Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/u7g1EJ_IJa-0BdE_KUBnyoB2JSQ.roa
File: u7g1EJ_IJa-0BdE_KUBnyoB2JSQ.roa (raw, json)
Hash identifier: xlygVLhoP9IZVqEPUv8JWvUxpAHcifeKoCfEWNZSZWo=
Subject key identifier: BB:B8:35:10:9F:C8:25:AF:B4:05:D1:3F:29:40:67:CA:80:76:25:24
Certificate issuer: /CN=248719434b6e3b607f647bb0d58a81dc1ebfdd4d
Certificate serial: 019D1E568138BD19256E4407614099920AB5
Authority key identifier: 24:87:19:43:4B:6E:3B:60:7F:64:7B:B0:D5:8A:81:DC:1E:BF:DD:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/u7g1EJ_IJa-0BdE_KUBnyoB2JSQ.roa
Signing time: Tue 24 Mar 2026 05:34:38 +0000
ROA not before: Tue 24 Mar 2026 05:34:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60388
IP address blocks: 185.31.108.0/22 maxlen: 22
212.73.96.0/19 maxlen: 19
212.73.96.0/23 maxlen: 23
212.73.98.0/23 maxlen: 23
212.73.98.0/24 maxlen: 24
212.73.99.0/24 maxlen: 24
212.73.100.0/23 maxlen: 23
212.73.102.0/24 maxlen: 24
212.73.103.0/24 maxlen: 24
212.73.104.0/21 maxlen: 21
212.73.104.0/24 maxlen: 24
212.73.105.0/24 maxlen: 24
212.73.106.0/24 maxlen: 24
212.73.107.0/24 maxlen: 24
212.73.108.0/24 maxlen: 24
212.73.109.0/24 maxlen: 24
212.73.110.0/24 maxlen: 24
212.73.111.0/24 maxlen: 24
212.73.112.0/20 maxlen: 20
212.73.113.0/24 maxlen: 24
212.73.114.0/24 maxlen: 24
2a00:b4a0::/32 maxlen: 32
2a01:70c0::/32 maxlen: 32
2a01:70c0::/48 maxlen: 48
2a01:70c0:1::/48 maxlen: 48
2a01:70c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1e:56:81:38:bd:19:25:6e:44:07:61:40:99:92:0a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=248719434b6e3b607f647bb0d58a81dc1ebfdd4d
Validity
Not Before: Mar 24 05:34:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bbb835109fc825afb405d13f294067ca80762524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a8:8c:40:dc:67:4c:34:7f:17:b6:bd:ef:6a:
2b:be:25:27:76:c0:f4:29:c8:e5:49:86:ae:53:99:
0e:b9:28:84:ce:af:87:fb:45:c0:a1:d7:9f:ba:87:
87:16:80:4b:02:c2:0b:88:8d:6c:cd:54:1f:41:93:
47:c6:85:22:24:fb:51:cf:06:7d:b0:b5:e0:db:ff:
72:3d:3c:7c:5f:14:92:bd:1d:df:52:83:dd:e2:b9:
f0:4b:34:03:03:b1:b5:e7:46:54:32:51:95:77:e5:
8e:e8:ee:00:05:fe:12:b7:39:85:ec:f1:58:e5:f0:
83:08:83:4d:e2:01:62:75:e2:06:50:33:a2:f9:19:
3d:42:17:71:5b:e4:d5:30:25:7f:12:74:af:16:d7:
18:ae:d2:e8:86:db:1e:09:e6:cc:6c:06:2d:62:c5:
18:0f:ca:13:94:87:ae:3d:0e:c8:72:5b:e5:d9:67:
cb:f2:37:98:95:4b:b9:fc:2c:94:82:ac:60:54:8b:
01:d2:f0:5b:78:ab:6e:76:9f:a6:01:cd:10:f2:f3:
a6:13:77:15:bb:d7:89:92:e6:bf:c8:1e:f6:c6:60:
4d:33:64:d7:a9:a5:11:42:bc:50:25:ce:d3:ad:11:
a7:6b:3d:ce:bf:c8:1a:de:a8:5e:3d:a1:ed:bf:76:
e1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B8:35:10:9F:C8:25:AF:B4:05:D1:3F:29:40:67:CA:80:76:25:24
X509v3 Authority Key Identifier:
