Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/E42ALr85hzHjr7r_9Z5V7NF6a-8.roa
File: E42ALr85hzHjr7r_9Z5V7NF6a-8.roa (raw, json)
Hash identifier: bMH2/YzfTbpse+/akM+4A9X/Bsc5TxJJDbOgKDKeGaQ=
Subject key identifier: 13:8D:80:2E:BF:39:87:31:E3:AF:BA:FF:F5:9E:55:EC:D1:7A:6B:EF
Certificate issuer: /CN=2b49e884a441f04b7f5e2ed474b5847e83212bcb
Certificate serial: 019EDFEE7BA1F45DFAA3DB2B0F9D3928F018
Authority key identifier: 2B:49:E8:84:A4:41:F0:4B:7F:5E:2E:D4:74:B5:84:7E:83:21:2B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/E42ALr85hzHjr7r_9Z5V7NF6a-8.roa
Signing time: Fri 19 Jun 2026 12:50:08 +0000
ROA not before: Fri 19 Jun 2026 12:50:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 196827
IP address blocks: 185.23.216.0/23 maxlen: 23
2a00:5d20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:df:ee:7b:a1:f4:5d:fa:a3:db:2b:0f:9d:39:28:f0:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b49e884a441f04b7f5e2ed474b5847e83212bcb
Validity
Not Before: Jun 19 12:50:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=138d802ebf398731e3afbafff59e55ecd17a6bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2e:c0:db:15:57:95:ae:e0:87:a3:48:d6:9b:
90:5f:b4:15:42:c0:e4:f0:c9:da:30:bb:3c:60:23:
28:b4:39:97:07:7a:ad:ed:28:e1:c3:fa:0e:af:e4:
fb:7c:9c:88:f7:94:0b:0e:eb:60:bb:cc:9a:fa:51:
a8:51:f9:47:4e:f1:18:c6:5f:76:a9:84:c9:45:9f:
21:6d:4a:24:99:25:da:01:86:31:93:b4:d1:a0:90:
52:cf:22:c7:f5:11:43:11:a4:71:21:6a:f2:5c:df:
99:ce:62:3a:9c:8a:90:06:e3:b1:b8:4b:7e:40:a2:
f1:59:c6:93:97:02:d3:25:73:32:f6:df:19:ff:a5:
10:8d:96:fa:16:16:13:d4:6f:94:3c:dd:1d:b9:52:
4b:21:62:5a:12:81:ea:48:e9:67:c0:5c:7a:0f:ba:
7b:e0:ac:3b:a9:7f:73:6f:6c:3e:92:e4:64:40:8a:
08:6a:e6:da:d7:6e:7b:4d:3e:56:86:86:26:cf:88:
b0:db:f8:b7:08:55:c6:e4:20:53:ae:c5:c5:39:7e:
6b:14:5c:7e:84:4a:eb:52:3d:d8:ee:b1:2e:02:04:
55:e2:cd:22:53:83:cc:2b:cd:bd:62:f5:4b:4d:93:
8c:7f:c3:79:a3:d7:39:9d:b5:7c:14:0b:63:e9:cb:
44:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:8D:80:2E:BF:39:87:31:E3:AF:BA:FF:F5:9E:55:EC:D1:7A:6B:EF
X509v3 Authority Key Identifier:
keyid:2B:49:E8:84:A4:41:F0:4B:7F:5E:2E:D4:74:B5:84:7E:83:21:2B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/E42ALr85hzHjr7r_9Z5V7NF6a-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.216.0/23
IPv6:
2a00:5d20::/32
Signature Algorithm: sha256WithRSAEncryption
