Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/c6d1de-a23f-4b12-8e06-efc7bd2f5ffc/1/7KSK4_uUUkie444_ujxg5grYOeQ.roa
File: 7KSK4_uUUkie444_ujxg5grYOeQ.roa (raw, json)
Hash identifier: S7IvYGWbzxrCMZpkDf1xh4qQXV8wpzsty3IYgqUVqHc=
Subject key identifier: EC:A4:8A:E3:FB:94:52:48:9E:E3:8E:3F:BA:3C:60:E6:0A:D8:39:E4
Certificate issuer: /CN=0b27253c815c91c14a60bfa24551cf49d35e4754
Certificate serial: 019D1CE676C043D9A72B7873497A50926D58
Authority key identifier: 0B:27:25:3C:81:5C:91:C1:4A:60:BF:A2:45:51:CF:49:D3:5E:47:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyclPIFckcFKYL-iRVHPSdNeR1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/c6d1de-a23f-4b12-8e06-efc7bd2f5ffc/1/7KSK4_uUUkie444_ujxg5grYOeQ.roa
Signing time: Mon 23 Mar 2026 22:52:38 +0000
ROA not before: Mon 23 Mar 2026 22:52:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206328
IP address blocks: 185.189.128.0/24 maxlen: 24
185.189.129.0/24 maxlen: 24
185.189.130.0/24 maxlen: 24
185.189.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/c6d1de-a23f-4b12-8e06-efc7bd2f5ffc/1/CyclPIFckcFKYL-iRVHPSdNeR1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/c6d1de-a23f-4b12-8e06-efc7bd2f5ffc/1/CyclPIFckcFKYL-iRVHPSdNeR1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyclPIFckcFKYL-iRVHPSdNeR1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1c:e6:76:c0:43:d9:a7:2b:78:73:49:7a:50:92:6d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b27253c815c91c14a60bfa24551cf49d35e4754
Validity
Not Before: Mar 23 22:52:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eca48ae3fb9452489ee38e3fba3c60e60ad839e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:db:39:dc:00:34:77:20:80:86:ee:07:d4:98:
be:34:b5:16:ce:fc:52:a6:f5:d5:69:8f:a0:86:b7:
47:a0:80:ae:96:94:5c:dc:96:45:66:bc:04:57:66:
15:66:03:06:00:12:3b:6f:c6:1b:58:69:43:b2:a5:
a6:e0:d6:1a:00:e1:f9:a3:37:8d:a2:62:31:fc:5d:
69:28:81:51:29:b8:88:f5:9e:e7:dc:76:e5:cb:80:
e6:fd:96:54:05:e8:5a:94:3c:47:80:53:66:04:09:
48:5f:49:20:04:47:cf:ee:74:1f:43:6e:8d:2a:b7:
e4:f7:c4:d2:00:1c:ff:6a:6a:79:03:ce:a7:77:20:
a5:35:ec:df:10:a9:46:0c:44:11:3b:38:3e:2b:2d:
cd:05:5e:57:7b:e0:86:aa:07:78:56:4b:68:ac:fe:
2a:21:7b:4c:6c:14:b6:05:5e:cd:82:14:ea:5c:75:
79:be:09:5c:ac:74:46:90:72:6a:d6:81:73:ea:9d:
c2:63:11:cb:69:6b:ce:72:ca:c4:a9:1a:76:40:be:
5e:da:21:30:7b:7f:81:ea:3b:0e:9f:4a:13:c7:f3:
77:eb:44:ab:ae:92:c4:e1:4e:e8:7b:e5:ba:33:bf:
6e:c3:12:d5:f9:12:d0:9c:d1:74:cc:cb:10:98:fd:
c3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A4:8A:E3:FB:94:52:48:9E:E3:8E:3F:BA:3C:60:E6:0A:D8:39:E4
X509v3 Authority Key Identifier:
