Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/7VN2Neo_y_Tol7TBSLwpsPhccXY.roa
File: 7VN2Neo_y_Tol7TBSLwpsPhccXY.roa (raw, json)
Hash identifier: qraDq8x5bn5vlRmkxS4EEo43RlJ5J0hejrRkLUzLWYU=
Subject key identifier: ED:53:76:35:EA:3F:CB:F4:E8:97:B4:C1:48:BC:29:B0:F8:5C:71:76
Certificate issuer: /CN=1970a2632079e18b9ef6728192a3936aabe2b224
Certificate serial: 019B7D5CD087C43573EE237E33C10CB00B1A
Authority key identifier: 19:70:A2:63:20:79:E1:8B:9E:F6:72:81:92:A3:93:6A:AB:E2:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GXCiYyB54Yue9nKBkqOTaqvisiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/7VN2Neo_y_Tol7TBSLwpsPhccXY.roa
Signing time: Fri 02 Jan 2026 06:19:53 +0000
ROA not before: Fri 02 Jan 2026 06:19:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8302
IP address blocks: 91.123.96.0/20 maxlen: 20
91.123.97.0/24 maxlen: 24
91.123.99.0/24 maxlen: 24
91.123.100.0/24 maxlen: 24
91.123.103.0/24 maxlen: 24
91.123.106.0/24 maxlen: 24
91.123.107.0/24 maxlen: 24
2a06:1b00::/32 maxlen: 32
2a06:1b00:97::/48 maxlen: 48
2a06:1b00:99::/48 maxlen: 48
2a06:1b00:100::/48 maxlen: 48
2a06:1b00:103::/48 maxlen: 48
2a06:1b00:106::/48 maxlen: 48
2a06:1b00:107::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/GXCiYyB54Yue9nKBkqOTaqvisiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/GXCiYyB54Yue9nKBkqOTaqvisiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/GXCiYyB54Yue9nKBkqOTaqvisiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5c:d0:87:c4:35:73:ee:23:7e:33:c1:0c:b0:0b:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1970a2632079e18b9ef6728192a3936aabe2b224
Validity
Not Before: Jan 2 06:19:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ed537635ea3fcbf4e897b4c148bc29b0f85c7176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7a:a4:25:aa:d2:59:27:f6:db:b7:9f:ed:50:
52:7e:f1:77:9e:dd:e3:ba:03:ce:5c:d9:8f:8d:7c:
32:92:30:c7:f5:7e:33:78:24:d5:01:b3:cc:91:b2:
8d:c1:4c:eb:15:d5:b5:52:f8:81:df:ef:64:62:93:
52:8f:c2:22:d8:18:78:fc:f8:83:2e:9a:d8:40:c5:
e5:fd:dd:be:2c:2d:18:54:bc:ba:54:c1:ab:bd:2e:
be:d3:65:3f:f1:79:a1:14:91:a0:c6:7a:67:a6:d3:
d4:3f:ac:4a:7d:fe:31:3a:d3:0a:91:17:e1:07:41:
3f:c9:88:50:38:72:6f:b7:72:a1:71:d9:32:91:45:
07:0b:f2:10:30:19:be:3d:58:69:07:8a:99:1b:ee:
79:1e:37:49:a8:a4:fe:f1:61:b6:46:15:86:4a:4f:
13:78:cd:1f:43:5a:68:af:66:72:60:83:ad:08:d9:
90:11:84:00:bd:ef:fa:9e:8d:e6:6f:2b:d6:37:bd:
db:dc:78:15:12:dc:32:d5:a9:a8:45:b0:f3:80:91:
1e:df:c7:e2:ca:b5:17:85:af:f9:98:8e:8f:57:de:
79:df:51:11:2f:2f:0a:87:ed:a1:e9:43:4f:1e:47:
6f:0e:b6:e9:11:78:c9:22:a2:ad:3d:40:7e:60:d4:
07:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:53:76:35:EA:3F:CB:F4:E8:97:B4:C1:48:BC:29:B0:F8:5C:71:76
X509v3 Authority Key Identifier:
