Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/rp-8Eh4PQpjuqIuJRzh48EE2qAI.roa
File: rp-8Eh4PQpjuqIuJRzh48EE2qAI.roa (raw, json)
Hash identifier: sqtPMTVbcyLlSryGOLGOJz32PCEBycyGoFuAdKoxygQ=
Subject key identifier: AE:9F:BC:12:1E:0F:42:98:EE:A8:8B:89:47:38:78:F0:41:36:A8:02
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 019E40D1454F1ED5473EAB73DCAB0D1F7FFE
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/rp-8Eh4PQpjuqIuJRzh48EE2qAI.roa
Signing time: Tue 19 May 2026 15:18:37 +0000
ROA not before: Tue 19 May 2026 15:18:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 55933
IP address blocks: 93.177.76.0/24 maxlen: 24
93.177.77.0/24 maxlen: 24
93.187.128.0/22 maxlen: 24
185.239.84.0/22 maxlen: 24
185.239.84.0/23 maxlen: 23
185.239.86.0/23 maxlen: 23
185.242.232.0/22 maxlen: 24
185.245.40.0/22 maxlen: 24
2a0c:f480::/29 maxlen: 29
2a0d:2480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 12:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:40:d1:45:4f:1e:d5:47:3e:ab:73:dc:ab:0d:1f:7f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: May 19 15:18:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ae9fbc121e0f4298eea88b89473878f04136a802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6c:b9:93:0d:82:67:51:cb:1e:af:1e:88:99:
aa:4e:0e:02:25:d3:75:76:bc:28:1b:4f:f2:33:3d:
a0:14:05:b8:a9:ea:cf:60:25:9f:5b:ee:8f:14:bf:
35:6e:84:4b:37:a1:72:04:37:0b:07:27:2b:55:07:
12:c5:23:d0:68:19:da:20:9a:d1:85:26:61:9a:e2:
9a:c3:2b:63:de:b9:48:c0:3e:50:bd:98:d3:ee:c6:
fd:d1:a2:22:64:29:bd:96:47:2d:49:8c:20:79:1c:
e7:8d:c2:34:88:f0:42:6f:52:b9:a0:ed:4c:49:05:
51:f4:3e:c4:56:26:64:17:8f:b4:03:4e:f6:54:98:
52:c8:75:97:9c:c1:ea:fc:67:6c:29:46:bd:ab:f6:
8a:d2:6f:f0:47:4f:e6:11:c0:5d:4d:eb:5d:09:f9:
e6:30:7d:ed:32:05:bb:1f:18:71:00:b1:89:d8:ee:
f9:53:27:8a:8e:68:4d:c4:fa:1a:cf:ac:96:e0:a7:
4a:7a:77:b2:13:da:d2:00:8e:d1:43:40:41:a6:97:
a2:35:2e:f3:d3:14:a3:97:6b:46:9b:70:06:a1:06:
4b:6f:f7:2b:9d:72:d3:40:72:a2:b7:86:c6:c0:19:
5a:86:9b:59:21:ee:28:5a:a8:a5:83:1f:62:22:1c:
fe:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9F:BC:12:1E:0F:42:98:EE:A8:8B:89:47:38:78:F0:41:36:A8:02
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/rp-8Eh4PQpjuqIuJRzh48EE2qAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.177.76.0/23
93.187.128.0/22
185.239.84.0/22
185.242.232.0/22
185.245.40.0/22
IPv6:
2a0c:f480::/29
2a0d:2480::/29
Signature Algorithm: sha256WithRSAEncryption
90:d3:a8:51:60:53:f1:67:ac:20:ef:45:96:31:28:1f:d4:9e:
a3:e8:63:21:97:5c:80:42:22:df:31:74:32:d0:14:b8:8e:a5:
11:e2:54:db:11:26:a3:33:71:c8:a4:fb:37:2d:f3:8d:bd:af:
47:1f:c7:48:ab:5b:c2:75:d6:9a:8d:51:1c:82:07:73:4d:e3:
2d:eb:38:fa:5b:89:d7:41:95:c1:af:bb:41:0f:70:b2:eb:8c:
17:00:03:72:03:36:1b:90:b1:97:27:a3:3f:5e:b9:4e:17:ee:
2d:08:7f:0d:29:25:1e:e4:ad:bf:3b:1f:2b:1e:b8:84:59:08:
2c:9b:e3:44:7e:30:f8:cb:40:d0:2f:13:cb:76:73:b0:cd:ca:
a7:18:f7:97:0e:e4:af:59:3b:cd:9f:cd:e4:19:59:ab:9c:f9:
06:c7:2b:7f:a3:50:45:e3:cb:81:0e:bd:a1:16:fe:2a:6a:4f:
a7:50:70:e1:ca:61:73:a4:a9:57:b5:1c:a6:9d:e7:bb:b0:f0:
0e:f8:77:eb:f6:db:2d:c4:41:ce:06:8b:2a:65:33:de:74:b1:
8e:28:d7:53:d3:c6:8c:9b:56:4f:e7:69:ef:62:73:c9:94:39:
92:9a:bc:a5:1e:98:d1:8b:20:f6:35:67:8f:f4:71:51:7e:9a:
b1:26:0e:85
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ5A0UVPHtVHPqtz3KsNH3/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjYwNTE5MTUxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTlmYmMxMjFlMGY0Mjk4ZWVhODhiODk0NzM4NzhmMDQxMzZhODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2y5kw2CZ1HLHq8eiJmqTg4CJdN1
drwoG0/yMz2gFAW4qerPYCWfW+6PFL81boRLN6FyBDcLBycrVQcSxSPQaBnaIJrR
hSZhmuKawytj3rlIwD5QvZjT7sb90aIiZCm9lkctSYwgeRznjcI0iPBCb1K5oO1M
SQVR9D7EViZkF4+0A072VJhSyHWXnMHq/GdsKUa9q/aK0m/wR0/mEcBdTetdCfnm
MH3tMgW7HxhxALGJ2O75UyeKjmhNxPoaz6yW4KdKeneyE9rSAI7RQ0BBppeiNS7z
0xSjl2tGm3AGoQZLb/crnXLTQHKit4bGwBlahptZIe4oWqilgx9iIhz+vwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFK6fvBIeD0KY7qiLiUc4ePBBNqgCMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvcnAtOEVoNFBRcGp1cUl1SlJ6aDQ4RUUycUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQBXbFMAwQC
XbuAAwQCue9UAwQCufLoAwQCufUoMBQEAgACMA4DBQMqDPSAAwUDKg0kgDANBgkq
hkiG9w0BAQsFAAOCAQEAkNOoUWBT8WesIO9FljEoH9Seo+hjIZdcgEIi3zF0MtAU
uI6lEeJU2xEmozNxyKT7Ny3zjb2vRx/HSKtbwnXWmo1RHIIHc03jLes4+luJ10GV
wa+7QQ9wsuuMFwADcgM2G5CxlyejP165ThfuLQh/DSklHuStvzsfKx64hFkILJvj
RH4w+MtA0C8Ty3ZzsM3Kpxj3lw7kr1k7zZ/N5BlZq5z5Bscrf6NQRePLgQ69oRb+
KmpPp1Bw4cphc6SpV7Ucpp3nu7DwDvh36/bbLcRBzgaLKmUz3nSxjijXU9PGjJtW
T+dp72JzyZQ5kpq8pR6Y0Ysg9jVnj/RxUX6asSYOhQ==
-----END CERTIFICATE-----
Generated at Tue Jun 2 22:00:49 2026 by rpki-client