Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/aIWG7G7pc_c2slSSItEuUFBnVoI.roa
File: aIWG7G7pc_c2slSSItEuUFBnVoI.roa (raw, json)
Hash identifier: S5hey+bOiO9SIrfKh6rWG2aF5cPDqfEVaBcsjW8NswM=
Subject key identifier: 68:85:86:EC:6E:E9:73:F7:36:B2:54:92:22:D1:2E:50:50:67:56:82
Certificate issuer: /CN=93515f25986e4b572a78b109d995c9ddf5da1266
Certificate serial: 019C0490E470AF0856402C0A8B1D8990110C
Authority key identifier: 93:51:5F:25:98:6E:4B:57:2A:78:B1:09:D9:95:C9:DD:F5:DA:12:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/aIWG7G7pc_c2slSSItEuUFBnVoI.roa
Signing time: Wed 28 Jan 2026 12:25:30 +0000
ROA not before: Wed 28 Jan 2026 12:25:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60855
IP address blocks: 143.126.100.0/24 maxlen: 24
143.126.203.0/24 maxlen: 24
143.126.211.0/24 maxlen: 24
143.126.221.0/24 maxlen: 24
143.126.248.0/23 maxlen: 23
143.126.248.0/24 maxlen: 24
143.126.249.0/24 maxlen: 24
143.126.250.0/23 maxlen: 23
143.126.250.0/24 maxlen: 24
143.126.251.0/24 maxlen: 24
143.126.254.0/24 maxlen: 24
143.126.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.mft
rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:04:90:e4:70:af:08:56:40:2c:0a:8b:1d:89:90:11:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93515f25986e4b572a78b109d995c9ddf5da1266
Validity
Not Before: Jan 28 12:25:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=688586ec6ee973f736b2549222d12e5050675682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:7c:4c:57:24:64:99:a8:76:74:bd:23:41:cf:
90:f5:be:ba:66:89:22:3d:97:fa:b3:0a:24:6a:ee:
c0:c6:f5:a5:7e:85:53:c3:3b:b0:9f:28:8c:40:1e:
1a:3d:19:22:fc:0f:0e:87:2d:a4:a3:55:86:56:7b:
8e:86:cc:b5:c5:30:7c:3b:dd:6c:20:13:bf:6e:30:
54:a4:c1:dc:4c:66:ce:ff:a3:8b:c0:3d:db:d0:1f:
94:a6:f9:fc:16:24:02:80:14:b9:a0:cb:ec:5d:1b:
4f:51:78:ab:41:3a:09:61:47:47:7f:4d:50:9e:cf:
8d:b9:52:41:ad:b8:7a:69:64:38:a5:d5:10:42:0d:
7e:8f:b7:89:80:a8:d9:ff:c9:14:cf:5a:98:0f:29:
7c:1a:9a:f6:65:d2:76:00:24:21:39:5b:fb:21:bc:
93:94:73:f7:12:3b:8c:f7:32:40:aa:17:fd:61:a2:
f5:c1:6d:b3:97:eb:18:dd:2f:ed:6f:93:d2:2c:fc:
11:03:f4:62:bb:97:00:34:c2:5d:76:b7:66:9e:43:
a5:33:05:d4:28:d0:69:86:d7:08:f4:ba:ed:41:f6:
f4:00:02:c0:67:ef:36:a5:fe:a4:cc:f3:6a:8a:e7:
c5:42:51:06:b7:d8:d3:33:41:c6:6c:c2:d6:16:6f:
fd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:85:86:EC:6E:E9:73:F7:36:B2:54:92:22:D1:2E:50:50:67:56:82
X509v3 Authority Key Identifier:
keyid:93:51:5F:25:98:6E:4B:57:2A:78:B1:09:D9:95:C9:DD:F5:DA:12:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/aIWG7G7pc_c2slSSItEuUFBnVoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.126.100.0/24
143.126.203.0/24
