Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/TWCjy8hYVvxSie77cpH2Pet8J70.roa
File: TWCjy8hYVvxSie77cpH2Pet8J70.roa (raw, json)
Hash identifier: UosiAuR+zQzxXxFaYN3sf+bjMmm4ozCxMZtIycUu35w=
Subject key identifier: 4D:60:A3:CB:C8:58:56:FC:52:89:EE:FB:72:91:F6:3D:EB:7C:27:BD
Certificate issuer: /CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Certificate serial: 019CF73A817D1AC8C02D85E44C87E928A89A
Authority key identifier: AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/TWCjy8hYVvxSie77cpH2Pet8J70.roa
Signing time: Mon 16 Mar 2026 15:18:52 +0000
ROA not before: Mon 16 Mar 2026 15:18:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21221
IP address blocks: 91.230.244.0/23 maxlen: 24
91.233.105.0/24 maxlen: 24
185.63.152.0/22 maxlen: 24
185.84.140.0/22 maxlen: 24
185.103.172.0/22 maxlen: 24
194.33.112.0/23 maxlen: 24
2a03:7e0::/32 maxlen: 48
2a05:a640::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 21:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f7:3a:81:7d:1a:c8:c0:2d:85:e4:4c:87:e9:28:a8:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Validity
Not Before: Mar 16 15:18:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4d60a3cbc85856fc5289eefb7291f63deb7c27bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:30:c9:38:af:f6:fe:8e:f6:de:e5:af:fc:08:
6d:30:c6:6d:b4:40:22:fe:f4:a8:9c:c1:f0:bf:3e:
10:b4:cc:76:d8:b6:dd:80:4d:4d:04:d0:b4:4e:8e:
8a:40:4c:34:90:95:69:44:27:b2:6c:09:99:b4:1d:
77:ae:b1:cb:06:b8:01:ab:aa:a3:8c:31:bf:7f:08:
69:a8:a2:30:d7:b8:ee:8f:a3:d3:3e:6b:c7:ca:e1:
4c:51:cd:90:ee:51:23:27:c4:42:f7:4f:6a:bd:74:
b7:56:ed:35:6c:cf:ce:0b:b7:ab:7b:fa:da:55:08:
4c:db:48:87:1d:5d:c9:6c:73:a0:2c:48:0c:c4:b2:
c1:b8:8a:d0:91:ae:7c:21:77:3d:9d:0d:50:f9:83:
91:7d:82:ad:bc:80:04:c3:10:a6:7a:69:3b:67:97:
58:1a:7b:5c:b4:38:3a:66:33:3f:ce:d4:ff:5b:28:
80:1a:b5:84:ba:ba:da:7b:2e:dc:c8:9d:db:07:83:
1a:ba:00:6a:d3:97:64:8d:e9:b0:9d:26:a7:d3:48:
ea:7b:52:cf:6d:d9:d5:dc:ec:d3:ae:90:f0:35:bf:
3c:2c:79:a1:2a:ea:05:28:80:44:7f:28:cb:64:f0:
a2:d7:ec:7e:06:9c:27:46:d8:69:b4:49:c2:20:2e:
b8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:60:A3:CB:C8:58:56:FC:52:89:EE:FB:72:91:F6:3D:EB:7C:27:BD
X509v3 Authority Key Identifier:
keyid:AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/TWCjy8hYVvxSie77cpH2Pet8J70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.244.0/23
91.233.105.0/24
185.63.152.0/22
185.84.140.0/22
185.103.172.0/22
194.33.112.0/23
IPv6:
2a03:7e0::/32
