Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/7pxmMXSw-HkZG9cAZnnYN-vEkfQ.roa
File: 7pxmMXSw-HkZG9cAZnnYN-vEkfQ.roa (raw, json)
Hash identifier: mEU3VRJ8fuQ7izupJUqVvL0qdRuIxFLkUNg5UpgN7ss=
Subject key identifier: EE:9C:66:31:74:B0:F8:79:19:1B:D7:00:66:79:D8:37:EB:C4:91:F4
Certificate issuer: /CN=e0866e5a7c725dcb6a138cc6c340cfdad4315d3e
Certificate serial: 019D1ED4D87BD90F51031CCC1F10380D275B
Authority key identifier: E0:86:6E:5A:7C:72:5D:CB:6A:13:8C:C6:C3:40:CF:DA:D4:31:5D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4IZuWnxyXctqE4zGw0DP2tQxXT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/7pxmMXSw-HkZG9cAZnnYN-vEkfQ.roa
Signing time: Tue 24 Mar 2026 07:52:38 +0000
ROA not before: Tue 24 Mar 2026 07:52:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56740
IP address blocks: 79.98.54.0/24 maxlen: 24
80.94.234.0/24 maxlen: 24
95.128.65.0/24 maxlen: 24
95.128.66.0/24 maxlen: 24
95.128.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/4IZuWnxyXctqE4zGw0DP2tQxXT4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/4IZuWnxyXctqE4zGw0DP2tQxXT4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4IZuWnxyXctqE4zGw0DP2tQxXT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1e:d4:d8:7b:d9:0f:51:03:1c:cc:1f:10:38:0d:27:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0866e5a7c725dcb6a138cc6c340cfdad4315d3e
Validity
Not Before: Mar 24 07:52:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ee9c663174b0f879191bd7006679d837ebc491f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:29:4a:f8:29:d0:50:ca:11:d9:f9:1b:dc:
f9:8e:f0:21:e2:ee:01:c5:98:a8:b7:74:e1:ad:cf:
76:2f:2c:ac:2a:41:3e:89:e0:18:9d:f7:40:1d:7d:
62:a7:17:c7:87:27:83:5f:72:23:d6:ba:bc:db:63:
d8:15:b3:83:7a:d6:84:2e:e6:f3:bb:8a:ef:b1:14:
93:81:1a:e0:06:14:d1:bf:17:92:95:1d:40:4c:f6:
1b:c7:65:70:12:84:56:a9:e9:a2:c8:fe:ac:53:67:
9f:be:19:23:07:0d:a5:46:a0:16:f0:ae:53:2e:59:
d9:ac:35:e9:8e:42:95:f2:ab:ba:43:19:a8:94:57:
7c:9e:45:24:fa:7d:62:73:a1:a5:c4:c3:46:4f:73:
d5:2d:6d:de:2c:be:14:17:4c:db:c4:74:6f:5c:2c:
f5:7c:d9:c5:07:3a:7f:30:bd:76:4c:90:2d:77:b5:
58:e7:3d:42:40:92:d1:32:8f:7a:7b:b6:88:4f:24:
0b:1c:90:4a:d9:1e:16:b9:88:eb:b7:e3:27:af:1a:
36:1b:85:77:07:61:8b:d2:1e:17:f4:b1:29:f4:ef:
5b:fb:eb:ae:19:17:07:ec:79:ab:9c:b9:ad:21:9c:
e9:05:6a:3f:f9:e5:d5:49:12:c5:94:3e:46:af:c1:
62:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9C:66:31:74:B0:F8:79:19:1B:D7:00:66:79:D8:37:EB:C4:91:F4
X509v3 Authority Key Identifier:
keyid:E0:86:6E:5A:7C:72:5D:CB:6A:13:8C:C6:C3:40:CF:DA:D4:31:5D:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4IZuWnxyXctqE4zGw0DP2tQxXT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/7pxmMXSw-HkZG9cAZnnYN-vEkfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7ba877-4839-4717-8aa4-24419b876f08/1/4IZuWnxyXctqE4zGw0DP2tQxXT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.54.0/24