75:61:99:b3:9d:7f:0e:50:90:31:a2:91:9b:fe:8e:c3:c3:4f:
45:b7:7a:85:21:ca:39:ee:c0:2a:19:e8:b7:55:a3:92:45:34:
1a:a3:a4:68:e8:20:b1:c0:f3:35:9e:57:0f:8f:2d:7c:43:27:
b0:af:ed:dc:18:93:d0:3a:50:ea:de:dc:3e:17:46:d3:cd:ee:
1d:c1:62:59:92:aa:f5:da:b5:bf:94:8d:90:46:e3:54:f6:ff:
5b:fa:cf:0d:c4:92:c2:d6:ed:0d:f8:56:c1:48:70:11:3e:ba:
a9:4a:ad:a5:05:81:20:12:c0:25:0c:e1:1e:f6:0c:f1:ec:97:
13:df:a8:30:04:f6:2f:84:93:be:55:db:5b:09:f4:d2:1b:1c:
bc:8c:8f:95:d6:72:dc:56:21:bb:b0:e3:ba:0a:40:eb:6c:ef:
cf:b2:65:3f:b1:b9:46:74:e1:ba:9e:fb:cc:ad:1e:bb:73:23:
b4:4c:01:18:52:73:49:0c:aa:36:c4:85:84:98:31:ac:21:3b:
21:d9:a9:5f:3a:c3:ba:66:5f:eb:bc:70:86:86:92:42:ed:c3:
a0:cf:2c:01:ae:78:68:7a:95:24:2c:d9:a7:d0:c4:fb:4a:68:
2f:8d:a4:8f:3b:45:9e:06:49:04:d9:9f:76:8c:42:29:04:9e:
8e:97:91:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ7f7nuh9F36o9srD505KPAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNDllODg0YTQ0MWYwNGI3ZjVlMmVkNDc0YjU4NDdlODMy
MTJiY2IwHhcNMjYwNjE5MTI1MDA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzhkODAyZWJmMzk4NzMxZTNhZmJhZmZmNTllNTVlY2QxN2E2YmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuC7A2xVXla7gh6NI1puQX7QVQsDk
8MnaMLs8YCMotDmXB3qt7Sjhw/oOr+T7fJyI95QLDutgu8ya+lGoUflHTvEYxl92
qYTJRZ8hbUokmSXaAYYxk7TRoJBSzyLH9RFDEaRxIWryXN+ZzmI6nIqQBuOxuEt+
QKLxWcaTlwLTJXMy9t8Z/6UQjZb6FhYT1G+UPN0duVJLIWJaEoHqSOlnwFx6D7p7
4Kw7qX9zb2w+kuRkQIoIauba1257TT5WhoYmz4iw2/i3CFXG5CBTrsXFOX5rFFx+
hErrUj3Y7rEuAgRV4s0iU4PMK829YvVLTZOMf8N5o9c5nbV8FAtj6ctEbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBONgC6/OYcx46+6//WeVezRemvvMB8GA1UdIwQY
MBaAFCtJ6ISkQfBLf14u1HS1hH6DISvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hZjUyOGMtZmY0MS00ZWVmLThhOTMt
NDJkZDk4NWNkN2IwLzEvRTQyQUxyODVoekhqcjdyXzlaNVY3TkY2YS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hZjUyOGMtZmY0MS00ZWVmLThhOTMtNDJkZDk4NWNkN2Iw
LzEvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuRfYMA0E
AgACMAcDBQAqAF0gMA0GCSqGSIb3DQEBCwUAA4IBAQB1YZmznX8OUJAxopGb/o7D
w09Ft3qFIco57sAqGei3VaOSRTQao6Ro6CCxwPM1nlcPjy18Qyewr+3cGJPQOlDq
3tw+F0bTze4dwWJZkqr12rW/lI2QRuNU9v9b+s8NxJLC1u0N+FbBSHARPrqpSq2l
BYEgEsAlDOEe9gzx7JcT36gwBPYvhJO+VdtbCfTSGxy8jI+V1nLcViG7sOO6CkDr
bO/PsmU/sblGdOG6nvvMrR67cyO0TAEYUnNJDKo2xIWEmDGsITsh2alfOsO6Zl/r
vHCGhpJC7cOgzywBrnhoepUkLNmn0MT7SmgvjaSPO0WeBkkE2Z92jEIpBJ6Ol5HU
-----END CERTIFICATE-----
Generated at Tue Jun 30 23:31:27 2026 by rpki-client