Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/eL3BOW3R9YF4NTYszpn-G4GicXE.roa
File: eL3BOW3R9YF4NTYszpn-G4GicXE.roa (raw, json)
Hash identifier: eWdcg/wUnlcSSTHz0FoI6XetkTNSCLoEjSq0/aIE4N0=
Subject key identifier: 78:BD:C1:39:6D:D1:F5:81:78:35:36:2C:CE:99:FE:1B:81:A2:71:71
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 019F1805D9F89637D0EC1F15D2F9ECA75620
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/eL3BOW3R9YF4NTYszpn-G4GicXE.roa
Signing time: Tue 30 Jun 2026 10:14:24 +0000
ROA not before: Tue 30 Jun 2026 10:14:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62513
IP address blocks: 83.245.48.0/21 maxlen: 21
83.245.56.0/24 maxlen: 24
83.245.57.0/24 maxlen: 24
83.245.58.0/24 maxlen: 24
83.245.59.0/24 maxlen: 24
83.245.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:12:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:18:05:d9:f8:96:37:d0:ec:1f:15:d2:f9:ec:a7:56:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jun 30 10:14:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=78bdc1396dd1f5817835362cce99fe1b81a27171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:37:19:1c:b4:24:44:85:ed:a0:c3:81:ca:9b:
cd:f0:1c:80:94:48:8e:24:ee:06:68:21:27:00:92:
71:ae:8e:7c:9e:d2:ca:42:87:ff:95:d7:4e:76:82:
ee:a3:9a:0f:54:8b:78:3a:8d:43:0e:28:b9:29:b7:
73:68:e2:48:72:c8:5f:e6:35:51:1f:2b:b5:b6:53:
be:3c:71:50:c7:58:b2:86:67:af:93:25:47:48:98:
81:e1:4e:bc:cd:06:b8:4c:76:6c:23:2a:5d:08:f2:
15:99:29:2d:75:2f:61:eb:ca:67:64:73:5c:65:9c:
93:00:c8:b9:fc:82:ef:1e:4c:b8:51:a1:b0:51:26:
8c:b9:d2:a5:10:e6:68:f4:cc:0e:de:6c:07:c1:5a:
e6:d7:ba:b9:ab:76:70:fc:34:47:39:c2:08:ec:18:
ae:f2:1c:3e:19:c0:47:3e:0a:8d:5f:b8:dd:08:ef:
38:d3:ed:7a:49:28:fe:9e:0e:01:01:b9:91:f0:f0:
61:43:d0:88:fa:97:ff:04:4c:b5:be:bf:34:0a:c4:
89:9c:1f:7b:d5:eb:78:86:a9:0c:aa:30:4b:29:54:
b7:0c:c1:a5:fa:e8:8b:b4:f3:a0:53:50:72:86:1e:
61:c9:de:57:3d:c4:24:5c:2d:45:0b:b0:03:7c:e4:
bc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:BD:C1:39:6D:D1:F5:81:78:35:36:2C:CE:99:FE:1B:81:A2:71:71
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/eL3BOW3R9YF4NTYszpn-G4GicXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.245.48.0-83.245.60.255
Signature Algorithm: sha256WithRSAEncryption
61:2d:b0:d1:28:31:1f:da:41:e8:67:fc:c3:6e:43:fe:e9:f7:
87:fe:41:7b:4b:f7:12:b3:9d:b0:09:6f:99:75:7c:bd:df:a5:
f9:af:d7:e9:c6:4b:f7:c8:98:22:fb:37:f2:0e:64:32:69:8e:
85:29:10:3f:1a:af:e3:36:ee:89:0c:03:72:5b:64:dc:9f:af:
93:44:0f:42:9e:f4:39:8e:36:1e:e7:2b:ad:af:84:1c:b8:b6:
c2:fb:c5:7e:73:b5:70:d6:a5:a8:7a:4f:64:cd:89:b8:35:44:
58:13:06:ed:f7:20:ff:b0:60:e4:d8:3d:52:31:d3:c3:c6:0e:
e0:77:2c:04:eb:97:25:65:a9:bc:89:9a:08:e0:72:ff:16:c7:
71:34:e0:a9:a6:9a:af:bd:e7:9e:dd:ef:cc:01:97:cd:b9:92:
5f:88:3b:8f:47:5b:36:b2:39:72:17:44:03:ed:db:6e:fc:66:
99:e2:6d:1c:13:0d:6a:74:03:0c:31:ba:2c:43:da:a7:e5:02:
7c:ba:79:d7:92:8e:8f:31:e6:0c:94:34:07:c6:ac:d3:14:cb:
d4:df:93:36:6e:97:07:e7:0c:d7:d4:4e:a4:00:7e:aa:8e:2a:
eb:8b:b9:01:c0:cc:7b:44:7c:5a:05:c5:22:7a:79:48:ab:f6:
e9:97:93:07
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ8YBdn4ljfQ7B8V0vnsp1YgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjYwNjMwMTAxNDI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGJkYzEzOTZkZDFmNTgxNzgzNTM2MmNjZTk5ZmUxYjgxYTI3MTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjcZHLQkRIXtoMOBypvN8ByAlEiO
JO4GaCEnAJJxro58ntLKQof/lddOdoLuo5oPVIt4Oo1DDii5KbdzaOJIcshf5jVR
Hyu1tlO+PHFQx1iyhmevkyVHSJiB4U68zQa4THZsIypdCPIVmSktdS9h68pnZHNc
ZZyTAMi5/ILvHky4UaGwUSaMudKlEOZo9MwO3mwHwVrm17q5q3Zw/DRHOcII7Biu
8hw+GcBHPgqNX7jdCO840+16SSj+ng4BAbmR8PBhQ9CI+pf/BEy1vr80CsSJnB97
1et4hqkMqjBLKVS3DMGl+uiLtPOgU1Byhh5hyd5XPcQkXC1FC7ADfOS8OwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHi9wTlt0fWBeDU2LM6Z/huBonFxMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvZUwzQk9XM1I5WUY0TlRZc3pwbi1HNEdpY1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBART9TAD
BABT9TwwDQYJKoZIhvcNAQELBQADggEBAGEtsNEoMR/aQehn/MNuQ/7p94f+QXtL
9xKznbAJb5l1fL3fpfmv1+nGS/fImCL7N/IOZDJpjoUpED8ar+M27okMA3JbZNyf
r5NED0Ke9DmONh7nK62vhBy4tsL7xX5ztXDWpah6T2TNibg1RFgTBu33IP+wYOTY
PVIx08PGDuB3LATrlyVlqbyJmgjgcv8Wx3E04Kmmmq+9557d78wBl825kl+IO49H
WzayOXIXRAPt2278ZpnibRwTDWp0AwwxuixD2qflAny6edeSjo8x5gyUNAfGrNMU
y9TfkzZulwfnDNfUTqQAfqqOKuuLuQHAzHtEfFoFxSJ6eUir9umXkwc=
-----END CERTIFICATE-----
Generated at Tue Jun 30 19:32:55 2026 by rpki-client