Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS7768.roa
File: AS7768.roa (raw, json)
Hash identifier: KTrpwO402Q4/B690fmbu4zgHNYne89I/mHLYz7DZkpI=
Subject key identifier: 82:9D:11:78:7B:94:00:D4:E6:0E:CC:68:16:5E:0D:9E:9C:78:8F:A1
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 41E5D676676703425D3E33EE10D2F075AB9FF783
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS7768.roa
Signing time: Sat 04 Apr 2026 09:44:23 +0000
ROA not before: Sat 04 Apr 2026 09:39:23 +0000
ROA not after: Sat 03 Apr 2027 09:44:23 +0000
asID: 7768
IP address blocks: 93.190.8.0/24 maxlen: 24
93.190.9.0/24 maxlen: 24
93.190.10.0/24 maxlen: 24
93.190.11.0/24 maxlen: 24
193.32.184.0/24 maxlen: 24
193.32.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 18:23:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:e5:d6:76:67:67:03:42:5d:3e:33:ee:10:d2:f0:75:ab:9f:f7:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Apr 4 09:39:23 2026 GMT
Not After : Apr 3 09:44:23 2027 GMT
Subject: CN=829D11787B9400D4E60ECC68165E0D9E9C788FA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:82:2b:42:4f:d6:91:74:0a:31:f2:7c:8c:76:
6f:42:62:f2:58:5c:47:4f:a3:54:09:e7:bf:01:86:
0d:c8:9d:c7:e6:db:f5:17:3b:00:cb:0c:31:50:fd:
9f:6e:72:c6:13:e2:54:3a:a1:16:e2:af:31:47:d7:
86:46:5a:b9:9f:aa:e7:2f:cb:ec:58:f0:4c:5c:7b:
0f:b8:1b:17:44:75:23:52:58:6f:f4:d2:c9:83:42:
70:62:7c:11:0f:45:3d:a1:ed:0c:fc:75:4a:67:36:
8f:d9:f2:b8:91:22:5f:2d:db:72:c6:52:d7:9d:ca:
a9:b4:50:8d:10:99:b2:2b:15:6b:7f:87:53:27:3f:
4a:02:7f:cc:6d:41:09:76:87:52:3d:7f:10:e9:e2:
b3:7f:c7:30:cf:00:44:7b:7f:98:c3:76:8f:84:06:
03:b7:4a:34:e0:72:bf:a5:6d:97:85:5b:f9:5f:37:
1a:64:1a:84:e1:89:09:9a:04:96:d1:fa:f7:4d:6c:
8f:d1:25:84:e3:3b:23:9f:05:88:f5:84:5f:1b:f0:
0e:f0:bb:f1:7d:96:04:f0:79:43:d6:18:46:3f:00:
69:5f:01:1e:d3:74:94:bd:c9:9b:d6:7f:86:9b:37:
a0:be:97:b4:b7:92:23:00:96:c6:25:49:45:ab:3d:
c3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:9D:11:78:7B:94:00:D4:E6:0E:CC:68:16:5E:0D:9E:9C:78:8F:A1
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS7768.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.8.0/22
193.32.184.0/23
Signature Algorithm: sha256WithRSAEncryption
be:fd:6c:a2:6d:19:f0:e0:97:d6:f0:f5:9a:6f:a6:b4:c3:48:
65:64:e2:67:10:ef:d0:80:4e:b5:79:25:92:7d:a7:36:a5:52:
9c:dc:73:57:e9:cf:0d:2c:d3:32:42:62:c9:4d:c4:ee:97:fb:
6e:a1:14:44:a0:fa:12:55:0f:dc:38:11:2b:5d:bc:57:49:32:
a6:09:d2:47:14:03:a7:45:90:04:2f:13:72:b9:c4:7c:b3:89:
24:52:f3:2a:68:11:29:40:9f:5e:fd:74:b7:35:7d:b0:8b:3f:
59:b0:a4:6f:25:38:09:eb:d0:87:46:51:56:47:b2:8c:d4:0b:
fa:51:d2:d9:3d:31:67:9b:a3:76:bf:00:02:22:e4:0b:fe:00:
70:78:c0:22:66:0f:8b:7d:c2:f6:3b:08:79:59:db:a6:27:a4:
dd:c1:c1:d5:f0:ad:82:a2:06:dd:72:4e:62:64:75:e7:b6:71:
19:d2:30:0e:cf:0e:4b:61:eb:3c:d6:2c:53:b6:7c:d1:ae:b6:
51:a7:54:54:cb:be:92:f1:96:3e:46:eb:04:5f:9c:24:4f:95:
68:83:4e:f6:5d:12:cb:fa:0f:29:e3:d8:2f:0e:1b:36:3e:57:
8d:00:a1:58:f5:3d:2f:02:ae:28:8d:08:30:da:10:c2:31:96:
8e:36:d5:10
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIUQeXWdmdnA0JdPjPuENLwdauf94MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA0MDQwOTM5MjNaFw0yNzA0MDMwOTQ0MjNaMDMxMTAvBgNV
BAMTKDgyOUQxMTc4N0I5NDAwRDRFNjBFQ0M2ODE2NUUwRDlFOUM3ODhGQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBgitCT9aRdAox8nyMdm9CYvJY
XEdPo1QJ578Bhg3Incfm2/UXOwDLDDFQ/Z9ucsYT4lQ6oRbirzFH14ZGWrmfqucv
y+xY8Excew+4GxdEdSNSWG/00smDQnBifBEPRT2h7Qz8dUpnNo/Z8riRIl8t23LG
Utedyqm0UI0QmbIrFWt/h1MnP0oCf8xtQQl2h1I9fxDp4rN/xzDPAER7f5jDdo+E
BgO3SjTgcr+lbZeFW/lfNxpkGoThiQmaBJbR+vdNbI/RJYTjOyOfBYj1hF8b8A7w
u/F9lgTweUPWGEY/AGlfAR7TdJS9yZvWf4abN6C+l7S3kiMAlsYlSUWrPcNjAgMB
AAGjggIOMIICCjAdBgNVHQ4EFgQUgp0ReHuUANTmDsxoFl4Nnpx4j6EwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTNzc2OC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAl2+CAME
AcEguDANBgkqhkiG9w0BAQsFAAOCAQEAvv1som0Z8OCX1vD1mm+mtMNIZWTiZxDv
0IBOtXklkn2nNqVSnNxzV+nPDSzTMkJiyU3E7pf7bqEURKD6ElUP3DgRK128V0ky
pgnSRxQDp0WQBC8TcrnEfLOJJFLzKmgRKUCfXv10tzV9sIs/WbCkbyU4CevQh0ZR
VkeyjNQL+lHS2T0xZ5ujdr8AAiLkC/4AcHjAImYPi33C9jsIeVnbpiek3cHB1fCt
gqIG3XJOYmR157ZxGdIwDs8OS2HrPNYsU7Z80a62UadUVMu+kvGWPkbrBF+cJE+V
aINO9l0Sy/oPKePYLw4bNj5XjQChWPU9LwKuKI0IMNoQwjGWjjbVEA==
-----END CERTIFICATE-----
Generated at Sat Apr 18 04:12:59 2026 by rpki-client