Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/54c45c-4524-4177-bfac-a52424fb2a0e/1/02E3d24-cYfZLV0Glu5j5jr_NxA.roa
File: 02E3d24-cYfZLV0Glu5j5jr_NxA.roa (raw, json)
Hash identifier: HrKA9gSIFPjwKpZcyEJ7If9t0tL8iCIaN1xyRHRej0w=
Subject key identifier: D3:61:37:77:6E:3E:71:87:D9:2D:5D:06:96:EE:63:E6:3A:FF:37:10
Certificate issuer: /CN=128f0e5b0c1dec0051fe5e6ebeb58e7607f314b2
Certificate serial: 019ED03E7C6D9C256241C617237B373A06FC
Authority key identifier: 12:8F:0E:5B:0C:1D:EC:00:51:FE:5E:6E:BE:B5:8E:76:07:F3:14:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eo8OWwwd7ABR_l5uvrWOdgfzFLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/54c45c-4524-4177-bfac-a52424fb2a0e/1/02E3d24-cYfZLV0Glu5j5jr_NxA.roa
Signing time: Tue 16 Jun 2026 11:43:36 +0000
ROA not before: Tue 16 Jun 2026 11:43:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8487
IP address blocks: 78.41.160.0/21 maxlen: 21
78.41.184.0/21 maxlen: 21
85.12.128.0/18 maxlen: 18
92.43.128.0/21 maxlen: 21
185.41.180.0/22 maxlen: 22
193.19.216.0/22 maxlen: 22
193.42.213.0/24 maxlen: 24
193.46.203.0/24 maxlen: 24
194.246.101.0/24 maxlen: 24
195.62.42.0/23 maxlen: 23
2a00:1bf8::/32 maxlen: 32
2a02:c88::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/54c45c-4524-4177-bfac-a52424fb2a0e/1/Eo8OWwwd7ABR_l5uvrWOdgfzFLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/54c45c-4524-4177-bfac-a52424fb2a0e/1/Eo8OWwwd7ABR_l5uvrWOdgfzFLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eo8OWwwd7ABR_l5uvrWOdgfzFLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 21:41:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d0:3e:7c:6d:9c:25:62:41:c6:17:23:7b:37:3a:06:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=128f0e5b0c1dec0051fe5e6ebeb58e7607f314b2
Validity
Not Before: Jun 16 11:43:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d36137776e3e7187d92d5d0696ee63e63aff3710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:44:29:33:f8:fe:fd:27:cd:d7:d7:ce:5a:c1:
a5:bf:ea:48:c8:e9:11:2e:b6:46:f1:56:e4:aa:73:
ed:6e:9d:a0:c7:4d:6d:19:e5:3a:22:86:6d:f8:6e:
11:cb:ca:70:b3:d9:59:29:72:b1:4b:32:a7:18:17:
0e:2f:33:37:8f:0b:ea:3f:58:1a:66:2e:96:7b:a8:
de:f3:c7:43:86:c3:b6:5e:e4:26:46:c7:75:7d:46:
c9:e2:62:7c:1c:78:79:14:9c:b0:98:73:bb:df:37:
89:fe:f0:c6:a6:19:35:41:af:5b:fd:4b:db:a7:3c:
45:bf:b2:a2:bc:ee:d1:6e:22:bc:67:75:dd:65:02:
8d:84:0c:aa:fd:66:f8:e6:ca:d0:51:a7:66:e7:79:
7d:7b:57:92:10:56:48:f0:00:c2:ac:83:7d:1b:dc:
bb:a9:c2:2c:64:1d:c4:6e:a8:5c:5a:3d:66:46:af:
50:d9:89:dc:96:25:d9:4d:32:23:fb:61:9d:56:03:
26:cc:de:a9:9e:93:a3:fb:bb:dd:02:d5:c5:5b:3d:
b9:cb:08:44:3a:5c:9c:cb:a2:53:80:1a:bb:90:97:
8e:9f:6a:77:db:62:fe:49:74:86:63:74:96:56:05:
13:08:c7:a4:5c:7f:be:ff:f5:c2:95:e7:e8:24:7a:
24:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:61:37:77:6E:3E:71:87:D9:2D:5D:06:96:EE:63:E6:3A:FF:37:10
X509v3 Authority Key Identifier:
keyid:12:8F:0E:5B:0C:1D:EC:00:51:FE:5E:6E:BE:B5:8E:76:07:F3:14:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eo8OWwwd7ABR_l5uvrWOdgfzFLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/54c45c-4524-4177-bfac-a52424fb2a0e/1/02E3d24-cYfZLV0Glu5j5jr_NxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/54c45c-4524-4177-bfac-a52424fb2a0e/1/Eo8OWwwd7ABR_l5uvrWOdgfzFLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.160.0/21
78.41.184.0/21
85.12.128.0/18
92.43.128.0/21
185.41.180.0/22
193.19.216.0/22
193.42.213.0/24
193.46.203.0/24
194.246.101.0/24
195.62.42.0/23
IPv6:
2a00:1bf8::/32
2a02:c88::/32
Signature Algorithm: sha256WithRSAEncryption
93:c5:dd:14:ae:b8:22:9e:53:5c:b7:6b:18:a0:f2:37:71:82:
26:7f:4a:c0:f0:95:8c:c6:3d:45:40:31:aa:28:5b:60:1a:5c:
2a:8c:de:c7:02:5e:cb:65:cf:e5:f8:ce:87:7f:5d:27:ae:be:
77:a5:97:19:4f:e1:e9:c2:4e:02:ec:e0:d6:85:93:f2:57:ae:
9b:5a:e9:24:05:58:25:b5:09:74:bf:eb:a6:89:bd:eb:c5:26:
4e:d1:52:1a:aa:6a:b7:9e:8c:93:9b:55:b1:0a:86:85:3b:ad:
27:f6:c9:9f:41:a8:a5:1c:9d:66:4f:12:68:a6:bd:47:b6:27:
44:76:40:95:99:22:c8:88:18:9b:a9:aa:b9:17:e3:ec:62:fd:
fc:15:83:f8:68:b8:4f:27:95:01:be:4e:b2:bf:c3:fe:4e:07:
17:eb:d1:6a:0e:67:57:7b:62:a5:f0:bb:63:5d:b4:13:da:7a:
ea:e5:b1:16:7a:0b:13:b6:78:f9:8c:18:ac:0c:1e:55:79:71:
56:be:93:71:c4:0c:f8:08:9c:b4:fa:6a:9f:4f:70:3e:46:71:
2d:22:3e:e5:c6:ef:6c:d7:aa:ca:15:61:8a:7e:5c:84:09:f5:
b2:00:50:a6:02:76:6e:38:7f:7b:22:03:7f:91:42:d8:27:09:
83:4c:ee:8c
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZ7QPnxtnCViQcYXI3s3Ogb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyOGYwZTViMGMxZGVjMDA1MWZlNWU2ZWJlYjU4ZTc2MDdm
MzE0YjIwHhcNMjYwNjE2MTE0MzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzYxMzc3NzZlM2U3MTg3ZDkyZDVkMDY5NmVlNjNlNjNhZmYzNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEQpM/j+/SfN19fOWsGlv+pIyOkR
LrZG8VbkqnPtbp2gx01tGeU6IoZt+G4Ry8pws9lZKXKxSzKnGBcOLzM3jwvqP1ga
Zi6We6je88dDhsO2XuQmRsd1fUbJ4mJ8HHh5FJywmHO73zeJ/vDGphk1Qa9b/Uvb
pzxFv7KivO7RbiK8Z3XdZQKNhAyq/Wb45srQUadm53l9e1eSEFZI8ADCrIN9G9y7
qcIsZB3EbqhcWj1mRq9Q2YncliXZTTIj+2GdVgMmzN6pnpOj+7vdAtXFWz25ywhE
Olycy6JTgBq7kJeOn2p322L+SXSGY3SWVgUTCMekXH++//XClefoJHok4wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFNNhN3duPnGH2S1dBpbuY+Y6/zcQMB8GA1UdIwQY
MBaAFBKPDlsMHewAUf5ebr61jnYH8xSyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW84T1d3d2Q3QUJSX2w1dXZyV09kZ2Z6RkxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS81NGM0NWMtNDUyNC00MTc3LWJmYWMt
YTUyNDI0ZmIyYTBlLzEvMDJFM2QyNC1jWWZaTFYwR2x1NWo1anJfTnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS81NGM0NWMtNDUyNC00MTc3LWJmYWMtYTUyNDI0ZmIyYTBl
LzEvRW84T1d3d2Q3QUJSX2w1dXZyV09kZ2Z6RkxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQDTimgAwQD
Tim4AwQGVQyAAwQDXCuAAwQCuSm0AwQCwRPYAwQAwSrVAwQAwS7LAwQAwvZlAwQB
wz4qMBQEAgACMA4DBQAqABv4AwUAKgIMiDANBgkqhkiG9w0BAQsFAAOCAQEAk8Xd
FK64Ip5TXLdrGKDyN3GCJn9KwPCVjMY9RUAxqihbYBpcKozexwJey2XP5fjOh39d
J66+d6WXGU/h6cJOAuzg1oWT8leum1rpJAVYJbUJdL/rpom968UmTtFSGqpqt56M
k5tVsQqGhTutJ/bJn0GopRydZk8SaKa9R7YnRHZAlZkiyIgYm6mquRfj7GL9/BWD
+Gi4TyeVAb5Osr/D/k4HF+vRag5nV3tipfC7Y120E9p66uWxFnoLE7Z4+YwYrAwe
VXlxVr6TccQM+AictPpqn09wPkZxLSI+5cbvbNeqyhVhin5chAn1sgBQpgJ2bjh/
eyIDf5FC2CcJg0zujA==
-----END CERTIFICATE-----
Generated at Tue Jun 30 05:11:23 2026 by rpki-client