Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/elofHZNxGzzmXFN_LtIEeHW7zFA.roa
File: elofHZNxGzzmXFN_LtIEeHW7zFA.roa (raw, json)
Hash identifier: VSVilA+8Nz4FBVNnLzygMzCC80tDqQMuP9pA3OT9k8o=
Subject key identifier: 7A:5A:1F:1D:93:71:1B:3C:E6:5C:53:7F:2E:D2:04:78:75:BB:CC:50
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019E4B5400C33542FE5AB4994221421104ED
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/elofHZNxGzzmXFN_LtIEeHW7zFA.roa
Signing time: Thu 21 May 2026 16:17:36 +0000
ROA not before: Thu 21 May 2026 16:17:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 54903
IP address blocks: 93.120.0.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 04:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4b:54:00:c3:35:42:fe:5a:b4:99:42:21:42:11:04:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 21 16:17:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7a5a1f1d93711b3ce65c537f2ed2047875bbcc50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d3:85:79:50:1d:9b:4b:7f:56:e5:c0:27:88:
42:6f:c4:dd:f8:ca:56:20:67:26:c0:74:e1:a0:fd:
9f:f9:2e:37:79:71:5a:7b:95:62:9b:e3:b3:df:85:
90:b6:c1:2b:d4:13:97:56:2f:45:b9:b3:fc:6e:b1:
67:fc:e5:df:2a:1d:0e:3b:42:e0:fa:c0:45:54:ce:
86:ed:ff:2b:7e:78:0c:3a:de:0a:e6:2f:88:e8:ab:
1f:06:9b:2d:63:16:dd:96:ed:f4:78:ff:67:3f:cf:
23:ba:09:aa:30:ee:ee:21:07:b7:3a:24:16:c4:9f:
ec:59:5a:49:24:19:53:0b:8b:e8:6d:72:0f:25:52:
00:ae:91:05:e4:25:77:37:65:43:0f:84:99:29:ee:
74:ec:54:41:66:c9:63:b1:52:2f:71:30:9d:ba:ec:
3d:58:2e:b4:34:0a:28:b2:06:8d:5a:c2:33:98:41:
60:73:5b:8d:d6:94:80:0b:74:c8:04:df:d6:78:9d:
3c:64:bd:b9:c0:3b:2d:cb:4e:79:db:4f:14:6f:16:
8b:d9:dd:45:42:ae:d8:3d:9a:3f:4d:6a:36:24:57:
5b:66:5f:1e:5b:dc:e6:ad:54:56:e4:91:44:b6:7d:
93:62:76:42:d5:53:69:34:ff:8a:a1:15:64:72:4a:
bb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:5A:1F:1D:93:71:1B:3C:E6:5C:53:7F:2E:D2:04:78:75:BB:CC:50
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/elofHZNxGzzmXFN_LtIEeHW7zFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.120.0.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:0b:c0:e6:aa:7e:4e:1b:dc:6e:c6:de:bd:0d:6f:4c:9e:28:
19:b9:c1:b6:c9:66:7d:56:95:42:2a:a4:30:bb:59:9c:20:90:
44:3b:d7:65:da:20:23:27:c2:8f:fb:7e:f4:f7:11:6a:fb:22:
6a:4b:95:1d:57:02:29:52:1c:22:73:e0:c3:62:80:d1:57:07:
75:14:e4:72:24:a5:64:05:0a:fe:8d:67:95:b8:33:1e:1a:44:
cb:b4:ee:c8:26:36:db:eb:63:2b:9f:b8:9d:63:92:9e:5f:db:
ab:ff:f9:1a:af:b4:b9:9f:10:6e:f3:7a:73:8d:14:26:07:2f:
a2:6a:82:51:c3:d5:3c:2a:60:8a:07:39:6a:6b:72:3f:b5:89:
62:33:cd:7b:13:26:d9:b1:99:30:ea:cf:12:5e:1f:00:27:9d:
59:4c:47:ff:d0:ee:b6:bf:1d:52:e4:10:fe:60:0c:8e:9c:06:
cb:19:c3:cc:ec:ed:00:f6:3f:d7:0d:9c:03:da:0b:28:ec:ac:
58:4f:15:23:ff:e8:98:a0:4f:f7:60:b6:95:07:82:66:e9:65:
6e:ff:16:da:5a:76:fd:31:32:b2:0a:24:3f:53:b1:fa:9d:4f:
e9:bc:a2:34:04:4b:4a:92:5d:de:d0:9d:20:32:c3:8a:07:a2:
1c:cf:14:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5LVADDNUL+WrSZQiFCEQTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjYwNTIxMTYxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTVhMWYxZDkzNzExYjNjZTY1YzUzN2YyZWQyMDQ3ODc1YmJjYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9OFeVAdm0t/VuXAJ4hCb8Td+MpW
IGcmwHThoP2f+S43eXFae5Vim+Oz34WQtsEr1BOXVi9FubP8brFn/OXfKh0OO0Lg
+sBFVM6G7f8rfngMOt4K5i+I6KsfBpstYxbdlu30eP9nP88jugmqMO7uIQe3OiQW
xJ/sWVpJJBlTC4vobXIPJVIArpEF5CV3N2VDD4SZKe507FRBZsljsVIvcTCduuw9
WC60NAoosgaNWsIzmEFgc1uN1pSAC3TIBN/WeJ08ZL25wDsty055208UbxaL2d1F
Qq7YPZo/TWo2JFdbZl8eW9zmrVRW5JFEtn2TYnZC1VNpNP+KoRVkckq7NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHpaHx2TcRs85lxTfy7SBHh1u8xQMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvZWxvZkhaTnhHenptWEZOX0x0SUVlSFc3ekZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXXgAMA0G
CSqGSIb3DQEBCwUAA4IBAQCKC8Dmqn5OG9xuxt69DW9MnigZucG2yWZ9VpVCKqQw
u1mcIJBEO9dl2iAjJ8KP+3709xFq+yJqS5UdVwIpUhwic+DDYoDRVwd1FORyJKVk
BQr+jWeVuDMeGkTLtO7IJjbb62Mrn7idY5KeX9ur//kar7S5nxBu83pzjRQmBy+i
aoJRw9U8KmCKBzlqa3I/tYliM817EybZsZkw6s8SXh8AJ51ZTEf/0O62vx1S5BD+
YAyOnAbLGcPM7O0A9j/XDZwD2gso7KxYTxUj/+iYoE/3YLaVB4Jm6WVu/xbaWnb9
MTKyCiQ/U7H6nU/pvKI0BEtKkl3e0J0gMsOKB6IczxS1
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:24 2026 by rpki-client