Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/EBa6yK4TRC8OVIQMFU98NVjSuho.roa
File: EBa6yK4TRC8OVIQMFU98NVjSuho.roa (raw, json)
Hash identifier: tNH/MDWFDmQSPPVeIDxynfQhHQbPylYYP8LI8I5o/dA=
Subject key identifier: 10:16:BA:C8:AE:13:44:2F:0E:54:84:0C:15:4F:7C:35:58:D2:BA:1A
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019E6A70081A4C4C8FB6FEC5838332CD9D13
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/EBa6yK4TRC8OVIQMFU98NVjSuho.roa
Signing time: Wed 27 May 2026 17:16:27 +0000
ROA not before: Wed 27 May 2026 17:16:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202656
IP address blocks: 31.41.251.0/24 maxlen: 24
31.41.252.0/24 maxlen: 24
31.41.254.0/24 maxlen: 24
37.72.128.0/24 maxlen: 24
45.87.126.0/24 maxlen: 24
45.95.29.0/24 maxlen: 24
45.128.125.0/24 maxlen: 24
45.128.126.0/24 maxlen: 24
45.128.127.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.151.29.0/24 maxlen: 24
46.174.196.0/24 maxlen: 24
83.138.54.0/24 maxlen: 24
88.151.8.0/24 maxlen: 24
91.212.103.0/24 maxlen: 24
94.154.190.0/24 maxlen: 24
176.116.15.0/24 maxlen: 24
176.126.96.0/24 maxlen: 24
186.246.86.0/24 maxlen: 24
193.28.178.0/24 maxlen: 24
193.187.105.0/24 maxlen: 24
193.201.10.0/24 maxlen: 24
194.59.187.0/24 maxlen: 24
195.96.159.0/24 maxlen: 24
2a12:641::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6a:70:08:1a:4c:4c:8f:b6:fe:c5:83:83:32:cd:9d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 27 17:16:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1016bac8ae13442f0e54840c154f7c3558d2ba1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7a:ba:cf:32:a2:69:86:3e:45:a0:2c:a0:f4:
8f:dd:93:cb:66:39:ab:22:94:a3:83:a6:e3:69:21:
c7:f9:1a:f5:f0:88:c1:e2:81:a8:f2:3d:4f:3d:bb:
73:67:0b:49:48:3d:30:0e:4a:1e:b4:76:fc:df:86:
49:9b:eb:7f:50:a5:f6:df:54:b1:52:a2:26:98:48:
80:ea:91:de:eb:fa:98:59:73:fe:11:a7:d0:52:37:
0f:0d:01:73:28:37:9b:6d:98:9c:9f:40:58:b3:94:
fb:15:7a:33:c6:91:f3:e2:af:69:76:7f:f1:67:07:
ff:2f:06:85:76:da:81:ed:dc:79:ce:3b:26:a4:ed:
fc:78:fb:74:1c:de:10:da:32:21:9a:b6:77:cd:84:
cb:cf:98:ef:af:c1:35:0d:67:ee:b4:27:c1:0d:90:
70:75:14:05:94:9b:7f:03:f5:85:c8:e4:b6:6f:cc:
4f:e0:a3:03:d7:d7:40:d7:d8:32:08:e3:c8:ad:86:
a9:bb:95:5c:87:90:25:b0:f1:1e:21:be:72:8f:11:
e9:a8:75:2a:d6:26:45:0d:37:92:a8:21:51:01:26:
13:f3:90:83:b8:91:0e:ca:a9:e6:9d:8f:d2:0f:41:
48:9b:4b:54:04:5b:d7:ae:6d:0f:3a:db:3a:11:54:
b6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:16:BA:C8:AE:13:44:2F:0E:54:84:0C:15:4F:7C:35:58:D2:BA:1A
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/EBa6yK4TRC8OVIQMFU98NVjSuho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.251.0-31.41.252.255
31.41.254.0/24
37.72.128.0/24
