Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/PAZcE0zyvMG-j-Lv2h-mYQKUDjs.roa
File: PAZcE0zyvMG-j-Lv2h-mYQKUDjs.roa (raw, json)
Hash identifier: YYBwD1caNguRwQW1GPsqvwgzVdlGYU/JNHsRPX4My/c=
Subject key identifier: 3C:06:5C:13:4C:F2:BC:C1:BE:8F:E2:EF:DA:1F:A6:61:02:94:0E:3B
Certificate issuer: /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial: 019E72AAA91A374C46DE8BEA7D03440EB98D
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/PAZcE0zyvMG-j-Lv2h-mYQKUDjs.roa
Signing time: Fri 29 May 2026 07:37:27 +0000
ROA not before: Fri 29 May 2026 07:37:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210644
IP address blocks: 94.228.162.0/24 maxlen: 24
94.228.163.0/24 maxlen: 24
94.228.164.0/24 maxlen: 24
94.228.165.0/24 maxlen: 24
94.228.172.0/24 maxlen: 24
178.236.250.0/24 maxlen: 24
194.59.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:72:aa:a9:1a:37:4c:46:de:8b:ea:7d:03:44:0e:b9:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Validity
Not Before: May 29 07:37:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c065c134cf2bcc1be8fe2efda1fa66102940e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:13:09:f4:06:cb:72:e0:12:e4:e9:f3:a6:37:
d6:3c:ee:65:61:e6:60:b2:fd:a9:56:ca:cc:ea:ef:
d5:37:6e:5b:7c:56:4b:95:19:5d:84:0d:b6:37:0e:
5f:80:9d:4d:a0:ae:95:f0:82:4c:44:6f:07:ae:e6:
2b:8b:93:13:0e:e6:21:51:24:1f:c0:a8:6d:86:c9:
da:ea:76:f6:a0:4b:42:41:e1:0b:1e:74:88:49:fe:
af:8e:96:1b:7c:ea:76:93:75:15:f9:d6:8d:4e:96:
e5:62:55:59:30:57:00:a4:62:a7:a0:e9:a5:cb:da:
48:69:34:ef:b5:7b:eb:19:55:46:53:12:16:56:86:
d9:dd:03:f8:db:6c:f5:a7:a9:9c:95:6e:98:46:aa:
2c:c3:61:6f:5f:68:f6:2b:cb:5e:ca:81:0e:76:03:
e3:02:ba:fc:57:db:f5:99:34:bc:9f:32:b9:d5:13:
c7:71:de:04:44:c7:d1:9e:be:d7:86:52:3b:41:b2:
0d:ad:72:de:35:2d:08:4a:76:81:55:5a:a5:ba:f1:
22:99:f4:76:bd:11:73:3b:3e:47:b3:51:48:43:f3:
eb:ba:9e:22:b0:cc:dd:99:30:69:9c:fc:a0:c4:26:
4e:a1:39:ea:27:85:b7:ca:14:25:ad:2b:a2:9c:ec:
3b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:06:5C:13:4C:F2:BC:C1:BE:8F:E2:EF:DA:1F:A6:61:02:94:0E:3B
X509v3 Authority Key Identifier:
keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/PAZcE0zyvMG-j-Lv2h-mYQKUDjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.162.0-94.228.165.255
94.228.172.0/24
178.236.250.0/24
194.59.186.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:34:99:df:cd:41:9d:bc:3f:49:fc:b9:53:05:d3:82:84:7c:
9e:1d:f4:60:e0:d6:bd:d6:29:e8:f9:8f:10:5f:14:ec:e0:3d:
b7:7f:f6:13:dc:a6:96:9e:ae:af:dd:89:99:9f:6b:8c:c8:48:
40:0b:10:5c:e7:32:56:63:27:4e:18:c2:d6:9d:31:3b:e8:a3:
1c:90:08:58:fc:12:14:68:f8:b7:6d:4e:ab:6a:0d:04:fd:03:
45:cd:60:8e:da:17:09:2d:e8:ec:10:42:d0:4d:b8:58:3e:9f:
9b:9e:6f:35:37:46:00:83:cf:e4:ff:e0:95:12:ed:cc:d1:1d:
72:d5:7d:bb:6d:cd:d7:6a:01:f2:3f:46:66:62:64:97:17:94:
a4:31:db:1e:87:c3:34:24:fb:15:21:af:e3:2e:cb:54:ec:b9:
09:47:ab:b9:5d:17:7f:fa:c0:a7:bc:d9:c0:d3:65:d5:fa:85:
03:1f:62:54:cf:c9:8a:00:83:4e:2e:19:8f:91:ab:34:cd:4b:
56:dc:8f:69:0b:71:59:8f:bd:19:82:c4:f9:e0:8b:b8:c6:12:
0f:fd:8c:2e:7b:10:09:bc:b9:66:12:8a:23:48:19:27:9e:47:
1e:33:27:00:1a:96:a7:15:ca:fd:8d:65:01:00:f2:ce:ef:9b:
1d:63:b9:d7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ5yqqkaN0xG3ovqfQNEDrmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjYwNTI5MDczNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA2NWMxMzRjZjJiY2MxYmU4ZmUyZWZkYTFmYTY2MTAyOTQwZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xMJ9AbLcuAS5OnzpjfWPO5lYeZg
sv2pVsrM6u/VN25bfFZLlRldhA22Nw5fgJ1NoK6V8IJMRG8HruYri5MTDuYhUSQf
wKhthsna6nb2oEtCQeELHnSISf6vjpYbfOp2k3UV+daNTpblYlVZMFcApGKnoOml
y9pIaTTvtXvrGVVGUxIWVobZ3QP422z1p6mclW6YRqosw2FvX2j2K8teyoEOdgPj
Arr8V9v1mTS8nzK51RPHcd4ERMfRnr7XhlI7QbINrXLeNS0ISnaBVVqluvEimfR2
vRFzOz5Hs1FIQ/Prup4isMzdmTBpnPygxCZOoTnqJ4W3yhQlrSuinOw7mwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDwGXBNM8rzBvo/i79ofpmEClA47MB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvUEFaY0Uwenl2TUctai1MdjJoLW1ZUUtVRGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAFe5KID
BAFe5KQDBABe5KwDBACy7PoDBADCO7owDQYJKoZIhvcNAQELBQADggEBAJo0md/N
QZ28P0n8uVMF04KEfJ4d9GDg1r3WKej5jxBfFOzgPbd/9hPcppaerq/diZmfa4zI
SEALEFznMlZjJ04YwtadMTvooxyQCFj8EhRo+LdtTqtqDQT9A0XNYI7aFwkt6OwQ
QtBNuFg+n5uebzU3RgCDz+T/4JUS7czRHXLVfbttzddqAfI/RmZiZJcXlKQx2x6H
wzQk+xUhr+Muy1TsuQlHq7ldF3/6wKe82cDTZdX6hQMfYlTPyYoAg04uGY+RqzTN
S1bcj2kLcVmPvRmCxPngi7jGEg/9jC57EAm8uWYSiiNIGSeeRx4zJwAalqcVyv2N
ZQEA8s7vmx1judc=
-----END CERTIFICATE-----
Generated at Thu Jun 4 15:19:11 2026 by rpki-client