Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/gfETidL48OMQzoqlTVHEhuxjkn8.roa
File: gfETidL48OMQzoqlTVHEhuxjkn8.roa (raw, json)
Hash identifier: OMLRfX7UIp8nzj3et4p8Hhvdqe+GP/Oa+B08VXrWwwU=
Subject key identifier: 81:F1:13:89:D2:F8:F0:E3:10:CE:8A:A5:4D:51:C4:86:EC:63:92:7F
Certificate issuer: /CN=e4a9ee74f2d984c88ab3b99ae71d0b7c7baf8150
Certificate serial: 019EF9FE5355DE956108A7E6BD86C48584B4
Authority key identifier: E4:A9:EE:74:F2:D9:84:C8:8A:B3:B9:9A:E7:1D:0B:7C:7B:AF:81:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/gfETidL48OMQzoqlTVHEhuxjkn8.roa
Signing time: Wed 24 Jun 2026 14:17:34 +0000
ROA not before: Wed 24 Jun 2026 14:17:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58141
IP address blocks: 5.34.232.0/21 maxlen: 21
5.34.232.0/24 maxlen: 24
5.34.233.0/24 maxlen: 24
5.34.234.0/24 maxlen: 24
5.34.235.0/24 maxlen: 24
5.34.236.0/22 maxlen: 22
81.85.64.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f9:fe:53:55:de:95:61:08:a7:e6:bd:86:c4:85:84:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a9ee74f2d984c88ab3b99ae71d0b7c7baf8150
Validity
Not Before: Jun 24 14:17:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=81f11389d2f8f0e310ce8aa54d51c486ec63927f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cc:f3:96:23:3b:54:18:ca:33:e8:fa:1c:87:
58:a9:19:c2:d4:1f:ce:90:ec:9f:b2:ba:ca:1b:85:
e3:db:40:52:01:b4:b3:10:bd:f9:b4:9f:8f:3e:90:
39:38:93:bc:84:d7:86:4f:33:92:84:ef:ab:63:68:
dc:9e:d2:c2:47:0e:c5:ac:96:69:ca:47:a1:4f:76:
cb:8b:eb:ae:d1:33:4f:db:41:23:31:cd:c6:af:72:
21:6f:28:1b:ba:67:31:5d:40:93:17:11:c9:8f:0b:
e3:43:13:4e:a2:2d:01:3b:f1:13:26:2b:bf:fc:54:
04:ba:0c:e4:5e:ac:1f:ce:56:62:f3:65:25:74:f9:
0f:1a:8b:87:57:83:ea:cd:4a:bf:78:61:49:10:d8:
45:b8:93:72:ee:04:85:22:bf:e0:9c:28:7e:3e:19:
30:40:51:aa:78:45:3e:09:dc:c4:f6:c2:69:4d:d6:
aa:7a:f6:6f:3c:d7:44:49:8b:57:f8:ac:28:85:90:
f2:bb:57:90:34:6c:d5:c0:bd:99:b5:6e:78:90:87:
37:de:56:61:74:c9:79:7d:e2:6d:1c:29:55:21:16:
ff:34:e6:6d:26:48:0b:7c:65:e3:a2:21:80:b9:fe:
ef:17:37:1d:20:aa:4a:c2:46:3e:81:07:1e:43:ab:
39:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F1:13:89:D2:F8:F0:E3:10:CE:8A:A5:4D:51:C4:86:EC:63:92:7F
X509v3 Authority Key Identifier:
keyid:E4:A9:EE:74:F2:D9:84:C8:8A:B3:B9:9A:E7:1D:0B:7C:7B:AF:81:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KnudPLZhMiKs7ma5x0LfHuvgVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/gfETidL48OMQzoqlTVHEhuxjkn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/eadc95-daaf-4776-9be8-d2c0be448561/1/5KnudPLZhMiKs7ma5x0LfHuvgVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.232.0/21
