Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/Cd7NuYktL6tZ53bzDJJ8daCIovs.roa
File: Cd7NuYktL6tZ53bzDJJ8daCIovs.roa (raw, json)
Hash identifier: tHrRvHoM3qNNxOtrBUBjddDedIMEOHYDC52UbXy47M4=
Subject key identifier: 09:DE:CD:B9:89:2D:2F:AB:59:E7:76:F3:0C:92:7C:75:A0:88:A2:FB
Certificate issuer: /CN=ccca763f3db2965a1e4eb0bf76c1cb868baae46d
Certificate serial: 019CD7BF6636206417BD5141FFCEA9D05078
Authority key identifier: CC:CA:76:3F:3D:B2:96:5A:1E:4E:B0:BF:76:C1:CB:86:8B:AA:E4:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/Cd7NuYktL6tZ53bzDJJ8daCIovs.roa
Signing time: Tue 10 Mar 2026 12:36:10 +0000
ROA not before: Tue 10 Mar 2026 12:36:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58243
IP address blocks: 217.147.48.0/22 maxlen: 22
217.147.48.0/23 maxlen: 23
217.147.52.0/23 maxlen: 23
217.147.54.0/24 maxlen: 24
217.147.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:bf:66:36:20:64:17:bd:51:41:ff:ce:a9:d0:50:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccca763f3db2965a1e4eb0bf76c1cb868baae46d
Validity
Not Before: Mar 10 12:36:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=09decdb9892d2fab59e776f30c927c75a088a2fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3b:12:59:35:3e:ad:e7:8b:77:f0:da:89:4c:
67:2f:62:0e:be:0a:d6:cf:33:63:a7:3f:97:d2:f6:
08:9c:f2:b8:5e:db:98:f2:1c:7d:76:92:37:a2:85:
8a:c4:4f:5e:3d:a8:b3:2f:c4:d5:fc:44:2e:f1:66:
7f:fb:21:2b:1a:18:bc:c2:9f:54:e1:f8:4b:7b:fa:
c5:7e:4e:b1:3a:c6:ca:cf:9f:2b:1d:52:f9:0c:d2:
c5:db:64:fa:58:61:3c:75:66:48:48:c5:79:6b:49:
37:c1:48:b0:e0:d1:2e:8b:ed:c2:02:ca:8b:15:b7:
cc:36:98:bb:92:6b:6b:f8:9f:db:94:d6:8b:26:2f:
b2:dc:05:ba:30:81:5d:a5:b5:7b:cf:7c:74:b7:4f:
e2:1f:33:db:c1:c7:49:fa:43:2d:b6:e1:f6:fb:13:
e4:4b:79:18:40:61:1e:97:d7:0f:8d:79:37:3e:7d:
58:3d:44:47:0c:b1:70:2c:5b:0c:7e:82:0b:ca:32:
67:67:38:7f:de:29:66:6b:da:e5:31:ca:b1:4f:c3:
37:67:8c:0f:c2:ec:7d:32:d1:87:4f:d0:6a:64:a8:
62:43:1f:59:7b:d7:ec:cc:0a:72:28:3e:c9:0d:ec:
9d:ec:d7:5a:57:6c:40:72:14:30:83:f4:bd:71:91:
3e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DE:CD:B9:89:2D:2F:AB:59:E7:76:F3:0C:92:7C:75:A0:88:A2:FB
X509v3 Authority Key Identifier:
keyid:CC:CA:76:3F:3D:B2:96:5A:1E:4E:B0:BF:76:C1:CB:86:8B:AA:E4:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/Cd7NuYktL6tZ53bzDJJ8daCIovs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.48.0-217.147.54.255
217.147.61.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:20:62:eb:28:0b:24:7c:f8:8b:7f:7f:0a:6c:34:8a:0d:e0:
