Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/A7H1tgL8F0JNM-wT3DtOlJr42CQ.roa
File: A7H1tgL8F0JNM-wT3DtOlJr42CQ.roa (raw, json)
Hash identifier: +lATpBJei82aRdaABJ/OsdQoCTQWkmUoS+oR2diqRMc=
Subject key identifier: 03:B1:F5:B6:02:FC:17:42:4D:33:EC:13:DC:3B:4E:94:9A:F8:D8:24
Certificate issuer: /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial: 019CB80B7F841F34A675CB3D1C80DC0C6D40
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/A7H1tgL8F0JNM-wT3DtOlJr42CQ.roa
Signing time: Wed 04 Mar 2026 08:51:27 +0000
ROA not before: Wed 04 Mar 2026 08:51:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210546
IP address blocks: 94.228.168.0/24 maxlen: 24
178.236.244.0/23 maxlen: 24
178.236.245.0/24 maxlen: 24
178.236.246.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 14:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b8:0b:7f:84:1f:34:a6:75:cb:3d:1c:80:dc:0c:6d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Validity
Not Before: Mar 4 08:51:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=03b1f5b602fc17424d33ec13dc3b4e949af8d824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b1:72:4c:67:7a:c5:ef:1b:a9:c2:a7:af:01:
e5:39:4c:06:93:24:be:2f:75:cf:f0:e5:fa:d2:bf:
97:79:f2:fd:eb:32:0d:e8:a6:f6:43:81:b1:da:01:
e8:4b:07:fa:d5:9f:40:c5:74:22:49:b7:0b:b0:9b:
f4:9a:5c:43:5e:37:5c:aa:77:a3:5a:25:d3:17:d9:
35:db:44:d2:94:c7:4d:35:4e:f4:1d:4d:97:38:f3:
6a:b8:54:56:0e:97:6d:1d:6e:1c:6c:60:65:d6:43:
b9:34:ca:5d:4e:e5:44:e2:06:fe:3a:d8:ad:b6:8f:
04:7e:ff:b4:07:53:52:5e:7a:d7:25:22:d3:fa:43:
6b:dc:03:98:f2:fb:70:8d:3b:4b:05:85:5d:f9:e0:
6e:39:82:8e:c6:69:8a:87:5e:bb:a4:bc:6e:7b:7b:
fc:01:ce:9d:61:68:bf:6c:10:14:60:dc:56:da:c7:
77:00:3a:d4:0a:65:c7:40:23:f3:d9:da:ac:f4:18:
92:34:26:bc:6a:41:3a:86:41:18:e0:2c:c2:0a:e4:
27:82:a9:ea:87:9d:23:0e:b7:6a:ba:67:8c:ee:fe:
67:17:3b:14:fd:05:da:01:b8:f3:14:b3:02:ad:8d:
af:90:34:25:26:8a:e2:c8:4d:31:03:05:68:db:87:
20:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B1:F5:B6:02:FC:17:42:4D:33:EC:13:DC:3B:4E:94:9A:F8:D8:24
X509v3 Authority Key Identifier:
keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/A7H1tgL8F0JNM-wT3DtOlJr42CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.168.0/24
178.236.244.0/22
Signature Algorithm: sha256WithRSAEncryption
07:5b:09:53:3c:5a:71:40:09:16:2f:a9:87:fa:63:f9:c9:ff:
be:22:fc:ae:33:aa:d9:1b:38:aa:5c:7a:c2:5c:03:a6:96:2f:
57:8a:4f:bc:ff:5b:b0:39:33:a2:57:e7:e0:71:08:18:a9:89:
f1:8f:ec:67:0e:f7:aa:fc:46:db:5f:90:e6:b8:ce:0b:fc:1d:
4b:c3:7b:e8:eb:c0:da:98:ab:cf:1d:ec:e9:d0:2f:62:0a:63:
3c:66:eb:90:a4:3e:49:19:77:02:5a:f6:c6:3d:1f:e1:4c:c1:
0d:1c:cf:d7:64:e0:50:d4:1a:a1:bd:f9:0e:e7:f1:3d:3d:24:
65:ce:57:fa:dc:cc:fd:02:c5:75:0f:f8:2a:6b:21:ab:6d:81:
d2:ba:10:7d:e7:ee:00:75:eb:5f:d8:87:90:69:86:b0:5f:95:
04:b7:a3:14:94:10:1f:f6:a3:f5:80:e4:46:90:9d:53:f1:8b:
da:7b:16:8f:eb:7b:af:08:2f:7a:e5:ea:98:fc:94:91:d4:46:
27:b0:e9:b7:fc:99:2f:3e:37:77:2f:ff:61:2a:7d:f9:9d:c3:
86:f0:c2:fe:00:34:95:e6:3a:0b:de:03:36:0a:50:89:aa:5f:
8f:9d:2b:8d:1e:04:ab:65:32:60:07:2e:e9:2d:72:f0:a8:ae:
f9:67:b4:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZy4C3+EHzSmdcs9HIDcDG1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjYwMzA0MDg1MTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2IxZjViNjAyZmMxNzQyNGQzM2VjMTNkYzNiNGU5NDlhZjhkODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37FyTGd6xe8bqcKnrwHlOUwGkyS+
L3XP8OX60r+XefL96zIN6Kb2Q4Gx2gHoSwf61Z9AxXQiSbcLsJv0mlxDXjdcqnej
WiXTF9k120TSlMdNNU70HU2XOPNquFRWDpdtHW4cbGBl1kO5NMpdTuVE4gb+Otit
to8Efv+0B1NSXnrXJSLT+kNr3AOY8vtwjTtLBYVd+eBuOYKOxmmKh167pLxue3v8
Ac6dYWi/bBAUYNxW2sd3ADrUCmXHQCPz2dqs9BiSNCa8akE6hkEY4CzCCuQngqnq
h50jDrdqumeM7v5nFzsU/QXaAbjzFLMCrY2vkDQlJoriyE0xAwVo24cgIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAOx9bYC/BdCTTPsE9w7TpSa+NgkMB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvQTdIMXRnTDhGMEpOTS13VDNEdE9sSnI0MkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXuSoAwQC
suz0MA0GCSqGSIb3DQEBCwUAA4IBAQAHWwlTPFpxQAkWL6mH+mP5yf++IvyuM6rZ
GziqXHrCXAOmli9Xik+8/1uwOTOiV+fgcQgYqYnxj+xnDveq/EbbX5DmuM4L/B1L
w3vo68DamKvPHezp0C9iCmM8ZuuQpD5JGXcCWvbGPR/hTMENHM/XZOBQ1BqhvfkO
5/E9PSRlzlf63Mz9AsV1D/gqayGrbYHSuhB95+4Adetf2IeQaYawX5UEt6MUlBAf
9qP1gORGkJ1T8YvaexaP63uvCC965eqY/JSR1EYnsOm3/JkvPjd3L/9hKn35ncOG
8ML+ADSV5joL3gM2ClCJql+PnSuNHgSrZTJgBy7pLXLwqK75Z7SM
-----END CERTIFICATE-----
Generated at Thu Mar 12 21:51:01 2026 by rpki-client