Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/010e95-49b7-4edd-8d0d-395d4eec831e/1/7RWPmp9-_7pNcdzf-XR0ng2OtNA.roa
File: 7RWPmp9-_7pNcdzf-XR0ng2OtNA.roa (raw, json)
Hash identifier: fZ0u4xWD6WZkxbVhHY3qx/w5uvwymHMnMMF0SIttq9Y=
Subject key identifier: ED:15:8F:9A:9F:7E:FF:BA:4D:71:DC:DF:F9:74:74:9E:0D:8E:B4:D0
Certificate issuer: /CN=1e74df4ad48ff211a0635b37f037977819cd4276
Certificate serial: 019B77C70E07BD03A0E6CFC4CCB4AA5AA6D6
Authority key identifier: 1E:74:DF:4A:D4:8F:F2:11:A0:63:5B:37:F0:37:97:78:19:CD:42:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HnTfStSP8hGgY1s38DeXeBnNQnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/010e95-49b7-4edd-8d0d-395d4eec831e/1/7RWPmp9-_7pNcdzf-XR0ng2OtNA.roa
Signing time: Thu 01 Jan 2026 04:18:12 +0000
ROA not before: Thu 01 Jan 2026 04:18:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35359
IP address blocks: 85.119.40.0/21 maxlen: 21
85.119.40.0/24 maxlen: 24
85.119.41.0/24 maxlen: 24
85.119.42.0/24 maxlen: 24
85.119.43.0/24 maxlen: 24
85.119.44.0/24 maxlen: 24
85.119.45.0/24 maxlen: 24
85.119.46.0/24 maxlen: 24
85.119.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/010e95-49b7-4edd-8d0d-395d4eec831e/1/HnTfStSP8hGgY1s38DeXeBnNQnY.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/010e95-49b7-4edd-8d0d-395d4eec831e/1/HnTfStSP8hGgY1s38DeXeBnNQnY.mft
rsync://rpki.ripe.net/repository/DEFAULT/HnTfStSP8hGgY1s38DeXeBnNQnY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:c7:0e:07:bd:03:a0:e6:cf:c4:cc:b4:aa:5a:a6:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e74df4ad48ff211a0635b37f037977819cd4276
Validity
Not Before: Jan 1 04:18:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ed158f9a9f7effba4d71dcdff974749e0d8eb4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e3:c0:fa:79:30:f7:aa:ea:bd:bc:20:90:d5:
3d:98:8a:cd:b1:29:fc:a7:e7:a6:c0:11:7f:c0:c2:
6c:32:c0:48:c6:bc:97:ea:20:40:7a:0f:87:4d:8a:
97:a9:db:a2:ac:98:fb:f3:2b:4d:38:49:e1:24:ae:
fb:cf:04:f8:18:f0:4e:ed:b7:0c:57:96:95:fa:47:
75:aa:09:dd:81:9e:c0:b6:fd:cf:0b:9e:dc:4b:6f:
d4:d3:74:ba:b8:a0:30:96:0c:e5:d7:3e:6b:73:1d:
7e:ab:03:4d:77:36:a4:a4:c3:e2:b3:0a:04:df:a6:
ae:57:66:7c:b5:9a:8c:bf:8c:01:6c:8a:a1:51:c6:
7c:97:af:ae:c8:8d:8f:d2:72:64:f6:cf:ff:60:ef:
83:fa:a4:e3:eb:94:ea:92:2f:89:99:ee:2b:35:80:
6f:88:ee:8d:7b:43:6f:51:b9:0f:e1:19:6f:a0:d5:
aa:8c:83:8a:e8:2d:f0:af:7f:2c:54:f8:5c:ca:2a:
3b:be:cc:8c:da:7f:e4:2c:36:d4:82:3f:87:c4:1c:
2e:43:71:4e:0a:e0:fd:54:e9:3f:a7:ab:6a:28:a1:
a5:15:04:01:f4:c3:57:de:9d:ea:8f:96:6c:65:09:
75:d8:69:73:de:0c:62:4b:bd:e2:f0:a8:4a:1d:ba:
63:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:15:8F:9A:9F:7E:FF:BA:4D:71:DC:DF:F9:74:74:9E:0D:8E:B4:D0
X509v3 Authority Key Identifier:
