Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/aEIKZOXUg22tPrtXoS5MANAUyfE.roa
File: aEIKZOXUg22tPrtXoS5MANAUyfE.roa (raw, json)
Hash identifier: yx1PIOL/wL0tZCEi24hJ9+b5RlgROdeQadCiy8sQegQ=
Subject key identifier: 68:42:0A:64:E5:D4:83:6D:AD:3E:BB:57:A1:2E:4C:00:D0:14:C9:F1
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 019B78A2B1939367E68A08C16D15BB46E9EF
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/aEIKZOXUg22tPrtXoS5MANAUyfE.roa
Signing time: Thu 01 Jan 2026 08:18:06 +0000
ROA not before: Thu 01 Jan 2026 08:18:06 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33182
IP address blocks: 185.7.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Feb 2026 15:25:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a2:b1:93:93:67:e6:8a:08:c1:6d:15:bb:46:e9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Jan 1 08:18:06 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=68420a64e5d4836dad3ebb57a12e4c00d014c9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fd:43:26:b9:a5:a8:3b:94:17:2f:d6:7b:94:
1f:17:0d:c9:8e:39:19:52:53:47:5e:d0:cf:1f:6c:
40:78:8c:aa:dc:72:a7:8b:6d:17:45:d8:ce:87:aa:
3d:02:a9:ec:23:a0:2b:7a:00:c1:35:53:74:bb:af:
84:a1:32:1a:99:d4:17:b2:e6:b3:aa:56:5a:38:96:
ee:fd:0c:4d:c8:9e:8e:46:34:63:12:86:a9:2f:83:
9c:b6:b5:20:36:c2:53:a5:c8:fb:46:4b:15:a3:03:
25:52:a5:0c:af:b9:77:22:66:59:61:98:cb:5f:87:
c4:33:c5:3c:07:16:db:cb:a9:18:84:a9:ce:a1:ec:
8c:d6:f0:c7:a1:98:b1:24:44:38:98:e9:5d:98:e4:
db:55:1c:12:bb:d0:1d:cf:6d:5d:94:0a:e5:f8:b7:
f6:f7:ee:8f:2d:f4:0d:44:5a:e4:ce:2c:54:07:2d:
39:f4:0d:69:b3:be:67:86:90:42:04:5f:db:a8:e4:
6a:38:f9:99:46:8d:d1:12:6c:df:29:75:74:d0:26:
f0:aa:b3:25:b3:ec:2e:e1:2d:0f:f3:8e:9f:5a:7b:
98:f4:55:54:17:6b:9d:3f:6a:3c:99:63:fc:3d:c8:
67:32:c4:49:49:99:2a:32:40:11:1d:a8:7d:84:e3:
5e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:42:0A:64:E5:D4:83:6D:AD:3E:BB:57:A1:2E:4C:00:D0:14:C9:F1
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/aEIKZOXUg22tPrtXoS5MANAUyfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.80.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:15:8c:d8:51:7c:74:0f:c9:75:6f:a2:88:db:04:53:8c:48:
d5:e9:ea:3d:78:f5:f5:40:36:07:e0:b0:56:6b:9d:99:af:48:
15:b2:af:47:cb:64:63:79:5b:d7:7d:5c:cf:b2:03:76:49:c9:
16:fd:99:be:16:3c:69:68:e0:e3:26:ce:0d:ff:1c:d5:cf:71:
e3:e0:60:9d:87:c2:e8:5b:e9:fe:00:b3:4a:34:26:50:85:a8:
d7:70:42:0c:24:03:45:c7:d4:13:17:c0:f9:f7:1f:0a:44:0d:
8d:53:39:eb:c8:9b:d2:18:40:24:31:24:a7:48:87:e0:38:79:
41:3e:0a:b9:27:4a:27:10:7e:21:24:9f:9c:56:17:7f:de:74:
50:f7:3c:bf:bd:d6:65:77:38:cd:60:57:a6:3e:7d:fd:a7:9c:
62:71:49:b6:a9:06:b0:e0:10:00:18:21:df:d8:7b:6c:9a:c9:
b3:7f:c4:6b:57:c5:29:0d:b1:48:b6:e6:c0:57:5c:03:a7:8b:
ef:18:d9:26:de:73:1c:d7:60:e2:08:8e:02:82:9b:9a:23:f8:
7d:bf:3a:57:ca:79:fd:b4:9a:ad:12:43:05:07:ef:c8:ec:c3:
6c:e5:52:3f:2c:19:a3:0d:18:5a:e4:e2:f8:91:c1:7c:f4:02:
12:52:d5:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4orGTk2fmigjBbRW7RunvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjYwMTAxMDgxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQyMGE2NGU1ZDQ4MzZkYWQzZWJiNTdhMTJlNGMwMGQwMTRjOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv1DJrmlqDuUFy/We5QfFw3JjjkZ
UlNHXtDPH2xAeIyq3HKni20XRdjOh6o9AqnsI6AregDBNVN0u6+EoTIamdQXsuaz
qlZaOJbu/QxNyJ6ORjRjEoapL4OctrUgNsJTpcj7RksVowMlUqUMr7l3ImZZYZjL
X4fEM8U8Bxbby6kYhKnOoeyM1vDHoZixJEQ4mOldmOTbVRwSu9Adz21dlArl+Lf2
9+6PLfQNRFrkzixUBy059A1ps75nhpBCBF/bqORqOPmZRo3REmzfKXV00CbwqrMl
s+wu4S0P846fWnuY9FVUF2udP2o8mWP8PchnMsRJSZkqMkARHah9hONeNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhCCmTl1INtrT67V6EuTADQFMnxMB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvYUVJS1pPWFVnMjJ0UHJ0WG9TNU1BTkFVeWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQdQMA0G
CSqGSIb3DQEBCwUAA4IBAQAdFYzYUXx0D8l1b6KI2wRTjEjV6eo9ePX1QDYH4LBW
a52Zr0gVsq9Hy2RjeVvXfVzPsgN2SckW/Zm+FjxpaODjJs4N/xzVz3Hj4GCdh8Lo
W+n+ALNKNCZQhajXcEIMJANFx9QTF8D59x8KRA2NUznryJvSGEAkMSSnSIfgOHlB
Pgq5J0onEH4hJJ+cVhd/3nRQ9zy/vdZldzjNYFemPn39p5xicUm2qQaw4BAAGCHf
2Htsmsmzf8RrV8UpDbFItubAV1wDp4vvGNkm3nMc12DiCI4CgpuaI/h9vzpXynn9
tJqtEkMFB+/I7MNs5VI/LBmjDRha5OL4kcF89AISUtW0
-----END CERTIFICATE-----
Generated at Fri Feb 20 00:26:08 2026 by rpki-client