Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/7crBnHONDEiQfrWIPlw00C8QSKw.roa
File: 7crBnHONDEiQfrWIPlw00C8QSKw.roa (raw, json)
Hash identifier: Px9bgNmN3CkGROuLFLneuCSVLL0NNlCF94jN/U/6nWk=
Subject key identifier: ED:CA:C1:9C:73:8D:0C:48:90:7E:B5:88:3E:5C:34:D0:2F:10:48:AC
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 019C8E48E1C9619B940049EE05B29EB69FFC
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/7crBnHONDEiQfrWIPlw00C8QSKw.roa
Signing time: Tue 24 Feb 2026 06:14:26 +0000
ROA not before: Tue 24 Feb 2026 06:14:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62442
IP address blocks: 95.38.45.0/24 maxlen: 24
95.38.54.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:48:e1:c9:61:9b:94:00:49:ee:05:b2:9e:b6:9f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Feb 24 06:14:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=edcac19c738d0c48907eb5883e5c34d02f1048ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:69:e0:63:53:00:1e:00:09:20:cb:3e:67:21:
3f:a7:d9:4c:79:f3:71:5d:2c:72:a2:e0:f3:8e:4d:
21:24:5b:86:ea:f1:48:08:96:ac:2b:33:35:77:8e:
92:23:e9:66:ef:b0:50:b0:11:50:a0:d9:ef:21:93:
f3:36:24:9d:ee:b2:09:91:75:15:cb:df:a5:1f:d1:
67:32:37:77:44:70:03:d5:c3:88:0b:e9:ab:cd:df:
1a:30:ca:da:70:d1:32:e5:47:b5:e4:dd:f6:c1:35:
28:10:4f:fe:3f:84:95:e7:ec:21:15:86:2a:0f:1a:
3d:de:34:91:43:79:a5:59:61:45:9b:80:3e:ad:58:
22:5d:f7:e7:8f:a6:1d:a4:c6:b7:f2:cc:68:5c:6a:
63:50:6d:93:d1:67:2a:18:6f:e9:2a:de:e5:9b:85:
66:3b:cf:2e:72:69:01:bb:a8:6a:ce:ec:d1:98:82:
d7:fe:d1:a9:72:1f:da:a9:92:cd:a2:a3:f6:f8:45:
2f:15:67:00:65:5d:19:b9:0a:52:ba:5a:45:32:f4:
4b:1e:bc:66:1f:9f:6a:a7:79:04:09:bd:d4:61:6a:
c9:63:81:36:d6:81:d7:db:9e:88:4f:69:17:79:ac:
7c:07:e3:41:ef:dc:c4:cd:1e:ab:c1:51:54:a9:c8:
e2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:CA:C1:9C:73:8D:0C:48:90:7E:B5:88:3E:5C:34:D0:2F:10:48:AC
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/7crBnHONDEiQfrWIPlw00C8QSKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.45.0/24
95.38.54.0/23
Signature Algorithm: sha256WithRSAEncryption
40:c4:e8:be:fa:c3:89:ea:c2:0a:22:62:12:48:07:0b:10:82:
65:8f:94:b7:1f:1e:9d:77:90:98:19:46:56:88:76:d5:76:d4:
ea:91:db:79:26:16:28:34:98:ff:ff:90:b9:7e:a2:3f:27:00:
2f:d1:b4:01:46:d1:fd:2c:13:73:6b:d6:aa:d2:f9:34:5a:17:
23:07:09:39:93:33:85:31:86:ea:09:e5:97:f0:64:bc:cd:ce:
0c:e8:2c:7a:af:56:bf:b3:eb:a8:0c:7b:f7:31:bf:a2:c1:59:
f3:d5:07:75:1c:f0:b5:e7:a7:9b:f2:5c:c7:26:d1:24:ec:2d:
7a:76:a1:1a:ad:cd:b4:5e:a8:9a:a0:97:cc:41:06:2b:88:1f:
c7:1f:63:6f:3d:fe:cf:dd:ba:8e:3a:df:80:a2:96:c4:ec:fc:
e2:2f:f1:80:37:6b:43:c2:96:c0:3d:87:44:e3:63:42:4c:6b:
e8:a5:dc:e0:53:88:43:78:79:eb:c0:a9:d7:ed:c1:32:9e:a1:
fd:f0:9b:1b:6d:4d:ff:70:d3:9b:f8:0e:db:06:4f:76:9b:45:
fa:ae:d9:bc:62:73:ac:c8:2f:df:4a:61:63:ed:d1:69:22:a5:
c1:87:ac:99:1f:86:5a:85:92:5b:b3:ed:a3:7b:3c:37:21:bc:
99:43:48:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyOSOHJYZuUAEnuBbKetp/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjYwMjI0MDYxNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGNhYzE5YzczOGQwYzQ4OTA3ZWI1ODgzZTVjMzRkMDJmMTA0OGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWngY1MAHgAJIMs+ZyE/p9lMefNx
XSxyouDzjk0hJFuG6vFICJasKzM1d46SI+lm77BQsBFQoNnvIZPzNiSd7rIJkXUV
y9+lH9FnMjd3RHAD1cOIC+mrzd8aMMracNEy5Ue15N32wTUoEE/+P4SV5+whFYYq
Dxo93jSRQ3mlWWFFm4A+rVgiXffnj6YdpMa38sxoXGpjUG2T0WcqGG/pKt7lm4Vm
O88ucmkBu6hqzuzRmILX/tGpch/aqZLNoqP2+EUvFWcAZV0ZuQpSulpFMvRLHrxm
H59qp3kECb3UYWrJY4E21oHX256IT2kXeax8B+NB79zEzR6rwVFUqcjivQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO3KwZxzjQxIkH61iD5cNNAvEEisMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvN2NyQm5IT05ERWlRZnJXSVBsdzAwQzhRU0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXyYtAwQB
XyY2MA0GCSqGSIb3DQEBCwUAA4IBAQBAxOi++sOJ6sIKImISSAcLEIJlj5S3Hx6d
d5CYGUZWiHbVdtTqkdt5JhYoNJj//5C5fqI/JwAv0bQBRtH9LBNza9aq0vk0Whcj
Bwk5kzOFMYbqCeWX8GS8zc4M6Cx6r1a/s+uoDHv3Mb+iwVnz1Qd1HPC156eb8lzH
JtEk7C16dqEarc20XqiaoJfMQQYriB/HH2NvPf7P3bqOOt+AopbE7PziL/GAN2tD
wpbAPYdE42NCTGvopdzgU4hDeHnrwKnX7cEynqH98JsbbU3/cNOb+A7bBk92m0X6
rtm8YnOsyC/fSmFj7dFpIqXBh6yZH4ZahZJbs+2jezw3IbyZQ0hs
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:31:14 2026 by rpki-client