Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/7BMZ0omDPc26s6_MCfCUOwcORjM.roa
File: 7BMZ0omDPc26s6_MCfCUOwcORjM.roa (raw, json)
Hash identifier: QMlG7taSZJAaCj6Bos4CT4Fhxoin+745NGHuOhoUkzE=
Subject key identifier: EC:13:19:D2:89:83:3D:CD:BA:B3:AF:CC:09:F0:94:3B:07:0E:46:33
Certificate issuer: /CN=2c571d688aa503a2e566bbc876df0ba455c577ed
Certificate serial: 019D017490FCE287A0EB95656629D93D55A8
Authority key identifier: 2C:57:1D:68:8A:A5:03:A2:E5:66:BB:C8:76:DF:0B:A4:55:C5:77:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/7BMZ0omDPc26s6_MCfCUOwcORjM.roa
Signing time: Wed 18 Mar 2026 14:58:29 +0000
ROA not before: Wed 18 Mar 2026 14:58:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15796
IP address blocks: 51.154.0.0/16 maxlen: 16
51.154.248.0/22 maxlen: 22
51.154.252.0/22 maxlen: 22
213.55.128.0/17 maxlen: 24
213.55.128.0/24 maxlen: 24
213.55.131.0/24 maxlen: 24
213.55.132.0/24 maxlen: 24
213.55.141.0/24 maxlen: 24
213.55.147.0/24 maxlen: 24
213.55.148.0/23 maxlen: 23
213.55.150.0/24 maxlen: 24
213.55.151.0/24 maxlen: 24
213.55.152.0/24 maxlen: 24
213.55.154.0/24 maxlen: 24
213.55.156.0/23 maxlen: 23
213.55.176.0/24 maxlen: 24
213.55.177.0/24 maxlen: 24
213.55.178.0/24 maxlen: 24
213.55.179.0/24 maxlen: 24
213.55.180.0/22 maxlen: 22
213.55.184.0/22 maxlen: 22
213.55.188.0/22 maxlen: 22
213.55.192.0/24 maxlen: 24
213.55.193.0/24 maxlen: 24
213.55.194.0/24 maxlen: 24
213.55.195.0/24 maxlen: 24
213.55.196.0/22 maxlen: 22
213.55.201.0/24 maxlen: 24
213.55.206.0/24 maxlen: 24
213.55.209.0/24 maxlen: 24
213.55.218.0/24 maxlen: 24
213.55.220.0/22 maxlen: 22
213.55.224.0/22 maxlen: 22
213.55.229.0/24 maxlen: 24
213.55.233.0/24 maxlen: 24
213.55.234.0/24 maxlen: 24
213.55.235.0/24 maxlen: 24
213.55.236.0/24 maxlen: 24
213.55.237.0/24 maxlen: 24
213.55.238.0/24 maxlen: 24
213.55.240.0/22 maxlen: 22
213.55.244.0/22 maxlen: 22
2a04:ee40::/29 maxlen: 29
2a04:ee40:2000::/35 maxlen: 35
2a04:ee41::/41 maxlen: 41
2a04:ee41:80::/41 maxlen: 41
2a04:ee41:100::/44 maxlen: 44
2a04:ee41:140::/44 maxlen: 44
2a04:ee41:180::/44 maxlen: 44
2a04:ee42:1::/64 maxlen: 64
2a04:ee42:1:7::/64 maxlen: 64
2a04:ee42:2::/64 maxlen: 64
2a04:ee42:2:7::/64 maxlen: 64
2a04:ee42:53::/64 maxlen: 64
2a04:ee42:300::/44 maxlen: 44
2a04:ee42:310::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/LFcdaIqlA6LlZrvIdt8LpFXFd-0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/LFcdaIqlA6LlZrvIdt8LpFXFd-0.mft
rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:74:90:fc:e2:87:a0:eb:95:65:66:29:d9:3d:55:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c571d688aa503a2e566bbc876df0ba455c577ed
Validity
Not Before: Mar 18 14:58:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ec1319d289833dcdbab3afcc09f0943b070e4633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:16:6a:ce:50:a2:a8:30:8c:1c:6a:e1:f9:5b:
ba:15:9c:e3:4a:80:b9:50:02:4e:3c:de:b8:d3:5c:
da:24:8d:ac:61:0e:91:d1:52:1b:00:c5:6a:48:ab:
35:06:82:23:99:88:42:74:03:f6:fc:b2:24:a6:a3:
93:f4:1d:6a:75:a7:e5:9a:76:77:cb:1d:f3:0e:20:
ce:0b:6b:cc:a7:9e:d5:98:b7:c5:e3:9e:3a:c1:a5:
3d:39:0d:cc:1d:55:51:39:f1:22:e8:6a:32:e8:64:
22:49:bb:dc:86:77:e8:7b:52:04:aa:21:71:64:f1:
05:79:77:f1:a5:87:75:b1:e6:08:cb:32:85:47:75:
85:38:b3:e3:e1:97:e3:80:bb:3c:54:0a:c1:de:b2:
ce:42:e1:06:30:72:38:79:33:e7:4a:0e:f9:44:62:
0f:57:75:39:7e:ea:37:02:9f:74:b6:a1:46:d7:15:
7b:af:44:d5:9e:fb:0b:37:f4:27:df:f8:fc:dc:d8:
5d:62:b9:92:53:00:ac:db:23:b9:68:ee:12:44:a8:
ea:30:48:81:e7:c8:07:49:03:80:33:63:05:ae:ef:
87:d6:ed:d5:97:37:ca:0c:0f:d7:dc:da:f6:f8:d6:
20:63:c9:bc:db:49:a3:ca:c7:a0:ea:1e:17:a4:3d:
c6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:13:19:D2:89:83:3D:CD:BA:B3:AF:CC:09:F0:94:3B:07:0E:46:33
X509v3 Authority Key Identifier:
keyid:2C:57:1D:68:8A:A5:03:A2:E5:66:BB:C8:76:DF:0B:A4:55:C5:77:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/7BMZ0omDPc26s6_MCfCUOwcORjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/LFcdaIqlA6LlZrvIdt8LpFXFd-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.154.0.0/16
213.55.128.0/17
IPv6:
2a04:ee40::/29
Signature Algorithm: sha256WithRSAEncryption
4b:58:7a:d1:b5:48:6b:ad:c4:ac:aa:16:db:e3:b1:ad:a0:b3:
84:83:e4:52:f4:e3:8e:45:d8:f4:3c:93:b0:1d:ae:54:05:3f:
a2:66:54:97:0e:cf:d3:93:56:7a:59:ee:67:98:4f:e6:13:48:
4f:e6:6c:97:ab:aa:af:b7:d2:8f:80:59:6d:82:07:90:07:8d:
f8:18:d9:3a:bd:2e:0b:95:13:60:90:ee:a2:a7:19:2b:54:d8:
94:9f:7e:c1:59:49:6d:7c:be:82:96:b1:5d:4f:3f:eb:57:ca:
fa:f3:67:e3:26:6b:21:59:37:72:17:cb:dd:6b:af:26:1d:b2:
93:8e:fe:86:7b:f9:07:51:39:20:b4:64:2b:20:d2:01:df:fa:
df:d0:55:1e:da:cc:36:2b:b4:a2:02:e5:2b:a2:9e:bf:25:2a:
af:64:97:26:01:1d:00:68:f6:67:6d:23:a3:ff:cb:ae:42:cc:
50:b8:71:64:c6:8c:6e:87:6b:ff:74:e9:e0:68:17:42:1f:a0:
67:ac:09:84:7c:76:88:bf:1b:d4:b7:71:67:1f:88:df:31:f6:
8e:c2:85:1c:9c:bd:7a:ce:29:d8:f8:d0:73:ff:2a:17:20:d6:
0a:29:b6:95:a9:b9:61:03:83:c8:62:a5:c2:3d:7c:1f:1a:7e:
e5:e7:ca:49
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ0BdJD84oeg65VlZinZPVWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNTcxZDY4OGFhNTAzYTJlNTY2YmJjODc2ZGYwYmE0NTVj
NTc3ZWQwHhcNMjYwMzE4MTQ1ODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzEzMTlkMjg5ODMzZGNkYmFiM2FmY2MwOWYwOTQzYjA3MGU0NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhZqzlCiqDCMHGrh+Vu6FZzjSoC5
UAJOPN6401zaJI2sYQ6R0VIbAMVqSKs1BoIjmYhCdAP2/LIkpqOT9B1qdaflmnZ3
yx3zDiDOC2vMp57VmLfF4546waU9OQ3MHVVROfEi6Goy6GQiSbvchnfoe1IEqiFx
ZPEFeXfxpYd1seYIyzKFR3WFOLPj4ZfjgLs8VArB3rLOQuEGMHI4eTPnSg75RGIP
V3U5fuo3Ap90tqFG1xV7r0TVnvsLN/Qn3/j83NhdYrmSUwCs2yO5aO4SRKjqMEiB
58gHSQOAM2MFru+H1u3VlzfKDA/X3Nr2+NYgY8m820mjyseg6h4XpD3G1wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOwTGdKJgz3NurOvzAnwlDsHDkYzMB8GA1UdIwQY
MBaAFCxXHWiKpQOi5Wa7yHbfC6RVxXftMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEZjZGFJcWxBNkxsWnJ2SWR0OExwRlhGZC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82M2ViNDItYTBlMS00ZjFjLWJjYzkt
ODc1MjQwMTRkYmZiLzEvN0JNWjBvbURQYzI2czZfTUNmQ1VPd2NPUmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82M2ViNDItYTBlMS00ZjFjLWJjYzktODc1MjQwMTRkYmZi
LzEvTEZjZGFJcWxBNkxsWnJ2SWR0OExwRlhGZC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAM5oDBAfV
N4AwDQQCAAIwBwMFAyoE7kAwDQYJKoZIhvcNAQELBQADggEBAEtYetG1SGutxKyq
Ftvjsa2gs4SD5FL0445F2PQ8k7AdrlQFP6JmVJcOz9OTVnpZ7meYT+YTSE/mbJer
qq+30o+AWW2CB5AHjfgY2Tq9LguVE2CQ7qKnGStU2JSffsFZSW18voKWsV1PP+tX
yvrzZ+MmayFZN3IXy91rryYdspOO/oZ7+QdROSC0ZCsg0gHf+t/QVR7azDYrtKIC
5Suinr8lKq9klyYBHQBo9mdtI6P/y65CzFC4cWTGjG6Ha/906eBoF0IfoGesCYR8
doi/G9S3cWcfiN8x9o7ChRycvXrOKdj40HP/Khcg1goptpWpuWEDg8hipcI9fB8a
fuXnykk=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:01:00 2026 by rpki-client