143.126.211.0/24
143.126.221.0/24
143.126.248.0/22
143.126.254.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:15:c6:f0:26:79:83:e6:c0:2b:29:9b:5b:1b:65:92:8a:f6:
1b:b4:f5:16:b6:a0:d4:b8:57:6e:a8:e1:9e:d4:a9:39:5a:67:
db:7e:93:a1:b3:02:00:a9:01:14:19:31:b6:a5:b7:19:58:c1:
7d:4d:63:3f:59:ad:1b:b4:94:d3:f9:da:d1:aa:b2:d4:bc:70:
49:76:8e:4e:86:8a:01:87:6c:78:9a:1d:7a:5b:89:8a:17:9e:
c3:76:30:ea:c9:4a:6f:65:e9:43:78:6b:88:4b:a6:87:7c:6f:
52:7b:59:05:6e:b5:ec:11:3e:0d:91:6f:98:4c:e0:5e:ed:63:
29:ac:df:cd:10:79:cb:39:b8:99:3f:2d:3e:5e:b7:6c:4c:95:
32:51:5b:eb:72:f9:c6:8d:11:ad:f0:dd:82:de:65:cb:7b:e7:
06:22:3c:00:7d:e9:42:c0:aa:03:9c:03:3c:f4:3b:b8:40:0f:
70:5f:bf:c2:77:a9:c2:80:25:bc:29:94:9f:01:8d:db:21:70:
3b:8e:d4:02:30:49:06:25:bf:9c:bf:3f:1b:65:32:2c:ff:7f:
ec:6b:ba:b5:09:4d:c1:6a:34:45:d0:b6:38:c6:a4:33:5f:a7:
9d:89:ab:d6:b8:14:62:4d:b5:be:63:9b:3a:a7:96:2d:fb:20:
fa:15:42:02
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZwEkORwrwhWQCwKix2JkBEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTE1ZjI1OTg2ZTRiNTcyYTc4YjEwOWQ5OTVjOWRkZjVk
YTEyNjYwHhcNMjYwMTI4MTIyNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODg1ODZlYzZlZTk3M2Y3MzZiMjU0OTIyMmQxMmU1MDUwNjc1NjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7HxMVyRkmah2dL0jQc+Q9b66Zoki
PZf6swokau7AxvWlfoVTwzuwnyiMQB4aPRki/A8Ohy2ko1WGVnuOhsy1xTB8O91s
IBO/bjBUpMHcTGbO/6OLwD3b0B+Upvn8FiQCgBS5oMvsXRtPUXirQToJYUdHf01Q
ns+NuVJBrbh6aWQ4pdUQQg1+j7eJgKjZ/8kUz1qYDyl8Gpr2ZdJ2ACQhOVv7IbyT
lHP3EjuM9zJAqhf9YaL1wW2zl+sY3S/tb5PSLPwRA/Riu5cANMJddrdmnkOlMwXU
KNBphtcI9LrtQfb0AALAZ+82pf6kzPNqiufFQlEGt9jTM0HGbMLWFm/90wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGiFhuxu6XP3NrJUkiLRLlBQZ1aCMB8GA1UdIwQY
MBaAFJNRXyWYbktXKnixCdmVyd312hJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFGZkpaaHVTMWNxZUxFSjJaWEozZlhhRW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84NGIwM2ItNTYxOS00MjcyLTk0N2Yt
MTNkNTEzMjhhOWY3LzEvYUlXRzdHN3BjX2Myc2xTU0l0RXVVRkJuVm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84NGIwM2ItNTYxOS00MjcyLTk0N2YtMTNkNTEzMjhhOWY3
LzEvazFGZkpaaHVTMWNxZUxFSjJaWEozZlhhRW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAj35kAwQA
j37LAwQAj37TAwQAj37dAwQCj374AwQBj37+MA0GCSqGSIb3DQEBCwUAA4IBAQAf
FcbwJnmD5sArKZtbG2WSivYbtPUWtqDUuFduqOGe1Kk5WmfbfpOhswIAqQEUGTG2
pbcZWMF9TWM/Wa0btJTT+drRqrLUvHBJdo5OhooBh2x4mh16W4mKF57DdjDqyUpv
ZelDeGuIS6aHfG9Se1kFbrXsET4NkW+YTOBe7WMprN/NEHnLObiZPy0+XrdsTJUy
UVvrcvnGjRGt8N2C3mXLe+cGIjwAfelCwKoDnAM89Du4QA9wX7/Cd6nCgCW8KZSf
AY3bIXA7jtQCMEkGJb+cvz8bZTIs/3/sa7q1CU3BajRF0LY4xqQzX6ediavWuBRi
TbW+Y5s6p5Yt+yD6FUIC
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:21:09 2026 by rpki-client