Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/15bd53-994a-46f2-9e6e-71887d0a83be/1/EEs8_2SQ9wdEKnETnYAXwnbvPvI.roa
File: EEs8_2SQ9wdEKnETnYAXwnbvPvI.roa (raw, json)
Hash identifier: CFxGxtKRpFSwMaRFJt3q5WoVWboKnoyoeoco0rArRao=
Subject key identifier: 10:4B:3C:FF:64:90:F7:07:44:2A:71:13:9D:80:17:C2:76:EF:3E:F2
Certificate issuer: /CN=c4dff0e15237805507af5d03abedeb8832b4b8cb
Certificate serial: 019E8918D76A3DE5D69C2AB1D98D64696B18
Authority key identifier: C4:DF:F0:E1:52:37:80:55:07:AF:5D:03:AB:ED:EB:88:32:B4:B8:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xN_w4VI3gFUHr10Dq-3riDK0uMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/15bd53-994a-46f2-9e6e-71887d0a83be/1/EEs8_2SQ9wdEKnETnYAXwnbvPvI.roa
Signing time: Tue 02 Jun 2026 16:09:27 +0000
ROA not before: Tue 02 Jun 2026 16:09:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60255
IP address blocks: 158.94.185.0/24 maxlen: 24
165.65.206.0/23 maxlen: 24
185.190.196.0/22 maxlen: 24
2a0e:2e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/15bd53-994a-46f2-9e6e-71887d0a83be/1/xN_w4VI3gFUHr10Dq-3riDK0uMs.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/15bd53-994a-46f2-9e6e-71887d0a83be/1/xN_w4VI3gFUHr10Dq-3riDK0uMs.mft
rsync://rpki.ripe.net/repository/DEFAULT/xN_w4VI3gFUHr10Dq-3riDK0uMs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:89:18:d7:6a:3d:e5:d6:9c:2a:b1:d9:8d:64:69:6b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4dff0e15237805507af5d03abedeb8832b4b8cb
Validity
Not Before: Jun 2 16:09:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=104b3cff6490f707442a71139d8017c276ef3ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0c:24:c2:bb:e0:6d:eb:34:64:dd:ed:9b:8c:
2e:a4:cb:28:8e:35:83:c8:35:b3:ee:59:08:5f:f5:
24:b5:2a:8b:0f:7b:06:8a:68:a8:30:67:03:1b:b6:
f7:64:4c:2b:9c:e7:d8:a6:23:3d:f2:e5:5e:70:c1:
38:2c:3b:82:8e:ff:e6:fa:91:e0:76:3b:cf:7a:4e:
02:59:d6:93:41:8d:bf:44:f2:cb:b3:27:7e:7e:1d:
b4:a0:c4:6c:8a:55:ea:8a:f3:a8:f8:da:d5:f7:18:
eb:15:12:09:d9:52:92:2c:b9:a8:a3:e2:89:95:3f:
c4:0d:fe:20:25:f4:ba:0c:d9:f7:47:6d:e9:3e:09:
90:f7:a4:4a:71:61:05:d4:b8:7e:98:3f:e2:b2:31:
9f:21:d6:78:70:eb:29:af:ef:2c:53:7f:34:39:b5:
7d:fe:d1:33:b9:8d:e4:20:c5:7e:8b:23:18:c2:2e:
50:51:c5:c8:b3:2c:b4:b0:e7:83:b9:38:6e:fd:b0:
6a:6a:32:b2:e8:0a:ec:a6:96:e2:d7:ad:c5:48:8f:
58:82:87:1d:d6:ef:1f:a6:83:08:0f:78:a5:c3:02:
41:ff:3e:54:c7:c6:14:c9:9d:bc:ee:83:fc:6e:58:
41:bb:d3:a5:11:78:17:3f:6c:7e:7a:08:a6:71:5e:
32:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:4B:3C:FF:64:90:F7:07:44:2A:71:13:9D:80:17:C2:76:EF:3E:F2
X509v3 Authority Key Identifier:
keyid:C4:DF:F0:E1:52:37:80:55:07:AF:5D:03:AB:ED:EB:88:32:B4:B8:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN_w4VI3gFUHr10Dq-3riDK0uMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/15bd53-994a-46f2-9e6e-71887d0a83be/1/EEs8_2SQ9wdEKnETnYAXwnbvPvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/15bd53-994a-46f2-9e6e-71887d0a83be/1/xN_w4VI3gFUHr10Dq-3riDK0uMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.94.185.0/24