keyid:0B:27:25:3C:81:5C:91:C1:4A:60:BF:A2:45:51:CF:49:D3:5E:47:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyclPIFckcFKYL-iRVHPSdNeR1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/c6d1de-a23f-4b12-8e06-efc7bd2f5ffc/1/7KSK4_uUUkie444_ujxg5grYOeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/c6d1de-a23f-4b12-8e06-efc7bd2f5ffc/1/CyclPIFckcFKYL-iRVHPSdNeR1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.128.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:0d:23:06:57:f6:41:33:36:51:64:59:a3:24:31:c6:62:45:
20:47:e1:2f:96:76:08:c6:78:6f:38:93:53:f8:76:b3:35:68:
13:4b:ef:4c:3e:43:08:35:d2:af:c8:26:3f:de:12:04:86:4b:
12:e9:f1:ef:07:70:20:d0:50:e8:63:d9:ff:ed:3f:ac:7d:a7:
83:f8:c7:75:a8:8e:7b:95:5c:b9:5e:55:14:b9:21:9e:be:23:
4f:3b:9f:eb:36:ad:5e:db:aa:e8:bc:b5:db:e5:a7:21:52:b5:
09:ec:fe:25:28:af:15:70:73:15:f7:32:12:ac:1f:da:6f:ba:
ec:43:0e:08:25:60:fb:46:7c:ed:fd:71:70:d2:2a:78:fe:8a:
cf:5f:2d:b0:f8:6e:07:c8:71:67:1b:1b:1c:16:29:1c:77:3d:
70:ea:66:31:73:27:87:df:0f:80:83:5a:8e:b8:a3:48:bf:29:
41:80:a2:07:23:f5:39:f4:c6:22:1d:9f:95:68:c5:b3:f0:42:
a0:49:c1:5f:23:70:9c:25:ec:c3:c4:81:97:f5:19:2e:e6:bf:
c6:29:02:bc:68:55:5f:79:20:7a:51:03:f4:d2:7d:b6:95:50:
55:c9:3a:a3:85:53:1d:b2:5e:45:48:12:93:29:6f:fe:2d:c3:
f5:ef:b6:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0c5nbAQ9mnK3hzSXpQkm1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjcyNTNjODE1YzkxYzE0YTYwYmZhMjQ1NTFjZjQ5ZDM1
ZTQ3NTQwHhcNMjYwMzIzMjI1MjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2E0OGFlM2ZiOTQ1MjQ4OWVlMzhlM2ZiYTNjNjBlNjBhZDgzOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ts53AA0dyCAhu4H1Ji+NLUWzvxS
pvXVaY+ghrdHoICulpRc3JZFZrwEV2YVZgMGABI7b8YbWGlDsqWm4NYaAOH5ozeN
omIx/F1pKIFRKbiI9Z7n3Hbly4Dm/ZZUBehalDxHgFNmBAlIX0kgBEfP7nQfQ26N
Krfk98TSABz/amp5A86ndyClNezfEKlGDEQROzg+Ky3NBV5Xe+CGqgd4VktorP4q
IXtMbBS2BV7NghTqXHV5vglcrHRGkHJq1oFz6p3CYxHLaWvOcsrEqRp2QL5e2iEw
e3+B6jsOn0oTx/N360SrrpLE4U7oe+W6M79uwxLV+RLQnNF0zMsQmP3D1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOykiuP7lFJInuOOP7o8YOYK2DnkMB8GA1UdIwQY
MBaAFAsnJTyBXJHBSmC/okVRz0nTXkdUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ljbFBJRmNrY0ZLWUwtaVJWSFBTZE5lUjFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9jNmQxZGUtYTIzZi00YjEyLThlMDYt
ZWZjN2JkMmY1ZmZjLzEvN0tTSzRfdVVVa2llNDQ0X3VqeGc1Z3JZT2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9jNmQxZGUtYTIzZi00YjEyLThlMDYtZWZjN2JkMmY1ZmZj
LzEvQ3ljbFBJRmNrY0ZLWUwtaVJWSFBTZE5lUjFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub2AMA0G
CSqGSIb3DQEBCwUAA4IBAQCMDSMGV/ZBMzZRZFmjJDHGYkUgR+EvlnYIxnhvOJNT
+HazNWgTS+9MPkMINdKvyCY/3hIEhksS6fHvB3Ag0FDoY9n/7T+sfaeD+Md1qI57
lVy5XlUUuSGeviNPO5/rNq1e26rovLXb5achUrUJ7P4lKK8VcHMV9zISrB/ab7rs
Qw4IJWD7Rnzt/XFw0ip4/orPXy2w+G4HyHFnGxscFikcdz1w6mYxcyeH3w+Ag1qO
uKNIvylBgKIHI/U59MYiHZ+VaMWz8EKgScFfI3CcJezDxIGX9Rku5r/GKQK8aFVf
eSB6UQP00n22lVBVyTqjhVMdsl5FSBKTKW/+LcP177br
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:14:31 2026 by rpki-client