Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/ra7_KZEiDFEgBecljzzMSndphEo.roa
File: ra7_KZEiDFEgBecljzzMSndphEo.roa (raw, json)
Hash identifier: mMCalNTgwgkZZuIBEJzs38izbqU0jTo1vgd1t6aK83U=
Subject key identifier: AD:AE:FF:29:91:22:0C:51:20:05:E7:25:8F:3C:CC:4A:77:69:84:4A
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 019E51B1A3A146B51E9B87F569DEFAF91714
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/ra7_KZEiDFEgBecljzzMSndphEo.roa
Signing time: Fri 22 May 2026 21:57:36 +0000
ROA not before: Fri 22 May 2026 21:57:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 812
IP address blocks: 9.232.0.0/20 maxlen: 20
9.233.112.0/21 maxlen: 21
9.249.96.0/22 maxlen: 22
9.249.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 21:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:51:b1:a3:a1:46:b5:1e:9b:87:f5:69:de:fa:f9:17:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: May 22 21:57:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=adaeff2991220c512005e7258f3ccc4a7769844a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:33:a1:a7:14:33:7a:91:6b:f4:e2:9c:8b:72:
1e:ef:10:37:f2:19:0a:83:fd:84:ab:fb:00:1e:e2:
2e:25:05:69:e9:b2:d5:d6:f8:0a:3c:72:25:d2:1b:
e9:e0:d0:f5:d5:da:f4:64:5e:87:30:c7:e4:bf:14:
74:20:c2:10:9e:dd:df:62:9b:76:c9:dc:ef:ab:8e:
25:35:72:c8:c4:4a:73:1b:1e:9a:10:29:f2:ff:7a:
34:8f:02:4f:92:7e:ec:0e:0e:0b:57:d3:2d:04:3b:
61:59:1a:99:7c:56:0f:f8:d0:0f:42:33:6b:5b:0a:
05:6f:e1:36:49:65:63:16:30:6f:0f:a1:a6:bd:ad:
da:53:ee:24:d7:b2:f2:4f:3c:d9:c3:16:00:a1:66:
6a:32:df:5e:9f:b1:e0:10:3b:c0:72:3f:28:1f:71:
fb:10:63:40:e6:50:31:c4:ca:63:d7:2f:72:cf:fe:
c9:0f:39:50:2b:91:69:34:a1:0e:3b:d9:75:50:b6:
18:72:25:c2:98:34:03:4b:03:34:90:f0:45:98:1e:
4a:8e:72:d6:c5:26:71:97:48:c5:98:38:d2:ab:b8:
0d:e2:c3:44:57:7e:5b:fc:c0:4c:00:d6:15:f5:ca:
3f:47:2f:14:84:b7:6d:29:e4:78:d2:7c:22:ad:c1:
33:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AE:FF:29:91:22:0C:51:20:05:E7:25:8F:3C:CC:4A:77:69:84:4A
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/ra7_KZEiDFEgBecljzzMSndphEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
9.232.0.0/20
9.233.112.0/21
9.249.96.0/22
9.249.108.0/22
Signature Algorithm: sha256WithRSAEncryption
74:89:5f:2c:3f:a7:d3:8d:45:22:c8:68:39:d2:c0:a0:5a:fb:
f4:ff:36:80:05:86:65:7b:99:d1:26:9b:ab:0b:85:4d:ff:7a:
ad:40:91:f9:71:68:e9:89:e5:8d:6c:63:61:36:f5:ee:1b:47:
36:f3:f6:c9:1e:f2:44:3a:72:97:5c:2a:e1:f9:80:3a:3c:2e:
1e:58:3b:d7:c8:23:82:68:95:65:79:98:52:5a:c8:11:5a:1f:
19:f1:0c:66:76:03:64:9a:20:f6:64:d5:91:c0:ef:6c:43:e2:
c0:d9:86:d0:39:9c:64:70:ce:3e:89:34:4e:14:e2:16:7b:5f:
c0:9a:0b:8c:95:36:d2:7f:71:39:c6:61:44:ef:b2:54:66:a0:
44:ad:af:06:26:47:27:3b:34:cd:59:08:ba:fb:58:00:5e:ed:
f3:7a:e7:4a:4d:8a:b8:ec:a1:85:ff:a3:9a:bd:20:21:6c:68:
ed:b9:2f:b7:bb:bd:9b:57:60:18:bc:c3:8e:18:75:1b:95:63:
e3:57:9a:f1:f1:7c:93:4d:ce:f5:1b:60:5b:5c:cd:ac:a1:09:
e7:52:e8:2b:58:a1:ac:ea:62:00:45:9a:4c:3a:a9:60:a6:e6:
9c:61:39:61:30:56:3e:bc:58:f3:d6:e3:9f:73:7f:0b:b7:e6:
58:00:7f:24
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5RsaOhRrUem4f1ad76+RcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjYwNTIyMjE1NzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFlZmYyOTkxMjIwYzUxMjAwNWU3MjU4ZjNjY2M0YTc3Njk4NDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjOhpxQzepFr9OKci3Ie7xA38hkK
g/2Eq/sAHuIuJQVp6bLV1vgKPHIl0hvp4ND11dr0ZF6HMMfkvxR0IMIQnt3fYpt2
ydzvq44lNXLIxEpzGx6aECny/3o0jwJPkn7sDg4LV9MtBDthWRqZfFYP+NAPQjNr
WwoFb+E2SWVjFjBvD6Gmva3aU+4k17LyTzzZwxYAoWZqMt9en7HgEDvAcj8oH3H7
EGNA5lAxxMpj1y9yz/7JDzlQK5FpNKEOO9l1ULYYciXCmDQDSwM0kPBFmB5KjnLW
xSZxl0jFmDjSq7gN4sNEV35b/MBMANYV9co/Ry8UhLdtKeR40nwircEzHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK2u/ymRIgxRIAXnJY88zEp3aYRKMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvcmE3X0taRWlERkVnQmVjbGp6ek1TbmRwaEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQECegAAwQD
CelwAwQCCflgAwQCCflsMA0GCSqGSIb3DQEBCwUAA4IBAQB0iV8sP6fTjUUiyGg5
0sCgWvv0/zaABYZle5nRJpurC4VN/3qtQJH5cWjpieWNbGNhNvXuG0c28/bJHvJE
OnKXXCrh+YA6PC4eWDvXyCOCaJVleZhSWsgRWh8Z8QxmdgNkmiD2ZNWRwO9sQ+LA
2YbQOZxkcM4+iTROFOIWe1/AmguMlTbSf3E5xmFE77JUZqBEra8GJkcnOzTNWQi6
+1gAXu3zeudKTYq47KGF/6OavSAhbGjtuS+3u72bV2AYvMOOGHUblWPjV5rx8XyT
Tc71G2BbXM2soQnnUugrWKGs6mIARZpMOqlgpuacYTlhMFY+vFjz1uOfc38Lt+ZY
AH8k
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:14:34 2026 by rpki-client