Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/f8fdae-a53f-43c1-9612-120fc19236c9/1/1-j7BW7Gsi7Bx1sLah-0rOSnTE50.roa
File: 1-j7BW7Gsi7Bx1sLah-0rOSnTE50.roa (raw, json)
Hash identifier: E7bMvDHjIYbl5UUctsjT4E0zLMA1mzICPsYNWVA/uLc=
Subject key identifier: FA:3E:C1:5B:B1:AC:8B:B0:71:D6:C2:DA:87:ED:2B:39:29:D3:13:9D
Certificate issuer: /CN=7d074e9ee32e0b10c830dca4763eb9cc65246faa
Certificate serial: 019B783538734BD6CCEACB29437681852180
Authority key identifier: 7D:07:4E:9E:E3:2E:0B:10:C8:30:DC:A4:76:3E:B9:CC:65:24:6F:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQdOnuMuCxDIMNykdj65zGUkb6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/f8fdae-a53f-43c1-9612-120fc19236c9/1/1-j7BW7Gsi7Bx1sLah-0rOSnTE50.roa
Signing time: Thu 01 Jan 2026 06:18:32 +0000
ROA not before: Thu 01 Jan 2026 06:18:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33933
IP address blocks: 91.209.120.0/24 maxlen: 24
185.11.156.0/22 maxlen: 22
195.38.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/f8fdae-a53f-43c1-9612-120fc19236c9/1/fQdOnuMuCxDIMNykdj65zGUkb6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/f8fdae-a53f-43c1-9612-120fc19236c9/1/fQdOnuMuCxDIMNykdj65zGUkb6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQdOnuMuCxDIMNykdj65zGUkb6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:35:38:73:4b:d6:cc:ea:cb:29:43:76:81:85:21:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d074e9ee32e0b10c830dca4763eb9cc65246faa
Validity
Not Before: Jan 1 06:18:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa3ec15bb1ac8bb071d6c2da87ed2b3929d3139d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:aa:e5:f4:f3:dd:15:3d:1d:cc:b4:30:ba:c6:
9c:2d:e8:2c:51:f8:9d:92:57:0d:56:e3:29:a5:48:
01:45:ac:a2:d7:d0:8c:7f:00:73:43:93:29:a1:47:
cb:94:08:ab:e5:9b:2f:9d:79:a4:5e:16:39:18:27:
d6:a6:29:15:f2:71:e5:b9:dc:5a:f5:08:f9:cc:f4:
b5:55:99:c0:0e:d2:6a:2a:c3:b8:e0:0f:24:8e:01:
7e:58:89:88:d0:2f:5d:b6:10:03:e1:1b:10:2c:49:
fc:ea:d2:ed:32:55:17:6b:28:62:c0:09:76:9c:d8:
8e:d9:fc:7f:31:12:49:69:ef:3c:72:ec:37:72:c3:
2b:e1:f4:be:b0:fb:c5:b0:7d:2c:7d:ca:93:96:f1:
8b:29:13:db:1a:d6:0e:24:a8:49:2c:bb:ed:e0:1d:
67:ef:9e:2d:ed:11:6a:51:b8:21:0c:73:bd:ce:7e:
c9:f7:5b:63:34:75:45:be:54:06:7a:33:0d:f7:8a:
d8:b9:e0:f0:f8:2e:ab:bd:cc:c8:14:cf:7e:c2:48:
75:a7:08:f9:52:ee:cd:36:05:19:15:69:66:59:86:
63:4c:5f:0d:a9:65:4b:26:95:6e:8d:f1:f0:38:9c:
2c:06:8a:99:8b:1a:3e:d2:41:0f:07:c2:8f:f9:b5:
f1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3E:C1:5B:B1:AC:8B:B0:71:D6:C2:DA:87:ED:2B:39:29:D3:13:9D
X509v3 Authority Key Identifier:
keyid:7D:07:4E:9E:E3:2E:0B:10:C8:30:DC:A4:76:3E:B9:CC:65:24:6F:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQdOnuMuCxDIMNykdj65zGUkb6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/f8fdae-a53f-43c1-9612-120fc19236c9/1/1-j7BW7Gsi7Bx1sLah-0rOSnTE50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/f8fdae-a53f-43c1-9612-120fc19236c9/1/fQdOnuMuCxDIMNykdj65zGUkb6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.120.0/24
