Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EM9dXo6UycndPoNSioIGgeT0gN8.roa
File: EM9dXo6UycndPoNSioIGgeT0gN8.roa (raw, json)
Hash identifier: +/U11YebgiKyhOu59qQFvCgZZ/2GCuzlzeve7OK8TKE=
Subject key identifier: 10:CF:5D:5E:8E:94:C9:C9:DD:3E:83:52:8A:82:06:81:E4:F4:80:DF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D61E00DD49299C2883EFEC5855223F271
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EM9dXo6UycndPoNSioIGgeT0gN8.roa
Signing time: Mon 06 Apr 2026 08:19:26 +0000
ROA not before: Mon 06 Apr 2026 08:19:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.13.224.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
87.121.60.0/23 maxlen: 23
92.119.199.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 Apr 2026 10:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:61:e0:0d:d4:92:99:c2:88:3e:fe:c5:85:52:23:f2:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 6 08:19:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=10cf5d5e8e94c9c9dd3e83528a820681e4f480df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:14:2d:f7:33:e5:69:26:26:c5:2c:f1:54:3f:
a2:a6:37:67:c5:e4:77:18:31:d7:b1:40:72:fa:c7:
4e:62:f8:bb:af:4c:3d:08:84:5a:6f:b1:32:7f:3e:
85:6d:e9:15:14:22:af:25:86:68:86:0b:9d:16:67:
8e:6d:c6:e6:42:a1:de:4f:66:84:4e:4f:1d:2d:96:
28:33:a3:cb:e4:92:8a:9b:89:97:dc:11:90:36:3a:
3f:44:77:05:c0:11:d5:0e:3a:c8:05:00:7e:06:61:
f9:64:bb:69:7f:a5:6e:30:8c:c9:41:a5:d1:11:30:
01:ba:47:67:08:6e:ea:65:6a:ff:84:39:f5:ce:e7:
2d:a1:47:bb:b5:94:bd:64:b4:a9:21:86:1e:e5:8c:
19:fc:e2:2a:3f:2d:08:97:15:a2:88:6e:f0:99:7d:
ca:85:67:4d:3e:1f:2f:c9:aa:15:e9:d5:ed:0e:4f:
bb:ed:68:2a:d7:07:29:b3:90:5d:71:d5:59:e8:53:
14:10:88:f4:10:c4:a6:1c:fa:f8:51:6c:51:8c:b2:
61:f2:68:de:41:17:99:ab:87:6a:2e:0c:53:11:e9:
d9:1e:35:53:02:90:bc:03:91:a1:5f:56:e1:a6:7f:
d4:6c:87:99:d2:27:c7:a6:3d:ec:3d:94:4c:f0:8e:
64:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CF:5D:5E:8E:94:C9:C9:DD:3E:83:52:8A:82:06:81:E4:F4:80:DF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EM9dXo6UycndPoNSioIGgeT0gN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.224.0/24
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
85.31.47.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.191.0/24
87.121.60.0/23
92.119.199.0/24
92.249.50.0/24
93.123.109.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:5c:58:9b:bd:c8:0e:1a:a6:e7:a0:69:fe:8c:06:9f:77:47:
3b:46:f1:c8:d6:41:3c:2b:0b:2e:08:eb:7a:b4:bd:dd:18:51:
1b:b6:ae:e8:49:76:f5:c1:09:73:0b:20:42:c8:d8:a6:d1:a9:
c7:ac:5c:48:93:dd:2c:2a:08:fc:6d:d5:aa:0e:b9:02:c6:ac:
cf:ad:64:8c:a8:c0:22:36:1b:8f:1f:00:47:a6:a8:4b:d4:e0:
28:fb:38:fa:ea:99:10:db:de:c2:ee:c7:18:32:58:ae:a5:df:
5a:34:e7:1c:c4:24:d6:34:47:6e:1d:cc:fb:fa:0b:76:ce:e5:
75:e9:42:5e:55:f7:0a:89:91:06:0b:8e:df:fe:f7:05:12:53:
e2:cb:22:48:3e:14:2b:b6:5a:be:84:0b:0d:e3:5d:1b:de:24:
72:5f:39:7a:e2:df:94:a5:35:93:c2:65:3f:48:c7:17:46:bb:
f1:51:24:e6:f0:8b:e7:1d:96:49:ee:34:00:19:38:87:f9:f7:
ea:fb:61:ce:25:d9:1b:29:2f:01:c7:67:41:3d:52:6c:c2:99:
cb:74:d5:16:1a:7e:28:21:88:b6:a3:70:2b:28:8b:44:e5:77:
37:72:f9:91:be:ce:b3:0e:ee:b0:06:f1:74:5b:4f:0b:4e:0f:
d2:9a:d6:af
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ1h4A3UkpnCiD7+xYVSI/JxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDA2MDgxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNmNWQ1ZThlOTRjOWM5ZGQzZTgzNTI4YTgyMDY4MWU0ZjQ4MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxQt9zPlaSYmxSzxVD+ipjdnxeR3
GDHXsUBy+sdOYvi7r0w9CIRab7Eyfz6FbekVFCKvJYZohgudFmeObcbmQqHeT2aE
Tk8dLZYoM6PL5JKKm4mX3BGQNjo/RHcFwBHVDjrIBQB+BmH5ZLtpf6VuMIzJQaXR
ETABukdnCG7qZWr/hDn1zuctoUe7tZS9ZLSpIYYe5YwZ/OIqPy0IlxWiiG7wmX3K
hWdNPh8vyaoV6dXtDk+77Wgq1wcps5BdcdVZ6FMUEIj0EMSmHPr4UWxRjLJh8mje
QReZq4dqLgxTEenZHjVTApC8A5GhX1bhpn/UbIeZ0ifHpj3sPZRM8I5kZwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFBDPXV6OlMnJ3T6DUoqCBoHk9IDfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRU05ZFhvNlV5Y25kUG9OU2lvSUdnZVQwZ044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAf
DeADBAAtQuQDBAAtQucDBAAtWfcDBAAtjZ4DBABRoe4DBABTj3EDBABVHy8DBAFV
2YIDBABXeFcDBABXeH4DBABXeKYDBABXeL8DBAFXeTwDBABcd8cDBABc+TIDBABd
e20DBACTTmUDBAK52lQDBAC53qADBADBGdgDBADCN7oDBADCqa8wDQYJKoZIhvcN
AQELBQADggEBAIxcWJu9yA4apuegaf6MBp93RztG8cjWQTwrCy4I63q0vd0YURu2
ruhJdvXBCXMLIELI2KbRqcesXEiT3SwqCPxt1aoOuQLGrM+tZIyowCI2G48fAEem
qEvU4Cj7OPrqmRDb3sLuxxgyWK6l31o05xzEJNY0R24dzPv6C3bO5XXpQl5V9wqJ
kQYLjt/+9wUSU+LLIkg+FCu2Wr6ECw3jXRveJHJfOXri35SlNZPCZT9IxxdGu/FR
JObwi+cdlknuNAAZOIf59+r7Yc4l2RspLwHHZ0E9UmzCmct01RYafighiLajcCso
i0Tldzdy+ZG+zrMO7rAG8XRbTwtOD9Ka1q8=
-----END CERTIFICATE-----
Generated at Mon Apr 6 17:18:23 2026 by rpki-client