Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/Eh8M9ZVEjYr91zbyjbSRX3Je80k.roa
File: Eh8M9ZVEjYr91zbyjbSRX3Je80k.roa (raw, json)
Hash identifier: BvnUBjZ0Rmp8dq9AlybMB3qp6U0u9VozkYMYIwmfNCc=
Subject key identifier: 12:1F:0C:F5:95:44:8D:8A:FD:D7:36:F2:8D:B4:91:5F:72:5E:F3:49
Certificate issuer: /CN=9a8053bcd2c4d8a7a2a325e2b7464166a5e48ddd
Certificate serial: 019B7A5A8A24EB77361F2CA50DC895AB0B2B
Authority key identifier: 9A:80:53:BC:D2:C4:D8:A7:A2:A3:25:E2:B7:46:41:66:A5:E4:8D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/Eh8M9ZVEjYr91zbyjbSRX3Je80k.roa
Signing time: Thu 01 Jan 2026 16:18:32 +0000
ROA not before: Thu 01 Jan 2026 16:18:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39862
IP address blocks: 45.132.92.0/24 maxlen: 24
45.132.93.0/24 maxlen: 24
45.132.94.0/24 maxlen: 24
45.132.95.0/24 maxlen: 24
193.34.140.0/24 maxlen: 24
193.34.141.0/24 maxlen: 24
194.50.254.0/24 maxlen: 24
2a0e:69c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Feb 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:5a:8a:24:eb:77:36:1f:2c:a5:0d:c8:95:ab:0b:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a8053bcd2c4d8a7a2a325e2b7464166a5e48ddd
Validity
Not Before: Jan 1 16:18:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=121f0cf595448d8afdd736f28db4915f725ef349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9f:be:e9:b6:5f:0f:de:47:e4:0a:82:66:d7:
4b:41:1c:aa:d3:be:61:60:eb:ca:bd:ba:9a:a6:93:
c0:f0:4d:b0:4c:ef:d0:18:98:1c:73:1a:48:74:c7:
cd:83:40:84:08:f3:45:47:fa:ee:63:64:8d:d6:fe:
c2:ba:ed:67:35:28:29:d2:4a:39:d0:24:f4:ff:52:
84:1f:0e:8c:b1:7f:12:1c:4e:5e:0d:3f:db:8d:c5:
3a:e9:3f:b7:67:a8:a0:e0:58:48:94:2f:b4:30:b2:
e3:30:78:ed:6a:53:58:77:60:a0:90:bb:f7:8a:69:
f5:b3:ac:e9:fa:7e:8b:85:74:34:89:40:54:fb:4a:
d1:42:1f:50:73:98:17:0f:8b:f0:71:c1:9c:b2:89:
a9:ea:f6:f9:96:a9:c0:db:6c:bc:54:f5:a4:36:ec:
8b:a8:19:dc:80:97:96:f5:d0:a3:9a:ed:40:9f:98:
6f:f6:e4:b8:37:8b:b9:b0:f0:09:c1:5e:2c:c3:4e:
96:4d:27:43:ee:37:d9:0e:11:86:44:96:64:cd:43:
dc:b0:3c:27:f7:90:f7:0e:e9:77:c0:6e:f3:b1:96:
ef:2b:cb:01:e2:70:a1:8f:e1:3f:9a:01:3b:f2:1c:
cd:ff:8a:b9:4e:67:27:af:56:54:a1:e3:c8:ac:b0:
1e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:1F:0C:F5:95:44:8D:8A:FD:D7:36:F2:8D:B4:91:5F:72:5E:F3:49
X509v3 Authority Key Identifier:
keyid:9A:80:53:BC:D2:C4:D8:A7:A2:A3:25:E2:B7:46:41:66:A5:E4:8D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/Eh8M9ZVEjYr91zbyjbSRX3Je80k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.92.0/22
193.34.140.0/23
194.50.254.0/24
IPv6:
2a0e:69c0::/48
