Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/07YHnmSGL3DGY6c5DbcijP217LQ.roa
File: 07YHnmSGL3DGY6c5DbcijP217LQ.roa (raw, json)
Hash identifier: 12gHzQSyTMLeGjVAmr1zmwWq9fnXc3yyJAMhoMfsUbI=
Subject key identifier: D3:B6:07:9E:64:86:2F:70:C6:63:A7:39:0D:B7:22:8C:FD:B5:EC:B4
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019CD88B9A7C0D04C1A7986387297CB948D9
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/07YHnmSGL3DGY6c5DbcijP217LQ.roa
Signing time: Tue 10 Mar 2026 16:19:13 +0000
ROA not before: Tue 10 Mar 2026 16:19:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6739
IP address blocks: 2.154.0.0/15 maxlen: 16
2.154.0.0/16 maxlen: 16
2.154.192.0/18 maxlen: 18
2.155.0.0/16 maxlen: 16
5.40.0.0/16 maxlen: 16
62.42.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
62.82.0.0/15 maxlen: 16
62.100.96.0/19 maxlen: 19
62.174.0.0/15 maxlen: 19
81.60.0.0/15 maxlen: 18
81.184.0.0/16 maxlen: 16
81.202.0.0/16 maxlen: 16
82.159.0.0/16 maxlen: 16
82.213.128.0/18 maxlen: 18
83.173.128.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
84.127.229.0/24 maxlen: 24
85.219.0.0/17 maxlen: 17
85.251.0.0/16 maxlen: 17
89.140.0.0/16 maxlen: 17
95.39.0.0/16 maxlen: 19
185.128.128.0/22 maxlen: 24
194.106.0.0/19 maxlen: 19
194.140.128.0/18 maxlen: 18
194.149.192.0/19 maxlen: 19
212.21.224.0/19 maxlen: 19
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
212.78.128.0/19 maxlen: 19
212.79.128.0/19 maxlen: 19
212.95.192.0/19 maxlen: 19
212.97.160.0/19 maxlen: 19
212.183.192.0/18 maxlen: 18
213.37.0.0/16 maxlen: 16
213.201.0.0/17 maxlen: 17
213.227.0.0/18 maxlen: 18
213.231.64.0/18 maxlen: 18
2a02:a800::/26 maxlen: 26
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 21:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d8:8b:9a:7c:0d:04:c1:a7:98:63:87:29:7c:b9:48:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Mar 10 16:19:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d3b6079e64862f70c663a7390db7228cfdb5ecb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:32:b7:a4:6a:6d:b1:8e:0f:74:3e:f5:4b:c8:
5a:54:c9:0d:5a:00:07:2e:a5:1e:77:64:e8:2b:04:
93:d6:f9:60:0d:c0:bd:9b:c9:85:4e:52:e3:76:15:
1f:40:96:16:e6:c6:5a:f1:ce:30:ad:33:78:ce:5e:
74:72:50:8c:1f:4b:23:d0:c2:80:45:17:01:12:3f:
95:6c:ac:f2:85:06:e7:47:ba:a7:a4:07:23:4c:bf:
35:88:12:ea:ca:66:93:97:a3:3d:82:1d:ac:94:d0:
fe:26:f2:b3:99:1f:55:ef:92:65:54:b8:fe:2c:bb:
0b:03:e9:02:e4:e7:6a:77:bc:e7:21:1c:9e:79:6d:
59:a5:5e:7a:d3:04:da:d0:04:63:ca:63:c8:72:6a:
1c:5d:d2:0d:4a:fd:15:35:6c:7a:de:b6:fc:84:bf:
41:fd:7c:db:4e:f3:6c:15:79:0a:71:73:6f:f2:3c:
e1:d6:80:67:4c:f4:3c:64:7f:90:26:87:86:a9:b6:
00:e0:5e:05:9d:2e:a4:fc:4e:da:21:64:c9:0d:53:
32:8a:f6:34:f7:04:1c:a5:b9:fb:c3:79:d1:94:81:
05:07:86:90:45:55:c3:38:c6:35:fa:bc:b4:61:3c:
8c:a6:ec:34:0d:ff:ea:71:ff:d1:62:d4:cb:fb:95:
02:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B6:07:9E:64:86:2F:70:C6:63:A7:39:0D:B7:22:8C:FD:B5:EC:B4
