Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/cSQcTNTcuB5ZxbDmY6d0HwE5biY.roa
File: cSQcTNTcuB5ZxbDmY6d0HwE5biY.roa (raw, json)
Hash identifier: dIJjtsAkjjvgVBWT3rmechWZBMKMe3dCrtO8BwyBZbk=
Subject key identifier: 71:24:1C:4C:D4:DC:B8:1E:59:C5:B0:E6:63:A7:74:1F:01:39:6E:26
Certificate issuer: /CN=aca1f4713024804c445403af63fa644b2a935d24
Certificate serial: 019CE2C8B8F137B251D8D3BDF3F6CF0E1C6D
Authority key identifier: AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/cSQcTNTcuB5ZxbDmY6d0HwE5biY.roa
Signing time: Thu 12 Mar 2026 16:02:11 +0000
ROA not before: Thu 12 Mar 2026 16:02:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12902
IP address blocks: 79.98.168.0/21 maxlen: 24
79.98.170.0/24 maxlen: 24
185.32.232.0/22 maxlen: 24
185.44.244.0/22 maxlen: 24
185.45.116.0/22 maxlen: 24
185.47.20.0/22 maxlen: 24
185.50.92.0/22 maxlen: 24
185.50.93.0/24 maxlen: 24
185.50.95.0/24 maxlen: 24
185.225.220.0/22 maxlen: 24
185.225.220.0/24 maxlen: 24
185.240.112.0/22 maxlen: 24
194.180.219.0/24 maxlen: 24
217.77.128.0/19 maxlen: 24
217.77.144.0/24 maxlen: 24
2001:9c0::/32 maxlen: 32
2a00:c660::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:c8:b8:f1:37:b2:51:d8:d3:bd:f3:f6:cf:0e:1c:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca1f4713024804c445403af63fa644b2a935d24
Validity
Not Before: Mar 12 16:02:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=71241c4cd4dcb81e59c5b0e663a7741f01396e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1e:0c:b5:e8:f9:4e:c4:d6:b3:2b:10:24:da:
7f:ac:6d:72:88:2f:c8:4e:39:89:57:c4:2c:d5:11:
8b:5d:12:0c:f0:b7:92:a4:85:3d:c4:04:8f:ec:9f:
ca:d0:a2:51:d0:b9:cb:42:cc:5f:43:9a:b9:a1:dc:
2e:e4:70:cb:7a:6c:1c:5b:cb:eb:c5:5f:cb:89:8c:
f2:2b:a3:fd:b2:ec:26:d4:29:03:ab:11:e3:f8:dd:
56:fe:3b:67:9c:a8:2a:e9:ed:13:b9:32:21:af:7f:
7f:7a:6f:f9:be:fb:91:33:6b:e5:d2:23:87:df:f1:
7f:c0:cb:43:75:de:d3:96:98:d6:3d:26:86:9b:79:
05:1c:b7:f5:03:f0:fd:3e:86:ff:46:c4:80:f3:3d:
5e:7c:bc:b3:09:80:97:b7:c5:b9:10:fb:46:4f:f9:
aa:b4:df:2a:65:07:5f:14:8e:ba:55:f5:bc:6b:46:
18:e3:9e:ee:6f:ba:5a:47:04:7b:fb:7a:a8:8e:61:
08:d5:c1:ef:40:d3:80:15:40:91:1d:8d:8b:e1:a7:
cb:af:bd:c0:16:b0:bb:ed:47:9d:4e:83:c8:cd:24:
23:9b:c7:1f:2d:04:e7:72:44:22:91:d7:08:a9:b0:
c4:31:81:ae:a4:52:f5:32:f0:50:fb:79:9c:d9:a1:
9e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:24:1C:4C:D4:DC:B8:1E:59:C5:B0:E6:63:A7:74:1F:01:39:6E:26
X509v3 Authority Key Identifier:
keyid:AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/cSQcTNTcuB5ZxbDmY6d0HwE5biY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.168.0/21
185.32.232.0/22
185.44.244.0/22
