5VXQSIRgQmlGIM8260SoPRNWKKl6/nZS9ZDdEkl5ETQblOfz0h3Z2P5vx98RJx
z4YYATPFM/ZqUkkXMQ1SB9+TvutmfpLMsFQuKfE1ZJO+PC7Q5kekCs0+tQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO2OFg3IsNrQRhxJHadbSvBe7VIiMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvN1k0V0RjaXcydEJHSEVrZHAxdEs4Rjd0VWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUQwgAwQA
UQxQAwQAUQxTAwQCV2ucMA0GCSqGSIb3DQEBCwUAA4IBAQC4MSRfvzIdKO0RSP5T
gyhamTDH3WBsmxZqcdYbbj8joToL6hxPtThyyijy+/fTJ96BAPGTyKhQUA++CFL2
JcZ+S6X5EZKjB0U7CtW1sDwY+b8AG5Qxf6tBySSYEvgc54uA6BIK856g36DB4F46
n5AO8CIVe3ra7UBDSPIDlNgCyN7+9iO8/tWtGS92LZJKijZrXU7m3CguyMs4ZTlj
UJWD5d+et5oD7ddBMlOQZs0Lb76q2BpN8eptOdH6yDcVKoMw7vC8A/1oWGx7qkeZ
sg21IR/PFWhqZNUXXZTNBP42HZjvEjUkgNOJVPMOGEX8c8csjkT4qNeK86lz0j4e
pxxZ
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:41:58 2026 by rpki-client