Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/D_VQ3qcRrE1RcGz3L2hiZ5fs0q0.roa
File: D_VQ3qcRrE1RcGz3L2hiZ5fs0q0.roa (raw, json)
Hash identifier: 3nNJVROdH+6QiOLIHdge07W05M5mKR5oevvpsKwNQMQ=
Subject key identifier: 0F:F5:50:DE:A7:11:AC:4D:51:70:6C:F7:2F:68:62:67:97:EC:D2:AD
Certificate issuer: /CN=078629f5f61fb25564284fbfeffb93c3ed44bfe2
Certificate serial: 019B79EBC1BA1096028888765E835D367980
Authority key identifier: 07:86:29:F5:F6:1F:B2:55:64:28:4F:BF:EF:FB:93:C3:ED:44:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/D_VQ3qcRrE1RcGz3L2hiZ5fs0q0.roa
Signing time: Thu 01 Jan 2026 14:17:32 +0000
ROA not before: Thu 01 Jan 2026 14:17:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208425
IP address blocks: 185.1.132.0/24 maxlen: 24
185.50.68.0/24 maxlen: 24
185.50.69.0/24 maxlen: 24
185.50.70.0/24 maxlen: 24
185.50.71.0/24 maxlen: 24
185.114.20.0/24 maxlen: 24
185.114.21.0/24 maxlen: 24
185.114.22.0/24 maxlen: 24
185.114.23.0/24 maxlen: 24
185.146.88.0/24 maxlen: 24
185.146.89.0/24 maxlen: 24
185.146.90.0/24 maxlen: 24
185.146.91.0/24 maxlen: 24
185.169.52.0/24 maxlen: 24
185.169.53.0/24 maxlen: 24
185.169.54.0/24 maxlen: 24
185.169.55.0/24 maxlen: 24
194.61.116.0/24 maxlen: 24
194.61.117.0/24 maxlen: 24
194.61.118.0/24 maxlen: 24
194.61.119.0/24 maxlen: 24
217.28.139.0/24 maxlen: 24
2a01:a420::/29 maxlen: 29
2a0a:3900::/29 maxlen: 29
2a0f:d500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:eb:c1:ba:10:96:02:88:88:76:5e:83:5d:36:79:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=078629f5f61fb25564284fbfeffb93c3ed44bfe2
Validity
Not Before: Jan 1 14:17:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0ff550dea711ac4d51706cf72f68626797ecd2ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9a:99:a3:c7:bf:0b:34:f7:47:7c:4b:64:cf:
e5:24:6a:e9:3f:de:4a:16:cc:e5:2f:05:29:15:5e:
25:14:f3:72:e9:80:79:7b:c3:c2:98:ee:d8:96:d9:
2a:08:e5:97:bb:54:ba:eb:8a:06:e7:9e:87:2f:fa:
2a:a0:0d:48:fd:d7:88:f8:b0:59:a5:a1:35:02:db:
fc:17:da:bf:69:b5:4f:ce:d0:c3:e3:d3:50:74:03:
c2:68:72:c8:39:e8:25:22:c0:86:a4:85:5f:ff:d6:
0e:5a:3d:88:a6:18:80:17:dc:90:1a:8d:ed:af:fe:
2d:b0:32:2e:20:3c:d8:ed:d8:f1:f1:05:88:0d:ff:
4e:f1:13:f0:ff:d8:95:b4:19:04:6b:b2:24:86:bf:
45:d4:6c:8e:74:9e:c3:d3:ee:1c:7e:13:3c:4a:f4:
d4:95:1d:5b:2c:c6:d7:5b:7f:38:e0:1e:c0:da:be:
bf:68:59:aa:8c:c8:b1:28:81:32:4a:c7:b9:9e:01:
5e:d7:19:c9:b8:73:99:37:74:84:99:c0:9b:bd:fa:
54:61:d4:ac:74:04:97:4c:34:ae:b2:f5:2c:fd:b3:
a1:2b:6b:57:cf:31:46:1f:96:0a:14:ed:10:40:8a:
35:e6:06:99:cb:24:d1:0f:ca:d0:76:82:bf:f9:ad:
02:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F5:50:DE:A7:11:AC:4D:51:70:6C:F7:2F:68:62:67:97:EC:D2:AD
X509v3 Authority Key Identifier:
keyid:07:86:29:F5:F6:1F:B2:55:64:28:4F:BF:EF:FB:93:C3:ED:44:BF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/D_VQ3qcRrE1RcGz3L2hiZ5fs0q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.132.0/24