15:9b:66:1e:ec:47:bd:68:54:a9:41:b6:e2:42:a9:1f:87:26:
89:12:70:d6:8e:a4:7a:ac:b4:71:06:2b:c6:89:8b:9e:05:7c:
9a:06:22:0d:3a:63:20:50:23:4d:5a:0d:b4:e2:cd:25:90:29:
34:d1:15:39:83:fc:38:d9:13:85:24:53:d8:a7:ee:bc:41:de:
37:c8:c1:53:d3:b7:d5:c2:41:37:04:94:26:dc:53:2e:79:34:
2b:62:d2:b2:44:ec:01:fd:7c:ae:3d:77:6e:00:e5:27:5d:1c:
9f:5c:58:12:88:6a:53:8f:ac:b3:5d:ab:98:af:14:90:f5:75:
bb:9d:f0:8d:40:bf:a9:54:8b:09:c4:e6:b9:2b:99:e4:ed:2e:
7e:cb:73:bb:d7:a2:e1:6d:48:5f:0a:07:79:1e:e5:01:c0:e5:
3c:1c:a4:33:c4:27:65:56:fc:6c:73:05:e9:11:f8:7f:26:97:
5c:c7:56:6e:a9:ec:c1:be:c9:13:05:9d:1d:44:c1:3a:f7:3f:
c7:fa:3f:d6:4f:1c:f3:1e:e9:66:c5:e2:a1:a9:15:69:99:d3:
70:f4:bd:8f:65:db:b6:1c:52:53:23:cf:76:7e:72:5f:e0:51:
b3:91:15:d0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZzXv2Y2IGQXvVFB/86p0FB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjY2E3NjNmM2RiMjk2NWExZTRlYjBiZjc2YzFjYjg2OGJh
YWU0NmQwHhcNMjYwMzEwMTIzNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWRlY2RiOTg5MmQyZmFiNTllNzc2ZjMwYzkyN2M3NWEwODhhMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDsSWTU+reeLd/DaiUxnL2IOvgrW
zzNjpz+X0vYInPK4XtuY8hx9dpI3ooWKxE9ePaizL8TV/EQu8WZ/+yErGhi8wp9U
4fhLe/rFfk6xOsbKz58rHVL5DNLF22T6WGE8dWZISMV5a0k3wUiw4NEui+3CAsqL
FbfMNpi7kmtr+J/blNaLJi+y3AW6MIFdpbV7z3x0t0/iHzPbwcdJ+kMttuH2+xPk
S3kYQGEel9cPjXk3Pn1YPURHDLFwLFsMfoILyjJnZzh/3ilma9rlMcqxT8M3Z4wP
wux9MtGHT9BqZKhiQx9Ze9fszApyKD7JDeyd7NdaV2xAchQwg/S9cZE+awIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAnezbmJLS+rWed28wySfHWgiKL7MB8GA1UdIwQY
MBaAFMzKdj89spZaHk6wv3bBy4aLquRtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek1wMlB6MnlsbG9lVHJDX2RzSExob3VxNUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xYzA5MGMtNzRkYi00NTMxLTk2Zjct
ZmFjNjNjMDNjMjVhLzEvQ2Q3TnVZa3RMNnRaNTNiekRKSjhkYUNJb3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8xYzA5MGMtNzRkYi00NTMxLTk2ZjctZmFjNjNjMDNjMjVh
LzEvek1wMlB6MnlsbG9lVHJDX2RzSExob3VxNUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBATZkzAD
BADZkzYDBADZkz0wDQYJKoZIhvcNAQELBQADggEBAH0gYusoCyR8+It/fwpsNIoN
4BWbZh7sR71oVKlBtuJCqR+HJokScNaOpHqstHEGK8aJi54FfJoGIg06YyBQI01a
DbTizSWQKTTRFTmD/DjZE4UkU9in7rxB3jfIwVPTt9XCQTcElCbcUy55NCti0rJE
7AH9fK49d24A5SddHJ9cWBKIalOPrLNdq5ivFJD1dbud8I1Av6lUiwnE5rkrmeTt
Ln7Lc7vXouFtSF8KB3ke5QHA5TwcpDPEJ2VW/GxzBekR+H8ml1zHVm6p7MG+yRMF
nR1EwTr3P8f6P9ZPHPMe6WbF4qGpFWmZ03D0vY9l27YcUlMjz3Z+cl/gUbORFdA=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:34:13 2026 by rpki-client