Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/7dwcBbvVnefNVnS3xa77Chf94xY.roa
File: 7dwcBbvVnefNVnS3xa77Chf94xY.roa (raw, json)
Hash identifier: VD1nhUhmj/cy239Pjqk6Su3la8qAcLSyM7KYpjO+7HU=
Subject key identifier: ED:DC:1C:05:BB:D5:9D:E7:CD:56:74:B7:C5:AE:FB:0A:17:FD:E3:16
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 019E8DB68773F8867089D2845612C4DE3338
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/7dwcBbvVnefNVnS3xa77Chf94xY.roa
Signing time: Wed 03 Jun 2026 13:40:10 +0000
ROA not before: Wed 03 Jun 2026 13:40:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31077
IP address blocks: 31.172.138.0/23 maxlen: 32
80.92.224.0/24 maxlen: 32
80.92.226.0/24 maxlen: 32
80.92.236.0/24 maxlen: 32
92.60.180.0/24 maxlen: 32
92.60.182.0/24 maxlen: 32
92.60.185.0/24 maxlen: 32
92.60.186.0/23 maxlen: 32
128.0.168.0/23 maxlen: 32
128.0.171.0/24 maxlen: 32
193.239.217.0/24 maxlen: 32
212.110.132.0/24 maxlen: 32
212.110.137.0/24 maxlen: 32
212.110.154.0/24 maxlen: 32
217.20.168.0/22 maxlen: 32
217.20.173.0/24 maxlen: 32
217.20.174.0/24 maxlen: 32
217.20.176.0/22 maxlen: 32
217.20.182.0/23 maxlen: 32
217.20.186.0/24 maxlen: 32
217.20.189.0/24 maxlen: 32
217.20.190.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 20:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8d:b6:87:73:f8:86:70:89:d2:84:56:12:c4:de:33:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Jun 3 13:40:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eddc1c05bbd59de7cd5674b7c5aefb0a17fde316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:63:a8:4d:23:83:09:93:fb:6f:e0:b5:bf:26:
3a:62:ff:d9:84:74:5b:52:af:1e:a7:77:c6:36:f9:
b5:4d:88:d3:65:18:0e:eb:b1:2a:38:b0:3b:1a:c0:
d5:ab:1a:d3:db:3a:f3:42:69:97:f4:1b:2d:e5:ea:
8b:b1:e2:0d:df:20:19:7f:1d:75:f9:eb:ce:4b:bf:
44:85:af:20:33:6c:40:4f:e8:3f:04:0d:13:00:63:
cb:25:03:64:39:d8:41:fb:d7:ba:31:17:ad:3b:7c:
82:11:bc:21:2b:1b:0d:aa:d5:37:46:f0:a0:6f:5f:
7c:ce:42:65:23:d7:6d:c2:b2:81:59:4f:01:41:50:
73:53:c2:3c:3f:d1:e8:be:48:76:5a:cc:91:bc:b7:
e2:f8:b0:04:c8:f7:98:f2:29:84:c8:e5:7e:fd:e4:
66:d8:93:a6:d4:2d:52:95:7c:5d:bd:22:c1:44:b2:
48:5c:83:bf:71:3d:d6:4a:72:01:9e:cf:62:2f:e6:
24:f7:1e:9c:d3:96:d4:37:7a:6e:1a:cf:05:d4:6a:
d5:0f:0f:36:94:37:16:19:50:77:26:cb:70:84:f1:
1a:f1:c9:28:82:7f:89:56:77:29:04:80:a7:62:03:
2f:b0:16:75:96:ec:d8:43:23:79:42:20:e6:f4:bc:
4a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:DC:1C:05:BB:D5:9D:E7:CD:56:74:B7:C5:AE:FB:0A:17:FD:E3:16
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/7dwcBbvVnefNVnS3xa77Chf94xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.138.0/23
80.92.224.0/24
80.92.226.0/24