keyid:1E:74:DF:4A:D4:8F:F2:11:A0:63:5B:37:F0:37:97:78:19:CD:42:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HnTfStSP8hGgY1s38DeXeBnNQnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/010e95-49b7-4edd-8d0d-395d4eec831e/1/7RWPmp9-_7pNcdzf-XR0ng2OtNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/010e95-49b7-4edd-8d0d-395d4eec831e/1/HnTfStSP8hGgY1s38DeXeBnNQnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.40.0/21
Signature Algorithm: sha256WithRSAEncryption
91:b3:b0:c1:1f:63:99:b8:5b:4d:e6:77:e4:4c:25:f2:d0:f4:
58:80:fa:a4:e2:1a:6f:a1:87:48:b8:25:ce:72:cf:f2:d7:e0:
77:5e:73:49:02:22:1b:98:67:f1:c5:80:09:3b:20:ce:db:69:
ee:56:cf:e2:76:67:31:c4:5b:00:aa:3a:5f:dd:73:25:3b:0f:
0e:d4:93:f8:1f:3b:98:25:07:a2:b1:b5:6c:12:3b:ea:85:4d:
5f:bc:d2:69:57:90:bb:89:05:07:f0:be:a0:29:46:8b:a7:a8:
6a:ed:f9:5b:f2:ed:cf:53:81:ef:d3:83:31:02:cb:02:97:ff:
fb:ec:89:5a:7f:ad:87:0e:57:3a:e5:a9:ec:0a:d6:a9:c5:3d:
c8:fc:f3:42:7e:f0:8e:1f:ed:a5:20:65:cb:de:5c:d7:b7:a0:
45:ee:1c:1c:e8:77:57:28:8f:d8:7b:74:35:35:7c:32:b4:33:
42:05:18:21:b5:3b:d4:d1:17:36:dd:11:42:e6:03:47:31:4a:
06:4f:84:1c:10:2a:7c:23:65:02:58:6b:ce:59:e2:45:f5:13:
05:16:6e:a3:79:0d:ab:f8:87:60:af:a9:e5:6b:fe:26:d5:49:
f3:e0:2d:3c:77:d1:cc:60:46:70:ba:5a:0e:dd:f2:5b:aa:19:
6d:19:b2:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xw4HvQOg5s/EzLSqWqbWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNzRkZjRhZDQ4ZmYyMTFhMDYzNWIzN2YwMzc5Nzc4MTlj
ZDQyNzYwHhcNMjYwMTAxMDQxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDE1OGY5YTlmN2VmZmJhNGQ3MWRjZGZmOTc0NzQ5ZTBkOGViNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uPA+nkw96rqvbwgkNU9mIrNsSn8
p+emwBF/wMJsMsBIxryX6iBAeg+HTYqXqduirJj78ytNOEnhJK77zwT4GPBO7bcM
V5aV+kd1qgndgZ7Atv3PC57cS2/U03S6uKAwlgzl1z5rcx1+qwNNdzakpMPiswoE
36auV2Z8tZqMv4wBbIqhUcZ8l6+uyI2P0nJk9s//YO+D+qTj65Tqki+Jme4rNYBv
iO6Ne0NvUbkP4RlvoNWqjIOK6C3wr38sVPhcyio7vsyM2n/kLDbUgj+HxBwuQ3FO
CuD9VOk/p6tqKKGlFQQB9MNX3p3qj5ZsZQl12Glz3gxiS73i8KhKHbpjyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0Vj5qffv+6TXHc3/l0dJ4NjrTQMB8GA1UdIwQY
MBaAFB5030rUj/IRoGNbN/A3l3gZzUJ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG5UZlN0U1A4aEdnWTFzMzhEZVhlQm5OUW5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8wMTBlOTUtNDliNy00ZWRkLThkMGQt
Mzk1ZDRlZWM4MzFlLzEvN1JXUG1wOS1fN3BOY2R6Zi1YUjBuZzJPdE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8wMTBlOTUtNDliNy00ZWRkLThkMGQtMzk1ZDRlZWM4MzFl
LzEvSG5UZlN0U1A4aEdnWTFzMzhEZVhlQm5OUW5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVXcoMA0G
CSqGSIb3DQEBCwUAA4IBAQCRs7DBH2OZuFtN5nfkTCXy0PRYgPqk4hpvoYdIuCXO
cs/y1+B3XnNJAiIbmGfxxYAJOyDO22nuVs/idmcxxFsAqjpf3XMlOw8O1JP4HzuY
JQeisbVsEjvqhU1fvNJpV5C7iQUH8L6gKUaLp6hq7flb8u3PU4Hv04MxAssCl//7
7Ilaf62HDlc65ansCtapxT3I/PNCfvCOH+2lIGXL3lzXt6BF7hwc6HdXKI/Ye3Q1
NXwytDNCBRghtTvU0Rc23RFC5gNHMUoGT4QcECp8I2UCWGvOWeJF9RMFFm6jeQ2r
+Idgr6nla/4m1Unz4C08d9HMYEZwuloO3fJbqhltGbI9
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:21:02 2026 by rpki-client