Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/7aqK71miTASMwabVtsHzpubRHDs.roa
File: 7aqK71miTASMwabVtsHzpubRHDs.roa (raw, json)
Hash identifier: yhSFNY/JY9jo3EQSKl2NTB5DScn6tJax7Q4YrTEPg7Y=
Subject key identifier: ED:AA:8A:EF:59:A2:4C:04:8C:C1:A6:D5:B6:C1:F3:A6:E6:D1:1C:3B
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 019E447371276155DCD53D7F56F22838262C
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/7aqK71miTASMwabVtsHzpubRHDs.roa
Signing time: Wed 20 May 2026 08:14:36 +0000
ROA not before: Wed 20 May 2026 08:14:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205585
IP address blocks: 185.143.232.0/22 maxlen: 24
185.220.226.0/24 maxlen: 24
193.176.240.0/24 maxlen: 24
2a0c:a7c0::/29 maxlen: 48
2a0c:a7c6::/36 maxlen: 48
2a0c:a7c6:17::/48 maxlen: 48
2a0c:a7c7::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:44:73:71:27:61:55:dc:d5:3d:7f:56:f2:28:38:26:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: May 20 08:14:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=edaa8aef59a24c048cc1a6d5b6c1f3a6e6d11c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e6:41:f6:96:6d:f1:39:8e:15:68:2b:2f:7c:
b6:c8:b4:58:97:47:3b:a3:68:b7:ea:df:b8:fc:bc:
dc:80:59:3b:31:be:53:66:05:73:d8:7a:a7:ee:c9:
a4:97:66:ad:e9:c0:1e:5d:a7:6f:fd:f8:e4:1d:b3:
95:f4:e3:9b:16:fe:35:c0:cc:5d:fa:00:b2:ba:93:
10:8a:2e:e0:35:7f:f2:d9:eb:94:cc:f3:eb:0e:b0:
0a:3b:7a:63:20:3a:fc:e5:63:96:68:cd:56:a3:17:
8a:c7:77:d1:a4:ab:9f:dc:e1:84:c5:8a:87:dd:c4:
b4:37:04:3d:e4:62:7c:86:e8:4a:f3:e8:3d:df:e2:
ea:6f:41:90:57:0a:7a:85:65:65:4d:98:59:3d:dd:
6e:97:42:7f:17:84:e8:d4:13:d6:ba:f9:f9:30:5f:
a1:4a:fd:69:6d:36:62:72:c2:59:a8:26:42:bd:74:
2b:4e:65:b3:c4:ed:21:b9:dc:65:dd:1c:74:87:62:
f7:04:5f:89:95:53:f8:06:08:9a:27:82:21:ef:c1:
46:2d:2e:90:cf:31:9b:cb:a3:f2:3f:29:6d:e3:d6:
60:f0:96:31:63:f1:43:f5:1e:8b:5a:44:93:b7:8a:
fd:27:e4:bd:09:a0:56:a5:95:90:78:ed:25:4e:79:
b4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:AA:8A:EF:59:A2:4C:04:8C:C1:A6:D5:B6:C1:F3:A6:E6:D1:1C:3B
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/7aqK71miTASMwabVtsHzpubRHDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.232.0/22
185.220.226.0/24
193.176.240.0/24
IPv6:
2a0c:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
15:8e:03:80:10:9e:34:68:14:7d:36:66:f6:7b:af:17:d8:8b:
73:68:7c:dd:d3:f1:b8:4f:f2:a0:1d:88:59:29:aa:38:95:9b:
1a:95:7a:97:5f:e1:6f:c1:a1:6e:a9:17:f5:30:05:d3:3c:b2:
41:d6:be:59:ff:b0:55:9d:94:83:b9:7a:3d:3d:fa:90:eb:f0:
69:6b:d7:15:8c:7a:fc:50:6e:f1:c0:a2:54:9a:e2:6b:47:0a:
f1:7b:ee:35:7b:5e:f4:de:7c:75:d5:7c:3f:75:3c:7b:61:1e:
f7:64:18:27:67:b3:ce:07:a8:9d:a4:72:21:b2:8f:80:4d:76:
72:29:0e:f7:44:b7:d2:26:1d:47:e4:0a:d1:7d:ef:5b:5d:c2:
4d:c8:c9:aa:fb:30:4b:97:85:fb:29:d6:9b:33:0c:ab:39:95:
d2:12:b6:fc:64:14:20:bd:b3:b9:c6:66:a9:e5:fe:f2:84:95:
80:3d:24:7c:72:12:b6:f6:3a:d7:53:79:cb:55:6e:76:a3:e1:
fa:f9:2d:94:02:f3:fb:1e:e5:ef:e6:aa:4c:da:48:f0:7f:bd:
12:bd:de:f2:2b:30:53:3d:d8:bf:b7:b7:86:43:f8:e2:b3:01:
3a:28:8e:b1:af:80:16:0f:09:28:c7:67:80:c2:09:2f:66:97:
68:0c:b9:d9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ5Ec3EnYVXc1T1/VvIoOCYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjYwNTIwMDgxNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGFhOGFlZjU5YTI0YzA0OGNjMWE2ZDViNmMxZjNhNmU2ZDExYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eZB9pZt8TmOFWgrL3y2yLRYl0c7
o2i36t+4/LzcgFk7Mb5TZgVz2Hqn7smkl2at6cAeXadv/fjkHbOV9OObFv41wMxd
+gCyupMQii7gNX/y2euUzPPrDrAKO3pjIDr85WOWaM1WoxeKx3fRpKuf3OGExYqH
3cS0NwQ95GJ8huhK8+g93+Lqb0GQVwp6hWVlTZhZPd1ul0J/F4To1BPWuvn5MF+h
Sv1pbTZicsJZqCZCvXQrTmWzxO0hudxl3Rx0h2L3BF+JlVP4BgiaJ4Ih78FGLS6Q
zzGby6PyPylt49Zg8JYxY/FD9R6LWkSTt4r9J+S9CaBWpZWQeO0lTnm0UwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFO2qiu9ZokwEjMGm1bbB86bm0Rw7MB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvN2FxSzcxbWlUQVNNd2FiVnRzSHpwdWJSSERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuY/oAwQA
udziAwQAwbDwMA0EAgACMAcDBQMqDKfAMA0GCSqGSIb3DQEBCwUAA4IBAQAVjgOA
EJ40aBR9Nmb2e68X2ItzaHzd0/G4T/KgHYhZKao4lZsalXqXX+FvwaFuqRf1MAXT
PLJB1r5Z/7BVnZSDuXo9PfqQ6/Bpa9cVjHr8UG7xwKJUmuJrRwrxe+41e1703nx1
1Xw/dTx7YR73ZBgnZ7POB6idpHIhso+ATXZyKQ73RLfSJh1H5ArRfe9bXcJNyMmq
+zBLl4X7KdabMwyrOZXSErb8ZBQgvbO5xmap5f7yhJWAPSR8chK29jrXU3nLVW52
o+H6+S2UAvP7HuXv5qpM2kjwf70Svd7yKzBTPdi/t7eGQ/jiswE6KI6xr4AWDwko
x2eAwgkvZpdoDLnZ
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:15:09 2026 by rpki-client