Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/000d6b-0ffc-46de-a2a6-fac16ed10a4a/1/rReuKYKAVqr3CoKH5UO-1aSW-mc.roa
File: rReuKYKAVqr3CoKH5UO-1aSW-mc.roa (raw, json)
Hash identifier: fGoH+yub0teNtoDmdJ6CIXMKMtZMJfMpSQSYdG/VkrY=
Subject key identifier: AD:17:AE:29:82:80:56:AA:F7:0A:82:87:E5:43:BE:D5:A4:96:FA:67
Certificate issuer: /CN=dbc92025adb368cb9532098986077079b01c1655
Certificate serial: 019C8FB0AFA12A0F6A8205B819094563B15E
Authority key identifier: DB:C9:20:25:AD:B3:68:CB:95:32:09:89:86:07:70:79:B0:1C:16:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28kgJa2zaMuVMgmJhgdwebAcFlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/000d6b-0ffc-46de-a2a6-fac16ed10a4a/1/rReuKYKAVqr3CoKH5UO-1aSW-mc.roa
Signing time: Tue 24 Feb 2026 12:47:27 +0000
ROA not before: Tue 24 Feb 2026 12:47:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212200
IP address blocks: 185.140.166.0/24 maxlen: 24
185.140.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/000d6b-0ffc-46de-a2a6-fac16ed10a4a/1/28kgJa2zaMuVMgmJhgdwebAcFlU.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/000d6b-0ffc-46de-a2a6-fac16ed10a4a/1/28kgJa2zaMuVMgmJhgdwebAcFlU.mft
rsync://rpki.ripe.net/repository/DEFAULT/28kgJa2zaMuVMgmJhgdwebAcFlU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:b0:af:a1:2a:0f:6a:82:05:b8:19:09:45:63:b1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc92025adb368cb9532098986077079b01c1655
Validity
Not Before: Feb 24 12:47:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ad17ae29828056aaf70a8287e543bed5a496fa67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:71:79:33:23:1c:95:a3:17:f7:ca:91:46:7e:
97:f0:7f:11:75:2b:2f:b9:ce:ff:f1:ab:de:35:95:
fe:7c:b9:b4:fb:f4:a9:4e:c0:96:7f:b9:55:40:9f:
86:a7:37:0f:b6:40:75:97:85:d4:dd:64:a3:17:67:
32:96:5f:ae:7f:1a:69:ea:19:6a:75:ce:75:7f:91:
ea:91:4d:7a:2b:88:7a:76:4a:fc:94:d7:e4:f5:ea:
fb:ed:92:b0:d0:c8:b3:c1:0c:bd:78:02:51:37:72:
da:08:d6:59:95:f1:95:28:1b:f8:53:57:c2:9b:03:
87:e5:1b:b3:9a:d9:fb:2c:be:10:6c:bf:9f:34:dd:
59:be:05:87:59:31:75:0b:0b:b2:ae:bc:8e:93:77:
22:d5:fa:a7:1b:e2:44:4e:1b:85:ba:21:69:cd:da:
62:c5:cf:26:47:c4:56:2b:08:ce:5b:06:1d:c6:03:
5d:e9:59:1d:ae:08:4e:53:0c:cf:7d:6c:2b:ed:9c:
6a:c3:0e:d9:d1:f7:d6:68:7e:9e:96:c1:fa:e1:e7:
e2:17:36:f3:4d:3d:c0:a8:b6:f5:29:3d:1b:3a:de:
d9:b4:2a:06:92:4d:16:82:d9:d0:a9:a7:4a:5a:3c:
8e:f7:8a:0d:0a:30:91:1d:b5:b7:25:42:39:63:13:
de:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:17:AE:29:82:80:56:AA:F7:0A:82:87:E5:43:BE:D5:A4:96:FA:67
X509v3 Authority Key Identifier:
