Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0llgz-vClFT3ugDVzPEZYXEs8Og.roa
File: 0llgz-vClFT3ugDVzPEZYXEs8Og.roa (raw, json)
Hash identifier: 8bGaHUYZ/gvCSD/3jCT7KOluTPShLyzFv4Oxgk2EqnM=
Subject key identifier: D2:59:60:CF:EB:C2:94:54:F7:BA:00:D5:CC:F1:19:61:71:2C:F0:E8
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D2AC6B6AE980F8F06C9B7120053AB977F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0llgz-vClFT3ugDVzPEZYXEs8Og.roa
Signing time: Thu 26 Mar 2026 15:32:39 +0000
ROA not before: Thu 26 Mar 2026 15:32:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200088
IP address blocks: 78.17.6.0/24 maxlen: 24
78.17.36.0/24 maxlen: 24
89.125.38.0/24 maxlen: 24
89.125.62.0/24 maxlen: 24
89.125.84.0/24 maxlen: 24
89.125.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 Apr 2026 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:c6:b6:ae:98:0f:8f:06:c9:b7:12:00:53:ab:97:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 26 15:32:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d25960cfebc29454f7ba00d5ccf11961712cf0e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b9:f6:8f:b0:7d:5e:df:ba:07:c9:43:0d:54:
7d:a5:d2:9b:0c:33:68:46:0f:4d:1b:f5:d6:cd:65:
5b:1d:85:4c:03:97:fa:fa:c6:23:17:48:71:58:61:
71:eb:f8:d2:5f:70:fd:d9:6d:fd:58:b5:05:53:0c:
f3:42:89:49:7d:c8:3f:68:f3:8d:b0:af:6f:85:5c:
2a:5c:b1:05:86:90:31:7c:46:ca:3f:3d:19:e6:52:
7b:f5:13:a1:2d:db:25:cc:4a:a9:ae:16:ad:83:0a:
8a:b9:f7:59:40:0a:5f:4e:31:8a:2d:ef:03:30:c1:
c8:08:7e:79:01:6a:e9:b8:54:25:a3:7d:a2:44:34:
05:4f:9c:e3:49:4b:8e:9d:f2:8b:7b:a0:48:8d:c2:
c3:86:ec:ff:15:da:91:c9:13:ea:f1:c0:ec:09:dc:
3a:25:6d:1e:e0:02:be:4b:30:f7:1f:d7:a8:10:e1:
b2:5f:6d:a9:f3:38:9c:e9:a7:de:1e:3b:1e:ca:14:
f0:dc:09:5b:bf:81:e9:68:e4:18:fa:4b:7f:1c:3f:
e5:64:a5:32:67:d8:8f:42:6b:87:7f:eb:e1:66:45:
be:56:ac:c3:a7:30:0a:17:1d:d2:84:af:88:68:dd:
20:93:2b:de:c3:78:d4:ec:06:c9:4a:b1:a6:7f:67:
3a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:59:60:CF:EB:C2:94:54:F7:BA:00:D5:CC:F1:19:61:71:2C:F0:E8
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0llgz-vClFT3ugDVzPEZYXEs8Og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.6.0/24
78.17.36.0/24
89.125.38.0/24
89.125.62.0/24
89.125.84.0/24
89.125.93.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:fe:72:03:a3:ea:ad:9c:b1:e5:f2:72:90:5d:91:03:7a:37:
08:02:6a:bb:53:9d:d1:8b:74:55:68:2d:79:06:0c:69:ad:b1:
90:5a:66:94:e9:72:5a:03:b9:19:41:a6:f0:f4:b5:28:c9:26:
c8:30:48:32:1d:54:eb:c2:0c:93:e2:82:4e:ad:a2:93:c0:85:
88:1e:5d:c7:11:ec:43:90:20:62:d1:24:31:37:f5:54:e7:9e:
d6:f4:4f:99:02:d0:db:2c:7c:46:2c:66:dc:48:06:0d:64:ac:
4e:12:46:b9:42:89:80:8e:ac:97:4c:be:35:c3:93:49:ae:7b:
08:c6:5f:21:a8:9c:0d:39:4d:14:55:08:ec:1b:cc:35:d9:2e:
da:73:81:b6:6a:b1:e1:bb:3a:a7:db:75:79:91:0f:35:f6:4e:
e0:74:88:77:0b:87:b8:fc:0e:be:03:dc:5d:64:48:8c:81:99:
61:bd:69:35:f9:0a:dd:9b:f8:f6:e9:6d:e0:fe:f5:b5:44:eb:
23:54:18:d2:a9:07:45:51:5f:83:35:e1:55:5d:b1:cc:68:ae:
79:c6:da:47:f5:0d:ae:15:10:fa:13:5e:21:da:81:da:eb:27:
3c:c1:bd:27:37:11:0f:8c:76:88:54:88:e5:36:8b:e7:23:06:
46:4e:5a:e5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ0qxraumA+PBsm3EgBTq5d/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMzI2MTUzMjM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU5NjBjZmViYzI5NDU0ZjdiYTAwZDVjY2YxMTk2MTcxMmNmMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrn2j7B9Xt+6B8lDDVR9pdKbDDNo
Rg9NG/XWzWVbHYVMA5f6+sYjF0hxWGFx6/jSX3D92W39WLUFUwzzQolJfcg/aPON
sK9vhVwqXLEFhpAxfEbKPz0Z5lJ79ROhLdslzEqprhatgwqKufdZQApfTjGKLe8D
MMHICH55AWrpuFQlo32iRDQFT5zjSUuOnfKLe6BIjcLDhuz/FdqRyRPq8cDsCdw6
JW0e4AK+SzD3H9eoEOGyX22p8zic6afeHjseyhTw3Albv4HpaOQY+kt/HD/lZKUy
Z9iPQmuHf+vhZkW+VqzDpzAKFx3ShK+IaN0gkyvew3jU7AbJSrGmf2c63wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNJZYM/rwpRU97oA1czxGWFxLPDoMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMGxsZ3otdkNsRlQzdWdEVnpQRVpZWEVzOE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAThEGAwQA
ThEkAwQAWX0mAwQAWX0+AwQAWX1UAwQAWX1dMA0GCSqGSIb3DQEBCwUAA4IBAQBb
/nIDo+qtnLHl8nKQXZEDejcIAmq7U53Ri3RVaC15BgxprbGQWmaU6XJaA7kZQabw
9LUoySbIMEgyHVTrwgyT4oJOraKTwIWIHl3HEexDkCBi0SQxN/VU557W9E+ZAtDb
LHxGLGbcSAYNZKxOEka5QomAjqyXTL41w5NJrnsIxl8hqJwNOU0UVQjsG8w12S7a
c4G2arHhuzqn23V5kQ819k7gdIh3C4e4/A6+A9xdZEiMgZlhvWk1+Qrdm/j26W3g
/vW1ROsjVBjSqQdFUV+DNeFVXbHMaK55xtpH9Q2uFRD6E14h2oHa6yc8wb0nNxEP
jHaIVIjlNovnIwZGTlrl
-----END CERTIFICATE-----
Generated at Wed Apr 1 23:44:03 2026 by rpki-client