Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/ER9PO3R5fqse9XyY3gGPqpGsXAI.roa
File: ER9PO3R5fqse9XyY3gGPqpGsXAI.roa (raw, json)
Hash identifier: +KMaQf8o13YMHLZLquCyYJEMRpxJsgUB1pOayAjJaVA=
Subject key identifier: 11:1F:4F:3B:74:79:7E:AB:1E:F5:7C:98:DE:01:8F:AA:91:AC:5C:02
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 019E97170A6A71BD47581CDA447968CDF64D
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/ER9PO3R5fqse9XyY3gGPqpGsXAI.roa
Signing time: Fri 05 Jun 2026 09:22:10 +0000
ROA not before: Fri 05 Jun 2026 09:22:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60117
IP address blocks: 185.45.192.0/24 maxlen: 24
185.45.194.0/24 maxlen: 24
185.45.195.0/24 maxlen: 24
185.82.200.0/24 maxlen: 24
185.82.202.0/24 maxlen: 24
185.106.120.0/24 maxlen: 24
185.106.122.0/24 maxlen: 24
185.106.123.0/24 maxlen: 24
185.117.72.0/24 maxlen: 24
185.117.73.0/24 maxlen: 24
185.141.24.0/24 maxlen: 24
185.141.27.0/24 maxlen: 24
185.183.97.0/24 maxlen: 24
185.183.98.0/24 maxlen: 24
185.198.56.0/24 maxlen: 24
185.198.58.0/24 maxlen: 24
185.198.59.0/24 maxlen: 24
185.244.148.0/24 maxlen: 24
185.244.149.0/24 maxlen: 24
185.244.151.0/24 maxlen: 24
188.116.36.0/24 maxlen: 24
194.36.188.0/24 maxlen: 24
194.36.190.0/24 maxlen: 24
194.36.191.0/24 maxlen: 24
212.8.251.0/24 maxlen: 24
2a03:660::/32 maxlen: 32
2a04:dd00::/29 maxlen: 29
2a04:dd00::/32 maxlen: 32
2a04:dd01::/32 maxlen: 32
2a04:dd02::/32 maxlen: 32
2a06:3d80::/29 maxlen: 29
2a0e:df40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:97:17:0a:6a:71:bd:47:58:1c:da:44:79:68:cd:f6:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: Jun 5 09:22:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=111f4f3b74797eab1ef57c98de018faa91ac5c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f0:18:07:4b:d3:db:25:32:4f:48:0d:93:cd:
a0:77:56:3c:93:d0:89:ce:f9:5b:63:16:c8:48:78:
2c:3c:b4:42:41:02:72:bc:c8:b3:7f:ec:33:75:f4:
63:81:ec:69:68:dd:06:ba:41:63:4b:08:2d:73:5c:
b7:0e:1b:09:9a:cf:14:53:7e:c4:ce:84:eb:b0:79:
3f:72:3c:ac:ed:69:18:43:a4:3c:74:cd:d4:2b:38:
cf:0d:30:ba:cf:fc:b6:ce:93:d6:3d:75:05:df:ac:
f5:40:64:cb:07:c0:46:27:97:ed:10:54:ce:8b:6e:
e7:a8:f0:98:b5:a9:0a:f1:23:c8:1d:24:16:40:40:
e8:06:b0:dc:ba:2e:34:35:86:13:b9:4d:2c:11:e2:
e0:c8:36:a1:0a:56:03:02:46:42:ef:aa:b9:51:14:
2e:18:fb:2a:52:32:64:05:ca:e9:97:54:e9:8b:c8:
5d:43:7c:aa:97:c9:de:4f:41:59:84:e4:06:56:f8:
d6:a3:8b:80:b4:29:bd:91:0d:13:57:a2:30:61:f8:
e3:11:77:21:b4:01:c0:bc:e8:50:e4:68:87:ca:9c:
b3:ef:91:96:78:dc:50:01:32:38:a2:10:27:27:24:
7c:78:4a:60:a2:3a:93:1e:8b:02:77:01:9f:37:72:
14:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:1F:4F:3B:74:79:7E:AB:1E:F5:7C:98:DE:01:8F:AA:91:AC:5C:02
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/ER9PO3R5fqse9XyY3gGPqpGsXAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.192.0/24
