Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/EKoAMEP1MIyUPukcaRdbkhi5FwE.roa
File: EKoAMEP1MIyUPukcaRdbkhi5FwE.roa (raw, json)
Hash identifier: h2vXJKwmx60oDI/xemgMQKs0gZpBWvjhMJ8GnVNL2ag=
Subject key identifier: 10:AA:00:30:43:F5:30:8C:94:3E:E9:1C:69:17:5B:92:18:B9:17:01
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019E88CA0EAB5A3728BDD8AD7FB5FFE0502A
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/EKoAMEP1MIyUPukcaRdbkhi5FwE.roa
Signing time: Tue 02 Jun 2026 14:43:23 +0000
ROA not before: Tue 02 Jun 2026 14:43:23 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201216
IP address blocks: 192.36.107.0/24 maxlen: 24
192.36.108.0/24 maxlen: 24
192.36.195.0/24 maxlen: 24
192.36.235.0/24 maxlen: 24
192.36.252.0/24 maxlen: 24
192.71.39.0/24 maxlen: 24
192.71.91.0/24 maxlen: 24
192.71.163.0/24 maxlen: 24
192.71.183.0/24 maxlen: 24
192.71.192.0/24 maxlen: 24
192.71.226.0/24 maxlen: 24
192.121.57.0/24 maxlen: 24
192.121.59.0/24 maxlen: 24
192.121.90.0/24 maxlen: 24
192.121.105.0/24 maxlen: 24
192.121.219.0/24 maxlen: 24
192.121.248.0/24 maxlen: 24
192.176.45.0/24 maxlen: 24
192.176.228.0/24 maxlen: 24
193.180.76.0/22 maxlen: 24
193.181.192.0/24 maxlen: 24
193.181.193.0/24 maxlen: 24
193.182.245.0/24 maxlen: 24
193.183.143.0/24 maxlen: 24
193.183.145.0/24 maxlen: 24
193.183.146.0/24 maxlen: 24
193.234.18.0/24 maxlen: 24
193.234.98.0/24 maxlen: 24
193.234.143.0/24 maxlen: 24
193.235.1.0/24 maxlen: 24
193.235.3.0/24 maxlen: 24
193.235.32.0/24 maxlen: 24
193.235.47.0/24 maxlen: 24
193.235.48.0/24 maxlen: 24
193.235.97.0/24 maxlen: 24
193.235.98.0/24 maxlen: 24
194.14.35.0/24 maxlen: 24
194.14.39.0/24 maxlen: 24
194.14.49.0/24 maxlen: 24
194.14.134.0/24 maxlen: 24
194.14.177.0/24 maxlen: 24
194.14.249.0/24 maxlen: 24
194.68.37.0/24 maxlen: 24
194.68.38.0/24 maxlen: 24
194.68.111.0/24 maxlen: 24
194.68.118.0/24 maxlen: 24
194.68.161.0/24 maxlen: 24
194.68.219.0/24 maxlen: 24
194.71.3.0/24 maxlen: 24
194.71.4.0/24 maxlen: 24
194.71.92.0/24 maxlen: 24
194.71.111.0/24 maxlen: 24
194.71.182.0/24 maxlen: 24
194.71.223.0/24 maxlen: 24
194.71.242.0/24 maxlen: 24
194.103.52.0/24 maxlen: 24
194.103.238.0/24 maxlen: 24
194.132.10.0/24 maxlen: 24
194.132.29.0/24 maxlen: 24
