Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/7Bt7y_-eCb4ZZsvhROvakcGtOos.roa
File: 7Bt7y_-eCb4ZZsvhROvakcGtOos.roa (raw, json)
Hash identifier: TxhP0W/b/pX7qFeVkAdpuT0O7P/4PLWbGzACtK3/ptM=
Subject key identifier: EC:1B:7B:CB:FF:9E:09:BE:19:66:CB:E1:44:EB:DA:91:C1:AD:3A:8B
Certificate issuer: /CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Certificate serial: 019D4D0105E5D79729BA53079E96EC3C55F8
Authority key identifier: 2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/7Bt7y_-eCb4ZZsvhROvakcGtOos.roa
Signing time: Thu 02 Apr 2026 07:03:25 +0000
ROA not before: Thu 02 Apr 2026 07:03:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207619
IP address blocks: 31.171.120.0/24 maxlen: 24
94.20.56.0/24 maxlen: 24
94.20.57.0/24 maxlen: 24
94.20.58.0/24 maxlen: 24
94.20.59.0/24 maxlen: 24
94.20.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.mft
rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4d:01:05:e5:d7:97:29:ba:53:07:9e:96:ec:3c:55:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Validity
Not Before: Apr 2 07:03:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ec1b7bcbff9e09be1966cbe144ebda91c1ad3a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:63:8e:c2:a7:73:fb:2b:d5:66:44:00:9f:ec:
7d:f3:b0:61:64:87:be:fc:68:67:6d:e5:78:77:13:
22:a0:fe:c9:72:f3:77:a1:58:a1:44:23:d5:71:a3:
07:3a:16:d9:bf:ab:a7:d3:cd:63:23:ae:43:2b:c7:
c9:39:94:8b:43:73:92:4e:2f:df:4f:91:53:cc:be:
0e:8a:66:58:ce:9a:56:18:3d:55:90:fa:6e:39:ce:
bf:0c:99:d7:1e:91:3d:13:e3:61:74:57:a1:4f:95:
bf:32:90:45:1b:5e:c7:f1:d6:dd:15:dd:8e:5f:ae:
a3:ba:e3:9d:e6:27:a4:35:b1:53:a5:1b:80:16:86:
ff:49:94:ca:b9:f1:8e:93:3e:ce:08:ea:80:43:ee:
30:03:7d:68:c2:43:66:e6:90:cb:a9:34:e6:c2:ee:
3c:d0:85:78:8d:25:8f:3e:c0:68:bc:aa:d1:d0:d5:
75:52:5f:53:93:37:eb:54:41:50:79:f6:c6:e2:9c:
1a:b6:a4:de:dc:70:3e:8e:5c:7f:c9:81:a0:4a:0f:
06:37:86:1e:a7:22:3c:6e:f8:01:da:39:69:4b:61:
45:1f:ac:9c:51:58:a1:b3:04:44:0e:46:b9:4f:88:
9f:d2:35:6e:89:9e:4f:6d:60:99:64:ec:e8:99:69:
5f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:1B:7B:CB:FF:9E:09:BE:19:66:CB:E1:44:EB:DA:91:C1:AD:3A:8B
X509v3 Authority Key Identifier:
keyid:2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/7Bt7y_-eCb4ZZsvhROvakcGtOos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.120.0/24
94.20.56.0/22
94.20.88.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:d0:3a:5e:49:64:bd:e2:30:c4:00:d3:32:67:b4:02:96:a8:
fa:ec:e2:f9:c8:46:be:b2:aa:80:e7:e2:50:6d:bf:f3:50:cf:
b3:e2:a5:1d:29:ba:29:9e:0f:a0:b4:7e:9a:20:22:5c:06:8f:
48:33:ca:e8:83:67:cd:b3:6e:cc:10:f6:4f:f5:c5:53:f0:06:
fc:a2:7f:12:83:81:b7:6e:c8:cd:7e:83:85:47:3a:b0:08:c2:
5a:b3:16:86:13:4a:23:75:ce:58:08:2e:63:63:fe:9d:4a:3a:
80:0e:ee:e4:8c:c1:06:7f:8f:29:e9:93:bf:a0:89:46:06:39:
1b:4f:8d:37:62:a7:ca:2e:12:f3:2d:49:cb:f0:89:61:f6:2e:
9b:c5:b5:b0:16:19:41:c8:01:fe:15:71:b9:f8:56:e6:30:db:
48:c3:3c:57:fd:30:1c:46:07:6d:f5:82:78:24:0d:00:9e:1b:
7c:96:ae:1b:a4:dc:f9:ae:af:54:05:66:e0:28:af:85:1f:a6:
ac:11:66:c1:a9:7e:88:ff:fd:05:1b:5a:9f:58:30:9f:d5:37:
22:4b:1a:26:a5:de:cf:df:cd:4f:e6:b6:e0:ac:64:de:18:25:
e3:10:cf:fe:a6:86:06:02:2b:c0:6d:fd:df:d5:ea:6c:f8:5a:
63:27:71:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ1NAQXl15cpulMHnpbsPFX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjUyYTQ3NzI0MmZiNDVmMjBiYjA4MDIwYTQwM2EyYmI0
NjZhOWIwHhcNMjYwNDAyMDcwMzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzFiN2JjYmZmOWUwOWJlMTk2NmNiZTE0NGViZGE5MWMxYWQzYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWOOwqdz+yvVZkQAn+x987BhZIe+
/GhnbeV4dxMioP7JcvN3oVihRCPVcaMHOhbZv6un081jI65DK8fJOZSLQ3OSTi/f
T5FTzL4OimZYzppWGD1VkPpuOc6/DJnXHpE9E+NhdFehT5W/MpBFG17H8dbdFd2O
X66juuOd5iekNbFTpRuAFob/SZTKufGOkz7OCOqAQ+4wA31owkNm5pDLqTTmwu48
0IV4jSWPPsBovKrR0NV1Ul9TkzfrVEFQefbG4pwatqTe3HA+jlx/yYGgSg8GN4Ye
pyI8bvgB2jlpS2FFH6ycUVihswREDka5T4if0jVuiZ5PbWCZZOzomWlfbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOwbe8v/ngm+GWbL4UTr2pHBrTqLMB8GA1UdIwQY
MBaAFC4lKkdyQvtF8guwgCCkA6K7RmqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmIt
MTZmMTQ2YmVmOTk1LzEvN0J0N3lfLWVDYjRaWnN2aFJPdmFrY0d0T29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmItMTZmMTQ2YmVmOTk1
LzEvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH6t4AwQC
XhQ4AwQAXhRYMA0GCSqGSIb3DQEBCwUAA4IBAQB70DpeSWS94jDEANMyZ7QClqj6
7OL5yEa+sqqA5+JQbb/zUM+z4qUdKbopng+gtH6aICJcBo9IM8rog2fNs27MEPZP
9cVT8Ab8on8Sg4G3bsjNfoOFRzqwCMJasxaGE0ojdc5YCC5jY/6dSjqADu7kjMEG
f48p6ZO/oIlGBjkbT403YqfKLhLzLUnL8Ilh9i6bxbWwFhlByAH+FXG5+FbmMNtI
wzxX/TAcRgdt9YJ4JA0Anht8lq4bpNz5rq9UBWbgKK+FH6asEWbBqX6I//0FG1qf
WDCf1TciSxompd7P381P5rbgrGTeGCXjEM/+poYGAivAbf3f1eps+FpjJ3Hf
-----END CERTIFICATE-----
Generated at Mon Apr 27 17:22:18 2026 by rpki-client