keyid:DB:C9:20:25:AD:B3:68:CB:95:32:09:89:86:07:70:79:B0:1C:16:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28kgJa2zaMuVMgmJhgdwebAcFlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/000d6b-0ffc-46de-a2a6-fac16ed10a4a/1/rReuKYKAVqr3CoKH5UO-1aSW-mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/000d6b-0ffc-46de-a2a6-fac16ed10a4a/1/28kgJa2zaMuVMgmJhgdwebAcFlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.166.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:c7:e0:77:75:44:82:cb:13:c3:75:bb:04:ff:cf:bb:73:9e:
6f:74:6d:fb:f1:96:f9:bb:b3:56:35:56:23:33:2f:b4:70:a6:
da:d1:0e:ca:2a:a0:7e:fc:4d:2a:26:38:d4:e4:a3:dc:1c:82:
82:bb:16:87:ab:d9:7f:c9:00:ad:36:cb:c7:3b:f6:f9:ce:15:
97:27:10:ea:68:36:6c:14:84:dd:7f:82:2a:33:7c:d5:13:5a:
3c:4a:13:59:51:46:6d:b0:07:32:3f:64:9f:9d:0b:2d:6f:38:
84:33:25:a4:ac:0f:f2:05:7a:01:ae:24:33:09:c1:06:10:02:
7b:a1:1e:47:ae:f9:15:54:6a:ce:58:93:f2:0f:f5:10:65:50:
3e:f9:3f:82:97:d6:04:53:de:09:68:3d:17:0a:f8:09:8d:98:
48:2f:52:5d:94:4d:ac:9f:f0:a4:2d:e7:a8:fa:2f:ac:f5:b5:
6e:1a:d0:f2:d8:9d:cc:d9:70:e2:8f:3d:b8:75:ab:01:1f:82:
68:03:32:9b:00:75:d2:ab:89:cf:d5:05:1b:f2:1a:d2:ac:09:
94:96:a6:84:ad:52:43:c1:1b:eb:20:12:84:d4:1b:e1:6c:dc:
94:0e:7a:e3:d4:eb:46:5a:c4:d9:12:ca:17:06:f8:73:2a:26:
85:14:ea:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyPsK+hKg9qggW4GQlFY7FeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzkyMDI1YWRiMzY4Y2I5NTMyMDk4OTg2MDc3MDc5YjAx
YzE2NTUwHhcNMjYwMjI0MTI0NzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDE3YWUyOTgyODA1NmFhZjcwYTgyODdlNTQzYmVkNWE0OTZmYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunF5MyMclaMX98qRRn6X8H8RdSsv
uc7/8aveNZX+fLm0+/SpTsCWf7lVQJ+GpzcPtkB1l4XU3WSjF2cyll+ufxpp6hlq
dc51f5HqkU16K4h6dkr8lNfk9er77ZKw0MizwQy9eAJRN3LaCNZZlfGVKBv4U1fC
mwOH5Ruzmtn7LL4QbL+fNN1ZvgWHWTF1CwuyrryOk3ci1fqnG+JEThuFuiFpzdpi
xc8mR8RWKwjOWwYdxgNd6VkdrghOUwzPfWwr7Zxqww7Z0ffWaH6elsH64efiFzbz
TT3AqLb1KT0bOt7ZtCoGkk0WgtnQqadKWjyO94oNCjCRHbW3JUI5YxPePwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0XrimCgFaq9wqCh+VDvtWklvpnMB8GA1UdIwQY
MBaAFNvJICWts2jLlTIJiYYHcHmwHBZVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhrZ0phMnphTXVWTWdtSmhnZHdlYkFjRmxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMDBkNmItMGZmYy00NmRlLWEyYTYt
ZmFjMTZlZDEwYTRhLzEvclJldUtZS0FWcXIzQ29LSDVVTy0xYVNXLW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMDBkNmItMGZmYy00NmRlLWEyYTYtZmFjMTZlZDEwYTRh
LzEvMjhrZ0phMnphTXVWTWdtSmhnZHdlYkFjRmxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYymMA0G
CSqGSIb3DQEBCwUAA4IBAQCnx+B3dUSCyxPDdbsE/8+7c55vdG378Zb5u7NWNVYj
My+0cKba0Q7KKqB+/E0qJjjU5KPcHIKCuxaHq9l/yQCtNsvHO/b5zhWXJxDqaDZs
FITdf4IqM3zVE1o8ShNZUUZtsAcyP2SfnQstbziEMyWkrA/yBXoBriQzCcEGEAJ7
oR5HrvkVVGrOWJPyD/UQZVA++T+Cl9YEU94JaD0XCvgJjZhIL1JdlE2sn/CkLeeo
+i+s9bVuGtDy2J3M2XDijz24dasBH4JoAzKbAHXSq4nP1QUb8hrSrAmUlqaErVJD
wRvrIBKE1BvhbNyUDnrj1OtGWsTZEsoXBvhzKiaFFOoo
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:24:08 2026 by rpki-client