Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eK-c2O-C3dpUit5t2882I9MOcT0.roa
File: eK-c2O-C3dpUit5t2882I9MOcT0.roa (raw, json)
Hash identifier: hJlcfUPIaFZKUeRsJhCc1Rvndb/du4sqovLX3gyab7U=
Subject key identifier: 78:AF:9C:D8:EF:82:DD:DA:54:8A:DE:6D:DB:CF:36:23:D3:0E:71:3D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019E82183DB26C18496D216F34C7DE8D3701
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eK-c2O-C3dpUit5t2882I9MOcT0.roa
Signing time: Mon 01 Jun 2026 07:31:27 +0000
ROA not before: Mon 01 Jun 2026 07:31:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 85.254.117.0/24 maxlen: 24
85.254.118.0/23 maxlen: 23
94.101.226.0/24 maxlen: 24
188.64.182.0/24 maxlen: 24
188.64.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 17:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:18:3d:b2:6c:18:49:6d:21:6f:34:c7:de:8d:37:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jun 1 07:31:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=78af9cd8ef82ddda548ade6ddbcf3623d30e713d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:24:bd:a4:6e:b6:b2:9a:47:db:11:3a:9c:21:
62:47:6d:7a:0b:17:f8:50:5e:ad:a1:e1:92:d3:8d:
57:be:bc:c9:41:39:27:a5:ac:98:5b:a5:2b:56:ad:
0f:f0:35:20:10:02:06:2b:25:5c:2d:71:60:68:05:
93:1e:67:b2:6a:46:eb:e3:02:c3:ed:2f:bc:80:3a:
44:e5:76:85:b8:90:05:d9:58:d8:e9:0b:d3:61:ce:
e1:d5:1a:a9:bc:ae:dc:4a:45:39:4a:27:64:8e:20:
07:06:68:da:25:e7:70:62:f6:54:24:b1:07:11:86:
c3:49:b2:e0:df:d8:39:09:61:a7:69:b6:4a:ca:d7:
31:c7:0f:57:89:02:f3:bd:9a:d5:21:35:ff:ef:6b:
23:35:a2:7a:8e:7d:89:7b:9a:e9:ad:36:75:cf:86:
e1:ab:2c:62:2c:0a:23:a7:ce:a4:cd:2f:58:aa:f6:
c3:dd:27:66:09:29:d0:89:13:df:99:9c:be:83:56:
14:87:dd:81:ba:4e:bb:e3:d7:b8:55:c6:82:1f:5e:
98:94:fc:cb:20:17:62:7d:b7:3d:1d:5e:23:d8:e3:
be:ca:df:78:cc:68:ab:26:46:19:af:4a:c2:07:23:
dc:4a:02:de:20:c9:21:89:7a:73:fa:9c:fd:3e:f1:
fe:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:AF:9C:D8:EF:82:DD:DA:54:8A:DE:6D:DB:CF:36:23:D3:0E:71:3D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/eK-c2O-C3dpUit5t2882I9MOcT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.117.0-85.254.119.255
94.101.226.0/24
188.64.182.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:c7:fb:26:39:68:1e:26:22:95:26:3e:ab:7f:a6:1b:99:8d:
ff:26:e3:54:8c:6b:0e:1a:7d:a6:b6:76:fd:05:ac:14:f4:de:
9f:8f:c9:50:5a:0a:90:ee:d6:75:40:5c:ad:c2:c5:4f:5f:f5:
1a:b6:ab:6b:31:86:ed:72:aa:cc:49:47:da:77:c0:4b:a4:84:
91:bb:3c:c4:06:cc:e2:e3:64:86:27:79:13:f6:8d:8a:33:ce:
c0:c2:51:e1:dd:92:6c:ee:fe:73:36:e7:22:82:9c:b3:e5:be:
91:91:7f:eb:be:29:0a:f7:ba:ea:8e:0d:12:66:ce:51:6c:05:
90:58:da:10:51:65:19:1d:f6:e9:cc:d0:34:1f:f0:0e:fe:25:
73:3f:94:25:6a:52:f7:61:be:04:ad:80:44:55:79:71:e7:67:
c4:71:73:02:26:aa:cf:85:09:1e:50:62:2c:92:34:7c:cd:3b:
67:a0:b6:ff:69:f9:28:6e:18:7b:cf:92:de:ce:43:40:f2:11:
9f:e5:b1:4b:9c:bf:24:ab:16:df:74:88:0a:93:c7:b0:42:c8:
12:46:c4:da:47:45:08:fe:0e:cc:c6:ec:ac:9c:11:dd:ed:ac:
7b:8e:07:eb:2f:a5:78:79:f7:29:a0:4d:3a:fc:5a:04:93:96:
24:c6:76:ca
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ6CGD2ybBhJbSFvNMfejTcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwNjAxMDczMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGFmOWNkOGVmODJkZGRhNTQ4YWRlNmRkYmNmMzYyM2QzMGU3MTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiS9pG62sppH2xE6nCFiR216Cxf4
UF6toeGS041XvrzJQTknpayYW6UrVq0P8DUgEAIGKyVcLXFgaAWTHmeyakbr4wLD
7S+8gDpE5XaFuJAF2VjY6QvTYc7h1RqpvK7cSkU5SidkjiAHBmjaJedwYvZUJLEH
EYbDSbLg39g5CWGnabZKytcxxw9XiQLzvZrVITX/72sjNaJ6jn2Je5rprTZ1z4bh
qyxiLAojp86kzS9YqvbD3SdmCSnQiRPfmZy+g1YUh92Buk6749e4VcaCH16YlPzL
IBdifbc9HV4j2OO+yt94zGirJkYZr0rCByPcSgLeIMkhiXpz+pz9PvH+ZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHivnNjvgt3aVIrebdvPNiPTDnE9MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZUstYzJPLUMzZHBVaXQ1dDI4ODJJOU1PY1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABV/nUD
BANV/nADBABeZeIDBAG8QLYwDQYJKoZIhvcNAQELBQADggEBAKLH+yY5aB4mIpUm
Pqt/phuZjf8m41SMaw4afaa2dv0FrBT03p+PyVBaCpDu1nVAXK3CxU9f9Rq2q2sx
hu1yqsxJR9p3wEukhJG7PMQGzOLjZIYneRP2jYozzsDCUeHdkmzu/nM25yKCnLPl
vpGRf+u+KQr3uuqODRJmzlFsBZBY2hBRZRkd9unM0DQf8A7+JXM/lCVqUvdhvgSt
gERVeXHnZ8RxcwImqs+FCR5QYiySNHzNO2egtv9p+ShuGHvPkt7OQ0DyEZ/lsUuc
vySrFt90iAqTx7BCyBJGxNpHRQj+DszG7KycEd3trHuOB+svpXh59ymgTTr8WgST
liTGdso=
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:14:34 2026 by rpki-client