keyid:19:70:A2:63:20:79:E1:8B:9E:F6:72:81:92:A3:93:6A:AB:E2:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GXCiYyB54Yue9nKBkqOTaqvisiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/7VN2Neo_y_Tol7TBSLwpsPhccXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/16c82f-9d22-41cb-bbb6-e78eaf1584bf/1/GXCiYyB54Yue9nKBkqOTaqvisiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.123.96.0/20
IPv6:
2a06:1b00::/32
Signature Algorithm: sha256WithRSAEncryption
71:9d:1a:4f:3f:47:1f:eb:fe:fa:80:98:00:da:0a:df:03:4b:
de:47:ca:15:89:c7:d8:34:8d:84:8a:51:57:aa:0e:8d:72:15:
31:29:30:8e:8b:f3:50:0d:be:e8:8e:6a:9e:aa:ca:73:c2:d5:
5d:b3:38:f2:d4:c9:b2:5c:2f:87:85:e9:eb:a3:0f:3d:76:7b:
23:ff:dd:13:72:8d:21:05:3d:64:32:c4:b2:78:43:16:d7:22:
1a:3b:12:49:3f:de:14:11:23:e9:66:cf:82:a6:2d:5c:45:8d:
c2:d4:c3:b6:6c:6b:03:88:eb:fa:c1:9a:a8:32:5a:1d:b3:92:
7f:27:39:f2:76:38:22:c6:d4:fc:7d:1b:cf:3d:cc:65:0e:96:
32:77:60:a9:44:37:0c:70:04:1d:e5:61:e2:4a:fb:7a:61:88:
9a:8e:90:a5:9d:91:b3:73:ee:6c:46:41:3f:2f:83:67:fd:e1:
c6:59:1e:2c:e5:a9:81:f5:c2:fe:fe:11:cb:71:be:db:77:bd:
fa:eb:42:f7:b1:47:95:28:43:c7:d3:4a:5b:e4:14:d0:2d:f1:
c8:2a:e2:cc:3b:85:65:34:94:3f:2a:05:d5:7d:d5:6a:6d:4f:
96:e0:8b:5f:02:45:5c:f5:ed:c4:38:61:9c:db:47:68:a2:f8:
52:c2:c7:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt9XNCHxDVz7iN+M8EMsAsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NzBhMjYzMjA3OWUxOGI5ZWY2NzI4MTkyYTM5MzZhYWJl
MmIyMjQwHhcNMjYwMTAyMDYxOTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDUzNzYzNWVhM2ZjYmY0ZTg5N2I0YzE0OGJjMjliMGY4NWM3MTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3qkJarSWSf227ef7VBSfvF3nt3j
ugPOXNmPjXwykjDH9X4zeCTVAbPMkbKNwUzrFdW1UviB3+9kYpNSj8Ii2Bh4/PiD
LprYQMXl/d2+LC0YVLy6VMGrvS6+02U/8XmhFJGgxnpnptPUP6xKff4xOtMKkRfh
B0E/yYhQOHJvt3KhcdkykUUHC/IQMBm+PVhpB4qZG+55HjdJqKT+8WG2RhWGSk8T
eM0fQ1por2ZyYIOtCNmQEYQAve/6no3mbyvWN73b3HgVEtwy1amoRbDzgJEe38fi
yrUXha/5mI6PV95531ERLy8Kh+2h6UNPHkdvDrbpEXjJIqKtPUB+YNQHMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO1TdjXqP8v06Je0wUi8KbD4XHF2MB8GA1UdIwQY
MBaAFBlwomMgeeGLnvZygZKjk2qr4rIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1hDaVl5QjU0WXVlOW5LQmtxT1RhcXZpc2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNmM4MmYtOWQyMi00MWNiLWJiYjYt
ZTc4ZWFmMTU4NGJmLzEvN1ZOMk5lb195X1RvbDdUQlNMd3BzUGhjY1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNmM4MmYtOWQyMi00MWNiLWJiYjYtZTc4ZWFmMTU4NGJm
LzEvR1hDaVl5QjU0WXVlOW5LQmtxT1RhcXZpc2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEW3tgMA0E
AgACMAcDBQAqBhsAMA0GCSqGSIb3DQEBCwUAA4IBAQBxnRpPP0cf6/76gJgA2grf
A0veR8oVicfYNI2EilFXqg6NchUxKTCOi/NQDb7ojmqeqspzwtVdszjy1MmyXC+H
henrow89dnsj/90Tco0hBT1kMsSyeEMW1yIaOxJJP94UESPpZs+Cpi1cRY3C1MO2
bGsDiOv6wZqoMlods5J/JznydjgixtT8fRvPPcxlDpYyd2CpRDcMcAQd5WHiSvt6
YYiajpClnZGzc+5sRkE/L4Nn/eHGWR4s5amB9cL+/hHLcb7bd73660L3sUeVKEPH
00pb5BTQLfHIKuLMO4VlNJQ/KgXVfdVqbU+W4ItfAkVc9e3EOGGc20doovhSwsdW
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:27:14 2026 by rpki-client