2a05:a640::/29
Signature Algorithm: sha256WithRSAEncryption
b3:76:54:0f:93:6b:a7:1e:95:75:34:6e:d1:fa:a4:e7:1d:59:
73:7f:50:03:ae:65:3a:30:b0:5f:20:6a:8c:f9:ca:f5:81:e4:
04:b5:ce:d1:ad:26:88:1c:94:2c:64:9a:67:09:74:2a:42:28:
f7:6b:8f:58:27:7c:98:dd:43:73:73:40:37:49:e1:3f:cf:6d:
21:18:a7:8c:0e:5b:45:6f:ab:e4:d1:8c:8b:57:23:73:5c:eb:
f1:d1:b1:36:fc:69:63:05:d9:60:96:d2:d4:db:c0:f3:f9:f2:
c7:19:8e:56:5f:e2:fc:83:8f:ac:9e:30:83:8f:e7:82:93:1b:
f1:cf:01:30:28:c2:7a:b7:5b:94:58:83:1d:a9:b0:ac:64:3c:
d3:46:b6:72:97:0c:b0:5d:74:5c:5d:a5:81:ff:d2:2f:c4:bc:
96:80:ba:a2:02:45:cf:ee:5e:2e:f6:b0:62:45:aa:68:46:47:
d1:e1:96:3a:ad:8f:24:9d:f2:7f:d7:1c:72:91:d1:a6:41:4c:
2b:f3:03:03:38:f3:45:47:35:6a:37:ce:c3:b2:15:d2:17:c8:
19:02:d1:0c:59:a5:79:f9:17:23:3d:87:4c:75:d6:d2:dc:15:
1b:ae:7a:b2:e8:f8:7a:f2:3b:4d:71:90:24:b4:12:76:a2:50:
12:3f:23:5b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZz3OoF9GsjALYXkTIfpKKiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMWQyYTU2MmM3ZGIyMTE1MWI0YTA5MjZiOGQ2ZmVlYWNl
Zjg4NTcwHhcNMjYwMzE2MTUxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDYwYTNjYmM4NTg1NmZjNTI4OWVlZmI3MjkxZjYzZGViN2MyN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDDJOK/2/o723uWv/AhtMMZttEAi
/vSonMHwvz4QtMx22LbdgE1NBNC0To6KQEw0kJVpRCeybAmZtB13rrHLBrgBq6qj
jDG/fwhpqKIw17juj6PTPmvHyuFMUc2Q7lEjJ8RC909qvXS3Vu01bM/OC7ere/ra
VQhM20iHHV3JbHOgLEgMxLLBuIrQka58IXc9nQ1Q+YORfYKtvIAEwxCmemk7Z5dY
GntctDg6ZjM/ztT/WyiAGrWEurraey7cyJ3bB4MaugBq05dkjemwnSan00jqe1LP
bdnV3OzTrpDwNb88LHmhKuoFKIBEfyjLZPCi1+x+BpwnRthptEnCIC64IQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFE1go8vIWFb8Uonu+3KR9j3rfCe9MB8GA1UdIwQY
MBaAFK0dKlYsfbIRUbSgkmuNb+6s74hXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDkt
MzI5MzZjM2E0YTlkLzEvVFdDank4aFlWdnhTaWU3N2NwSDJQZXQ4SjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDktMzI5MzZjM2E0YTlk
LzEvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQBW+b0AwQA
W+lpAwQCuT+YAwQCuVSMAwQCuWesAwQBwiFwMBQEAgACMA4DBQAqAwfgAwUDKgWm
QDANBgkqhkiG9w0BAQsFAAOCAQEAs3ZUD5Nrpx6VdTRu0fqk5x1Zc39QA65lOjCw
XyBqjPnK9YHkBLXO0a0miByULGSaZwl0KkIo92uPWCd8mN1Dc3NAN0nhP89tIRin
jA5bRW+r5NGMi1cjc1zr8dGxNvxpYwXZYJbS1NvA8/nyxxmOVl/i/IOPrJ4wg4/n
gpMb8c8BMCjCerdblFiDHamwrGQ800a2cpcMsF10XF2lgf/SL8S8loC6ogJFz+5e
LvawYkWqaEZH0eGWOq2PJJ3yf9cccpHRpkFMK/MDAzjzRUc1ajfOw7IV0hfIGQLR
DFmlefkXIz2HTHXW0twVG656suj4evI7TXGQJLQSdqJQEj8jWw==
-----END CERTIFICATE-----
Generated at Sun Mar 22 04:21:23 2026 by rpki-client