Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/bpIKgITXt_HFrDdjSY6zVBEyY60.roa
File: bpIKgITXt_HFrDdjSY6zVBEyY60.roa (raw, json)
Hash identifier: z9Dsq9yHRBg8XyOrnoFuERPkgdCNGzKIiWV6gx0UBWA=
Subject key identifier: 6E:92:0A:80:84:D7:B7:F1:C5:AC:37:63:49:8E:B3:54:11:32:63:AD
Certificate issuer: /CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Certificate serial: 019CE1ADD192A708B06BAA7623CDF614E3AA
Authority key identifier: 10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/bpIKgITXt_HFrDdjSY6zVBEyY60.roa
Signing time: Thu 12 Mar 2026 10:53:10 +0000
ROA not before: Thu 12 Mar 2026 10:53:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2110
IP address blocks: 78.16.0.0/16 maxlen: 16
78.18.0.0/15 maxlen: 15
185.146.180.0/22 maxlen: 22
185.146.180.0/24 maxlen: 24
192.111.39.0/24 maxlen: 24
193.95.128.0/18 maxlen: 24
193.120.0.0/16 maxlen: 16
193.120.52.0/24 maxlen: 24
193.120.216.0/24 maxlen: 24
193.203.128.0/19 maxlen: 19
194.46.192.0/18 maxlen: 18
194.125.0.0/17 maxlen: 17
194.145.128.0/21 maxlen: 21
194.165.160.0/19 maxlen: 19
212.2.160.0/19 maxlen: 19
213.202.128.0/18 maxlen: 18
2001:7c8::/29 maxlen: 29
2001:7c8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 04:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e1:ad:d1:92:a7:08:b0:6b:aa:76:23:cd:f6:14:e3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Validity
Not Before: Mar 12 10:53:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e920a8084d7b7f1c5ac3763498eb354113263ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:97:51:0b:05:de:3a:9e:b9:fa:f9:e7:c8:df:
57:f1:88:34:e0:b3:2e:1d:3f:92:e4:db:f3:91:bc:
ba:f4:49:a8:b5:67:d4:dd:08:00:d9:02:fa:de:16:
ff:69:5b:d2:92:d5:2a:ca:82:93:18:cd:dd:73:b3:
7e:f3:c7:d8:23:68:7c:60:f2:33:a5:64:62:83:a1:
1c:a4:7a:63:7f:f2:30:a7:0c:26:12:dd:f1:ca:92:
51:a8:1d:21:0d:61:b5:09:f1:25:fc:84:57:d5:34:
ff:0e:65:96:05:2a:cb:25:93:19:46:38:00:aa:71:
fa:09:24:85:fd:a5:1a:9b:32:46:e0:36:dc:7b:ab:
8d:2d:4d:e4:3a:86:21:77:68:03:88:6c:1c:4c:27:
ae:65:af:b3:ca:56:48:83:7c:d4:62:56:0f:87:b4:
60:45:80:6c:50:c4:05:96:a7:2e:83:55:81:ad:ae:
02:58:e7:e6:23:19:99:1e:0e:04:2f:9f:e1:46:de:
d7:f7:c4:5d:0d:e1:fc:24:1f:e2:1e:c0:00:9c:dd:
79:1e:03:42:14:b8:13:e2:02:19:67:a4:d9:a1:5c:
52:d7:75:02:e8:26:e1:ba:32:88:68:86:06:de:f6:
1e:fb:3f:95:4c:05:9f:3b:e7:54:00:ca:1b:ba:7f:
32:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:92:0A:80:84:D7:B7:F1:C5:AC:37:63:49:8E:B3:54:11:32:63:AD
X509v3 Authority Key Identifier:
keyid:10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/bpIKgITXt_HFrDdjSY6zVBEyY60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.16.0.0/16
78.18.0.0/15
185.146.180.0/22
192.111.39.0/24
