Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/7gDN7EJRIbXvng7FLvulsEyFNQg.roa
File: 7gDN7EJRIbXvng7FLvulsEyFNQg.roa (raw, json)
Hash identifier: 2ANMwLPHY4Y2iK08k4DZVMBAFMAac+xiJJMzAa6Zd0k=
Subject key identifier: EE:00:CD:EC:42:51:21:B5:EF:9E:0E:C5:2E:FB:A5:B0:4C:85:35:08
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019DFC5FD5C79F5585396C1CDB508EA3F778
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/7gDN7EJRIbXvng7FLvulsEyFNQg.roa
Signing time: Wed 06 May 2026 08:20:32 +0000
ROA not before: Wed 06 May 2026 08:20:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48037
IP address blocks: 147.181.40.0/22 maxlen: 24
147.181.64.0/18 maxlen: 24
147.181.96.0/24 maxlen: 24
147.181.97.0/24 maxlen: 24
147.181.98.0/24 maxlen: 24
147.181.99.0/24 maxlen: 24
147.181.103.0/24 maxlen: 24
147.181.108.0/24 maxlen: 24
147.181.109.0/24 maxlen: 24
147.181.112.0/24 maxlen: 24
147.181.113.0/24 maxlen: 24
147.181.114.0/24 maxlen: 24
147.181.117.0/24 maxlen: 24
2a04:9a00:1004::/48 maxlen: 48
2a04:9a00:111c::/48 maxlen: 48
2a04:9a00:1121::/48 maxlen: 48
2a04:9a00:1124::/48 maxlen: 48
2a04:9a03:1010::/44 maxlen: 44
2a04:9a03:1020::/44 maxlen: 44
2a04:9a05:1054::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fc:5f:d5:c7:9f:55:85:39:6c:1c:db:50:8e:a3:f7:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: May 6 08:20:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ee00cdec425121b5ef9e0ec52efba5b04c853508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e2:a7:10:0a:5b:cb:57:03:43:e6:95:dd:ea:
f7:aa:73:84:a0:07:e5:1b:d3:7f:27:71:f1:3c:02:
dd:50:76:3e:20:a5:e9:fc:a6:0c:7c:1f:9f:6c:7b:
72:4d:ea:03:0f:47:84:92:c3:18:c1:d4:95:74:c3:
86:01:01:58:8b:cb:6d:d2:9e:e7:dc:0e:1c:fd:aa:
99:5f:ef:91:b5:c5:65:2d:f0:2a:31:2a:23:94:d4:
e5:97:53:89:76:99:c1:4e:66:f5:a7:cf:41:38:7e:
a8:2f:9d:07:93:40:ae:bf:21:d0:66:3c:c2:56:68:
23:67:f6:0d:09:c5:cf:3f:ea:25:a9:bc:6a:a1:58:
cb:74:50:aa:7b:13:16:0e:15:1f:0d:53:cc:e9:34:
88:3b:67:c7:69:4c:5f:22:86:e9:6b:80:4e:1d:e5:
43:8e:e0:02:72:52:68:d0:4f:0a:c0:9c:3c:e4:8d:
85:81:1e:79:4b:93:5e:9b:23:32:c1:a4:cc:57:16:
94:0c:91:f5:ff:f1:d3:3a:9f:2a:01:6d:07:14:74:
9c:ff:7d:ba:fd:d2:f1:b7:b2:b0:51:6b:e4:a5:b9:
3a:e1:ca:32:ae:0e:bd:50:03:89:0b:66:5e:2a:a5:
aa:4f:89:f0:81:92:52:70:d9:20:65:d5:99:2e:da:
ff:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:00:CD:EC:42:51:21:B5:EF:9E:0E:C5:2E:FB:A5:B0:4C:85:35:08
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/7gDN7EJRIbXvng7FLvulsEyFNQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.40.0/22
