Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/YR8m2IfNFV-P583ug6trCRnV4BQ.roa
File: YR8m2IfNFV-P583ug6trCRnV4BQ.roa (raw, json)
Hash identifier: tZGWvqxXLYKvyVQo8lMr/X1AFieNY+rqbqn1p7eKIYo=
Subject key identifier: 61:1F:26:D8:87:CD:15:5F:8F:E7:CD:EE:83:AB:6B:09:19:D5:E0:14
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 019CE8F61E2D388EE62165A66EFAEB6954ED
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/YR8m2IfNFV-P583ug6trCRnV4BQ.roa
Signing time: Fri 13 Mar 2026 20:49:29 +0000
ROA not before: Fri 13 Mar 2026 20:49:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7768
IP address blocks: 31.7.32.0/21 maxlen: 32
31.7.32.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.35.0/24 maxlen: 24
31.7.36.0/24 maxlen: 24
31.7.37.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
31.7.39.0/24 maxlen: 24
185.140.124.0/22 maxlen: 32
185.140.124.0/24 maxlen: 24
185.140.125.0/24 maxlen: 24
185.140.126.0/24 maxlen: 24
185.140.127.0/24 maxlen: 24
185.234.218.0/24 maxlen: 32
2a0a:9f40::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 11:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e8:f6:1e:2d:38:8e:e6:21:65:a6:6e:fa:eb:69:54:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Mar 13 20:49:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=611f26d887cd155f8fe7cdee83ab6b0919d5e014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9a:94:b7:86:2a:71:15:95:f0:a1:71:87:a2:
b6:4b:b5:90:6a:4c:a2:0a:60:c6:e1:bd:09:bb:75:
d2:cc:0a:8d:50:0d:5f:c6:13:d3:05:2b:9b:46:55:
5c:15:ae:81:73:30:64:77:b1:f6:41:be:66:18:76:
21:e5:f7:90:4d:ca:ee:81:23:b1:79:61:e6:14:e4:
8e:8b:69:a8:90:4f:f9:4f:d7:8b:9a:17:f4:43:75:
62:fd:e6:a1:89:97:93:5b:6a:32:b8:34:47:8d:5d:
5e:87:5d:0d:d5:2e:32:c7:6b:59:e6:77:05:5b:35:
cc:9a:c1:53:d1:54:17:42:66:b9:85:9d:b4:ae:be:
13:8a:58:33:94:17:87:1c:95:48:69:ca:ef:fc:cc:
69:83:fd:1e:ff:54:99:d6:cd:a7:d9:b1:26:a5:92:
95:79:87:eb:86:f2:ed:50:ce:95:44:5f:46:7f:06:
9a:c3:97:19:a5:30:d1:5e:c1:c8:24:f8:31:c9:ef:
e4:c1:d9:37:61:b9:63:c3:52:95:7e:30:93:ea:e0:
9c:5c:29:02:f2:b3:c2:cd:65:ae:58:60:0d:2f:75:
1d:df:00:f9:81:b6:45:69:59:77:7c:92:b7:d3:16:
0a:f2:8e:69:43:1c:f8:56:07:4c:30:92:b9:ab:8d:
b4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1F:26:D8:87:CD:15:5F:8F:E7:CD:EE:83:AB:6B:09:19:D5:E0:14
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/YR8m2IfNFV-P583ug6trCRnV4BQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0/21
185.140.124.0/22
185.234.218.0/24
IPv6:
2a0a:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
71:27:cb:e4:8e:ea:4d:cb:5d:a5:0a:36:90:5f:16:c7:9f:e0:
84:66:4a:e6:7f:72:69:e9:d1:34:61:16:8c:66:8a:5c:f2:bf:
47:8b:10:a9:1a:ba:d4:48:35:76:01:5d:e2:18:8d:82:52:9f:
7e:ec:40:36:47:64:6a:52:f8:46:5d:c6:aa:e8:25:21:1c:04:
24:fa:04:8f:de:28:a4:d6:3b:ed:c1:84:6c:c7:e8:a7:3e:a9:
df:e8:66:23:71:f9:7e:db:c1:4e:e3:46:3f:2e:91:72:05:6f:
9c:89:c9:64:a5:52:7b:ec:3f:42:97:19:15:15:02:89:2f:e6:
dc:3c:4b:81:a8:36:d3:15:2f:b5:84:8e:30:17:a7:37:91:19:
7e:d6:d0:6e:01:a6:74:fa:59:6e:8c:91:5f:3e:34:6d:62:bc:
95:c8:12:21:23:db:39:53:8a:c6:72:d1:d3:6a:a5:e9:8e:26:
a2:2d:ba:6b:b3:01:ba:5f:24:0e:a2:12:95:12:16:06:f7:55:
9b:47:ef:9b:78:d5:a4:47:47:1e:fd:50:03:0c:fc:fb:4b:b4:
60:26:c9:b7:01:98:44:6e:c9:ea:0a:3e:01:80:a8:54:ef:bf:
c0:a0:d2:49:dc:07:05:fe:e9:17:00:68:ea:98:99:30:8e:19:
aa:c8:b9:8c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZzo9h4tOI7mIWWmbvrraVTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjYwMzEzMjA0OTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTFmMjZkODg3Y2QxNTVmOGZlN2NkZWU4M2FiNmIwOTE5ZDVlMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpqUt4YqcRWV8KFxh6K2S7WQakyi
CmDG4b0Ju3XSzAqNUA1fxhPTBSubRlVcFa6BczBkd7H2Qb5mGHYh5feQTcrugSOx
eWHmFOSOi2mokE/5T9eLmhf0Q3Vi/eahiZeTW2oyuDRHjV1eh10N1S4yx2tZ5ncF
WzXMmsFT0VQXQma5hZ20rr4TilgzlBeHHJVIacrv/Mxpg/0e/1SZ1s2n2bEmpZKV
eYfrhvLtUM6VRF9Gfwaaw5cZpTDRXsHIJPgxye/kwdk3Ybljw1KVfjCT6uCcXCkC
8rPCzWWuWGANL3Ud3wD5gbZFaVl3fJK30xYK8o5pQxz4VgdMMJK5q420OwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGEfJtiHzRVfj+fN7oOrawkZ1eAUMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvWVI4bTJJZk5GVi1QNTgzdWc2dHJDUm5WNEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHwcgAwQC
uYx8AwQAueraMA0EAgACMAcDBQMqCp9AMA0GCSqGSIb3DQEBCwUAA4IBAQBxJ8vk
jupNy12lCjaQXxbHn+CEZkrmf3Jp6dE0YRaMZopc8r9HixCpGrrUSDV2AV3iGI2C
Up9+7EA2R2RqUvhGXcaq6CUhHAQk+gSP3iik1jvtwYRsx+inPqnf6GYjcfl+28FO
40Y/LpFyBW+ciclkpVJ77D9ClxkVFQKJL+bcPEuBqDbTFS+1hI4wF6c3kRl+1tBu
AaZ0+llujJFfPjRtYryVyBIhI9s5U4rGctHTaqXpjiaiLbprswG6XyQOohKVEhYG
91WbR++beNWkR0ce/VADDPz7S7RgJsm3AZhEbsnqCj4BgKhU77/AoNJJ3AcF/ukX
AGjqmJkwjhmqyLmM
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:27:23 2026 by rpki-client