Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/7J7CpuHDJ76xvl_NCA0HUnOCU6o.roa
File: 7J7CpuHDJ76xvl_NCA0HUnOCU6o.roa (raw, json)
Hash identifier: /1D8z/DnFXinEXWi/AyE4l+2zJU5ScnntznioSwwJVg=
Subject key identifier: EC:9E:C2:A6:E1:C3:27:BE:B1:BE:5F:CD:08:0D:07:52:73:82:53:AA
Certificate issuer: /CN=725c0c7111e2f57fcaf8113a42e556e882dd5c4b
Certificate serial: 019CDD0A61143A794630034A8BDC84608FA1
Authority key identifier: 72:5C:0C:71:11:E2:F5:7F:CA:F8:11:3A:42:E5:56:E8:82:DD:5C:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/clwMcRHi9X_K-BE6QuVW6ILdXEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/7J7CpuHDJ76xvl_NCA0HUnOCU6o.roa
Signing time: Wed 11 Mar 2026 13:16:10 +0000
ROA not before: Wed 11 Mar 2026 13:16:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197075
IP address blocks: 151.248.14.0/24 maxlen: 24
151.248.15.0/24 maxlen: 24
185.219.85.0/24 maxlen: 24
185.219.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/clwMcRHi9X_K-BE6QuVW6ILdXEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/clwMcRHi9X_K-BE6QuVW6ILdXEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/clwMcRHi9X_K-BE6QuVW6ILdXEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dd:0a:61:14:3a:79:46:30:03:4a:8b:dc:84:60:8f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=725c0c7111e2f57fcaf8113a42e556e882dd5c4b
Validity
Not Before: Mar 11 13:16:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ec9ec2a6e1c327beb1be5fcd080d0752738253aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:13:77:21:cd:06:00:1c:9d:38:75:80:e3:1f:
91:4e:a1:ea:78:ab:77:9c:7e:e0:c8:60:6b:ae:85:
38:da:bb:e8:2d:38:8c:f5:c7:30:60:8c:04:1f:8d:
55:18:46:1f:2e:c2:65:45:bc:cf:73:93:07:6d:47:
ec:4e:62:aa:84:e1:50:4f:54:41:df:d6:6a:96:89:
2b:ae:94:28:5d:da:a7:bc:cf:9f:42:a6:1f:d3:6f:
45:79:7a:d3:c2:41:da:b7:10:dd:20:50:b7:7e:d2:
55:cd:8b:c9:ec:f9:d1:6a:01:66:21:af:ae:d1:20:
f5:5b:ab:49:61:6e:d8:38:c8:49:a4:29:2b:7a:06:
46:c6:83:74:55:15:8f:8a:c0:e8:18:f8:72:a9:50:
5c:0b:fb:72:0f:9b:07:93:fd:93:84:3c:8f:c0:78:
cf:32:aa:06:8e:32:bc:85:11:b7:09:cb:aa:31:3a:
99:fc:a5:60:39:96:15:de:09:25:a7:00:74:7e:22:
3f:27:1c:9d:55:a6:a0:f9:08:b5:5e:d2:d3:4d:a4:
d9:96:9f:0c:e8:94:08:1a:3e:33:1d:8e:00:0b:79:
ce:20:7f:8b:bc:88:17:af:2e:8e:e8:ab:d7:69:e4:
59:5f:34:ff:e3:bf:ca:bf:12:8a:f7:36:c4:53:dc:
19:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:9E:C2:A6:E1:C3:27:BE:B1:BE:5F:CD:08:0D:07:52:73:82:53:AA
X509v3 Authority Key Identifier:
keyid:72:5C:0C:71:11:E2:F5:7F:CA:F8:11:3A:42:E5:56:E8:82:DD:5C:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clwMcRHi9X_K-BE6QuVW6ILdXEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/7J7CpuHDJ76xvl_NCA0HUnOCU6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/clwMcRHi9X_K-BE6QuVW6ILdXEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.14.0/23
