Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/eubJH2vIsyqY5EcgeXXAZltpNcg.roa
File: eubJH2vIsyqY5EcgeXXAZltpNcg.roa (raw, json)
Hash identifier: 5SwucTDKn/Ly+DHcbdb1ypdWd/W0LABrzxZomtOg4oQ=
Subject key identifier: 7A:E6:C9:1F:6B:C8:B3:2A:98:E4:47:20:79:75:C0:66:5B:69:35:C8
Certificate issuer: /CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Certificate serial: 019E209DDB48005A62887CE540D47A7AE8D0
Authority key identifier: BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/eubJH2vIsyqY5EcgeXXAZltpNcg.roa
Signing time: Wed 13 May 2026 09:14:36 +0000
ROA not before: Wed 13 May 2026 09:14:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209283
IP address blocks: 78.140.252.0/24 maxlen: 24
78.140.253.0/24 maxlen: 24
185.255.76.0/22 maxlen: 22
185.255.76.0/24 maxlen: 24
185.255.77.0/24 maxlen: 24
185.255.78.0/24 maxlen: 24
185.255.79.0/24 maxlen: 24
2a06:4800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.mft
rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 15 May 2026 21:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:9d:db:48:00:5a:62:88:7c:e5:40:d4:7a:7a:e8:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Validity
Not Before: May 13 09:14:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ae6c91f6bc8b32a98e447207975c0665b6935c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6d:1d:7f:c8:b0:55:d1:d4:20:05:9e:a2:fa:
98:4e:8f:af:54:df:96:83:df:a4:74:a7:8a:a8:82:
06:8a:bf:ee:d7:07:81:0d:ac:16:dc:ea:0c:f5:f3:
16:76:b3:65:cd:77:e1:cf:4e:d6:33:97:20:9c:f6:
bd:8f:b8:aa:f4:52:e7:47:2a:86:3d:29:57:5b:c8:
48:75:6f:f7:7b:ea:a3:82:56:cd:84:93:5e:76:c9:
f2:90:c7:f4:d1:25:1e:6b:56:6c:54:64:70:b7:cc:
a0:3a:90:35:23:3e:92:2a:64:0a:a9:5d:dc:58:aa:
47:b0:48:4f:b7:a1:84:5f:5b:c0:01:08:32:b3:b3:
12:c2:29:55:43:9f:65:67:96:07:6b:e9:a4:9c:97:
2e:53:9d:e1:38:cf:c0:8e:e8:7b:0b:95:ce:7c:4f:
33:df:7a:56:0b:0f:cc:a0:8a:d0:8b:ac:4e:6a:29:
0f:9d:d8:d4:17:59:7e:41:58:c4:13:2a:d7:dc:ee:
bb:32:35:d8:a7:a3:74:0b:4a:b3:22:99:95:f6:c7:
ed:65:18:39:de:6e:da:be:75:41:ee:7e:93:fa:44:
bf:dc:12:27:be:dd:38:c0:44:0d:e8:13:0b:36:91:
eb:df:c1:99:2d:79:bf:03:05:da:c1:1a:a2:98:65:
74:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E6:C9:1F:6B:C8:B3:2A:98:E4:47:20:79:75:C0:66:5B:69:35:C8
X509v3 Authority Key Identifier:
keyid:BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/eubJH2vIsyqY5EcgeXXAZltpNcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.140.252.0/23
