Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/EyR92aUa1YmyikBuKCPnhyQ6dQc.roa
File: EyR92aUa1YmyikBuKCPnhyQ6dQc.roa (raw, json)
Hash identifier: 7q/CmNDf+Nlfn++5VpeQfpPGbf0jec81JQlzO3KTrAc=
Subject key identifier: 13:24:7D:D9:A5:1A:D5:89:B2:8A:40:6E:28:23:E7:87:24:3A:75:07
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 019E3AEC7A4172F924D75A9FFF9D2BAF65AB
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/EyR92aUa1YmyikBuKCPnhyQ6dQc.roa
Signing time: Mon 18 May 2026 11:50:36 +0000
ROA not before: Mon 18 May 2026 11:50:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204652
IP address blocks: 217.61.236.0/24 maxlen: 24
217.61.239.0/24 maxlen: 24
2a03:2740:8000::/48 maxlen: 48
2a03:2740:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 05:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3a:ec:7a:41:72:f9:24:d7:5a:9f:ff:9d:2b:af:65:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: May 18 11:50:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=13247dd9a51ad589b28a406e2823e787243a7507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c9:05:49:07:91:83:ca:37:da:de:93:8c:94:
de:28:0d:93:31:f6:17:38:4c:bb:94:f6:ae:ac:1b:
7a:e1:a3:c2:f0:57:0d:3e:45:2e:7c:80:f9:13:31:
00:2e:65:e7:f1:7c:46:c9:c1:7c:5a:8c:56:a4:d7:
0c:a4:ce:40:83:2f:37:35:48:f0:5b:6a:cf:ba:cd:
c7:a1:05:8e:7c:7b:cc:40:07:c9:1a:76:c4:df:5c:
b2:af:6b:35:f9:aa:7e:94:e0:8b:0b:f1:c4:db:60:
5d:a9:00:37:ad:90:2b:15:3b:96:52:6b:f9:97:db:
45:d3:d1:8e:00:8d:9e:f4:2a:0c:4a:d8:57:da:e8:
31:41:88:3d:46:08:41:06:29:4b:1d:d8:86:4a:93:
b9:cc:e4:ba:25:1f:6c:db:6d:e0:3e:0e:9b:f1:ad:
e5:6a:6c:a1:05:66:dd:5a:9e:f3:32:bd:1e:fc:de:
46:8c:6f:7f:bc:67:fe:74:07:5a:9a:79:ea:f4:72:
bf:65:2a:9d:7b:cf:ec:1c:2d:7c:ff:f6:c7:d6:54:
e0:01:9a:d9:dd:ff:cd:b1:7a:9f:2a:d5:71:ad:73:
a0:2b:e2:05:2a:4f:d4:09:80:90:ae:8a:b6:49:3d:
d9:50:4c:58:b9:f1:a2:af:be:68:c9:4f:b6:52:c0:
78:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:24:7D:D9:A5:1A:D5:89:B2:8A:40:6E:28:23:E7:87:24:3A:75:07
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/EyR92aUa1YmyikBuKCPnhyQ6dQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.61.236.0/24
217.61.239.0/24
IPv6:
2a03:2740:8000::/48
2a03:2740:9000::/48
Signature Algorithm: sha256WithRSAEncryption
0f:f1:ad:1d:88:e9:4a:a5:d7:41:51:82:2b:a6:d0:8e:14:50:
5c:2b:a0:30:e6:bf:fa:b4:8e:67:c3:24:75:07:c6:31:d8:b6:
51:3f:ce:d5:03:a8:d1:5a:90:f1:3d:f7:0b:40:41:f3:ab:c3:
98:4c:c2:9e:86:7a:11:d9:1d:b9:b7:56:97:d6:96:15:9b:9e:
eb:28:25:77:ea:07:8f:b1:f4:4a:d9:47:3f:33:41:59:fa:50:
8d:73:e4:5d:3a:b8:a5:fd:4d:f8:5f:77:0b:4c:7f:5f:ae:70:
43:32:8a:96:0d:cf:69:5e:c9:28:00:a5:94:d3:bb:73:35:55:
f8:6b:3f:b7:36:07:fc:34:51:5e:3a:b0:19:21:54:e7:27:0f:
6d:74:b2:e8:96:8e:42:ed:e4:94:78:db:25:f0:40:d5:3f:7c:
62:f1:bb:5d:86:c5:a3:0a:51:33:82:8e:ae:73:f8:32:58:16:
41:36:cf:a4:bd:f4:7f:53:fb:b1:03:5c:c4:c6:f2:ac:c5:bb:
56:ad:58:19:61:b6:3c:97:2e:90:62:d0:21:60:ed:52:a2:9d:
88:d9:36:fe:b3:41:8e:26:a9:5b:03:52:0d:6d:91:40:35:9a:
b4:8a:47:51:49:d7:10:b9:e4:2b:39:1f:d6:46:cd:69:ac:52:
f8:e8:21:6e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ467HpBcvkk11qf/50rr2WrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjYwNTE4MTE1MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzI0N2RkOWE1MWFkNTg5YjI4YTQwNmUyODIzZTc4NzI0M2E3NTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMkFSQeRg8o32t6TjJTeKA2TMfYX
OEy7lPaurBt64aPC8FcNPkUufID5EzEALmXn8XxGycF8WoxWpNcMpM5Agy83NUjw
W2rPus3HoQWOfHvMQAfJGnbE31yyr2s1+ap+lOCLC/HE22BdqQA3rZArFTuWUmv5
l9tF09GOAI2e9CoMSthX2ugxQYg9RghBBilLHdiGSpO5zOS6JR9s223gPg6b8a3l
amyhBWbdWp7zMr0e/N5GjG9/vGf+dAdamnnq9HK/ZSqde8/sHC18//bH1lTgAZrZ
3f/NsXqfKtVxrXOgK+IFKk/UCYCQroq2ST3ZUExYufGir75oyU+2UsB4FwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBMkfdmlGtWJsopAbigj54ckOnUHMB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvRXlSOTJhVWExWW15aWtCdUtDUG5oeVE2ZFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQA2T3sAwQA
2T3vMBgEAgACMBIDBwAqAydAgAADBwAqAydAkAAwDQYJKoZIhvcNAQELBQADggEB
AA/xrR2I6Uql10FRgium0I4UUFwroDDmv/q0jmfDJHUHxjHYtlE/ztUDqNFakPE9
9wtAQfOrw5hMwp6GehHZHbm3VpfWlhWbnusoJXfqB4+x9ErZRz8zQVn6UI1z5F06
uKX9TfhfdwtMf1+ucEMyipYNz2leySgApZTTu3M1VfhrP7c2B/w0UV46sBkhVOcn
D210suiWjkLt5JR42yXwQNU/fGLxu12GxaMKUTOCjq5z+DJYFkE2z6S99H9T+7ED
XMTG8qzFu1atWBlhtjyXLpBi0CFg7VKinYjZNv6zQY4mqVsDUg1tkUA1mrSKR1FJ
1xC55Cs5H9ZGzWmsUvjoIW4=
-----END CERTIFICATE-----
Generated at Fri Jun 12 14:36:31 2026 by rpki-client