80.94.234.0/24
95.128.65.0-95.128.66.255
95.128.68.0/24
Signature Algorithm: sha256WithRSAEncryption
80:39:ef:a0:fe:36:c1:08:e0:14:67:bb:1d:57:6e:cf:cf:3c:
fa:f2:1e:90:cc:ea:6c:d1:a5:4b:d1:1c:81:b5:a3:9c:f7:1d:
44:91:69:8d:61:8a:06:5b:a4:c3:0b:91:fe:20:76:e6:91:65:
08:7d:c2:a2:ec:30:a8:7f:0e:3a:e4:33:db:67:5d:7a:32:c0:
6b:01:92:e2:27:79:fc:59:d2:79:53:8c:33:22:bd:4d:0b:e7:
be:6e:0b:6a:79:04:20:59:44:cc:cf:37:d9:ec:6f:c2:90:14:
0e:df:45:51:a5:6d:a9:cd:eb:6e:16:9d:6c:af:48:97:4a:7f:
85:49:26:a9:d2:74:41:f0:6e:ee:38:ce:75:9c:d8:07:88:cf:
61:3a:4d:c7:1c:6f:8e:22:ef:9b:fa:74:4f:11:9d:d0:82:a9:
8d:92:6b:e8:b4:6f:42:81:69:d5:ff:7e:dd:8c:72:ba:27:22:
ff:60:26:94:6a:50:f1:29:14:7d:b8:51:5e:06:35:e9:07:d0:
0f:13:73:7e:d7:81:18:26:95:a8:3e:0f:e3:6f:d4:e1:2d:78:
80:e0:44:48:53:46:33:9c:36:0b:49:7f:33:03:60:e3:53:5f:
62:af:fc:ee:05:a4:43:51:50:87:54:31:b1:61:16:ea:36:04:
ac:92:6c:c1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ0e1Nh72Q9RAxzMHxA4DSdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwODY2ZTVhN2M3MjVkY2I2YTEzOGNjNmMzNDBjZmRhZDQz
MTVkM2UwHhcNMjYwMzI0MDc1MjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTljNjYzMTc0YjBmODc5MTkxYmQ3MDA2Njc5ZDgzN2ViYzQ5MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LcpSvgp0FDKEdn5G9z5jvAh4u4B
xZiot3Thrc92LyysKkE+ieAYnfdAHX1ipxfHhyeDX3Ij1rq822PYFbODetaELubz
u4rvsRSTgRrgBhTRvxeSlR1ATPYbx2VwEoRWqemiyP6sU2efvhkjBw2lRqAW8K5T
LlnZrDXpjkKV8qu6QxmolFd8nkUk+n1ic6GlxMNGT3PVLW3eLL4UF0zbxHRvXCz1
fNnFBzp/ML12TJAtd7VY5z1CQJLRMo96e7aITyQLHJBK2R4WuYjrt+Mnrxo2G4V3
B2GL0h4X9LEp9O9b++uuGRcH7HmrnLmtIZzpBWo/+eXVSRLFlD5Gr8FioQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO6cZjF0sPh5GRvXAGZ52DfrxJH0MB8GA1UdIwQY
MBaAFOCGblp8cl3LahOMxsNAz9rUMV0+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEladVdueHlYY3RxRTR6R3cwRFAydFF4WFQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83YmE4NzctNDgzOS00NzE3LThhYTQt
MjQ0MTliODc2ZjA4LzEvN3B4bU1YU3ctSGtaRzljQVpubllOLXZFa2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83YmE4NzctNDgzOS00NzE3LThhYTQtMjQ0MTliODc2ZjA4
LzEvNEladVdueHlYY3RxRTR6R3cwRFAydFF4WFQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAT2I2AwQA
UF7qMAwDBABfgEEDBABfgEIDBABfgEQwDQYJKoZIhvcNAQELBQADggEBAIA576D+
NsEI4BRnux1Xbs/PPPryHpDM6mzRpUvRHIG1o5z3HUSRaY1higZbpMMLkf4gduaR
ZQh9wqLsMKh/DjrkM9tnXXoywGsBkuInefxZ0nlTjDMivU0L575uC2p5BCBZRMzP
N9nsb8KQFA7fRVGlbanN624WnWyvSJdKf4VJJqnSdEHwbu44znWc2AeIz2E6Tccc
b44i75v6dE8RndCCqY2Sa+i0b0KBadX/ft2McronIv9gJpRqUPEpFH24UV4GNekH
0A8Tc37XgRgmlag+D+Nv1OEteIDgREhTRjOcNgtJfzMDYONTX2Kv/O4FpENRUIdU
MbFhFuo2BKySbME=
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:49:55 2026 by rpki-client