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/07YHnmSGL3DGY6c5DbcijP217LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.154.0.0/15
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.174.0.0/15
81.60.0.0/15
81.184.0.0/16
81.202.0.0/16
82.159.0.0/16
82.213.128.0/18
83.173.128.0/18
84.120.0.0/13
85.219.0.0/17
85.251.0.0/16
89.140.0.0/16
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
IPv6:
2a02:a800::/26
Signature Algorithm: sha256WithRSAEncryption
08:55:03:75:43:3e:ef:d3:fe:6e:46:32:62:2f:c5:1c:c3:05:
76:21:75:0e:6d:72:90:a4:c9:b8:b9:f5:14:3a:af:71:31:cf:
4c:fa:5b:79:40:3b:87:02:76:49:66:2a:74:62:68:d3:84:4a:
85:4b:02:77:b7:12:81:21:09:d8:db:94:0a:78:fc:f9:f4:9d:
2a:a7:cb:eb:93:fb:ca:3f:a5:cc:cb:da:e1:7a:dc:15:05:83:
55:ef:77:8f:41:03:a8:32:ff:bc:83:de:22:20:33:38:87:1a:
b4:1a:d7:5b:30:35:94:c1:29:95:a0:99:6e:4c:00:c9:ac:b4:
3b:af:4f:21:66:01:6e:a2:72:49:08:bd:b2:7c:92:db:16:45:
32:5a:2b:37:53:38:4b:2f:13:65:f2:94:31:b2:ce:09:c3:b5:
5b:1e:2d:64:23:ae:a2:d0:8c:55:02:d1:25:70:6f:5f:99:d5:
c3:e6:cb:44:ef:4b:26:95:89:5a:99:80:ed:c0:e9:b3:cd:f3:
b5:10:19:5d:ce:0a:85:4f:c3:d1:2b:02:bb:3c:8d:5b:29:d9:
63:30:e3:64:33:f9:77:17:9c:cd:a7:8f:e8:92:74:52:c7:b4:
92:fe:b3:52:79:80:64:a5:56:38:ea:b0:ab:8b:b8:10:c0:1d:
4d:46:65:11
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAZzYi5p8DQTBp5hjhyl8uUjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjYwMzEwMTYxOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2I2MDc5ZTY0ODYyZjcwYzY2M2E3MzkwZGI3MjI4Y2ZkYjVlY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojK3pGptsY4PdD71S8haVMkNWgAH
LqUed2ToKwST1vlgDcC9m8mFTlLjdhUfQJYW5sZa8c4wrTN4zl50clCMH0sj0MKA
RRcBEj+VbKzyhQbnR7qnpAcjTL81iBLqymaTl6M9gh2slND+JvKzmR9V75JlVLj+
LLsLA+kC5Odqd7znIRyeeW1ZpV560wTa0ARjymPIcmocXdINSv0VNWx63rb8hL9B
/XzbTvNsFXkKcXNv8jzh1oBnTPQ8ZH+QJoeGqbYA4F4FnS6k/E7aIWTJDVMyivY0
9wQcpbn7w3nRlIEFB4aQRVXDOMY1+ry0YTyMpuw0Df/qcf/RYtTL+5UC6QIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFNO2B55khi9wxmOnOQ23Ioz9tey0MB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvMDdZSG5tU0dMM0RHWTZjNURiY2lqUDIxN0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBxQQCAAEwgb4DAwEC
mgMDAAUoAwMBPioDAwA+OTAKAwMAPlEDAwI+UAMEBT5kYAMDAT6uAwMBUTwDAwBR
uAMDAFHKAwMAUp8DBAZS1YADBAZTrYADAwNUeAMEB1XbAAMDAFX7AwMAWYwDAwBf
JwMEArmAgAMEBcJqAAMEBsKMgAMEBcKVwAMEBdQV4AMEBdQo4AMEBdROgAMEBdRP
gAMEBdRfwAMEBdRhoAMEBtS3wAMDANUlAwQH1ckAAwQG1eMAAwQG1edAMA0EAgAC
MAcDBQYqAqgAMA0GCSqGSIb3DQEBCwUAA4IBAQAIVQN1Qz7v0/5uRjJiL8UcwwV2
IXUObXKQpMm4ufUUOq9xMc9M+lt5QDuHAnZJZip0YmjThEqFSwJ3txKBIQnY25QK
ePz59J0qp8vrk/vKP6XMy9rhetwVBYNV73ePQQOoMv+8g94iIDM4hxq0GtdbMDWU
wSmVoJluTADJrLQ7r08hZgFuonJJCL2yfJLbFkUyWis3UzhLLxNl8pQxss4Jw7Vb
Hi1kI66i0IxVAtElcG9fmdXD5stE70smlYlamYDtwOmzzfO1EBldzgqFT8PRKwK7
PI1bKdljMONkM/l3F5zNp4/oknRSx7SS/rNSeYBkpVY46rCri7gQwB1NRmUR
-----END CERTIFICATE-----
Generated at Fri Mar 13 05:34:23 2026 by rpki-client