Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/l7JQGn_n6HJoAjCRK0iZqqfsgoc.roa
File: l7JQGn_n6HJoAjCRK0iZqqfsgoc.roa (raw, json)
Hash identifier: Vjt7JdpE72vwlq+06T3t1eqhrR5s1+I0NWYinYYzgbs=
Subject key identifier: 97:B2:50:1A:7F:E7:E8:72:68:02:30:91:2B:48:99:AA:A7:EC:82:87
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019DFD42174F4D371F2C705F3D00A1611800
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/l7JQGn_n6HJoAjCRK0iZqqfsgoc.roa
Signing time: Wed 06 May 2026 12:27:40 +0000
ROA not before: Wed 06 May 2026 12:27:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1257
IP address blocks: 192.71.180.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
192.121.104.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
193.180.240.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
193.181.2.0/24 maxlen: 24
193.183.165.0/24 maxlen: 24
193.234.16.0/24 maxlen: 24
193.234.87.0/24 maxlen: 24
193.234.177.0/24 maxlen: 24
193.235.80.0/24 maxlen: 24
193.235.82.0/24 maxlen: 24
194.14.15.0/24 maxlen: 24
194.68.174.0/23 maxlen: 23
194.68.238.0/24 maxlen: 24
194.71.104.0/23 maxlen: 23
194.71.104.0/24 maxlen: 24
194.71.105.0/24 maxlen: 24
194.71.178.0/24 maxlen: 24
194.71.179.0/24 maxlen: 24
194.71.248.0/21 maxlen: 24
194.103.24.0/22 maxlen: 24
194.103.206.0/24 maxlen: 24
194.132.60.0/24 maxlen: 24
194.132.128.0/22 maxlen: 22
2a01:280:310::/48 maxlen: 48
2a01:280:360::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:42:17:4f:4d:37:1f:2c:70:5f:3d:00:a1:61:18:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 6 12:27:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=97b2501a7fe7e872680230912b4899aaa7ec8287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6a:5b:83:ea:b1:e0:5b:bc:5b:7d:a2:a1:7b:
e5:3b:ef:d3:3f:cb:ed:ba:48:0c:31:4c:f2:a3:0b:
9b:28:1a:b0:2c:73:41:e7:0e:a2:f2:57:f6:1d:82:
58:de:df:4b:44:47:7d:33:90:ef:82:73:b4:8b:ae:
61:88:76:a4:f0:ab:cb:bb:ec:87:22:cd:29:22:29:
8a:5f:11:33:aa:bb:6a:f3:15:f8:70:f1:f8:58:15:
83:54:b3:19:ad:92:ff:be:e0:fa:62:88:7e:3b:4f:
8d:0c:0a:cf:09:17:53:22:f6:6b:a3:db:af:b6:bb:
66:fc:49:2a:49:49:90:61:fb:57:90:1f:5e:15:74:
cf:d5:ad:f0:d0:02:39:2d:75:7a:97:39:de:db:21:
d1:1c:eb:c4:d9:c4:86:78:d7:78:8a:0b:ec:bc:9b:
47:c7:bf:bf:31:d9:c8:35:94:80:55:cb:0e:91:bb:
1a:55:8e:ab:a7:b7:27:39:23:84:87:0c:14:5e:9e:
85:1e:70:4c:2e:f2:b5:49:d0:b6:f1:24:e1:8a:98:
cf:c2:1e:bc:11:74:9c:d8:92:aa:9c:53:9f:9a:dd:
d8:78:9c:66:49:3a:91:5d:b8:61:27:3f:39:c9:59:
d6:59:13:74:26:02:7e:3f:51:a6:b5:f2:34:04:0d:
a9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B2:50:1A:7F:E7:E8:72:68:02:30:91:2B:48:99:AA:A7:EC:82:87
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/l7JQGn_n6HJoAjCRK0iZqqfsgoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
192.121.104.0/24
