Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/E7ZqPLFNX_iwtzugyLAacK2edSw.roa
File: E7ZqPLFNX_iwtzugyLAacK2edSw.roa (raw, json)
Hash identifier: VXqXwI3F30d5v0AO1eL+r/bhOwmZAluuFTwJ7soMd/A=
Subject key identifier: 13:B6:6A:3C:B1:4D:5F:F8:B0:B7:3B:A0:C8:B0:1A:70:AD:9E:75:2C
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 019E64BDBDEDF99B91C3C28EBBD4DC09AE9B
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/E7ZqPLFNX_iwtzugyLAacK2edSw.roa
Signing time: Tue 26 May 2026 14:43:36 +0000
ROA not before: Tue 26 May 2026 14:43:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213732
IP address blocks: 37.32.42.0/24 maxlen: 24
37.32.44.0/24 maxlen: 24
37.32.45.0/24 maxlen: 24
178.239.144.0/24 maxlen: 24
178.239.149.0/24 maxlen: 24
185.243.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 12:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:64:bd:bd:ed:f9:9b:91:c3:c2:8e:bb:d4:dc:09:ae:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: May 26 14:43:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=13b66a3cb14d5ff8b0b73ba0c8b01a70ad9e752c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2b:91:f9:75:df:aa:0c:15:bf:a9:8f:57:a9:
c3:90:7b:56:d6:44:5d:60:80:96:50:c2:9b:37:ec:
b7:56:bd:46:05:43:fb:e6:76:e6:f3:c9:5c:73:c3:
40:38:78:30:b9:86:cb:06:2c:72:78:00:f3:95:c7:
ba:c0:a6:d6:c8:d0:5c:bc:d5:96:11:95:84:52:d1:
f9:dc:cd:81:80:33:8d:27:98:01:ad:3e:cc:54:6e:
5e:1d:72:8d:91:12:d0:8d:62:1a:38:ef:23:b9:2f:
4b:7e:e9:7a:a2:fe:a8:3d:42:46:d9:7e:47:09:8d:
ca:9d:c4:41:70:8e:d4:22:cc:fe:dd:1a:2b:3b:ef:
29:85:9c:62:cf:b8:b4:b7:79:d0:f4:5b:0c:46:11:
9d:bc:25:b4:52:2e:ce:11:e9:54:4d:ea:7d:cc:70:
70:5f:c8:98:86:73:3b:24:68:2b:31:e4:8a:c6:6c:
d3:97:e2:9e:b2:18:fa:78:71:b1:dd:af:94:39:5b:
9b:09:3e:12:3c:69:51:a7:23:63:0f:7d:c8:9c:f4:
c6:f2:11:b4:71:d5:e1:b4:e1:95:6d:36:e5:88:5a:
2d:48:56:0e:0f:0a:58:b1:59:de:c5:25:bb:d2:5b:
37:56:0b:7b:d6:6c:71:81:3b:c7:69:ef:a9:0a:69:
41:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:B6:6A:3C:B1:4D:5F:F8:B0:B7:3B:A0:C8:B0:1A:70:AD:9E:75:2C
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/E7ZqPLFNX_iwtzugyLAacK2edSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.42.0/24
37.32.44.0/23
178.239.144.0/24
178.239.149.0/24
185.243.49.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:03:3a:21:42:06:c3:36:b2:15:7a:66:c5:14:e2:a9:c5:74:
bb:fb:17:19:26:73:0c:94:0f:17:e9:46:74:ad:56:98:f1:e7:
df:42:49:b0:00:14:9e:d5:0a:a2:f0:eb:08:83:ab:97:ee:2e:
e0:93:a5:a9:a1:0d:e9:35:c5:a2:a3:c6:df:bd:cc:2e:3d:51:
0b:6e:f6:20:8e:81:bf:fc:e1:30:80:7f:43:f7:53:e1:29:6e:
01:03:94:78:7f:3f:54:be:3d:ff:6f:a7:56:68:23:5f:75:39:
36:93:97:48:99:99:11:5c:7e:c7:92:d6:d5:10:5b:9c:b9:dd:
0f:d7:49:42:ef:ef:94:f7:cb:d7:44:1c:85:92:8d:fd:30:ec:
84:28:0f:1b:95:c5:31:7d:8d:08:7b:68:bf:bf:5b:97:de:62:
77:99:31:c4:d6:60:42:18:3d:85:1b:91:dc:ec:f9:b3:04:b3:
98:c5:27:c2:09:4d:1b:db:b0:06:c6:56:47:40:7d:67:fb:ca:
ef:50:d7:0f:40:3d:e0:18:9b:93:0e:a4:0b:2d:ce:e7:4d:49:
b5:dc:5e:7d:ab:62:2b:af:7f:fc:5b:bc:29:9b:a6:7b:d9:25:
bd:b3:3d:63:bc:e3:50:c3:ad:9b:a1:c5:22:38:67:f8:25:96:
37:66:f5:30
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ5kvb3t+ZuRw8KOu9TcCa6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjYwNTI2MTQ0MzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2I2NmEzY2IxNGQ1ZmY4YjBiNzNiYTBjOGIwMWE3MGFkOWU3NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryuR+XXfqgwVv6mPV6nDkHtW1kRd
YICWUMKbN+y3Vr1GBUP75nbm88lcc8NAOHgwuYbLBixyeADzlce6wKbWyNBcvNWW
EZWEUtH53M2BgDONJ5gBrT7MVG5eHXKNkRLQjWIaOO8juS9Lful6ov6oPUJG2X5H
CY3KncRBcI7UIsz+3RorO+8phZxiz7i0t3nQ9FsMRhGdvCW0Ui7OEelUTep9zHBw
X8iYhnM7JGgrMeSKxmzTl+Keshj6eHGx3a+UOVubCT4SPGlRpyNjD33InPTG8hG0
cdXhtOGVbTbliFotSFYODwpYsVnexSW70ls3Vgt71mxxgTvHae+pCmlB1wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBO2ajyxTV/4sLc7oMiwGnCtnnUsMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvRTdacVBMRk5YX2l3dHp1Z3lMQWFjSzJlZFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJSAqAwQB
JSAsAwQAsu+QAwQAsu+VAwQAufMxMA0GCSqGSIb3DQEBCwUAA4IBAQCmAzohQgbD
NrIVembFFOKpxXS7+xcZJnMMlA8X6UZ0rVaY8effQkmwABSe1Qqi8OsIg6uX7i7g
k6WpoQ3pNcWio8bfvcwuPVELbvYgjoG//OEwgH9D91PhKW4BA5R4fz9Uvj3/b6dW
aCNfdTk2k5dImZkRXH7HktbVEFucud0P10lC7++U98vXRByFko39MOyEKA8blcUx
fY0Ie2i/v1uX3mJ3mTHE1mBCGD2FG5Hc7PmzBLOYxSfCCU0b27AGxlZHQH1n+8rv
UNcPQD3gGJuTDqQLLc7nTUm13F59q2Irr3/8W7wpm6Z72SW9sz1jvONQw62bocUi
OGf4JZY3ZvUw
-----END CERTIFICATE-----
Generated at Sat Jun 6 16:46:01 2026 by rpki-client