147.181.64.0/18
IPv6:
2a04:9a00:1004::/48
2a04:9a00:111c::/48
2a04:9a00:1121::/48
2a04:9a00:1124::/48
2a04:9a03:1010::-2a04:9a03:102f:ffff:ffff:ffff:ffff:ffff
2a04:9a05:1054::/47
Signature Algorithm: sha256WithRSAEncryption
ce:09:9a:eb:dd:89:76:be:60:d5:93:2c:c9:56:d1:07:f3:b8:
65:4b:3a:2f:f9:b7:bc:b9:03:5c:e4:38:0c:20:73:b9:7a:dc:
9f:16:48:34:f8:7a:4f:f8:f2:27:7b:dc:fb:0f:a1:e5:4c:29:
4f:6a:77:2c:98:42:cf:5c:b3:89:70:ee:d6:92:f8:9c:96:f3:
92:4f:46:ea:73:c0:c2:b9:86:6e:49:87:1d:da:1f:76:66:0b:
db:31:6a:e1:5e:b6:48:77:5f:99:97:f1:ae:f7:24:05:df:b6:
3d:68:88:8a:43:e7:47:98:1a:36:94:cc:5f:7c:89:d9:6f:c6:
be:a6:6c:9c:64:82:22:89:74:b6:ea:5c:13:a0:7d:cf:e5:61:
6e:f0:51:0e:21:b3:f0:fa:7e:53:a3:31:74:93:42:7d:82:4e:
38:af:07:15:61:26:1b:7d:dc:6a:b9:c3:f3:d4:5d:55:22:25:
10:21:44:9f:35:85:d1:cf:d4:e3:96:83:d8:f4:48:2f:21:5e:
f0:8f:4b:bd:a8:c1:95:3f:fc:d8:7e:b5:aa:4e:fb:13:c0:00:
1d:29:f7:79:25:97:61:8b:bc:98:68:6e:af:ea:36:21:03:66:
b6:56:2e:ad:e4:2f:ef:5f:6f:44:5d:08:10:6a:27:4c:d3:21:
85:41:75:33
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZ38X9XHn1WFOWwc21COo/d4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjYwNTA2MDgyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTAwY2RlYzQyNTEyMWI1ZWY5ZTBlYzUyZWZiYTViMDRjODUzNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+KnEApby1cDQ+aV3er3qnOEoAfl
G9N/J3HxPALdUHY+IKXp/KYMfB+fbHtyTeoDD0eEksMYwdSVdMOGAQFYi8tt0p7n
3A4c/aqZX++RtcVlLfAqMSojlNTll1OJdpnBTmb1p89BOH6oL50Hk0CuvyHQZjzC
VmgjZ/YNCcXPP+olqbxqoVjLdFCqexMWDhUfDVPM6TSIO2fHaUxfIobpa4BOHeVD
juACclJo0E8KwJw85I2FgR55S5NemyMywaTMVxaUDJH1//HTOp8qAW0HFHSc/326
/dLxt7KwUWvkpbk64coyrg69UAOJC2ZeKqWqT4nwgZJScNkgZdWZLtr/ZwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFO4AzexCUSG1754OxS77pbBMhTUIMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvN2dETjdFSlJJYlh2bmc3Rkx2dWxzRXlGTlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTASBAIAATAMAwQCk7UoAwQG
k7VAMEcEAgACMEEDBwAqBJoAEAQDBwAqBJoAERwDBwAqBJoAESEDBwAqBJoAESQw
EgMHBCoEmgMQEAMHBCoEmgMQIAMHASoEmgUQVDANBgkqhkiG9w0BAQsFAAOCAQEA
zgma692Jdr5g1ZMsyVbRB/O4ZUs6L/m3vLkDXOQ4DCBzuXrcnxZINPh6T/jyJ3vc
+w+h5UwpT2p3LJhCz1yziXDu1pL4nJbzkk9G6nPAwrmGbkmHHdofdmYL2zFq4V62
SHdfmZfxrvckBd+2PWiIikPnR5gaNpTMX3yJ2W/GvqZsnGSCIol0tupcE6B9z+Vh
bvBRDiGz8Pp+U6MxdJNCfYJOOK8HFWEmG33carnD89RdVSIlECFEnzWF0c/U45aD
2PRILyFe8I9LvajBlT/82H61qk77E8AAHSn3eSWXYYu8mGhur+o2IQNmtlYureQv
719vRF0IEGonTNMhhUF1Mw==
-----END CERTIFICATE-----
Generated at Wed May 13 08:28:33 2026 by rpki-client