185.11.156.0/22
195.38.20.0/24
Signature Algorithm: sha256WithRSAEncryption
60:58:9c:7d:5c:59:f7:50:0b:11:38:53:e0:ea:a2:6d:24:24:
81:4a:b3:c2:96:32:bd:63:e4:20:6f:c3:ca:4d:4f:86:b9:cc:
cd:e7:4c:29:00:8a:4a:56:5e:48:a5:0f:bf:bd:7a:28:65:03:
43:48:c6:76:fe:f1:db:11:5d:11:24:9e:8a:9c:11:fa:fd:aa:
6d:a4:8b:2e:c5:2b:51:0f:ed:9b:8e:9d:f0:22:8b:7f:5d:f2:
da:6a:5f:df:1a:18:e8:cd:79:08:30:54:64:7d:45:d2:2e:26:
52:c7:a8:df:43:d5:c0:0d:f5:97:99:8a:83:9e:14:f7:b0:f7:
12:a9:1d:c0:44:9d:98:54:34:9f:55:1c:85:32:ed:91:d3:52:
86:d6:44:1b:db:ec:ed:92:08:14:f4:49:94:cb:06:24:f3:c0:
b7:66:a9:64:5a:fd:f0:c6:a4:5b:d0:8a:ea:46:0a:d6:90:14:
4d:79:91:2e:8a:11:11:79:bc:0c:d5:08:e0:0e:21:33:ee:d6:
da:11:97:d5:d9:a0:9e:e3:d3:bd:e7:9a:a2:9f:bb:8e:17:d2:
62:a9:67:b2:50:2c:6a:08:11:a3:af:fc:88:0a:af:ce:d2:c1:
4e:cd:04:19:da:4b:18:80:10:41:1e:fd:96:53:62:4d:c6:5a:
76:7f:5d:67
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZt4NThzS9bM6sspQ3aBhSGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDc0ZTllZTMyZTBiMTBjODMwZGNhNDc2M2ViOWNjNjUy
NDZmYWEwHhcNMjYwMTAxMDYxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTNlYzE1YmIxYWM4YmIwNzFkNmMyZGE4N2VkMmIzOTI5ZDMxMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qrl9PPdFT0dzLQwusacLegsUfid
klcNVuMppUgBRayi19CMfwBzQ5MpoUfLlAir5ZsvnXmkXhY5GCfWpikV8nHludxa
9Qj5zPS1VZnADtJqKsO44A8kjgF+WImI0C9dthAD4RsQLEn86tLtMlUXayhiwAl2
nNiO2fx/MRJJae88cuw3csMr4fS+sPvFsH0sfcqTlvGLKRPbGtYOJKhJLLvt4B1n
754t7RFqUbghDHO9zn7J91tjNHVFvlQGejMN94rYueDw+C6rvczIFM9+wkh1pwj5
Uu7NNgUZFWlmWYZjTF8NqWVLJpVujfHwOJwsBoqZixo+0kEPB8KP+bXxQQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPo+wVuxrIuwcdbC2oftKzkp0xOdMB8GA1UdIwQY
MBaAFH0HTp7jLgsQyDDcpHY+ucxlJG+qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFkT251TXVDeERJTU55a2RqNjV6R1VrYjZvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9mOGZkYWUtYTUzZi00M2MxLTk2MTIt
MTIwZmMxOTIzNmM5LzEvMS1qN0JXN0dzaTdCeDFzTGFoLTByT1NuVEU1MC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2YvZjhmZGFlLWE1M2YtNDNjMS05NjEyLTEyMGZjMTkyMzZj
OS8xL2ZRZE9udU11Q3hESU1OeWtkajY1ekdVa2I2by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvReAME
ArkLnAMEAMMmFDANBgkqhkiG9w0BAQsFAAOCAQEAYFicfVxZ91ALEThT4OqibSQk
gUqzwpYyvWPkIG/Dyk1PhrnMzedMKQCKSlZeSKUPv716KGUDQ0jGdv7x2xFdESSe
ipwR+v2qbaSLLsUrUQ/tm46d8CKLf13y2mpf3xoY6M15CDBUZH1F0i4mUseo30PV
wA31l5mKg54U97D3EqkdwESdmFQ0n1UchTLtkdNShtZEG9vs7ZIIFPRJlMsGJPPA
t2apZFr98MakW9CK6kYK1pAUTXmRLooREXm8DNUI4A4hM+7W2hGX1dmgnuPTveea
op+7jhfSYqlnslAsaggRo6/8iAqvztLBTs0EGdpLGIAQQR79llNiTcZadn9dZw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:15:03 2026 by rpki-client