Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/7dSZZTHJ1-e2dDdweLpiAslwQS0.roa
File: 7dSZZTHJ1-e2dDdweLpiAslwQS0.roa (raw, json)
Hash identifier: TsQjPnCqokf75A2IgOvFTsvPj11pJfIjU93Enfc2xSU=
Subject key identifier: ED:D4:99:65:31:C9:D7:E7:B6:74:37:70:78:BA:62:02:C9:70:41:2D
Certificate issuer: /CN=c5119e75200392f1a2f08be990732d8047b28b09
Certificate serial: 019E3F8EFF8701062E7D53548DB98C14A571
Authority key identifier: C5:11:9E:75:20:03:92:F1:A2:F0:8B:E9:90:73:2D:80:47:B2:8B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xRGedSADkvGi8IvpkHMtgEeyiwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/7dSZZTHJ1-e2dDdweLpiAslwQS0.roa
Signing time: Tue 19 May 2026 09:26:36 +0000
ROA not before: Tue 19 May 2026 09:26:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57388
IP address blocks: 130.0.24.0/21 maxlen: 21
130.0.24.0/22 maxlen: 24
130.0.24.0/24 maxlen: 24
130.0.25.0/24 maxlen: 24
130.0.26.0/24 maxlen: 24
130.0.27.0/24 maxlen: 24
130.0.28.0/22 maxlen: 24
130.0.28.0/24 maxlen: 24
130.0.30.0/24 maxlen: 24
130.0.31.0/24 maxlen: 24
185.85.152.0/22 maxlen: 24
2a02:dd00::/29 maxlen: 48
2a02:dd00:1a::/48 maxlen: 48
2a02:dd00:1b::/48 maxlen: 48
2a02:dd01:9ff0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/xRGedSADkvGi8IvpkHMtgEeyiwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/xRGedSADkvGi8IvpkHMtgEeyiwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xRGedSADkvGi8IvpkHMtgEeyiwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:8e:ff:87:01:06:2e:7d:53:54:8d:b9:8c:14:a5:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5119e75200392f1a2f08be990732d8047b28b09
Validity
Not Before: May 19 09:26:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=edd4996531c9d7e7b674377078ba6202c970412d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:78:4d:4c:ef:d0:e1:f8:09:4b:b1:43:68:ff:
ac:ee:09:d8:e9:50:3c:ae:1c:0a:be:e3:0c:8e:48:
c7:2e:fd:f9:f0:39:21:0f:8f:f5:6a:c0:8d:24:6b:
1e:59:bb:a8:99:11:ca:75:3f:1a:ad:02:68:6b:a7:
28:6a:9a:53:fd:f2:89:39:e0:87:61:af:ad:da:59:
30:e1:3b:d1:6f:b4:f6:ac:37:bf:f6:6e:ec:09:21:
32:0c:d6:d6:c6:27:a3:5a:9b:fa:79:68:bc:fc:68:
83:51:e9:e4:c6:f3:e6:c6:a4:d0:6f:d7:3a:56:e7:
3e:cc:ed:e2:8f:6f:31:8d:57:c4:56:71:d9:08:15:
d3:e3:0c:cd:c7:a6:3f:30:10:c4:2e:ec:30:c3:42:
e6:60:55:a0:af:ef:11:30:61:f2:39:1d:88:ae:44:
34:f4:76:9b:9b:90:fa:5c:82:0f:94:b8:8d:33:00:
81:9e:ac:ad:da:d9:2a:dc:ac:11:6b:ba:21:e9:e0:
e3:89:97:eb:1c:bf:ca:dc:6b:69:8e:45:c8:b8:6a:
05:80:72:eb:7e:18:6b:0c:2d:05:3f:28:5b:9e:57:
0f:52:89:7f:3a:0b:84:76:be:94:78:d2:92:db:84:
bd:ff:4e:c7:6e:9a:00:b1:be:9c:88:cc:e9:6d:1f:
61:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D4:99:65:31:C9:D7:E7:B6:74:37:70:78:BA:62:02:C9:70:41:2D
X509v3 Authority Key Identifier:
keyid:C5:11:9E:75:20:03:92:F1:A2:F0:8B:E9:90:73:2D:80:47:B2:8B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRGedSADkvGi8IvpkHMtgEeyiwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/7dSZZTHJ1-e2dDdweLpiAslwQS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/xRGedSADkvGi8IvpkHMtgEeyiwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.0.24.0/21
185.85.152.0/22
IPv6:
2a02:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
0c:c9:ca:e1:be:a5:c5:42:32:81:b6:9f:ab:de:da:69:70:a5:
3a:65:c1:6d:d4:a6:c6:b3:a7:35:d8:a2:dc:62:e6:09:3c:0d:
c0:46:0c:be:ec:c5:21:84:db:48:0d:99:64:0d:dd:5e:8f:87:
81:0d:0c:88:a4:dc:04:3b:9f:a0:91:f7:90:fb:02:5a:d8:c6:
6d:49:45:5c:b6:93:df:6f:f8:44:55:1d:32:04:4c:7f:41:0a:
58:6e:b4:24:0d:c2:0e:b2:c0:b2:ec:82:65:2d:d0:c9:33:35:
17:e2:3d:ef:18:14:dc:26:36:9f:43:b4:96:d7:71:3a:30:46:
08:1e:37:fb:d9:e4:05:1c:2b:00:bf:93:3c:7d:b8:d7:d9:fb:
e7:0d:1f:af:6f:8d:79:cd:69:60:65:af:24:40:be:7b:2d:ed:
c5:3d:84:d1:91:e2:a6:43:37:ba:ba:e6:b0:42:e7:14:68:3c:
97:23:dd:36:7d:1a:ea:72:90:c2:09:25:15:0a:4b:0a:e4:68:
c3:16:f3:53:04:8e:49:c7:21:dd:87:47:a1:2b:34:31:73:e3:
8a:10:8d:4a:3c:41:60:62:f2:a5:47:9c:10:f8:79:c9:bc:39:
35:fd:f3:da:d7:56:7e:0c:85:ba:08:71:72:ee:35:cc:3d:50:
76:48:c9:d2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ4/jv+HAQYufVNUjbmMFKVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTE5ZTc1MjAwMzkyZjFhMmYwOGJlOTkwNzMyZDgwNDdi
MjhiMDkwHhcNMjYwNTE5MDkyNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGQ0OTk2NTMxYzlkN2U3YjY3NDM3NzA3OGJhNjIwMmM5NzA0MTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nhNTO/Q4fgJS7FDaP+s7gnY6VA8
rhwKvuMMjkjHLv358DkhD4/1asCNJGseWbuomRHKdT8arQJoa6coappT/fKJOeCH
Ya+t2lkw4TvRb7T2rDe/9m7sCSEyDNbWxiejWpv6eWi8/GiDUenkxvPmxqTQb9c6
Vuc+zO3ij28xjVfEVnHZCBXT4wzNx6Y/MBDELuwww0LmYFWgr+8RMGHyOR2IrkQ0
9Habm5D6XIIPlLiNMwCBnqyt2tkq3KwRa7oh6eDjiZfrHL/K3GtpjkXIuGoFgHLr
fhhrDC0FPyhbnlcPUol/OguEdr6UeNKS24S9/07HbpoAsb6ciMzpbR9hvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO3UmWUxydfntnQ3cHi6YgLJcEEtMB8GA1UdIwQY
MBaAFMURnnUgA5LxovCL6ZBzLYBHsosJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJHZWRTQURrdkdpOEl2cGtITXRnRWV5aXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8zMjBiYWYtNTlkYy00NmEyLWFmN2Qt
ZDgxOWNlZDVkMzVhLzEvN2RTWlpUSEoxLWUyZERkd2VMcGlBc2x3UVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8zMjBiYWYtNTlkYy00NmEyLWFmN2QtZDgxOWNlZDVkMzVh
LzEveFJHZWRTQURrdkdpOEl2cGtITXRnRWV5aXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDggAYAwQC
uVWYMA0EAgACMAcDBQMqAt0AMA0GCSqGSIb3DQEBCwUAA4IBAQAMycrhvqXFQjKB
tp+r3tppcKU6ZcFt1KbGs6c12KLcYuYJPA3ARgy+7MUhhNtIDZlkDd1ej4eBDQyI
pNwEO5+gkfeQ+wJa2MZtSUVctpPfb/hEVR0yBEx/QQpYbrQkDcIOssCy7IJlLdDJ
MzUX4j3vGBTcJjafQ7SW13E6MEYIHjf72eQFHCsAv5M8fbjX2fvnDR+vb415zWlg
Za8kQL57Le3FPYTRkeKmQze6uuawQucUaDyXI902fRrqcpDCCSUVCksK5GjDFvNT
BI5JxyHdh0ehKzQxc+OKEI1KPEFgYvKlR5wQ+HnJvDk1/fPa11Z+DIW6CHFy7jXM
PVB2SMnS
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:49:44 2026 by rpki-client