185.255.76.0/22
IPv6:
2a06:4800::/32
Signature Algorithm: sha256WithRSAEncryption
00:e1:10:70:ea:4a:56:69:ce:88:72:8f:48:6c:5c:53:16:ce:
90:56:38:35:09:9e:76:58:0c:c9:47:df:e1:90:4d:e9:13:1c:
ce:56:c0:55:4a:29:10:08:10:c8:c5:c6:5d:36:4c:1b:a1:20:
41:40:66:9b:64:f6:15:c3:4a:a7:35:1a:a1:63:e7:ee:a3:2d:
77:3a:e9:4f:c2:4a:54:b0:79:54:5d:6f:2f:92:b5:d5:8f:a9:
ef:67:7d:99:9b:85:c6:6c:f1:9c:d6:c6:68:56:38:b8:c9:0e:
dd:8a:9e:6f:af:4f:c0:36:d8:ea:83:3e:35:06:f3:9f:03:ef:
12:66:f0:87:a7:ea:5a:dc:b0:1c:47:75:0c:2a:db:fe:be:7b:
ef:e9:8c:11:a0:a6:20:80:9f:85:43:1b:92:99:b5:d3:cf:62:
d9:84:09:e1:bd:0f:56:53:5d:d7:f2:88:e6:49:f1:4c:3a:98:
69:3e:2a:41:ed:7b:af:d2:0c:6a:cb:d9:1f:f0:5e:f5:fd:31:
06:39:09:37:7b:db:c3:0e:c3:84:6c:88:0d:01:32:94:47:1e:
e6:88:9e:d1:80:c9:3c:31:2b:b2:90:99:65:55:27:2b:1b:2c:
8b:06:31:7a:c5:8c:f4:b4:a1:29:dc:4a:a0:ec:1c:82:b5:41:
79:39:12:5d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ4gndtIAFpiiHzlQNR6eujQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGFkMjFhMGE2OWRjMDQxYzRlMTc3MGViMThiYTQzYjZk
YjI5Y2UwHhcNMjYwNTEzMDkxNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWU2YzkxZjZiYzhiMzJhOThlNDQ3MjA3OTc1YzA2NjViNjkzNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom0df8iwVdHUIAWeovqYTo+vVN+W
g9+kdKeKqIIGir/u1weBDawW3OoM9fMWdrNlzXfhz07WM5cgnPa9j7iq9FLnRyqG
PSlXW8hIdW/3e+qjglbNhJNedsnykMf00SUea1ZsVGRwt8ygOpA1Iz6SKmQKqV3c
WKpHsEhPt6GEX1vAAQgys7MSwilVQ59lZ5YHa+mknJcuU53hOM/Ajuh7C5XOfE8z
33pWCw/MoIrQi6xOaikPndjUF1l+QVjEEyrX3O67MjXYp6N0C0qzIpmV9sftZRg5
3m7avnVB7n6T+kS/3BInvt04wEQN6BMLNpHr38GZLXm/AwXawRqimGV0ywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHrmyR9ryLMqmORHIHl1wGZbaTXIMB8GA1UdIwQY
MBaAFL1K0hoKadwEHE4XcOsYukO22ynOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEt
Y2RkNGQ4ZjhkMGQ5LzEvZXViSkgydklzeXFZNUVjZ2VYWEFabHRwTmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEtY2RkNGQ4ZjhkMGQ5
LzEvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBToz8AwQC
uf9MMA0EAgACMAcDBQAqBkgAMA0GCSqGSIb3DQEBCwUAA4IBAQAA4RBw6kpWac6I
co9IbFxTFs6QVjg1CZ52WAzJR9/hkE3pExzOVsBVSikQCBDIxcZdNkwboSBBQGab
ZPYVw0qnNRqhY+fuoy13OulPwkpUsHlUXW8vkrXVj6nvZ32Zm4XGbPGc1sZoVji4
yQ7dip5vr0/ANtjqgz41BvOfA+8SZvCHp+pa3LAcR3UMKtv+vnvv6YwRoKYggJ+F
QxuSmbXTz2LZhAnhvQ9WU13X8ojmSfFMOphpPipB7Xuv0gxqy9kf8F71/TEGOQk3
e9vDDsOEbIgNATKURx7miJ7RgMk8MSuykJllVScrGyyLBjF6xYz0tKEp3Eqg7ByC
tUF5ORJd
-----END CERTIFICATE-----
Generated at Fri May 15 06:16:44 2026 by rpki-client