81.85.64.0/22
Signature Algorithm: sha256WithRSAEncryption
90:b8:bf:8e:e7:07:3c:0f:b8:31:b9:9c:c0:f1:66:29:0f:3c:
87:80:79:92:be:13:e8:c3:52:69:78:3f:4f:ed:bf:81:f9:8a:
5d:2c:46:06:e5:d4:70:0c:31:f0:75:12:5e:01:76:cd:ad:b6:
ec:08:bf:80:88:34:a6:be:f5:ce:78:5b:41:af:89:07:93:09:
47:fe:8f:f0:a8:6e:26:0d:0e:27:38:84:6b:08:f9:e2:13:87:
82:19:f8:2f:cd:f2:02:d3:75:46:37:a4:eb:3f:ab:b6:d2:2d:
bc:c1:82:01:5e:46:3b:3d:7d:80:b2:d3:4e:c7:bd:2a:9c:d7:
49:58:fc:69:24:db:fa:b5:5f:22:47:a0:f0:49:33:b5:84:40:
3b:11:1d:05:0e:5c:b2:97:70:e2:aa:57:29:49:59:64:28:93:
9b:e8:69:cc:82:a1:ae:1c:3b:72:14:f3:81:e1:6f:57:f0:ed:
e2:4d:7d:0c:64:9f:ea:e5:4e:18:35:52:77:23:82:a1:ce:92:
12:30:79:60:5c:07:83:db:5b:c4:90:8f:b6:ba:6e:a6:eb:57:
53:1a:5e:51:02:ce:bc:d5:7c:90:13:73:f4:32:58:e6:b9:a6:
c6:e7:d0:d0:37:7e:cc:84:20:01:7a:8d:e9:10:de:4b:b8:fd:
d8:19:f9:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ75/lNV3pVhCKfmvYbEhYS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTllZTc0ZjJkOTg0Yzg4YWIzYjk5YWU3MWQwYjdjN2Jh
ZjgxNTAwHhcNMjYwNjI0MTQxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWYxMTM4OWQyZjhmMGUzMTBjZThhYTU0ZDUxYzQ4NmVjNjM5MjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8zzliM7VBjKM+j6HIdYqRnC1B/O
kOyfsrrKG4Xj20BSAbSzEL35tJ+PPpA5OJO8hNeGTzOShO+rY2jcntLCRw7FrJZp
ykehT3bLi+uu0TNP20EjMc3Gr3IhbygbumcxXUCTFxHJjwvjQxNOoi0BO/ETJiu/
/FQEugzkXqwfzlZi82UldPkPGouHV4PqzUq/eGFJENhFuJNy7gSFIr/gnCh+Phkw
QFGqeEU+CdzE9sJpTdaqevZvPNdESYtX+KwohZDyu1eQNGzVwL2ZtW54kIc33lZh
dMl5feJtHClVIRb/NOZtJkgLfGXjoiGAuf7vFzcdIKpKwkY+gQceQ6s5lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIHxE4nS+PDjEM6KpU1RxIbsY5J/MB8GA1UdIwQY
MBaAFOSp7nTy2YTIirO5mucdC3x7r4FQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtudWRQTFpoTWlLczdtYTV4MExmSHV2Z1ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lYWRjOTUtZGFhZi00Nzc2LTliZTgt
ZDJjMGJlNDQ4NTYxLzEvZ2ZFVGlkTDQ4T01Rem9xbFRWSEVodXhqa244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lYWRjOTUtZGFhZi00Nzc2LTliZTgtZDJjMGJlNDQ4NTYx
LzEvNUtudWRQTFpoTWlLczdtYTV4MExmSHV2Z1ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBSLoAwQC
UVVAMA0GCSqGSIb3DQEBCwUAA4IBAQCQuL+O5wc8D7gxuZzA8WYpDzyHgHmSvhPo
w1JpeD9P7b+B+YpdLEYG5dRwDDHwdRJeAXbNrbbsCL+AiDSmvvXOeFtBr4kHkwlH
/o/wqG4mDQ4nOIRrCPniE4eCGfgvzfIC03VGN6TrP6u20i28wYIBXkY7PX2AstNO
x70qnNdJWPxpJNv6tV8iR6DwSTO1hEA7ER0FDlyyl3DiqlcpSVlkKJOb6GnMgqGu
HDtyFPOB4W9X8O3iTX0MZJ/q5U4YNVJ3I4KhzpISMHlgXAeD21vEkI+2um6m61dT
Gl5RAs681XyQE3P0MljmuabG59DQN37MhCABeo3pEN5LuP3YGflm
-----END CERTIFICATE-----
Generated at Tue Jun 30 19:26:51 2026 by rpki-client