Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ENX7W26vkXDlf9S1HMKKQ9zqEqI.roa
File: ENX7W26vkXDlf9S1HMKKQ9zqEqI.roa (raw, json)
Hash identifier: +y5JKEhz1wdrG/7JNArSOnMavXJ/uzgmLVD8UcDEcZ0=
Subject key identifier: 10:D5:FB:5B:6E:AF:91:70:E5:7F:D4:B5:1C:C2:8A:43:DC:EA:12:A2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019ECA55AB6AB64A8DC385483721C4BE1CD4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ENX7W26vkXDlf9S1HMKKQ9zqEqI.roa
Signing time: Mon 15 Jun 2026 08:11:12 +0000
ROA not before: Mon 15 Jun 2026 08:11:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214668
IP address blocks: 81.161.238.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Jun 2026 19:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ca:55:ab:6a:b6:4a:8d:c3:85:48:37:21:c4:be:1c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 15 08:11:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=10d5fb5b6eaf9170e57fd4b51cc28a43dcea12a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d6:90:de:dc:27:f9:59:d2:cd:aa:77:d8:8c:
a2:8d:3f:bc:2f:85:06:0a:b0:d5:d8:56:9b:07:ac:
dc:79:5e:32:b0:ae:ed:c9:a0:d1:b6:c8:26:32:64:
65:81:25:1c:76:67:7b:7c:90:c7:12:c5:4a:65:50:
f5:17:2e:04:d9:79:14:9d:d3:54:27:2e:27:31:11:
7a:05:eb:e9:d9:4d:00:52:09:d0:1c:4c:a4:82:d7:
46:b3:4b:87:a0:ec:46:50:85:86:cd:c0:ba:5b:03:
15:13:c6:b1:a1:38:64:48:8f:60:b6:32:b5:51:ad:
fc:77:df:4d:3d:fb:76:0a:9e:10:50:59:a5:14:fd:
8e:96:ff:5f:0e:0f:c2:5e:8f:1f:1c:88:98:76:27:
38:a0:c5:72:32:51:ad:4c:a3:f0:1e:8d:da:c8:64:
ba:01:af:55:45:c3:37:4d:79:19:96:fc:d6:d7:46:
8a:a0:4c:bc:ee:09:a2:0c:b9:1a:2e:e4:91:28:97:
30:ea:3c:f1:89:54:04:79:a3:e0:9a:4f:ae:82:52:
b1:f5:99:a1:d7:a3:28:d8:a0:ec:27:00:21:65:b6:
18:e6:4e:80:3d:4c:fc:d4:7f:3a:4c:4f:ab:1e:a4:
7b:63:0f:5c:c7:ac:36:d0:06:4f:a2:30:df:05:04:
b0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D5:FB:5B:6E:AF:91:70:E5:7F:D4:B5:1C:C2:8A:43:DC:EA:12:A2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ENX7W26vkXDlf9S1HMKKQ9zqEqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.238.0/24
185.222.160.0/24
193.37.41.0/24
193.37.44.0/24
Signature Algorithm: sha256WithRSAEncryption
54:24:3a:2d:ef:b8:a9:01:3f:b5:43:c4:ef:29:9b:3c:5e:4b:
fe:4a:a3:1b:5c:b6:63:19:a2:2e:fa:11:4f:eb:39:d1:66:28:
6b:2c:77:45:ff:56:d3:e4:39:ab:af:0a:e3:97:3f:19:16:68:
e3:10:4e:27:00:50:c7:1f:ea:97:29:37:fd:de:33:dd:95:47:
f3:0d:95:80:7c:23:71:66:f8:db:f2:08:88:c6:22:0f:4a:0e:
74:8f:52:06:d2:d7:66:79:a9:7b:ab:3c:41:33:18:cd:ff:34:
63:36:4b:26:97:07:c0:c7:de:47:5d:67:9d:2d:b3:29:db:fe:
cb:66:92:7f:9f:a3:bd:17:db:0b:ae:65:4e:d0:66:4f:7f:89:
e2:bd:63:a9:ff:c6:1d:0c:14:be:ab:85:bf:e4:38:2f:17:49:
09:27:f6:8c:a6:11:1f:48:c9:e4:55:bd:a0:c8:48:74:13:6b:
64:a5:5e:c4:06:8d:27:a6:2f:d7:ff:3a:8c:eb:da:37:1a:20:
32:9f:0e:f4:1a:3c:22:93:5f:98:46:3b:cb:b5:77:19:f4:d4:
c1:2b:83:8d:41:dc:41:e0:c6:1f:dd:cf:8d:75:a5:e1:0c:88:
5d:c8:cd:e6:4a:3e:12:45:09:38:54:67:c2:83:5f:36:3d:dd:
45:e3:e0:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ7KVatqtkqNw4VINyHEvhzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjE1MDgxMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGQ1ZmI1YjZlYWY5MTcwZTU3ZmQ0YjUxY2MyOGE0M2RjZWExMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdaQ3twn+VnSzap32IyijT+8L4UG
CrDV2FabB6zceV4ysK7tyaDRtsgmMmRlgSUcdmd7fJDHEsVKZVD1Fy4E2XkUndNU
Jy4nMRF6Bevp2U0AUgnQHEykgtdGs0uHoOxGUIWGzcC6WwMVE8axoThkSI9gtjK1
Ua38d99NPft2Cp4QUFmlFP2Olv9fDg/CXo8fHIiYdic4oMVyMlGtTKPwHo3ayGS6
Aa9VRcM3TXkZlvzW10aKoEy87gmiDLkaLuSRKJcw6jzxiVQEeaPgmk+uglKx9Zmh
16Mo2KDsJwAhZbYY5k6APUz81H86TE+rHqR7Yw9cx6w20AZPojDfBQSw1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBDV+1tur5Fw5X/UtRzCikPc6hKiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRU5YN1cyNnZrWERsZjlTMUhNS0tROXpxRXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUaHuAwQA
ud6gAwQAwSUpAwQAwSUsMA0GCSqGSIb3DQEBCwUAA4IBAQBUJDot77ipAT+1Q8Tv
KZs8Xkv+SqMbXLZjGaIu+hFP6znRZihrLHdF/1bT5Dmrrwrjlz8ZFmjjEE4nAFDH
H+qXKTf93jPdlUfzDZWAfCNxZvjb8giIxiIPSg50j1IG0tdmeal7qzxBMxjN/zRj
NksmlwfAx95HXWedLbMp2/7LZpJ/n6O9F9sLrmVO0GZPf4nivWOp/8YdDBS+q4W/
5DgvF0kJJ/aMphEfSMnkVb2gyEh0E2tkpV7EBo0npi/X/zqM69o3GiAynw70Gjwi
k1+YRjvLtXcZ9NTBK4ONQdxB4MYf3c+NdaXhDIhdyM3mSj4SRQk4VGfCg182Pd1F
4+CY
-----END CERTIFICATE-----
Generated at Tue Jun 16 02:01:19 2026 by rpki-client