Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/eNKU1iNqUp81fSFbUnvphQrkRQg.roa
File: eNKU1iNqUp81fSFbUnvphQrkRQg.roa (raw, json)
Hash identifier: KuRpQdViq6WVE5U7743Uxg/IPM39GSOA/4sBanEazY4=
Subject key identifier: 78:D2:94:D6:23:6A:52:9F:35:7D:21:5B:52:7B:E9:85:0A:E4:45:08
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 019E3B6F660DAA78050BBC506890CEF8B8CE
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/eNKU1iNqUp81fSFbUnvphQrkRQg.roa
Signing time: Mon 18 May 2026 14:13:36 +0000
ROA not before: Mon 18 May 2026 14:13:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29119
IP address blocks: 5.252.92.0/24 maxlen: 24
5.253.158.0/24 maxlen: 24
5.253.159.0/24 maxlen: 24
62.122.228.0/22 maxlen: 22
62.122.228.0/24 maxlen: 24
62.122.230.0/24 maxlen: 24
62.122.231.0/24 maxlen: 24
81.172.68.0/24 maxlen: 24
91.210.126.0/24 maxlen: 24
185.210.192.0/24 maxlen: 24
185.218.160.0/24 maxlen: 24
185.218.161.0/24 maxlen: 24
185.218.162.0/24 maxlen: 24
185.218.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.mft
rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 05:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3b:6f:66:0d:aa:78:05:0b:bc:50:68:90:ce:f8:b8:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: May 18 14:13:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=78d294d6236a529f357d215b527be9850ae44508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:09:d3:8f:07:b1:8d:00:4b:12:68:8f:26:6b:
27:cc:42:7d:09:11:81:f5:07:c0:9c:24:d5:f6:62:
8c:b1:5b:c1:fe:79:0e:78:7a:1b:a1:2a:99:8a:24:
c2:8b:6e:75:b9:23:f1:58:60:5e:99:99:67:41:b2:
e4:04:68:97:e6:90:22:e3:0f:a3:5b:d3:74:c4:0e:
17:96:b2:8e:0b:9f:cd:6d:9d:23:11:52:67:f4:02:
2d:7c:98:14:0e:8c:27:b8:6c:32:88:a1:94:5d:9f:
8a:5a:fc:e3:bc:b8:c5:38:00:c8:0b:96:2f:51:ed:
17:82:40:5e:36:a3:81:9a:c6:f9:31:73:b2:d5:5f:
71:5b:af:0b:50:0c:f8:be:3e:32:f9:37:63:2c:b8:
80:ab:35:21:26:65:20:a5:29:79:42:68:47:fd:7b:
4f:d6:fa:4e:49:98:26:11:b1:b0:28:3e:d9:e7:fc:
c3:01:e4:4f:64:07:a5:91:7f:b6:31:a7:82:19:e0:
03:c2:27:d5:fa:56:67:62:a7:87:91:85:07:e6:0a:
02:22:a9:ec:26:52:ef:f9:8f:b5:e1:d2:c2:8a:46:
c9:52:0a:64:dc:1f:82:c7:c6:26:91:21:28:ef:e6:
72:aa:e1:4e:81:ac:c0:5c:34:d2:f8:f5:fd:bb:a0:
d2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D2:94:D6:23:6A:52:9F:35:7D:21:5B:52:7B:E9:85:0A:E4:45:08
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/eNKU1iNqUp81fSFbUnvphQrkRQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.92.0/24
5.253.158.0/23
62.122.228.0/22
81.172.68.0/24
91.210.126.0/24
185.210.192.0/24
185.218.160.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:9b:01:58:da:cd:18:d3:52:78:09:0c:c5:9d:dc:1f:ae:8f:
dc:e4:7c:40:92:e6:e0:61:47:0c:0b:4e:94:e6:e2:59:d0:d1:
78:a7:aa:3b:d5:35:45:ea:5f:1e:10:b3:2b:1c:e1:fa:94:d6:
8c:de:56:12:ab:8f:b2:3f:f5:cf:83:c9:2d:07:54:07:fe:a2:
4f:cf:78:27:f3:34:ec:39:95:40:4c:54:e8:31:ef:7f:0a:fa:
aa:85:39:b0:81:2d:f5:31:78:f7:4c:ce:b2:d0:14:b7:e9:b4:
90:27:b6:b2:cc:f9:14:13:9e:89:74:c7:f4:40:9f:79:73:83:
be:6c:3c:52:61:4c:2d:2c:1e:89:ed:a6:b1:4b:cb:4e:97:69:
f1:7f:6f:a2:c9:66:94:3d:87:54:44:72:c8:6f:e8:df:c7:5a:
70:f6:49:1b:e6:76:d3:a6:b1:83:22:e5:4f:27:11:d7:28:19:
ca:5b:ef:85:9d:e8:ea:0e:c6:e0:90:92:e5:3f:a8:9a:15:de:
b2:7f:a1:4d:81:c1:ea:86:1e:72:fa:cb:87:bc:44:11:92:30:
66:dd:b7:2b:52:89:c3:c0:82:2a:2f:e3:8f:81:b4:7c:d2:6d:
5f:8e:33:39:2e:d8:ab:5a:d9:ca:b7:0a:68:f6:62:57:a9:6b:
3a:af:60:52
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ47b2YNqngFC7xQaJDO+LjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjYwNTE4MTQxMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGQyOTRkNjIzNmE1MjlmMzU3ZDIxNWI1MjdiZTk4NTBhZTQ0NTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQnTjwexjQBLEmiPJmsnzEJ9CRGB
9QfAnCTV9mKMsVvB/nkOeHoboSqZiiTCi251uSPxWGBemZlnQbLkBGiX5pAi4w+j
W9N0xA4XlrKOC5/NbZ0jEVJn9AItfJgUDownuGwyiKGUXZ+KWvzjvLjFOADIC5Yv
Ue0XgkBeNqOBmsb5MXOy1V9xW68LUAz4vj4y+TdjLLiAqzUhJmUgpSl5QmhH/XtP
1vpOSZgmEbGwKD7Z5/zDAeRPZAelkX+2MaeCGeADwifV+lZnYqeHkYUH5goCIqns
JlLv+Y+14dLCikbJUgpk3B+Cx8YmkSEo7+ZyquFOgazAXDTS+PX9u6DS6QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHjSlNYjalKfNX0hW1J76YUK5EUIMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvZU5LVTFpTnFVcDgxZlNGYlVudnBoUXJrUlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABfxcAwQB
Bf2eAwQCPnrkAwQAUaxEAwQAW9J+AwQAudLAAwQCudqgMA0GCSqGSIb3DQEBCwUA
A4IBAQAqmwFY2s0Y01J4CQzFndwfro/c5HxAkubgYUcMC06U5uJZ0NF4p6o71TVF
6l8eELMrHOH6lNaM3lYSq4+yP/XPg8ktB1QH/qJPz3gn8zTsOZVATFToMe9/Cvqq
hTmwgS31MXj3TM6y0BS36bSQJ7ayzPkUE56JdMf0QJ95c4O+bDxSYUwtLB6J7aax
S8tOl2nxf2+iyWaUPYdURHLIb+jfx1pw9kkb5nbTprGDIuVPJxHXKBnKW++Fnejq
DsbgkJLlP6iaFd6yf6FNgcHqhh5y+suHvEQRkjBm3bcrUonDwIIqL+OPgbR80m1f
jjM5LtirWtnKtwpo9mJXqWs6r2BS
-----END CERTIFICATE-----
Generated at Thu Jun 11 11:54:38 2026 by rpki-client