45.87.126.0/24
45.95.29.0/24
45.128.125.0-45.128.128.255
45.151.29.0/24
46.174.196.0/24
83.138.54.0/24
88.151.8.0/24
91.212.103.0/24
94.154.190.0/24
176.116.15.0/24
176.126.96.0/24
186.246.86.0/24
193.28.178.0/24
193.187.105.0/24
193.201.10.0/24
194.59.187.0/24
195.96.159.0/24
IPv6:
2a12:641::/32
Signature Algorithm: sha256WithRSAEncryption
a1:dd:3a:ce:1f:be:8a:74:ea:93:d8:82:44:1c:74:42:3c:9e:
2c:1c:05:f7:bd:24:4e:a8:7e:0b:75:d4:94:c1:ef:de:f5:80:
6f:5c:e6:97:5c:5c:83:36:56:13:83:11:96:9e:7e:22:f6:93:
d5:35:b1:67:9c:b8:ac:8d:bf:6e:03:54:42:8c:4e:bd:5f:46:
ea:80:67:a5:ee:7f:32:cf:d2:e6:50:ca:f8:3d:69:f0:5e:79:
c5:e3:5d:68:0d:cc:ea:96:59:95:a9:60:cf:46:77:ec:e6:95:
0f:51:e6:32:73:42:4b:88:bc:bb:69:78:06:e4:11:68:0b:5f:
4d:d6:73:f1:04:86:20:91:3d:0e:87:de:72:a3:00:1e:c3:4d:
44:13:05:f2:f6:94:21:49:ae:42:80:c2:89:20:fb:21:63:9f:
7a:e6:f1:0d:d0:71:f2:14:76:70:69:5b:43:10:37:80:28:bf:
b8:a8:4b:e2:a9:01:ac:9d:79:d9:bd:09:9c:75:64:d3:06:d2:
c1:8d:75:00:1c:0d:8d:87:63:86:5b:76:d2:1b:cd:71:d5:12:
40:d7:be:3a:c5:f0:44:42:c5:b5:4d:56:d9:2d:62:ba:88:f8:
0d:ce:ad:09:db:4e:a9:f5:74:8a:f7:40:95:b7:38:0c:56:bc:
f0:ac:d2:d8
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZ5qcAgaTEyPtv7Fg4MyzZ0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNTI3MTcxNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDE2YmFjOGFlMTM0NDJmMGU1NDg0MGMxNTRmN2MzNTU4ZDJiYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHq6zzKiaYY+RaAsoPSP3ZPLZjmr
IpSjg6bjaSHH+Rr18IjB4oGo8j1PPbtzZwtJSD0wDkoetHb834ZJm+t/UKX231Sx
UqImmEiA6pHe6/qYWXP+EafQUjcPDQFzKDebbZicn0BYs5T7FXozxpHz4q9pdn/x
Zwf/LwaFdtqB7dx5zjsmpO38ePt0HN4Q2jIhmrZ3zYTLz5jvr8E1DWfutCfBDZBw
dRQFlJt/A/WFyOS2b8xP4KMD19dA19gyCOPIrYapu5Vch5AlsPEeIb5yjxHpqHUq
1iZFDTeSqCFRASYT85CDuJEOyqnmnY/SD0FIm0tUBFvXrm0POts6EVS2XQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFBAWusiuE0QvDlSEDBVPfDVY0roaMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvRUJhNnlLNFRSQzhPVklRTUZVOThOVmpTdWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBjwQCAAEwgYgwDAME
AB8p+wMEAB8p/AMEAB8p/gMEACVIgAMEAC1XfgMEAC1fHTAMAwQALYB9AwQALYCA
AwQALZcdAwQALq7EAwQAU4o2AwQAWJcIAwQAW9RnAwQAXpq+AwQAsHQPAwQAsH5g
AwQAuvZWAwQAwRyyAwQAwbtpAwQAwckKAwQAwju7AwQAw2CfMA0EAgACMAcDBQAq
EgZBMA0GCSqGSIb3DQEBCwUAA4IBAQCh3TrOH76KdOqT2IJEHHRCPJ4sHAX3vSRO
qH4LddSUwe/e9YBvXOaXXFyDNlYTgxGWnn4i9pPVNbFnnLisjb9uA1RCjE69X0bq
gGel7n8yz9LmUMr4PWnwXnnF411oDczqllmVqWDPRnfs5pUPUeYyc0JLiLy7aXgG
5BFoC19N1nPxBIYgkT0Oh95yowAew01EEwXy9pQhSa5CgMKJIPshY5965vEN0HHy
FHZwaVtDEDeAKL+4qEviqQGsnXnZvQmcdWTTBtLBjXUAHA2Nh2OGW3bSG81x1RJA
1746xfBEQsW1TVbZLWK6iPgNzq0J206p9XSK90CVtzgMVrzwrNLY
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:55:37 2026 by rpki-client