Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/7W807dY4-mv3gzptv60D8SLR1Gk.roa
File: 7W807dY4-mv3gzptv60D8SLR1Gk.roa (raw, json)
Hash identifier: bimoQnSrS+qx1MWXDStnKPHwkfi8DVrLIe0sQhgTFlE=
Subject key identifier: ED:6F:34:ED:D6:38:FA:6B:F7:83:3A:6D:BF:AD:03:F1:22:D1:D4:69
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 019CB2D3BDD76DD4E72BF3AE6315F7FAC9C8
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/7W807dY4-mv3gzptv60D8SLR1Gk.roa
Signing time: Tue 03 Mar 2026 08:32:26 +0000
ROA not before: Tue 03 Mar 2026 08:32:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 84.55.8.0/22 maxlen: 24
88.223.44.0/24 maxlen: 24
88.223.46.0/24 maxlen: 24
88.223.168.0/24 maxlen: 24
88.223.169.0/24 maxlen: 24
95.173.48.0/24 maxlen: 24
95.173.49.0/24 maxlen: 24
95.173.50.0/24 maxlen: 24
95.173.51.0/24 maxlen: 24
95.173.57.0/24 maxlen: 24
95.173.58.0/24 maxlen: 24
95.173.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 02:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b2:d3:bd:d7:6d:d4:e7:2b:f3:ae:63:15:f7:fa:c9:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Mar 3 08:32:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ed6f34edd638fa6bf7833a6dbfad03f122d1d469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:14:a8:37:a2:e0:b0:2c:8e:6e:fd:80:10:7b:
09:38:d0:91:15:14:0a:1d:a7:3c:02:b9:9e:18:85:
63:52:27:e6:4b:94:9c:00:e7:88:41:10:5b:35:e1:
ab:49:72:b3:87:21:ae:29:4b:aa:4d:a9:ea:51:9f:
46:39:78:8e:14:ca:16:aa:7b:59:5d:69:52:ca:01:
4a:82:c1:9c:cb:29:05:11:64:df:00:e2:bc:84:5b:
d9:d0:02:25:cc:6d:f4:f3:4f:ce:6b:58:48:d5:ca:
30:2b:42:3f:8d:dd:bf:26:99:11:7d:dc:bc:d4:20:
e0:18:57:f0:64:b3:86:c6:15:ce:6e:44:16:b4:0d:
08:55:c8:ff:b2:a5:d5:16:3a:c6:cb:72:14:b2:23:
d9:a1:07:c2:0c:78:09:ba:49:4d:73:ef:9a:06:87:
9b:ef:53:de:c7:53:2d:7a:3d:85:d5:17:6e:f2:a1:
da:cd:9c:e1:ab:c6:9a:2c:bc:3f:7c:af:39:48:64:
03:20:b0:68:81:60:c3:9c:d0:d7:cd:6e:d2:29:19:
7f:8a:8a:d5:2e:66:e5:f6:09:e3:13:d2:35:86:01:
4c:2c:2b:b0:20:2f:50:13:d5:60:18:e7:14:c6:35:
e1:98:82:5b:35:28:87:cc:6b:d2:78:4c:a5:68:f1:
79:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6F:34:ED:D6:38:FA:6B:F7:83:3A:6D:BF:AD:03:F1:22:D1:D4:69
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/7W807dY4-mv3gzptv60D8SLR1Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.8.0/22
88.223.44.0/24
88.223.46.0/24
88.223.168.0/23
95.173.48.0/22
95.173.57.0-95.173.58.255
95.173.60.0/24
Signature Algorithm: sha256WithRSAEncryption
87:6a:d0:6c:bb:c8:5b:2f:29:29:6c:2b:4d:ae:d2:d2:76:ac:
cc:e3:70:0f:44:9a:a1:4d:1e:2a:63:f9:8e:bd:6a:d2:1e:e9:
ea:e2:4e:de:f7:78:49:39:e0:97:85:65:07:b3:03:4a:7c:fc:
ba:8d:43:09:c3:c4:05:3f:01:33:dc:b6:a5:13:b5:8a:6d:7e:
b7:6e:9c:ab:e6:44:6b:31:75:30:0c:6d:bc:6c:13:02:04:c7:
aa:d7:44:4b:58:3b:f2:8c:46:ba:82:36:b3:83:af:f3:6a:a4:
08:e6:b5:03:60:c0:51:74:da:b0:21:f9:50:d0:8c:6a:c3:3c:
34:90:ce:6c:e9:30:f2:1e:83:59:6f:c9:de:72:57:36:88:74:
7c:8a:04:b0:80:34:46:1b:6d:cf:1d:20:72:72:e7:bb:75:b0:
c3:ce:e6:50:01:af:81:f2:bd:53:0d:57:5d:0a:70:d1:97:73:
1f:51:7a:fd:5d:92:28:0f:d3:8a:f8:3e:76:4d:49:e2:a6:ec:
2a:32:68:d3:e5:69:0d:d7:9e:4d:7f:90:a8:8f:64:c2:12:84:
a5:94:fa:4e:53:a1:31:8d:3f:af:42:cb:d6:0b:c3:3b:4a:fa:
f2:e2:1f:4e:d6:9c:b0:25:9b:c1:3d:ed:a4:67:c2:5d:9c:8c:
50:b5:eb:a6
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZyy073XbdTnK/OuYxX3+snIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjYwMzAzMDgzMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDZmMzRlZGQ2MzhmYTZiZjc4MzNhNmRiZmFkMDNmMTIyZDFkNDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RSoN6LgsCyObv2AEHsJONCRFRQK
Hac8ArmeGIVjUifmS5ScAOeIQRBbNeGrSXKzhyGuKUuqTanqUZ9GOXiOFMoWqntZ
XWlSygFKgsGcyykFEWTfAOK8hFvZ0AIlzG3080/Oa1hI1cowK0I/jd2/JpkRfdy8
1CDgGFfwZLOGxhXObkQWtA0IVcj/sqXVFjrGy3IUsiPZoQfCDHgJuklNc++aBoeb
71Pex1Mtej2F1Rdu8qHazZzhq8aaLLw/fK85SGQDILBogWDDnNDXzW7SKRl/iorV
Lmbl9gnjE9I1hgFMLCuwIC9QE9VgGOcUxjXhmIJbNSiHzGvSeEylaPF50wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFO1vNO3WOPpr94M6bb+tA/Ei0dRpMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvN1c4MDdkWTQtbXYzZ3pwdHY2MEQ4U0xSMUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCVDcIAwQA
WN8sAwQAWN8uAwQBWN+oAwQCX60wMAwDBABfrTkDBABfrToDBABfrTwwDQYJKoZI
hvcNAQELBQADggEBAIdq0Gy7yFsvKSlsK02u0tJ2rMzjcA9EmqFNHipj+Y69atIe
6eriTt73eEk54JeFZQezA0p8/LqNQwnDxAU/ATPctqUTtYptfrdunKvmRGsxdTAM
bbxsEwIEx6rXREtYO/KMRrqCNrODr/NqpAjmtQNgwFF02rAh+VDQjGrDPDSQzmzp
MPIeg1lvyd5yVzaIdHyKBLCANEYbbc8dIHJy57t1sMPO5lABr4HyvVMNV10KcNGX
cx9Rev1dkigP04r4PnZNSeKm7CoyaNPlaQ3Xnk1/kKiPZMIShKWU+k5ToTGNP69C
y9YLwztK+vLiH07WnLAlm8E97aRnwl2cjFC166Y=
-----END CERTIFICATE-----
Generated at Thu Mar 12 10:56:55 2026 by rpki-client