Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/033QtyC04i1KKhAboDVI-UWSdrM.roa
File: 033QtyC04i1KKhAboDVI-UWSdrM.roa (raw, json)
Hash identifier: nHTeYoLr0Xk0cugSP1GZyQRAxYMhx6XvtwWfpcfCUqU=
Subject key identifier: D3:7D:D0:B7:20:B4:E2:2D:4A:2A:10:1B:A0:35:48:F9:45:92:76:B3
Certificate issuer: /CN=e15136feff3574ef9b2262de59b06a21908fab3e
Certificate serial: 019CF9739DF2E0E6FC744183B8E232FD146F
Authority key identifier: E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/033QtyC04i1KKhAboDVI-UWSdrM.roa
Signing time: Tue 17 Mar 2026 01:40:29 +0000
ROA not before: Tue 17 Mar 2026 01:40:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49801
IP address blocks: 78.111.5.0/24 maxlen: 24
78.111.6.0/24 maxlen: 24
87.247.168.0/21 maxlen: 21
87.247.172.0/23 maxlen: 23
87.247.173.0/24 maxlen: 24
185.166.105.0/24 maxlen: 24
185.166.107.0/24 maxlen: 24
194.34.160.0/24 maxlen: 24
194.34.161.0/24 maxlen: 24
2a10:a440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f9:73:9d:f2:e0:e6:fc:74:41:83:b8:e2:32:fd:14:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15136feff3574ef9b2262de59b06a21908fab3e
Validity
Not Before: Mar 17 01:40:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d37dd0b720b4e22d4a2a101ba03548f9459276b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:65:eb:3e:0b:d8:6e:d5:13:ab:0e:d5:f9:63:
7f:99:97:df:00:3a:47:b2:de:52:ee:3d:36:f3:3d:
52:44:95:66:ac:98:2d:27:cc:87:1f:7f:a9:6d:5f:
25:c6:9a:89:8c:2f:16:b1:af:43:e9:ff:c7:e4:51:
0e:93:fe:a8:f2:04:1d:66:ba:b9:84:14:b8:a1:ae:
bf:52:04:6a:12:0d:2d:47:de:29:ab:d4:80:64:ed:
f6:77:fe:08:21:e6:20:fe:37:c3:c2:43:cf:30:5e:
2d:f7:ef:49:79:52:aa:cc:bf:1e:11:5f:01:3e:0f:
7a:80:77:42:aa:66:95:8e:0a:78:f0:e5:d4:d6:d2:
4e:c0:fd:3a:af:54:45:f8:76:77:bd:27:7b:78:d5:
75:b7:2f:5a:c0:a3:e5:21:f1:65:1f:f5:d4:c4:81:
8c:42:bb:c9:e6:00:78:9e:c7:3f:2d:e4:a9:0c:ce:
55:22:7e:e6:3a:62:3f:a2:dc:cd:a7:e9:cd:74:c8:
f5:b9:20:76:a7:4c:6d:f5:27:b8:8a:6c:c6:25:f6:
d1:0f:1c:b9:5e:eb:22:cb:dd:75:a6:04:73:35:2b:
b4:96:ea:67:10:ff:34:e4:34:36:d4:74:95:2c:d2:
20:57:03:83:f3:45:66:2d:a4:9a:25:78:0c:ed:3f:
4c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7D:D0:B7:20:B4:E2:2D:4A:2A:10:1B:A0:35:48:F9:45:92:76:B3
X509v3 Authority Key Identifier:
keyid:E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/033QtyC04i1KKhAboDVI-UWSdrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.5.0-78.111.6.255
87.247.168.0/21
185.166.105.0/24
185.166.107.0/24
194.34.160.0/23