80.92.236.0/24
92.60.180.0/24
92.60.182.0/24
92.60.185.0-92.60.187.255
128.0.168.0/23
128.0.171.0/24
193.239.217.0/24
212.110.132.0/24
212.110.137.0/24
212.110.154.0/24
217.20.168.0/22
217.20.173.0-217.20.174.255
217.20.176.0/22
217.20.182.0/23
217.20.186.0/24
217.20.189.0-217.20.190.255
Signature Algorithm: sha256WithRSAEncryption
1c:c0:73:94:4b:d2:d8:95:d2:34:0d:e6:86:86:43:24:43:cb:
0e:fc:16:cf:63:45:24:f4:c8:f8:17:5d:ec:a2:46:f2:07:22:
c1:e8:83:dc:90:93:c4:0a:e3:99:f8:46:03:a7:42:79:8b:93:
d1:8c:86:93:27:1e:37:67:96:f7:01:8f:a6:f6:8b:ac:1b:f1:
80:38:45:bf:e0:9c:31:7a:3f:82:82:ec:60:3f:9b:32:65:f5:
4c:1c:c5:39:a9:d5:26:27:b6:41:ea:30:03:dd:81:ef:18:ae:
38:47:0b:f3:a1:97:08:e5:40:f2:ef:9c:8b:34:a2:9d:2d:89:
09:b0:8d:2f:9e:1d:fc:80:17:3d:9d:44:16:b4:79:ec:03:43:
08:31:46:c1:8c:41:86:ef:88:32:f7:25:04:59:59:c0:8b:5a:
d1:31:57:d7:46:65:e1:a5:be:5d:10:9f:21:42:27:69:d4:a4:
8a:39:3d:33:7e:10:c7:f7:88:62:f0:56:71:52:95:f7:89:cb:
01:f8:c8:b8:fd:23:14:94:86:43:e5:e8:f8:ff:ef:2f:9e:d4:
11:05:97:bf:72:c4:13:94:40:af:85:6d:50:d0:5f:45:4c:e6:
f5:22:f4:21:b4:90:79:89:c3:aa:8e:29:f2:cd:88:5c:0c:31:
23:43:0c:c1
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ6Ntodz+IZwidKEVhLE3jM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjYwNjAzMTM0MDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGRjMWMwNWJiZDU5ZGU3Y2Q1Njc0YjdjNWFlZmIwYTE3ZmRlMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGOoTSODCZP7b+C1vyY6Yv/ZhHRb
Uq8ep3fGNvm1TYjTZRgO67EqOLA7GsDVqxrT2zrzQmmX9Bst5eqLseIN3yAZfx11
+evOS79Eha8gM2xAT+g/BA0TAGPLJQNkOdhB+9e6MRetO3yCEbwhKxsNqtU3RvCg
b198zkJlI9dtwrKBWU8BQVBzU8I8P9Hovkh2WsyRvLfi+LAEyPeY8imEyOV+/eRm
2JOm1C1SlXxdvSLBRLJIXIO/cT3WSnIBns9iL+Yk9x6c05bUN3puGs8F1GrVDw82
lDcWGVB3JstwhPEa8ckogn+JVncpBICnYgMvsBZ1luzYQyN5QiDm9LxKTwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFO3cHAW71Z3nzVZ0t8Wu+woX/eMWMB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvN2R3Y0JidlZuZWZOVm5TM3hhNzdDaGY5NHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAEf
rIoDBABQXOADBABQXOIDBABQXOwDBABcPLQDBABcPLYwDAMEAFw8uQMEAlw8uAME
AYAAqAMEAIAAqwMEAMHv2QMEANRuhAMEANRuiQMEANRumgMEAtkUqDAMAwQA2RSt
AwQA2RSuAwQC2RSwAwQB2RS2AwQA2RS6MAwDBADZFL0DBADZFL4wDQYJKoZIhvcN
AQELBQADggEBABzAc5RL0tiV0jQN5oaGQyRDyw78Fs9jRST0yPgXXeyiRvIHIsHo
g9yQk8QK45n4RgOnQnmLk9GMhpMnHjdnlvcBj6b2i6wb8YA4Rb/gnDF6P4KC7GA/
mzJl9UwcxTmp1SYntkHqMAPdge8YrjhHC/OhlwjlQPLvnIs0op0tiQmwjS+eHfyA
Fz2dRBa0eewDQwgxRsGMQYbviDL3JQRZWcCLWtExV9dGZeGlvl0QnyFCJ2nUpIo5
PTN+EMf3iGLwVnFSlfeJywH4yLj9IxSUhkPl6Pj/7y+e1BEFl79yxBOUQK+FbVDQ
X0VM5vUi9CG0kHmJw6qOKfLNiFwMMSNDDME=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:53 2026 by rpki-client