Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/iBrzoJ4P7RKd300eOF4qUe3LCl4.roa
File: iBrzoJ4P7RKd300eOF4qUe3LCl4.roa (raw, json)
Hash identifier: QIdg4eDqVZUaeV5vnK1TSNPsCbX4Vczgh0HCqrqiwcA=
Subject key identifier: 88:1A:F3:A0:9E:0F:ED:12:9D:DF:4D:1E:38:5E:2A:51:ED:CB:0A:5E
Certificate issuer: /CN=b7cc2da2bdb97be912a2d942ebe7eafa4651e885
Certificate serial: 019CF69D9A388BB6223DFDFBE1F7EB8D4E6C
Authority key identifier: B7:CC:2D:A2:BD:B9:7B:E9:12:A2:D9:42:EB:E7:EA:FA:46:51:E8:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t8wtor25e-kSotlC6-fq-kZR6IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/iBrzoJ4P7RKd300eOF4qUe3LCl4.roa
Signing time: Mon 16 Mar 2026 12:27:29 +0000
ROA not before: Mon 16 Mar 2026 12:27:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44314
IP address blocks: 79.170.176.0/21 maxlen: 21
79.170.176.0/22 maxlen: 22
79.170.176.0/23 maxlen: 23
79.170.176.0/24 maxlen: 24
79.170.177.0/24 maxlen: 24
79.170.178.0/23 maxlen: 23
79.170.178.0/24 maxlen: 24
79.170.179.0/24 maxlen: 24
79.170.180.0/22 maxlen: 22
79.170.180.0/23 maxlen: 23
79.170.180.0/24 maxlen: 24
79.170.181.0/24 maxlen: 24
79.170.182.0/23 maxlen: 23
79.170.182.0/24 maxlen: 24
79.170.183.0/24 maxlen: 24
185.83.52.0/22 maxlen: 22
185.83.52.0/23 maxlen: 23
185.83.52.0/24 maxlen: 24
185.83.53.0/24 maxlen: 24
185.83.54.0/23 maxlen: 23
185.83.54.0/24 maxlen: 24
185.83.55.0/24 maxlen: 24
2a01:4e8::/29 maxlen: 29
2a01:4e8::/31 maxlen: 31
2a01:4e8::/32 maxlen: 32
2a01:4e8::/33 maxlen: 33
2a01:4e8::/34 maxlen: 34
2a01:4e8:127::/48 maxlen: 48
2a01:4e8:182::/48 maxlen: 48
2a01:4e8:f1d::/48 maxlen: 48
2a01:4e8:3a4d::/48 maxlen: 48
2a01:4e8:4000::/34 maxlen: 34
2a01:4e8:8000::/33 maxlen: 33
2a01:4e8:8000::/34 maxlen: 34
2a01:4e8:bce0::/48 maxlen: 48
2a01:4e8:c000::/34 maxlen: 34
2a01:4e8:c0c0::/48 maxlen: 48
2a01:4e8:c22c::/48 maxlen: 48
2a01:4e8:cafe::/48 maxlen: 48
2a01:4e8:cccc::/48 maxlen: 48
2a01:4e8:cda8::/48 maxlen: 48
2a01:4e8:feed::/48 maxlen: 48
2a01:4e8:ffff::/48 maxlen: 48
2a01:4e9::/32 maxlen: 32
2a01:4ea::/31 maxlen: 31
2a01:4ea::/32 maxlen: 32
2a01:4eb::/32 maxlen: 32
2a01:4ec::/31 maxlen: 31
2a01:4ec::/32 maxlen: 32
2a01:4ed::/32 maxlen: 32
2a01:4ee::/31 maxlen: 31
2a01:4ee::/32 maxlen: 32
2a01:4ef::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/t8wtor25e-kSotlC6-fq-kZR6IU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/t8wtor25e-kSotlC6-fq-kZR6IU.mft
rsync://rpki.ripe.net/repository/DEFAULT/t8wtor25e-kSotlC6-fq-kZR6IU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f6:9d:9a:38:8b:b6:22:3d:fd:fb:e1:f7:eb:8d:4e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7cc2da2bdb97be912a2d942ebe7eafa4651e885
Validity
Not Before: Mar 16 12:27:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=881af3a09e0fed129ddf4d1e385e2a51edcb0a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:48:e6:31:b9:5a:71:8c:4f:70:55:30:43:c2:
21:a6:12:68:2f:be:25:ab:34:4f:0f:45:ac:fb:c1:
03:a9:00:6b:97:81:57:bd:fb:ef:9d:50:14:5c:16:
a8:44:5d:5f:24:96:cd:7a:89:e2:3a:c0:d6:45:3e:
6a:a1:cb:e9:81:7b:86:63:e4:24:f5:d1:fe:53:92:
f9:2c:5d:fc:cc:30:d5:c8:7d:c3:3c:aa:db:99:60:
24:03:b8:c7:59:8d:0e:56:ed:43:83:c4:ca:6b:39:
53:b5:b1:c2:23:da:3a:87:e0:c7:77:c8:7f:44:32:
cb:96:d9:c1:33:2d:df:cf:73:78:e6:39:c5:97:e5:
fe:ff:39:9b:2f:3e:0e:49:f4:5b:bb:54:3f:f6:83:
33:b5:c1:94:aa:fb:70:86:9d:af:43:13:13:3c:22:
d6:d7:d1:71:78:71:fa:f9:76:3a:5b:06:50:77:46:
0a:fc:d2:3c:44:a4:57:2b:9b:65:0a:a9:70:72:e4:
4d:86:ef:3b:04:7a:2b:3c:38:ad:c1:26:05:e3:f8:
b0:b7:ed:e3:79:b1:2e:40:e0:e8:0e:7e:7c:3c:fc:
e9:ab:25:52:95:c4:7d:b5:43:7a:9a:6f:8f:6d:8a:
16:4d:47:87:d5:c0:58:4d:9b:75:a7:34:7d:bb:6b:
ee:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1A:F3:A0:9E:0F:ED:12:9D:DF:4D:1E:38:5E:2A:51:ED:CB:0A:5E
X509v3 Authority Key Identifier:
keyid:B7:CC:2D:A2:BD:B9:7B:E9:12:A2:D9:42:EB:E7:EA:FA:46:51:E8:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t8wtor25e-kSotlC6-fq-kZR6IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/iBrzoJ4P7RKd300eOF4qUe3LCl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/t8wtor25e-kSotlC6-fq-kZR6IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.176.0/21
185.83.52.0/22
IPv6:
2a01:4e8::/29
Signature Algorithm: sha256WithRSAEncryption
68:68:f2:91:3d:fd:bd:ff:4c:b6:d5:37:29:26:79:40:ca:58:
3f:4c:4c:80:9c:eb:4d:11:74:43:4d:a8:1c:74:34:a5:c7:43:
62:97:4e:84:7c:62:98:96:29:13:66:2c:62:36:ac:8d:99:45:
76:e1:bb:3f:88:b2:dc:2b:6c:5e:20:d9:c0:a4:4d:99:f3:9f:
db:16:cf:b7:fb:80:cf:e2:0a:9e:3e:f0:bf:c7:45:cd:d3:89:
63:aa:1b:29:09:39:1e:56:c3:a8:6b:ba:fe:b3:3e:48:0f:04:
18:19:00:c7:81:01:69:b5:3b:14:6f:ba:e1:85:e2:6d:12:1b:
00:57:58:c6:34:bb:3a:2b:14:af:fd:79:b0:d9:c6:82:16:22:
d7:f1:88:cc:f6:4e:a2:d5:68:20:69:cd:a8:8c:36:8a:9e:cd:
af:8e:71:5a:4e:b3:9b:f6:3b:1f:85:2d:12:3f:8f:59:37:3b:
ed:a1:e2:47:1c:6a:f4:ed:5c:0f:15:a6:8f:0c:af:18:eb:69:
87:a9:df:34:f1:22:4c:db:65:06:ce:c7:22:5a:b9:81:5b:40:
3c:89:9e:5e:e0:07:b2:8e:7d:90:41:c7:c9:82:6e:af:ae:71:
28:5c:be:0e:f1:f0:d6:27:4a:1f:f6:5a:a7:0a:63:21:1a:89:
ed:54:b2:0e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZz2nZo4i7YiPf374ffrjU5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Y2MyZGEyYmRiOTdiZTkxMmEyZDk0MmViZTdlYWZhNDY1
MWU4ODUwHhcNMjYwMzE2MTIyNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODFhZjNhMDllMGZlZDEyOWRkZjRkMWUzODVlMmE1MWVkY2IwYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUjmMblacYxPcFUwQ8IhphJoL74l
qzRPD0Ws+8EDqQBrl4FXvfvvnVAUXBaoRF1fJJbNeoniOsDWRT5qocvpgXuGY+Qk
9dH+U5L5LF38zDDVyH3DPKrbmWAkA7jHWY0OVu1Dg8TKazlTtbHCI9o6h+DHd8h/
RDLLltnBMy3fz3N45jnFl+X+/zmbLz4OSfRbu1Q/9oMztcGUqvtwhp2vQxMTPCLW
19FxeHH6+XY6WwZQd0YK/NI8RKRXK5tlCqlwcuRNhu87BHorPDitwSYF4/iwt+3j
ebEuQODoDn58PPzpqyVSlcR9tUN6mm+PbYoWTUeH1cBYTZt1pzR9u2vu3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIga86CeD+0Snd9NHjheKlHtywpeMB8GA1UdIwQY
MBaAFLfMLaK9uXvpEqLZQuvn6vpGUeiFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDh3dG9yMjVlLWtTb3RsQzYtZnEta1pSNklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9lZTZjNmEtZmI1NS00ZGM4LTlkY2Yt
MjJlN2EzN2U4ZTM4LzEvaUJyem9KNFA3UktkMzAwZU9GNHFVZTNMQ2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9lZTZjNmEtZmI1NS00ZGM4LTlkY2YtMjJlN2EzN2U4ZTM4
LzEvdDh3dG9yMjVlLWtTb3RsQzYtZnEta1pSNklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT6qwAwQC
uVM0MA0EAgACMAcDBQMqAQToMA0GCSqGSIb3DQEBCwUAA4IBAQBoaPKRPf29/0y2
1TcpJnlAylg/TEyAnOtNEXRDTagcdDSlx0Nil06EfGKYlikTZixiNqyNmUV24bs/
iLLcK2xeINnApE2Z85/bFs+3+4DP4gqePvC/x0XN04ljqhspCTkeVsOoa7r+sz5I
DwQYGQDHgQFptTsUb7rhheJtEhsAV1jGNLs6KxSv/Xmw2caCFiLX8YjM9k6i1Wgg
ac2ojDaKns2vjnFaTrOb9jsfhS0SP49ZNzvtoeJHHGr07VwPFaaPDK8Y62mHqd80
8SJM22UGzsciWrmBW0A8iZ5e4Aeyjn2QQcfJgm6vrnEoXL4O8fDWJ0of9lqnCmMh
GontVLIO
-----END CERTIFICATE-----
Generated at Fri Mar 27 01:25:23 2026 by rpki-client