193.180.207.0/24
193.180.240.0/24
193.180.247.0/24
193.181.2.0/24
193.183.165.0/24
193.234.16.0/24
193.234.87.0/24
193.234.177.0/24
193.235.80.0/24
193.235.82.0/24
194.14.15.0/24
194.68.174.0/23
194.68.238.0/24
194.71.104.0/23
194.71.178.0/23
194.71.248.0/21
194.103.24.0/22
194.103.206.0/24
194.132.60.0/24
194.132.128.0/22
IPv6:
2a01:280:310::/48
2a01:280:360::/48
Signature Algorithm: sha256WithRSAEncryption
7b:1d:fd:3b:f0:30:a1:69:8f:8e:f6:73:52:bb:9c:03:18:57:
5e:5e:4d:5d:61:9e:b9:d8:71:b0:61:ec:bd:46:4a:68:9b:2d:
b4:eb:fa:f4:de:77:a6:a3:09:f9:d2:0d:dc:69:55:6c:8e:2a:
c4:d0:12:c7:f2:da:51:ed:c0:28:d3:5a:9c:91:17:ad:78:b5:
ff:ac:44:ba:99:65:b1:00:39:7b:9a:30:40:e7:56:cb:77:0e:
5a:43:78:ca:96:8b:ad:80:ed:78:ab:97:f3:19:5f:92:c5:ba:
c9:97:96:ec:56:c8:8b:36:d3:68:6f:c1:65:09:e4:61:2e:77:
f9:f9:e3:15:9e:df:05:60:0e:5f:5b:6a:55:ea:17:ff:85:6f:
74:18:05:b6:72:5c:b4:f0:9e:aa:8f:46:c2:18:d7:4a:21:f5:
20:bc:10:39:8a:b6:9a:fd:49:cd:eb:04:7c:96:26:1d:c4:0a:
19:02:32:5b:1f:12:bc:1e:73:79:10:c7:df:78:ca:4c:6e:67:
fe:e5:8e:63:7e:35:f2:bc:e4:dd:d8:ce:1f:07:d3:6a:0a:48:
1d:58:6a:53:e9:e3:9e:2c:07:61:a4:3a:c4:cc:73:bb:5f:71:
03:bc:dd:a6:84:80:8c:bf:f7:2a:6e:15:8c:7b:48:55:01:c2:
53:07:cc:33
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZ39QhdPTTcfLHBfPQChYRgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwNTA2MTIyNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2IyNTAxYTdmZTdlODcyNjgwMjMwOTEyYjQ4OTlhYWE3ZWM4Mjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWpbg+qx4Fu8W32ioXvlO+/TP8vt
ukgMMUzyowubKBqwLHNB5w6i8lf2HYJY3t9LREd9M5DvgnO0i65hiHak8KvLu+yH
Is0pIimKXxEzqrtq8xX4cPH4WBWDVLMZrZL/vuD6Yoh+O0+NDArPCRdTIvZro9uv
trtm/EkqSUmQYftXkB9eFXTP1a3w0AI5LXV6lzne2yHRHOvE2cSGeNd4igvsvJtH
x7+/MdnINZSAVcsOkbsaVY6rp7cnOSOEhwwUXp6FHnBMLvK1SdC28SThipjPwh68
EXSc2JKqnFOfmt3YeJxmSTqRXbhhJz85yVnWWRN0JgJ+P1GmtfI0BA2paQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFJeyUBp/5+hyaAIwkStImaqn7IKHMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbDdKUUduX242SEpvQWpDUkswaVpxcWZzZ29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBkQQCAAEwgYoDBADA
R7QDBADAR9wDBADAeWgDBADBtM8DBADBtPADBADBtPcDBADBtQIDBADBt6UDBADB
6hADBADB6lcDBADB6rEDBADB61ADBADB61IDBADCDg8DBAHCRK4DBADCRO4DBAHC
R2gDBAHCR7IDBAPCR/gDBALCZxgDBADCZ84DBADChDwDBALChIAwGAQCAAIwEgMH
ACoBAoADEAMHACoBAoADYDANBgkqhkiG9w0BAQsFAAOCAQEAex39O/AwoWmPjvZz
UrucAxhXXl5NXWGeudhxsGHsvUZKaJsttOv69N53pqMJ+dIN3GlVbI4qxNASx/La
Ue3AKNNanJEXrXi1/6xEupllsQA5e5owQOdWy3cOWkN4ypaLrYDteKuX8xlfksW6
yZeW7FbIizbTaG/BZQnkYS53+fnjFZ7fBWAOX1tqVeoX/4VvdBgFtnJctPCeqo9G
whjXSiH1ILwQOYq2mv1JzesEfJYmHcQKGQIyWx8SvB5zeRDH33jKTG5n/uWOY341
8rzk3djOHwfTagpIHVhqU+njniwHYaQ6xMxzu19xA7zdpoSAjL/3Km4VjHtIVQHC
UwfMMw==
-----END CERTIFICATE-----
Generated at Wed May 13 14:03:37 2026 by rpki-client