Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/r5WbEYryreML_gv4nbiLlHvTaeA.roa
File: r5WbEYryreML_gv4nbiLlHvTaeA.roa (raw, json)
Hash identifier: uF2RIp4vxohK6Rz9mwYK0ndrhtKPrP+zSBBfTaChG2o=
Subject key identifier: AF:95:9B:11:8A:F2:AD:E3:0B:FE:0B:F8:9D:B8:8B:94:7B:D3:69:E0
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 019E928573EA022AF79429ACB8E1782EDF08
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/r5WbEYryreML_gv4nbiLlHvTaeA.roa
Signing time: Thu 04 Jun 2026 12:04:39 +0000
ROA not before: Thu 04 Jun 2026 12:04:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210532
IP address blocks: 93.125.70.0/24 maxlen: 24
213.184.247.0/24 maxlen: 24
217.21.50.0/24 maxlen: 24
2a04:2e80:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:92:85:73:ea:02:2a:f7:94:29:ac:b8:e1:78:2e:df:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Jun 4 12:04:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=af959b118af2ade30bfe0bf89db88b947bd369e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:93:94:6a:4c:2f:54:0b:c1:26:2b:31:31:ef:
8f:2a:e5:f1:87:c0:ea:40:92:57:0a:87:17:77:87:
52:e4:2b:56:0f:07:4e:c6:5e:69:da:6f:78:62:7d:
12:f0:4f:4f:a3:d3:8f:6f:af:7d:43:8e:1e:68:b3:
5c:4e:16:91:7e:3a:d9:22:b4:0d:28:00:8f:f9:a7:
86:89:0f:8b:96:c9:28:7e:7e:55:1f:4b:00:2c:ca:
8b:8a:df:84:29:e9:4a:04:07:65:6a:63:96:1f:75:
2e:9c:70:3d:f7:fe:bf:ff:0e:6c:e8:39:84:63:ff:
06:65:a2:d0:1f:83:7e:63:c9:f3:c7:28:7e:b0:5a:
80:3e:2b:c0:a0:cc:12:8c:17:b1:4c:a6:7f:53:14:
07:7f:ef:f3:1f:7e:74:f8:f7:66:d4:7d:7c:69:47:
d0:9f:b6:04:fc:08:22:41:a4:af:d4:ee:29:9b:89:
31:9a:14:ae:52:92:9e:3e:0c:fc:fa:5c:73:26:82:
c9:76:c7:31:ae:ad:f2:51:f9:ca:87:d8:ac:80:06:
d5:1a:ac:a1:ad:f2:fe:a5:f2:70:cc:c0:13:f7:8b:
58:45:28:f3:87:d1:e5:b2:27:cf:32:99:48:f8:40:
fd:98:9f:63:4a:e1:64:d8:4c:9f:1b:32:6a:ad:e5:
bf:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:95:9B:11:8A:F2:AD:E3:0B:FE:0B:F8:9D:B8:8B:94:7B:D3:69:E0
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/r5WbEYryreML_gv4nbiLlHvTaeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.125.70.0/24
213.184.247.0/24
217.21.50.0/24
IPv6:
2a04:2e80:8::/48
Signature Algorithm: sha256WithRSAEncryption
6a:d7:31:b1:dd:e8:bd:27:22:81:5e:62:0e:74:73:7c:11:af:
a7:54:06:96:22:2d:09:9e:47:98:24:8e:99:5d:ff:af:01:d0:
17:d9:5f:89:6d:a2:51:24:87:f5:ad:11:8f:31:a9:ad:c7:c2:
18:95:e4:91:0c:4c:59:92:d4:04:87:72:4d:d4:db:14:29:9e:
20:75:63:b3:74:3b:d1:0c:a7:f1:01:b9:c4:0b:3a:e8:f7:1f:
27:c2:c3:fb:8f:0e:7d:0a:0b:91:a5:06:34:98:42:c9:66:67:
e0:79:06:63:45:dd:56:10:f0:18:ce:0c:8e:86:fa:de:c5:74:
0f:fc:00:0d:56:27:04:5f:59:50:15:06:0b:cb:bc:21:92:a0:
c5:71:57:e5:bb:dd:05:af:66:15:77:c0:11:42:a5:0e:f1:2a:
d8:00:53:6f:a9:11:49:f9:9d:a0:0e:90:39:e1:37:e4:14:99:
e2:86:52:18:af:ad:4f:89:f8:b7:4f:2f:a9:ab:8f:19:e8:7f:
a0:dd:07:19:ce:db:66:d5:82:c1:3e:e3:29:65:ba:55:fc:1d:
c7:ee:90:be:30:28:62:59:53:70:99:33:31:09:8a:39:fe:4e:
bc:cd:7e:2c:71:41:a3:92:e2:22:94:eb:c2:45:90:f2:1e:0d:
e8:71:48:f5
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ6ShXPqAir3lCmsuOF4Lt8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjYwNjA0MTIwNDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjk1OWIxMThhZjJhZGUzMGJmZTBiZjg5ZGI4OGI5NDdiZDM2OWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5OUakwvVAvBJisxMe+PKuXxh8Dq
QJJXCocXd4dS5CtWDwdOxl5p2m94Yn0S8E9Po9OPb699Q44eaLNcThaRfjrZIrQN
KACP+aeGiQ+Llskofn5VH0sALMqLit+EKelKBAdlamOWH3UunHA99/6//w5s6DmE
Y/8GZaLQH4N+Y8nzxyh+sFqAPivAoMwSjBexTKZ/UxQHf+/zH350+Pdm1H18aUfQ
n7YE/AgiQaSv1O4pm4kxmhSuUpKePgz8+lxzJoLJdscxrq3yUfnKh9isgAbVGqyh
rfL+pfJwzMAT94tYRSjzh9HlsifPMplI+ED9mJ9jSuFk2EyfGzJqreW/vQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFK+VmxGK8q3jC/4L+J24i5R702ngMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvcjVXYkVZcnlyZU1MX2d2NG5iaUxsSHZUYWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAXX1GAwQA
1bj3AwQA2RUyMA8EAgACMAkDBwAqBC6AAAgwDQYJKoZIhvcNAQELBQADggEBAGrX
MbHd6L0nIoFeYg50c3wRr6dUBpYiLQmeR5gkjpld/68B0BfZX4ltolEkh/WtEY8x
qa3HwhiV5JEMTFmS1ASHck3U2xQpniB1Y7N0O9EMp/EBucQLOuj3HyfCw/uPDn0K
C5GlBjSYQslmZ+B5BmNF3VYQ8BjODI6G+t7FdA/8AA1WJwRfWVAVBgvLvCGSoMVx
V+W73QWvZhV3wBFCpQ7xKtgAU2+pEUn5naAOkDnhN+QUmeKGUhivrU+J+LdPL6mr
jxnof6DdBxnO22bVgsE+4yllulX8HcfukL4wKGJZU3CZMzEJijn+TrzNfixxQaOS
4iKU68JFkPIeDehxSPU=
-----END CERTIFICATE-----
Generated at Thu Jun 4 15:07:26 2026 by rpki-client