193.95.128.0/18
193.120.0.0/16
193.203.128.0/19
194.46.192.0/18
194.125.0.0/17
194.145.128.0/21
194.165.160.0/19
212.2.160.0/19
213.202.128.0/18
IPv6:
2001:7c8::/29
Signature Algorithm: sha256WithRSAEncryption
50:b3:45:7d:2b:94:28:16:48:4f:20:58:1b:0a:d7:a5:37:e2:
a4:fc:66:50:ee:6b:da:25:e0:54:64:64:06:82:62:ba:f6:50:
60:01:86:17:16:54:61:92:42:b0:10:98:12:ef:9f:b5:88:ec:
38:52:14:72:55:da:cb:75:3b:c3:38:71:45:ed:e0:41:ff:29:
32:72:23:53:4f:16:83:ae:30:fc:b0:c9:06:49:b2:21:ee:9b:
7f:69:36:64:33:51:b8:16:a1:85:73:89:40:ea:cc:77:3f:90:
e1:11:10:33:73:48:29:75:73:58:80:8f:c9:c3:39:58:9c:fa:
53:a0:de:c5:67:e4:da:ab:0c:84:6d:d1:b0:ce:16:46:51:86:
39:bb:42:de:67:88:97:97:e3:1d:d7:85:b0:7b:fd:91:90:3c:
87:d6:34:73:23:ce:8b:c0:3d:9f:34:28:69:a2:8c:2d:7d:84:
6b:a6:5c:55:8e:67:cf:63:ad:0c:47:ee:16:c2:b9:86:e2:15:
99:8f:f5:1f:7e:be:fe:6c:a6:15:79:b1:eb:68:cf:55:06:22:
ba:50:2a:5f:1a:00:ef:8f:b7:b3:0e:6c:5b:4a:fe:b6:d3:ce:
a2:61:61:86:74:55:bd:f6:03:47:cd:eb:4d:4b:a0:31:7c:02:
17:9d:f9:82
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZzhrdGSpwiwa6p2I832FOOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTQzYTUxOTdlYjI1NDQ0NDdlOWQzNmIzZWJmMTQ0NTJj
Nzc3ZWIwHhcNMjYwMzEyMTA1MzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTkyMGE4MDg0ZDdiN2YxYzVhYzM3NjM0OThlYjM1NDExMzI2M2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5dRCwXeOp65+vnnyN9X8Yg04LMu
HT+S5Nvzkby69EmotWfU3QgA2QL63hb/aVvSktUqyoKTGM3dc7N+88fYI2h8YPIz
pWRig6EcpHpjf/IwpwwmEt3xypJRqB0hDWG1CfEl/IRX1TT/DmWWBSrLJZMZRjgA
qnH6CSSF/aUamzJG4Dbce6uNLU3kOoYhd2gDiGwcTCeuZa+zylZIg3zUYlYPh7Rg
RYBsUMQFlqcug1WBra4CWOfmIxmZHg4EL5/hRt7X98RdDeH8JB/iHsAAnN15HgNC
FLgT4gIZZ6TZoVxS13UC6CbhujKIaIYG3vYe+z+VTAWfO+dUAMobun8yuwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFG6SCoCE17fxxaw3Y0mOs1QRMmOtMB8GA1UdIwQY
MBaAFBBUOlGX6yVERH6dNrPr8URSx3frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmIt
ZjdlMGM1ZTI3MDJlLzEvYnBJS2dJVFh0X0hGckRkalNZNnpWQkV5WTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmItZjdlMGM1ZTI3MDJl
LzEvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBRBAIAATBLAwMAThADAwFO
EgMEArmStAMEAMBvJwMEBsFfgAMDAMF4AwQFwcuAAwQGwi7AAwQHwn0AAwQDwpGA
AwQFwqWgAwQF1AKgAwQG1cqAMA0EAgACMAcDBQMgAQfIMA0GCSqGSIb3DQEBCwUA
A4IBAQBQs0V9K5QoFkhPIFgbCtelN+Kk/GZQ7mvaJeBUZGQGgmK69lBgAYYXFlRh
kkKwEJgS75+1iOw4UhRyVdrLdTvDOHFF7eBB/ykyciNTTxaDrjD8sMkGSbIh7pt/
aTZkM1G4FqGFc4lA6sx3P5DhERAzc0gpdXNYgI/JwzlYnPpToN7FZ+TaqwyEbdGw
zhZGUYY5u0LeZ4iXl+Md14Wwe/2RkDyH1jRzI86LwD2fNChpoowtfYRrplxVjmfP
Y60MR+4WwrmG4hWZj/Uffr7+bKYVebHraM9VBiK6UCpfGgDvj7ezDmxbSv62086i
YWGGdFW99gNHzetNS6AxfAIXnfmC
-----END CERTIFICATE-----
Generated at Fri Mar 13 13:16:58 2026 by rpki-client