
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/162f8f-687f-4671-a524-55691a569720/1/AEyZjBDd8JRa3C8Qu8Ed1pPfWTA.roa
File: AEyZjBDd8JRa3C8Qu8Ed1pPfWTA.roa (raw, json)
Hash identifier: t/3GieMGxWoGjj/AjR+XfDv+Hv6o+nbcwMgeFZJBMF0=
Subject key identifier: 00:4C:99:8C:10:DD:F0:94:5A:DC:2F:10:BB:C1:1D:D6:93:DF:59:30
Certificate issuer: /CN=8181440a367a34d306bc0f685ae9cd86952f7f95
Certificate serial: 019EEFB8F113ACAA9D467B4E85D804D919D8
Authority key identifier: 81:81:44:0A:36:7A:34:D3:06:BC:0F:68:5A:E9:CD:86:95:2F:7F:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYFECjZ6NNMGvA9oWunNhpUvf5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/162f8f-687f-4671-a524-55691a569720/1/AEyZjBDd8JRa3C8Qu8Ed1pPfWTA.roa
Signing time: Mon 22 Jun 2026 14:25:35 +0000
ROA not before: Mon 22 Jun 2026 14:25:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215691
IP address blocks: 78.40.111.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
212.47.59.0/24 maxlen: 24
2a14:8880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/162f8f-687f-4671-a524-55691a569720/1/gYFECjZ6NNMGvA9oWunNhpUvf5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/162f8f-687f-4671-a524-55691a569720/1/gYFECjZ6NNMGvA9oWunNhpUvf5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/gYFECjZ6NNMGvA9oWunNhpUvf5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ef:b8:f1:13:ac:aa:9d:46:7b:4e:85:d8:04:d9:19:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8181440a367a34d306bc0f685ae9cd86952f7f95
Validity
Not Before: Jun 22 14:25:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=004c998c10ddf0945adc2f10bbc11dd693df5930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:53:d8:91:c9:d3:78:73:3a:70:da:c8:0a:59:
93:69:f4:ef:87:02:e5:41:2a:73:f2:22:30:d2:db:
c0:24:23:a6:34:45:29:ec:04:a1:ad:b6:bc:cf:7e:
40:11:8f:26:bb:6d:35:64:3d:69:10:41:c9:40:d6:
46:32:0c:5f:5e:1b:09:63:6e:bc:e6:2b:56:bf:53:
c6:03:3d:ab:1c:ff:58:d2:09:2a:1e:c5:6e:f9:0e:
d6:6e:5c:f9:12:e6:07:d6:1a:2b:dd:46:c1:be:90:
7e:7f:39:81:1d:d9:8f:eb:1b:e6:ce:68:80:68:7f:
88:1c:99:2b:f5:24:15:99:3f:22:32:a1:ba:58:59:
39:54:a6:e9:c0:ab:c6:8b:e2:10:c6:19:c2:3c:a6:
64:e3:92:0d:e9:bb:6d:fa:95:16:e8:77:df:75:e3:
57:1e:c8:ee:dc:82:fa:bc:5a:60:1b:72:c5:e6:8b:
2d:04:92:36:b3:0c:ac:a7:1d:1d:fc:c4:0b:cf:a1:
01:56:28:33:35:bc:44:df:8d:7e:91:cc:23:82:f2:
4c:24:f6:26:33:32:b7:ee:d3:a3:e1:d7:6b:5f:9a:
d5:f1:1f:b5:bc:ea:9d:60:e6:c7:58:73:1c:ad:d4:
83:04:24:ed:4e:e7:6b:21:72:1d:d5:c1:50:55:f8:
8c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4C:99:8C:10:DD:F0:94:5A:DC:2F:10:BB:C1:1D:D6:93:DF:59:30
X509v3 Authority Key Identifier:
keyid:81:81:44:0A:36:7A:34:D3:06:BC:0F:68:5A:E9:CD:86:95:2F:7F:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYFECjZ6NNMGvA9oWunNhpUvf5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/162f8f-687f-4671-a524-55691a569720/1/AEyZjBDd8JRa3C8Qu8Ed1pPfWTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/162f8f-687f-4671-a524-55691a569720/1/gYFECjZ6NNMGvA9oWunNhpUvf5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.111.0/24