185.45.194.0/23
185.82.200.0/24
185.82.202.0/24
185.106.120.0/24
185.106.122.0/23
185.117.72.0/23
185.141.24.0/24
185.141.27.0/24
185.183.97.0-185.183.98.255
185.198.56.0/24
185.198.58.0/23
185.244.148.0/23
185.244.151.0/24
188.116.36.0/24
194.36.188.0/24
194.36.190.0/23
212.8.251.0/24
IPv6:
2a03:660::/32
2a04:dd00::/29
2a06:3d80::/29
2a0e:df40::/32
Signature Algorithm: sha256WithRSAEncryption
1c:02:ac:01:89:5c:2e:3b:23:d7:55:f8:24:a0:41:a4:0f:f2:
8b:c5:a1:d3:1b:a1:7e:06:94:d9:ca:09:89:48:dd:86:e6:06:
24:e1:dc:83:ac:f9:9e:57:84:4d:15:7d:6c:e9:10:cf:2e:c1:
2c:e9:30:ae:94:15:96:c9:a9:80:9e:fc:fb:6a:69:97:27:65:
b0:37:83:63:6c:61:d7:13:f8:ca:55:2a:80:ea:44:b8:fe:67:
4b:6d:e7:68:0a:95:68:25:f3:f1:c9:42:11:54:19:be:89:70:
97:6f:b2:72:0c:c1:1e:71:eb:33:b0:f4:5c:fc:5b:6b:ec:2f:
05:bf:ae:27:88:4a:74:f5:01:74:b9:ef:29:f2:c1:11:82:1f:
d9:5a:2c:44:8f:0c:f8:8c:9c:6a:0b:65:3c:57:d2:df:db:0e:
f4:35:90:e6:78:90:42:ed:15:e6:37:8e:00:16:09:50:f0:30:
27:d2:7d:fc:67:66:85:cf:20:51:de:fd:e8:17:92:51:e8:09:
67:eb:d0:08:46:58:2d:a3:54:3e:73:fa:2b:52:60:92:28:e7:
3f:5c:44:ff:38:19:13:34:a3:50:50:c4:80:74:09:b5:37:51:
ec:be:f1:76:52:35:4c:cc:80:e0:12:d8:82:f2:d0:2e:56:65:
50:22:55:a2
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZ6XFwpqcb1HWBzaRHlozfZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjYwNjA1MDkyMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTFmNGYzYjc0Nzk3ZWFiMWVmNTdjOThkZTAxOGZhYTkxYWM1YzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfAYB0vT2yUyT0gNk82gd1Y8k9CJ
zvlbYxbISHgsPLRCQQJyvMizf+wzdfRjgexpaN0GukFjSwgtc1y3DhsJms8UU37E
zoTrsHk/cjys7WkYQ6Q8dM3UKzjPDTC6z/y2zpPWPXUF36z1QGTLB8BGJ5ftEFTO
i27nqPCYtakK8SPIHSQWQEDoBrDcui40NYYTuU0sEeLgyDahClYDAkZC76q5URQu
GPsqUjJkBcrpl1Tpi8hdQ3yql8neT0FZhOQGVvjWo4uAtCm9kQ0TV6IwYfjjEXch
tAHAvOhQ5GiHypyz75GWeNxQATI4ohAnJyR8eEpgojqTHosCdwGfN3IUxwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFBEfTzt0eX6rHvV8mN4Bj6qRrFwCMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEvRVI5UE8zUjVmcXNlOVh5WTNnR1BxcEdzWEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy
LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDB6BAIAATB0AwQAuS3A
AwQBuS3CAwQAuVLIAwQAuVLKAwQAuWp4AwQBuWp6AwQBuXVIAwQAuY0YAwQAuY0b
MAwDBAC5t2EDBAC5t2IDBAC5xjgDBAG5xjoDBAG59JQDBAC59JcDBAC8dCQDBADC
JLwDBAHCJL4DBADUCPswIgQCAAIwHAMFACoDBmADBQMqBN0AAwUDKgY9gAMFACoO
30AwDQYJKoZIhvcNAQELBQADggEBABwCrAGJXC47I9dV+CSgQaQP8ovFodMboX4G
lNnKCYlI3YbmBiTh3IOs+Z5XhE0VfWzpEM8uwSzpMK6UFZbJqYCe/PtqaZcnZbA3
g2NsYdcT+MpVKoDqRLj+Z0tt52gKlWgl8/HJQhFUGb6JcJdvsnIMwR5x6zOw9Fz8
W2vsLwW/rieISnT1AXS57ynywRGCH9laLESPDPiMnGoLZTxX0t/bDvQ1kOZ4kELt
FeY3jgAWCVDwMCfSffxnZoXPIFHe/egXklHoCWfr0AhGWC2jVD5z+itSYJIo5z9c
RP84GRM0o1BQxIB0CbU3Uey+8XZSNUzMgOAS2ILy0C5WZVAiVaI=
-----END CERTIFICATE-----
Generated at Sat Jun 6 12:03:54 2026 by rpki-client