194.132.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:88:ca:0e:ab:5a:37:28:bd:d8:ad:7f:b5:ff:e0:50:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jun 2 14:43:23 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=10aa003043f5308c943ee91c69175b9218b91701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:13:77:c0:b3:ca:51:74:8a:6b:da:e9:8a:a9:
b7:26:ed:e8:f1:9b:25:fd:e8:9d:b0:e5:80:d1:58:
c8:3e:62:40:65:41:c5:4f:23:12:5a:93:bb:50:07:
dc:de:89:7b:fc:c4:ae:5d:11:ef:ed:f3:a9:83:1e:
ae:68:26:6c:db:69:a8:69:6b:46:3e:60:75:17:58:
33:51:bc:2e:d9:2a:62:43:fe:0a:9f:65:f4:e2:57:
a8:3a:bd:b2:f3:f4:a4:18:76:5a:73:9a:f2:79:dd:
13:d0:a2:5f:94:8a:6a:85:57:1d:b6:96:4b:45:4d:
15:64:49:0c:d4:40:e7:d4:45:da:fb:1c:7a:44:e9:
d3:4d:c6:34:75:98:35:9b:3d:7b:d4:73:ca:bf:83:
d2:65:ba:3b:5c:73:4b:99:50:08:28:0e:bf:46:05:
cb:78:63:87:9e:1f:3e:1d:3b:6a:32:44:ce:a8:ca:
39:cc:75:e1:40:1a:69:76:3f:0d:8c:14:bd:51:06:
8d:3c:24:ee:26:bd:84:a1:8c:db:04:f6:e6:21:41:
8f:f1:9b:c6:22:ff:d4:94:1d:3b:ab:19:21:4d:ff:
55:83:eb:4f:a5:14:53:2e:36:ff:3e:f5:7f:93:d8:
c3:49:46:30:16:ad:53:d0:33:4a:1c:c4:7e:ed:e7:
10:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AA:00:30:43:F5:30:8C:94:3E:E9:1C:69:17:5B:92:18:B9:17:01
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/EKoAMEP1MIyUPukcaRdbkhi5FwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.107.0-192.36.108.255
192.36.195.0/24
192.36.235.0/24
192.36.252.0/24
192.71.39.0/24
192.71.91.0/24
192.71.163.0/24
192.71.183.0/24
192.71.192.0/24
192.71.226.0/24
192.121.57.0/24
192.121.59.0/24
192.121.90.0/24
192.121.105.0/24
192.121.219.0/24
192.121.248.0/24
192.176.45.0/24
192.176.228.0/24
193.180.76.0/22
193.181.192.0/23
193.182.245.0/24
193.183.143.0/24
193.183.145.0-193.183.146.255
193.234.18.0/24
193.234.98.0/24
193.234.143.0/24
193.235.1.0/24
193.235.3.0/24
193.235.32.0/24
193.235.47.0-193.235.48.255
193.235.97.0-193.235.98.255
194.14.35.0/24
194.14.39.0/24
194.14.49.0/24
194.14.134.0/24
194.14.177.0/24
194.14.249.0/24
194.68.37.0-194.68.38.255
194.68.111.0/24
194.68.118.0/24
194.68.161.0/24
194.68.219.0/24
194.71.3.0-194.71.4.255
194.71.92.0/24
194.71.111.0/24
194.71.182.0/24
194.71.223.0/24
194.71.242.0/24
194.103.52.0/24
194.103.238.0/24
194.132.10.0/24
194.132.29.0/24
194.132.59.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:44:c2:b4:01:9e:bb:2b:98:1c:71:ea:3c:ca:02:86:a5:87:
64:3f:06:81:63:90:45:98:88:78:d4:e7:59:2c:f4:56:c4:73:
0c:96:3a:15:fc:93:e1:df:ff:c8:9e:71:5e:d2:35:b8:09:e2:
57:e9:31:aa:b2:54:22:66:4a:de:e5:97:b5:59:83:1b:90:77:
e2:fb:5f:be:14:8f:2a:2f:79:99:07:7e:33:45:dd:ff:fb:cb:
7f:98:73:c2:5f:40:8f:cf:d7:d5:fc:57:e9:da:05:4b:20:b1:
80:ef:36:48:00:20:4f:a2:cc:dc:bb:c6:3b:c7:b6:ca:a9:dc:
48:b3:18:2d:dd:d3:a1:1c:58:71:68:49:86:cb:c6:37:ef:d6:
0a:41:20:4a:62:7a:e5:63:cc:8f:0a:7e:a0:d1:0b:98:37:b6:
9c:ac:2e:90:de:c3:2f:bf:1f:5b:d0:9d:50:be:3e:c4:d7:c6:
51:fe:c0:a2:cc:95:be:f8:7f:53:23:13:40:42:a8:10:0a:23:
fd:e7:f2:34:c0:0d:aa:99:28:ab:08:98:55:6f:ab:b8:ea:f3:
5d:c2:fb:dc:3f:49:df:29:4b:1e:19:97:59:9d:09:80:23:3a:
0a:4d:88:29:1b:a8:3e:ea:df:75:e9:a8:eb:9d:ae:61:bf:46:
55:1c:5f:a3
-----BEGIN CERTIFICATE-----
MIIGbzCCBVegAwIBAgISAZ6Iyg6rWjcovditf7X/4FAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwNjAyMTQ0MzIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGFhMDAzMDQzZjUzMDhjOTQzZWU5MWM2OTE3NWI5MjE4YjkxNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxN3wLPKUXSKa9rpiqm3Ju3o8Zsl
/eidsOWA0VjIPmJAZUHFTyMSWpO7UAfc3ol7/MSuXRHv7fOpgx6uaCZs22moaWtG
PmB1F1gzUbwu2SpiQ/4Kn2X04leoOr2y8/SkGHZac5ryed0T0KJflIpqhVcdtpZL
RU0VZEkM1EDn1EXa+xx6ROnTTcY0dZg1mz171HPKv4PSZbo7XHNLmVAIKA6/RgXL
eGOHnh8+HTtqMkTOqMo5zHXhQBppdj8NjBS9UQaNPCTuJr2EoYzbBPbmIUGP8ZvG
Iv/UlB07qxkhTf9Vg+tPpRRTLjb/PvV/k9jDSUYwFq1T0DNKHMR+7ecQeQIDAQAB
o4IDezCCA3cwHQYDVR0OBBYEFBCqADBD9TCMlD7pHGkXW5IYuRcBMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRUtvQU1FUDFNSXlVUHVrY2FSZGJraGk1RndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjwYIKwYBBQUHAQcBAf8EggF+MIIBejCCAXYEAgABMIIB
bjAMAwQAwCRrAwQAwCRsAwQAwCTDAwQAwCTrAwQAwCT8AwQAwEcnAwQAwEdbAwQA
wEejAwQAwEe3AwQAwEfAAwQAwEfiAwQAwHk5AwQAwHk7AwQAwHlaAwQAwHlpAwQA
wHnbAwQAwHn4AwQAwLAtAwQAwLDkAwQCwbRMAwQBwbXAAwQAwbb1AwQAwbePMAwD
BADBt5EDBADBt5IDBADB6hIDBADB6mIDBADB6o8DBADB6wEDBADB6wMDBADB6yAw
DAMEAMHrLwMEAMHrMDAMAwQAwethAwQAwetiAwQAwg4jAwQAwg4nAwQAwg4xAwQA
wg6GAwQAwg6xAwQAwg75MAwDBADCRCUDBADCRCYDBADCRG8DBADCRHYDBADCRKED
BADCRNswDAMEAMJHAwMEAMJHBAMEAMJHXAMEAMJHbwMEAMJHtgMEAMJH3wMEAMJH
8gMEAMJnNAMEAMJn7gMEAMKECgMEAMKEHQMEAMKEOzANBgkqhkiG9w0BAQsFAAOC
AQEAfETCtAGeuyuYHHHqPMoChqWHZD8GgWOQRZiIeNTnWSz0VsRzDJY6FfyT4d//
yJ5xXtI1uAniV+kxqrJUImZK3uWXtVmDG5B34vtfvhSPKi95mQd+M0Xd//vLf5hz
wl9Aj8/X1fxX6doFSyCxgO82SAAgT6LM3LvGO8e2yqncSLMYLd3ToRxYcWhJhsvG
N+/WCkEgSmJ65WPMjwp+oNELmDe2nKwukN7DL78fW9CdUL4+xNfGUf7AosyVvvh/
UyMTQEKoEAoj/efyNMANqpkoqwiYVW+ruOrzXcL73D9J3ylLHhmXWZ0JgCM6Ck2I
KRuoPurfdemo652uYb9GVRxfow==
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:17:39 2026 by rpki-client