171.22.18.0/24
212.47.59.0/24
IPv6:
2a14:8880::/29
Signature Algorithm: sha256WithRSAEncryption
c6:cc:8c:e6:a3:10:6f:26:55:05:65:de:49:6f:0b:b7:a0:f2:
0d:4e:59:27:42:c0:eb:27:09:16:8b:d4:68:43:dd:c0:7d:eb:
76:06:f4:61:6f:1f:00:d8:38:e6:34:ba:8a:87:8c:8c:1c:79:
1e:53:63:0a:78:1b:1e:41:68:6d:2d:73:15:51:8d:44:79:15:
5c:2d:57:0f:7d:d4:5a:b6:a3:95:d4:cc:d0:79:37:38:cd:31:
0f:75:8f:5a:d2:54:fb:03:0d:9c:64:b7:56:8f:42:70:ee:9e:
ff:9b:37:c0:74:c1:02:fa:63:68:9f:9a:c0:6e:8d:ba:49:1e:
75:6b:1a:50:71:42:fa:e3:fb:5d:d9:de:12:f6:14:c2:8d:5a:
eb:1d:b1:ee:02:79:f0:2f:8a:4d:b3:67:53:32:3a:c8:0e:f0:
fc:81:d3:40:22:72:24:a1:05:af:92:4e:00:1a:b4:f0:34:68:
47:a1:4f:2c:47:bf:92:28:f1:ef:15:f4:10:9b:38:d2:e9:b0:
df:22:5b:b2:fa:5c:96:e3:45:0d:b0:c4:02:2e:a0:f7:2a:e6:
63:5e:6a:12:73:1b:3a:3e:3e:ab:cd:f7:f2:8f:6d:52:95:e6:
34:f2:01:c0:6a:10:f4:5f:7b:cb:88:6d:a8:c5:e9:e3:40:4d:
c8:95:da:44
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ7vuPETrKqdRntOhdgE2RnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxODE0NDBhMzY3YTM0ZDMwNmJjMGY2ODVhZTljZDg2OTUy
ZjdmOTUwHhcNMjYwNjIyMTQyNTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDRjOTk4YzEwZGRmMDk0NWFkYzJmMTBiYmMxMWRkNjkzZGY1OTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lPYkcnTeHM6cNrIClmTafTvhwLl
QSpz8iIw0tvAJCOmNEUp7AShrba8z35AEY8mu201ZD1pEEHJQNZGMgxfXhsJY268
5itWv1PGAz2rHP9Y0gkqHsVu+Q7Wblz5EuYH1hor3UbBvpB+fzmBHdmP6xvmzmiA
aH+IHJkr9SQVmT8iMqG6WFk5VKbpwKvGi+IQxhnCPKZk45IN6btt+pUW6HffdeNX
Hsju3IL6vFpgG3LF5ostBJI2swyspx0d/MQLz6EBVigzNbxE341+kcwjgvJMJPYm
MzK37tOj4ddrX5rV8R+1vOqdYObHWHMcrdSDBCTtTudrIXId1cFQVfiMlQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFABMmYwQ3fCUWtwvELvBHdaT31kwMB8GA1UdIwQY
MBaAFIGBRAo2ejTTBrwPaFrpzYaVL3+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1lGRUNqWjZOTk1HdkE5b1d1bk5ocFV2ZjVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8xNjJmOGYtNjg3Zi00NjcxLWE1MjQt
NTU2OTFhNTY5NzIwLzEvQUV5WmpCRGQ4SlJhM0M4UXU4RWQxcFBmV1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8xNjJmOGYtNjg3Zi00NjcxLWE1MjQtNTU2OTFhNTY5NzIw
LzEvZ1lGRUNqWjZOTk1HdkE5b1d1bk5ocFV2ZjVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQATihvAwQA
qxYSAwQA1C87MA0EAgACMAcDBQMqFIiAMA0GCSqGSIb3DQEBCwUAA4IBAQDGzIzm
oxBvJlUFZd5Jbwu3oPINTlknQsDrJwkWi9RoQ93Afet2BvRhbx8A2DjmNLqKh4yM
HHkeU2MKeBseQWhtLXMVUY1EeRVcLVcPfdRatqOV1MzQeTc4zTEPdY9a0lT7Aw2c
ZLdWj0Jw7p7/mzfAdMEC+mNon5rAbo26SR51axpQcUL64/td2d4S9hTCjVrrHbHu
AnnwL4pNs2dTMjrIDvD8gdNAInIkoQWvkk4AGrTwNGhHoU8sR7+SKPHvFfQQmzjS
6bDfIluy+lyW40UNsMQCLqD3KuZjXmoScxs6Pj6rzffyj21SleY08gHAahD0X3vL
iG2oxenjQE3IldpE
-----END CERTIFICATE-----
Generated at Fri Jul 3 16:51:49 2026 by rpki-client