165.65.206.0/23
185.190.196.0/22
IPv6:
2a0e:2e80::/29
Signature Algorithm: sha256WithRSAEncryption
4d:82:a4:a7:c2:ad:03:1c:1e:58:db:63:82:67:1d:5b:86:0a:
92:95:1d:ce:83:0a:77:63:16:74:6f:db:da:22:5e:04:e2:2a:
6a:88:6b:ee:ba:42:1b:35:1d:3c:d6:93:79:3d:bd:ce:61:39:
8b:db:ce:b0:3d:5e:63:0f:77:bf:c3:9c:ef:02:1c:b1:5a:53:
9d:ec:ab:36:85:0e:98:0f:32:f8:e3:49:44:24:7d:d6:7c:07:
d7:ed:43:cd:93:41:d6:d0:1c:82:d9:3f:bb:1a:f7:b3:7c:b2:
20:25:01:8c:c1:38:f0:c5:8f:6d:19:ea:1e:6c:2b:c7:7b:0f:
b3:b2:ae:cb:c6:e6:6b:29:e8:fe:9b:2f:d6:54:30:33:f0:74:
6d:88:72:fb:76:5d:09:58:3f:ea:33:c1:32:e7:73:a0:29:de:
3e:c2:6b:e1:83:4e:2c:89:30:87:50:d7:76:94:ab:2b:7a:cc:
24:16:cd:f4:01:29:1b:b1:71:b7:c2:b8:e0:7c:61:6e:ed:6b:
f5:7b:30:9e:6d:c9:1e:26:8b:7e:69:57:e3:02:91:a7:e5:8f:
d8:74:e7:70:5f:56:3a:13:d5:7e:d8:b0:ac:b3:90:70:40:64:
b8:0e:a3:c6:f4:eb:d3:c2:68:a2:cd:6a:ba:9a:85:97:2a:96:
3d:f8:dc:e2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ6JGNdqPeXWnCqx2Y1kaWsYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZGZmMGUxNTIzNzgwNTUwN2FmNWQwM2FiZWRlYjg4MzJi
NGI4Y2IwHhcNMjYwNjAyMTYwOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDRiM2NmZjY0OTBmNzA3NDQyYTcxMTM5ZDgwMTdjMjc2ZWYzZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQwkwrvgbes0ZN3tm4wupMsojjWD
yDWz7lkIX/UktSqLD3sGimioMGcDG7b3ZEwrnOfYpiM98uVecME4LDuCjv/m+pHg
djvPek4CWdaTQY2/RPLLsyd+fh20oMRsilXqivOo+NrV9xjrFRIJ2VKSLLmoo+KJ
lT/EDf4gJfS6DNn3R23pPgmQ96RKcWEF1Lh+mD/isjGfIdZ4cOspr+8sU380ObV9
/tEzuY3kIMV+iyMYwi5QUcXIsyy0sOeDuThu/bBqajKy6Arsppbi163FSI9Ygocd
1u8fpoMID3ilwwJB/z5Ux8YUyZ287oP8blhBu9OlEXgXP2x+egimcV4yjQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBBLPP9kkPcHRCpxE52AF8J27z7yMB8GA1UdIwQY
MBaAFMTf8OFSN4BVB69dA6vt64gytLjLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE5fdzRWSTNnRlVIcjEwRHEtM3JpREswdU1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xNWJkNTMtOTk0YS00NmYyLTllNmUt
NzE4ODdkMGE4M2JlLzEvRUVzOF8yU1E5d2RFS25FVG5ZQVh3bmJ2UHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xNWJkNTMtOTk0YS00NmYyLTllNmUtNzE4ODdkMGE4M2Jl
LzEveE5fdzRWSTNnRlVIcjEwRHEtM3JpREswdU1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAnl65AwQB
pUHOAwQCub7EMA0EAgACMAcDBQMqDi6AMA0GCSqGSIb3DQEBCwUAA4IBAQBNgqSn
wq0DHB5Y22OCZx1bhgqSlR3Ogwp3YxZ0b9vaIl4E4ipqiGvuukIbNR081pN5Pb3O
YTmL286wPV5jD3e/w5zvAhyxWlOd7Ks2hQ6YDzL440lEJH3WfAfX7UPNk0HW0ByC
2T+7GvezfLIgJQGMwTjwxY9tGeoebCvHew+zsq7LxuZrKej+my/WVDAz8HRtiHL7
dl0JWD/qM8Ey53OgKd4+wmvhg04siTCHUNd2lKsreswkFs30ASkbsXG3wrjgfGFu
7Wv1ezCebckeJot+aVfjApGn5Y/YdOdwX1Y6E9V+2LCss5BwQGS4DqPG9OvTwmii
zWq6moWXKpY9+Nzi
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:37:31 2026 by rpki-client