IPv6:
2a10:a440::/29
Signature Algorithm: sha256WithRSAEncryption
8d:aa:ec:47:16:b0:3e:73:37:e8:24:ae:bb:7f:81:df:60:da:
76:4c:cb:69:46:89:ed:b3:fd:07:5a:3b:09:9a:5d:a2:6d:5e:
5c:42:14:6d:64:fa:74:b2:99:8a:a1:67:7a:7a:72:98:bb:6a:
62:34:38:9b:fa:08:47:88:20:3e:47:01:c5:c0:4c:b7:0f:46:
4b:c0:d9:8d:9e:40:a8:ca:74:89:15:ca:f9:ce:16:18:83:58:
a1:d7:1a:65:ae:16:b9:62:c0:c4:56:81:c6:54:f4:17:4f:f2:
b7:1b:1f:a2:45:77:16:d5:6f:4f:e3:92:20:3b:2d:ed:43:31:
cd:72:99:7c:be:41:fd:cb:7e:bf:f0:f4:94:37:32:86:30:10:
81:f5:96:31:9d:99:ab:aa:a6:f6:1d:a4:a7:14:8d:65:16:20:
2d:64:2b:07:94:96:39:78:1d:5b:11:63:a2:d2:f3:e3:c1:06:
4e:e8:6b:cb:01:dc:de:d4:c1:91:14:9d:c9:b3:ac:04:50:e3:
ac:ae:c2:1d:3a:f3:91:35:6e:56:de:7f:0f:8f:a7:74:d7:44:
49:49:89:ef:47:5a:0e:24:d5:a7:42:ae:f3:eb:59:eb:e2:fb:
70:06:05:11:62:29:8b:0a:05:fd:67:8c:91:0b:5e:8a:e6:53:
3e:f4:58:1e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZz5c53y4Ob8dEGDuOIy/RRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTEzNmZlZmYzNTc0ZWY5YjIyNjJkZTU5YjA2YTIxOTA4
ZmFiM2UwHhcNMjYwMzE3MDE0MDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzdkZDBiNzIwYjRlMjJkNGEyYTEwMWJhMDM1NDhmOTQ1OTI3NmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumXrPgvYbtUTqw7V+WN/mZffADpH
st5S7j028z1SRJVmrJgtJ8yHH3+pbV8lxpqJjC8Wsa9D6f/H5FEOk/6o8gQdZrq5
hBS4oa6/UgRqEg0tR94pq9SAZO32d/4IIeYg/jfDwkPPMF4t9+9JeVKqzL8eEV8B
Pg96gHdCqmaVjgp48OXU1tJOwP06r1RF+HZ3vSd7eNV1ty9awKPlIfFlH/XUxIGM
QrvJ5gB4nsc/LeSpDM5VIn7mOmI/otzNp+nNdMj1uSB2p0xt9Se4imzGJfbRDxy5
Xusiy911pgRzNSu0lupnEP805DQ21HSVLNIgVwOD80VmLaSaJXgM7T9MmQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFNN90LcgtOItSioQG6A1SPlFknazMB8GA1UdIwQY
MBaAFOFRNv7/NXTvmyJi3lmwaiGQj6s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMt
MDQxMzEyMjQyZmYzLzEvMDMzUXR5QzA0aTFLS2hBYm9EVkktVVdTZHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMtMDQxMzEyMjQyZmYz
LzEvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBABObwUD
BABObwYDBANX96gDBAC5pmkDBAC5pmsDBAHCIqAwDQQCAAIwBwMFAyoQpEAwDQYJ
KoZIhvcNAQELBQADggEBAI2q7EcWsD5zN+gkrrt/gd9g2nZMy2lGie2z/QdaOwma
XaJtXlxCFG1k+nSymYqhZ3p6cpi7amI0OJv6CEeIID5HAcXATLcPRkvA2Y2eQKjK
dIkVyvnOFhiDWKHXGmWuFrliwMRWgcZU9BdP8rcbH6JFdxbVb0/jkiA7Le1DMc1y
mXy+Qf3Lfr/w9JQ3MoYwEIH1ljGdmauqpvYdpKcUjWUWIC1kKweUljl4HVsRY6LS
8+PBBk7oa8sB3N7UwZEUncmzrARQ46yuwh0685E1blbefw+Pp3TXRElJie9HWg4k
1adCrvPrWevi+3AGBRFiKYsKBf1njJELXormUz70WB4=
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:01:35 2026 by rpki-client