185.219.85.0/24
185.219.87.0/24
Signature Algorithm: sha256WithRSAEncryption
20:04:6b:ae:2a:05:90:ce:e5:bb:f1:c8:75:c8:f2:fc:d1:f0:
37:63:52:bd:32:84:22:06:f8:d5:0a:73:29:58:2b:52:b6:90:
f7:5e:e2:eb:1c:0f:b5:3f:b1:51:cd:71:ec:00:82:11:a8:c9:
29:b7:63:64:88:f1:91:2f:ff:85:6d:4b:f8:35:00:6e:4e:fa:
4c:1d:52:74:f7:ab:33:21:88:97:cc:ec:75:fb:84:76:ba:35:
63:38:44:22:06:bd:99:1f:a9:2f:04:79:6f:d9:50:7f:a3:b3:
89:95:d9:0f:a8:80:ae:ce:ba:46:01:d1:0c:a5:8d:35:57:c7:
71:20:4b:58:41:30:ce:29:e0:83:82:cb:cb:5d:b3:71:2f:b0:
c4:62:38:e2:33:fc:c9:75:76:0f:8c:25:53:83:5a:4b:a5:b4:
69:2d:a6:ac:29:ec:00:f2:df:9e:5d:00:5d:6c:ce:ee:0b:e4:
4a:b3:f9:c8:83:cc:5b:72:6c:5f:65:5d:7b:d7:59:9d:a2:c5:
c0:fd:e7:5d:b4:6f:96:42:6e:58:84:ed:b4:83:ee:03:53:4d:
bc:af:e3:35:ec:31:97:53:47:85:5c:cf:8b:f1:11:80:bd:a6:
f0:1a:54:88:be:46:e1:d1:f3:b1:b4:12:16:ca:43:f7:46:06:
d8:99:81:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZzdCmEUOnlGMANKi9yEYI+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWMwYzcxMTFlMmY1N2ZjYWY4MTEzYTQyZTU1NmU4ODJk
ZDVjNGIwHhcNMjYwMzExMTMxNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzllYzJhNmUxYzMyN2JlYjFiZTVmY2QwODBkMDc1MjczODI1M2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRN3Ic0GABydOHWA4x+RTqHqeKt3
nH7gyGBrroU42rvoLTiM9ccwYIwEH41VGEYfLsJlRbzPc5MHbUfsTmKqhOFQT1RB
39ZqlokrrpQoXdqnvM+fQqYf029FeXrTwkHatxDdIFC3ftJVzYvJ7PnRagFmIa+u
0SD1W6tJYW7YOMhJpCkregZGxoN0VRWPisDoGPhyqVBcC/tyD5sHk/2ThDyPwHjP
MqoGjjK8hRG3CcuqMTqZ/KVgOZYV3gklpwB0fiI/JxydVaag+Qi1XtLTTaTZlp8M
6JQIGj4zHY4AC3nOIH+LvIgXry6O6KvXaeRZXzT/47/KvxKK9zbEU9wZBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOyewqbhwye+sb5fzQgNB1JzglOqMB8GA1UdIwQY
MBaAFHJcDHER4vV/yvgROkLlVuiC3VxLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2x3TWNSSGk5WF9LLUJFNlF1Vlc2SUxkWEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYzliNTQtMTMwYS00OTlhLWJmOWYt
NzYxMGFhYmFhMjc0LzEvN0o3Q3B1SERKNzZ4dmxfTkNBMEhVbk9DVTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYzliNTQtMTMwYS00OTlhLWJmOWYtNzYxMGFhYmFhMjc0
LzEvY2x3TWNSSGk5WF9LLUJFNlF1Vlc2SUxkWEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBl/gOAwQA
udtVAwQAudtXMA0GCSqGSIb3DQEBCwUAA4IBAQAgBGuuKgWQzuW78ch1yPL80fA3
Y1K9MoQiBvjVCnMpWCtStpD3XuLrHA+1P7FRzXHsAIIRqMkpt2NkiPGRL/+FbUv4
NQBuTvpMHVJ096szIYiXzOx1+4R2ujVjOEQiBr2ZH6kvBHlv2VB/o7OJldkPqICu
zrpGAdEMpY01V8dxIEtYQTDOKeCDgsvLXbNxL7DEYjjiM/zJdXYPjCVTg1pLpbRp
LaasKewA8t+eXQBdbM7uC+RKs/nIg8xbcmxfZV1711mdosXA/eddtG+WQm5YhO20
g+4DU028r+M17DGXU0eFXM+L8RGAvabwGlSIvkbh0fOxtBIWykP3RgbYmYFC
-----END CERTIFICATE-----
Generated at Fri Mar 13 15:59:12 2026 by rpki-client