keyid:24:87:19:43:4B:6E:3B:60:7F:64:7B:B0:D5:8A:81:DC:1E:BF:DD:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/u7g1EJ_IJa-0BdE_KUBnyoB2JSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/70eb7a-1ae4-4bbe-8ce0-f3028aea9977/1/JIcZQ0tuO2B_ZHuw1YqB3B6_3U0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.108.0/22
212.73.96.0/19
IPv6:
2a00:b4a0::/32
2a01:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:ee:67:ab:d5:50:ef:61:14:89:60:33:9e:3a:5e:29:02:c3:
19:72:f6:d8:ef:35:e1:69:17:6b:e6:20:7a:ae:72:f1:c2:0c:
1c:a0:c8:0a:da:9e:68:5f:f6:b0:bf:19:d9:c4:4e:d4:09:b7:
6d:2d:3c:97:4f:ff:b4:33:ff:7c:f8:a5:a9:cc:3d:e9:50:93:
54:3d:e9:3d:0e:08:45:60:06:88:f6:f2:51:ff:83:b9:a9:a3:
f5:d8:98:22:67:47:9b:09:4e:8a:8d:28:5e:8c:f2:56:1f:66:
e6:8f:e2:a7:f5:98:53:36:08:dd:08:7a:40:be:e4:07:c1:fc:
87:9d:80:dc:09:6c:ef:80:29:32:62:23:53:0d:96:c5:bf:58:
ca:c5:3a:e0:e0:c6:18:0c:d0:20:cd:40:5e:c8:88:42:e5:01:
56:1a:e5:f0:cf:71:e5:14:62:a7:65:72:ff:7d:cb:b7:34:b6:
71:71:e0:ab:e5:c4:f4:57:37:f3:20:01:0e:18:4a:32:89:08:
c2:81:c1:ee:53:d1:bf:bc:50:38:2f:cd:68:77:93:67:bc:ae:
17:f7:6a:ac:7c:65:89:02:8b:fe:e4:06:be:f5:9e:86:d2:9d:
01:3d:95:46:9c:37:7a:20:42:67:d8:11:c0:fd:a1:1a:f5:8d:
4b:8f:75:b5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ0eVoE4vRklbkQHYUCZkgq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ODcxOTQzNGI2ZTNiNjA3ZjY0N2JiMGQ1OGE4MWRjMWVi
ZmRkNGQwHhcNMjYwMzI0MDUzNDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmI4MzUxMDlmYzgyNWFmYjQwNWQxM2YyOTQwNjdjYTgwNzYyNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KiMQNxnTDR/F7a972orviUndsD0
KcjlSYauU5kOuSiEzq+H+0XAodefuoeHFoBLAsILiI1szVQfQZNHxoUiJPtRzwZ9
sLXg2/9yPTx8XxSSvR3fUoPd4rnwSzQDA7G150ZUMlGVd+WO6O4ABf4StzmF7PFY
5fCDCINN4gFideIGUDOi+Rk9QhdxW+TVMCV/EnSvFtcYrtLohtseCebMbAYtYsUY
D8oTlIeuPQ7Iclvl2WfL8jeYlUu5/CyUgqxgVIsB0vBbeKtudp+mAc0Q8vOmE3cV
u9eJkua/yB72xmBNM2TXqaURQrxQJc7TrRGnaz3Ov8ga3qhePaHtv3bhdQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLu4NRCfyCWvtAXRPylAZ8qAdiUkMB8GA1UdIwQY
MBaAFCSHGUNLbjtgf2R7sNWKgdwev91NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkljWlEwdHVPMkJfWkh1dzFZcUIzQjZfM1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MGViN2EtMWFlNC00YmJlLThjZTAt
ZjMwMjhhZWE5OTc3LzEvdTdnMUVKX0lKYS0wQmRFX0tVQm55b0IySlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MGViN2EtMWFlNC00YmJlLThjZTAtZjMwMjhhZWE5OTc3
LzEvSkljWlEwdHVPMkJfWkh1dzFZcUIzQjZfM1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuR9sAwQF
1ElgMBQEAgACMA4DBQAqALSgAwUAKgFwwDANBgkqhkiG9w0BAQsFAAOCAQEADe5n
q9VQ72EUiWAznjpeKQLDGXL22O814WkXa+Ygeq5y8cIMHKDICtqeaF/2sL8Z2cRO
1Am3bS08l0//tDP/fPilqcw96VCTVD3pPQ4IRWAGiPbyUf+Duamj9diYImdHmwlO
io0oXozyVh9m5o/ip/WYUzYI3Qh6QL7kB8H8h52A3Als74ApMmIjUw2Wxb9YysU6
4ODGGAzQIM1AXsiIQuUBVhrl8M9x5RRip2Vy/33LtzS2cXHgq+XE9Fc38yABDhhK
MokIwoHB7lPRv7xQOC/NaHeTZ7yuF/dqrHxliQKL/uQGvvWehtKdAT2VRpw3eiBC
Z9gRwP2hGvWNS491tQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:22:05 2026 by rpki-client