Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/eMcTcCM26_FBi-jWPaQvXdFHm8Y.roa
File: eMcTcCM26_FBi-jWPaQvXdFHm8Y.roa (raw, json)
Hash identifier: CN7UhMJ47ktIz/WCrZvYgOygWoLcj7OT337BtvDzxD8=
Subject key identifier: 78:C7:13:70:23:36:EB:F1:41:8B:E8:D6:3D:A4:2F:5D:D1:47:9B:C6
Certificate issuer: /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial: 019EA710D291691AF7FA36CA8A9E1061605D
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/eMcTcCM26_FBi-jWPaQvXdFHm8Y.roa
Signing time: Mon 08 Jun 2026 11:49:18 +0000
ROA not before: Mon 08 Jun 2026 11:49:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216024
IP address blocks: 109.107.170.0/24 maxlen: 24
109.107.171.0/24 maxlen: 24
109.107.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:10:d2:91:69:1a:f7:fa:36:ca:8a:9e:10:61:60:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
Validity
Not Before: Jun 8 11:49:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=78c713702336ebf1418be8d63da42f5dd1479bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e0:0d:02:05:93:d9:a8:c1:dc:00:e0:74:a7:
42:29:b0:6b:9b:24:27:34:81:42:cf:23:63:38:36:
9f:0c:f7:2b:d4:a8:13:7d:9d:4e:8c:27:ab:35:1e:
dd:5e:09:61:0c:94:12:4e:9e:48:e5:42:74:bb:ea:
98:f0:f9:78:7d:b4:24:24:7e:bd:5a:7b:ba:03:46:
7a:7b:b9:86:cf:82:63:60:31:56:48:e4:06:1f:ec:
56:8a:73:61:0a:7f:28:a7:96:ea:d7:fd:4e:e0:3a:
c7:46:b4:22:d6:ee:cb:70:50:15:26:78:e0:04:ae:
47:dc:4d:35:5c:f7:4d:c3:a8:2f:a8:80:b4:e3:d5:
83:e0:dd:21:2f:90:68:bb:72:88:00:17:ed:e2:89:
f9:44:9d:44:72:c0:3a:46:c1:94:88:e8:76:81:5d:
e6:f1:e3:22:56:4f:12:e5:96:94:05:32:43:55:48:
f7:ff:a4:b8:00:e1:10:8e:b6:cb:60:e3:cf:b5:96:
73:c7:0f:ff:ba:6a:ef:88:a4:ea:a2:97:71:4d:58:
17:d2:6b:9b:65:35:e4:ba:71:1a:3a:23:e8:84:75:
d7:8d:f3:db:c4:63:40:83:ad:94:12:48:c8:01:93:
9d:d2:e0:f4:bd:4d:3b:24:d6:2a:64:ce:96:1c:c6:
46:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C7:13:70:23:36:EB:F1:41:8B:E8:D6:3D:A4:2F:5D:D1:47:9B:C6
X509v3 Authority Key Identifier:
keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/eMcTcCM26_FBi-jWPaQvXdFHm8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.170.0/23
109.107.182.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:91:eb:e7:60:d4:5f:d3:a4:c5:31:04:63:18:f9:73:c1:66:
56:39:6a:2f:2c:ca:a5:85:58:27:b0:21:07:0b:a4:1e:58:cf:
e1:60:ac:ed:88:73:0e:a8:9b:a5:74:a4:99:c4:36:ea:3c:c2:
57:fa:bd:69:23:08:77:58:79:9a:56:2e:3d:a6:75:ff:9b:9e:
b2:b3:dd:2e:ba:21:7d:7a:2b:21:3a:12:6a:b9:90:cf:b4:22:
39:9d:c5:72:eb:13:55:13:d5:01:35:3d:9b:cd:6b:bc:7d:67:
06:dd:be:cd:61:f4:32:9d:1d:13:1c:92:f1:a8:03:6f:02:57:
f9:65:ac:c4:2f:9d:47:ac:ce:ac:9f:de:d3:a6:a8:20:cd:f4:
97:0c:54:b3:47:7b:c9:40:7f:c1:76:22:f8:42:7b:d0:c4:c3:
3c:51:dc:e2:4a:12:92:98:dd:b5:74:3c:34:4a:8e:1a:d0:e2:
b2:bb:93:20:4c:76:9b:a9:30:bb:49:28:79:fb:36:97:3b:9b:
c9:2a:e9:92:31:ec:35:aa:cc:91:22:d5:f5:b9:d8:3a:99:0f:
66:08:86:c8:3a:9b:9b:0f:aa:1a:dd:31:b0:4a:54:51:14:2e:
d3:f2:e3:34:55:7a:ba:5e:2e:82:d7:40:1a:a9:ed:e1:1a:51:
83:dd:9d:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ6nENKRaRr3+jbKip4QYWBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjYwNjA4MTE0OTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGM3MTM3MDIzMzZlYmYxNDE4YmU4ZDYzZGE0MmY1ZGQxNDc5YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eANAgWT2ajB3ADgdKdCKbBrmyQn
NIFCzyNjODafDPcr1KgTfZ1OjCerNR7dXglhDJQSTp5I5UJ0u+qY8Pl4fbQkJH69
Wnu6A0Z6e7mGz4JjYDFWSOQGH+xWinNhCn8op5bq1/1O4DrHRrQi1u7LcFAVJnjg
BK5H3E01XPdNw6gvqIC049WD4N0hL5Bou3KIABft4on5RJ1EcsA6RsGUiOh2gV3m
8eMiVk8S5ZaUBTJDVUj3/6S4AOEQjrbLYOPPtZZzxw//umrviKTqopdxTVgX0mub
ZTXkunEaOiPohHXXjfPbxGNAg62UEkjIAZOd0uD0vU07JNYqZM6WHMZGUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHjHE3AjNuvxQYvo1j2kL13RR5vGMB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvZU1jVGNDTTI2X0ZCaS1qV1BhUXZYZEZIbThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbWuqAwQA
bWu2MA0GCSqGSIb3DQEBCwUAA4IBAQC3kevnYNRf06TFMQRjGPlzwWZWOWovLMql
hVgnsCEHC6QeWM/hYKztiHMOqJuldKSZxDbqPMJX+r1pIwh3WHmaVi49pnX/m56y
s90uuiF9eishOhJquZDPtCI5ncVy6xNVE9UBNT2bzWu8fWcG3b7NYfQynR0THJLx
qANvAlf5ZazEL51HrM6sn97TpqggzfSXDFSzR3vJQH/BdiL4QnvQxMM8UdziShKS
mN21dDw0So4a0OKyu5MgTHabqTC7SSh5+zaXO5vJKumSMew1qsyRItX1udg6mQ9m
CIbIOpubD6oa3TGwSlRRFC7T8uM0VXq6Xi6C10Aaqe3hGlGD3Z00
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:19:41 2026 by rpki-client