185.45.116.0/22
185.47.20.0/22
185.50.92.0/22
185.225.220.0/22
185.240.112.0/22
194.180.219.0/24
217.77.128.0/19
IPv6:
2001:9c0::/32
2a00:c660::/29
Signature Algorithm: sha256WithRSAEncryption
8f:3d:09:df:75:ad:28:06:c5:db:d4:4f:69:f6:2c:ec:c2:bf:
c6:79:e1:d9:a0:8d:c1:bb:a4:66:4a:c4:b0:69:d3:df:d7:77:
bb:e0:5b:01:e0:4a:ad:d8:f8:5d:38:a3:d4:d7:33:e0:8a:27:
90:ce:2b:39:05:a9:f3:ac:61:b9:69:fd:2f:b0:5d:68:c5:8a:
58:ef:09:a3:18:68:51:43:fc:ac:99:a7:60:b7:3c:76:cc:b5:
4c:23:9a:0d:b0:43:a5:70:f5:cb:85:c1:57:02:45:8b:0e:53:
7a:a8:0f:28:5b:90:de:9a:c4:49:6f:28:dc:87:98:e0:66:88:
bb:4d:05:e8:08:14:c8:e2:5a:11:9b:6b:9b:aa:cf:36:6a:6d:
6e:2c:6a:8f:b9:d0:c7:d7:88:92:d5:05:6e:e2:ca:ee:55:f8:
78:e2:aa:57:73:c2:f2:b8:51:ed:bf:fa:81:e9:23:65:69:b3:
33:2b:cf:67:fa:bf:41:9d:fa:8c:54:6f:32:6d:d9:af:f0:c2:
00:ea:9b:b4:3b:bf:e1:25:de:42:92:bc:3f:9c:9e:a9:63:1d:
3a:58:64:db:02:f1:94:86:6a:5f:e4:e4:0f:c1:0b:c4:d6:b3:
4f:2e:3c:51:99:4a:92:30:dc:e1:4c:97:d4:a4:52:30:29:18:
85:a9:b7:43
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZziyLjxN7JR2NO98/bPDhxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTFmNDcxMzAyNDgwNGM0NDU0MDNhZjYzZmE2NDRiMmE5
MzVkMjQwHhcNMjYwMzEyMTYwMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTI0MWM0Y2Q0ZGNiODFlNTljNWIwZTY2M2E3NzQxZjAxMzk2ZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx4Mtej5TsTWsysQJNp/rG1yiC/I
TjmJV8Qs1RGLXRIM8LeSpIU9xASP7J/K0KJR0LnLQsxfQ5q5odwu5HDLemwcW8vr
xV/LiYzyK6P9suwm1CkDqxHj+N1W/jtnnKgq6e0TuTIhr39/em/5vvuRM2vl0iOH
3/F/wMtDdd7TlpjWPSaGm3kFHLf1A/D9Pob/RsSA8z1efLyzCYCXt8W5EPtGT/mq
tN8qZQdfFI66VfW8a0YY457ub7paRwR7+3qojmEI1cHvQNOAFUCRHY2L4afLr73A
FrC77UedToPIzSQjm8cfLQTnckQikdcIqbDEMYGupFL1MvBQ+3mc2aGeKwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFHEkHEzU3LgeWcWw5mOndB8BOW4mMB8GA1UdIwQY
MBaAFKyh9HEwJIBMRFQDr2P6ZEsqk10kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgt
NWNhMDE2YTEwMDU0LzEvY1NRY1ROVGN1QjVaeGJEbVk2ZDBId0U1YmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgtNWNhMDE2YTEwMDU0
LzEvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQDT2KoAwQC
uSDoAwQCuSz0AwQCuS10AwQCuS8UAwQCuTJcAwQCueHcAwQCufBwAwQAwrTbAwQF
2U2AMBQEAgACMA4DBQAgAQnAAwUDKgDGYDANBgkqhkiG9w0BAQsFAAOCAQEAjz0J
33WtKAbF29RPafYs7MK/xnnh2aCNwbukZkrEsGnT39d3u+BbAeBKrdj4XTij1Ncz
4IonkM4rOQWp86xhuWn9L7BdaMWKWO8JoxhoUUP8rJmnYLc8dsy1TCOaDbBDpXD1
y4XBVwJFiw5TeqgPKFuQ3prESW8o3IeY4GaIu00F6AgUyOJaEZtrm6rPNmptbixq
j7nQx9eIktUFbuLK7lX4eOKqV3PC8rhR7b/6gekjZWmzMyvPZ/q/QZ36jFRvMm3Z
r/DCAOqbtDu/4SXeQpK8P5yeqWMdOlhk2wLxlIZqX+TkD8ELxNazTy48UZlKkjDc
4UyX1KRSMCkYham3Qw==
-----END CERTIFICATE-----
Generated at Fri Mar 13 12:08:03 2026 by rpki-client