Signature Algorithm: sha256WithRSAEncryption
23:58:e9:e3:84:ca:db:e2:51:9c:e9:2a:f9:d6:08:1b:74:94:
e6:80:dd:ba:f4:07:5a:7e:24:04:70:4e:bb:12:aa:22:ce:ae:
83:90:61:5c:e8:7e:0e:71:fa:d5:d2:47:c7:7e:5f:5b:b2:23:
ab:fa:a4:46:f1:c1:d9:70:7f:0c:2d:53:64:03:34:41:23:bb:
d8:38:32:bd:45:af:5b:ca:e0:fa:e2:1c:af:9e:11:cb:51:cc:
cd:d5:83:4b:ab:e2:b4:8b:a1:23:40:f1:6d:68:8f:e9:a7:37:
9f:3a:aa:e3:20:27:3f:f5:e0:05:1b:74:e1:15:07:2a:c7:3e:
9a:20:2c:fa:4b:85:2e:ef:33:83:77:ba:4c:eb:ac:5d:17:a8:
1a:0b:b7:ef:91:1e:0a:4f:54:68:b0:3f:b5:42:0a:24:ff:d6:
9b:ff:91:26:a9:80:5a:b2:60:61:11:4e:9f:dd:d8:66:44:87:
97:e8:92:82:a2:44:79:3a:49:d9:7e:85:3e:a4:99:45:0f:31:
d0:07:9b:c6:1c:f6:cc:ea:1a:b1:1c:78:32:80:39:07:63:d8:
0d:bb:cd:2c:ac:f2:91:8e:ae:a6:b6:74:66:1f:c5:75:e5:94:
3f:78:52:19:b9:d0:84:4c:f0:76:81:75:63:16:96:8c:f5:59:
78:de:bd:a2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZt6Wook63c2HyylDciVqwsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhODA1M2JjZDJjNGQ4YTdhMmEzMjVlMmI3NDY0MTY2YTVl
NDhkZGQwHhcNMjYwMTAxMTYxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjFmMGNmNTk1NDQ4ZDhhZmRkNzM2ZjI4ZGI0OTE1ZjcyNWVmMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp++6bZfD95H5AqCZtdLQRyq075h
YOvKvbqappPA8E2wTO/QGJgccxpIdMfNg0CECPNFR/ruY2SN1v7Cuu1nNSgp0ko5
0CT0/1KEHw6MsX8SHE5eDT/bjcU66T+3Z6ig4FhIlC+0MLLjMHjtalNYd2CgkLv3
imn1s6zp+n6LhXQ0iUBU+0rRQh9Qc5gXD4vwccGcsomp6vb5lqnA22y8VPWkNuyL
qBncgJeW9dCjmu1An5hv9uS4N4u5sPAJwV4sw06WTSdD7jfZDhGGRJZkzUPcsDwn
95D3Dul3wG7zsZbvK8sB4nChj+E/mgE78hzN/4q5Tmcnr1ZUoePIrLAejwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBIfDPWVRI2K/dc28o20kV9yXvNJMB8GA1UdIwQY
MBaAFJqAU7zSxNinoqMl4rdGQWal5I3dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW9CVHZOTEUyS2Vpb3lYaXQwWkJacVhramQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kOTYxODktZWVlMS00ZTlmLTlkNjAt
OTVlOGQ4MjkzMDk4LzEvRWg4TTlaVkVqWXI5MXpieWpiU1JYM0plODBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kOTYxODktZWVlMS00ZTlmLTlkNjAtOTVlOGQ4MjkzMDk4
LzEvbW9CVHZOTEUyS2Vpb3lYaXQwWkJacVhramQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCLYRcAwQB
wSKMAwQAwjL+MA8EAgACMAkDBwAqDmnAAAAwDQYJKoZIhvcNAQELBQADggEBACNY
6eOEytviUZzpKvnWCBt0lOaA3br0B1p+JARwTrsSqiLOroOQYVzofg5x+tXSR8d+
X1uyI6v6pEbxwdlwfwwtU2QDNEEju9g4Mr1Fr1vK4PriHK+eEctRzM3Vg0ur4rSL
oSNA8W1oj+mnN586quMgJz/14AUbdOEVByrHPpogLPpLhS7vM4N3ukzrrF0XqBoL
t++RHgpPVGiwP7VCCiT/1pv/kSapgFqyYGERTp/d2GZEh5fokoKiRHk6Sdl+hT6k
mUUPMdAHm8Yc9szqGrEceDKAOQdj2A27zSys8pGOrqa2dGYfxXXllD94Uhm50IRM
8HaBdWMWloz1WXjevaI=
-----END CERTIFICATE-----
Generated at Fri Feb 27 09:00:49 2026 by rpki-client