185.50.68.0/22
185.114.20.0/22
185.146.88.0/22
185.169.52.0/22
194.61.116.0/22
217.28.139.0/24
IPv6:
2a01:a420::/29
2a0a:3900::/29
2a0f:d500::/29
Signature Algorithm: sha256WithRSAEncryption
40:4e:21:85:d9:dc:87:95:4d:2f:53:08:b7:6a:c9:f5:3c:2b:
ac:07:43:60:67:78:30:5b:ef:12:d1:ab:71:70:3f:ef:e2:9b:
9c:9d:74:f3:e2:58:1e:ac:e3:99:52:91:a3:ac:61:ef:e0:22:
83:26:b5:6d:fb:b6:b1:37:8b:57:2b:02:4d:a1:5f:55:c9:c0:
f6:09:31:fd:86:5b:f1:b2:e6:41:9d:b0:8f:75:7c:fc:23:e6:
28:7e:e4:e3:1b:b5:3e:74:7c:04:79:5d:38:1a:c5:30:8f:94:
6a:b5:da:4b:7a:fa:6a:cb:f5:58:a0:a8:9c:cb:9d:37:f0:5d:
05:00:a8:1a:12:a7:0c:e7:26:07:93:57:30:32:b4:fe:46:49:
06:c0:f9:8c:db:67:8f:cf:df:44:7c:0a:c5:d9:f3:71:29:48:
41:0c:58:9f:e8:a9:e7:e5:16:e5:b0:21:68:47:0e:6b:dc:87:
f3:2d:89:3f:df:5c:dc:21:45:30:b1:23:40:4c:f9:4f:c5:32:
ce:1d:43:6e:e4:36:c6:30:a4:76:2c:1c:28:b8:5a:4b:a5:d2:
18:14:13:eb:db:1f:73:ec:65:26:13:11:32:20:49:9c:7d:96:
8d:51:fd:53:ef:ed:b0:10:3c:91:7c:72:29:c5:b4:a5:00:a7:
e4:c5:29:2f
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZt568G6EJYCiIh2XoNdNnmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ODYyOWY1ZjYxZmIyNTU2NDI4NGZiZmVmZmI5M2MzZWQ0
NGJmZTIwHhcNMjYwMTAxMTQxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmY1NTBkZWE3MTFhYzRkNTE3MDZjZjcyZjY4NjI2Nzk3ZWNkMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpqZo8e/CzT3R3xLZM/lJGrpP95K
FszlLwUpFV4lFPNy6YB5e8PCmO7YltkqCOWXu1S664oG556HL/oqoA1I/deI+LBZ
paE1Atv8F9q/abVPztDD49NQdAPCaHLIOeglIsCGpIVf/9YOWj2IphiAF9yQGo3t
r/4tsDIuIDzY7djx8QWIDf9O8RPw/9iVtBkEa7Ikhr9F1GyOdJ7D0+4cfhM8SvTU
lR1bLMbXW3844B7A2r6/aFmqjMixKIEySse5ngFe1xnJuHOZN3SEmcCbvfpUYdSs
dASXTDSusvUs/bOhK2tXzzFGH5YKFO0QQIo15gaZyyTRD8rQdoK/+a0CfwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFA/1UN6nEaxNUXBs9y9oYmeX7NKtMB8GA1UdIwQY
MBaAFAeGKfX2H7JVZChPv+/7k8PtRL/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjRZcDlmWWZzbFZrS0UtXzdfdVR3LTFFdi1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8wNjE4ZTQtN2E2NC00NjBjLWFhZjkt
NjNhZjJjNGY0MDIwLzEvRF9WUTNxY1JyRTFSY0d6M0wyaGlaNWZzMHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8wNjE4ZTQtN2E2NC00NjBjLWFhZjktNjNhZjJjNGY0MDIw
LzEvQjRZcDlmWWZzbFZrS0UtXzdfdVR3LTFFdi1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQAuQGEAwQC
uTJEAwQCuXIUAwQCuZJYAwQCuak0AwQCwj10AwQA2RyLMBsEAgACMBUDBQMqAaQg
AwUDKgo5AAMFAyoP1QAwDQYJKoZIhvcNAQELBQADggEBAEBOIYXZ3IeVTS9TCLdq
yfU8K6wHQ2BneDBb7xLRq3FwP+/im5yddPPiWB6s45lSkaOsYe/gIoMmtW37trE3
i1crAk2hX1XJwPYJMf2GW/Gy5kGdsI91fPwj5ih+5OMbtT50fAR5XTgaxTCPlGq1
2kt6+mrL9VigqJzLnTfwXQUAqBoSpwznJgeTVzAytP5GSQbA+YzbZ4/P30R8CsXZ
83EpSEEMWJ/oqeflFuWwIWhHDmvch/MtiT/fXNwhRTCxI0BM+U/FMs4dQ27kNsYw
pHYsHCi4Wkul0hgUE+vbH3PsZSYTETIgSZx9lo1R/VPv7bAQPJF8cinFtKUAp+TF
KS8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:36:25 2026 by rpki-client