Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/ev2hmUftXYv864rEpqGzBZJKp-g.roa
File: ev2hmUftXYv864rEpqGzBZJKp-g.roa (raw, json)
Hash identifier: hyEfDTWNZz8eqVd3a3M/2ok6Sf+eenKgqJ5SoRpMrXA=
Subject key identifier: 7A:FD:A1:99:47:ED:5D:8B:FC:EB:8A:C4:A6:A1:B3:05:92:4A:A7:E8
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019ED555E1D36293899DBC54CA832914DF87
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/ev2hmUftXYv864rEpqGzBZJKp-g.roa
Signing time: Wed 17 Jun 2026 11:27:15 +0000
ROA not before: Wed 17 Jun 2026 11:27:15 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 194.143.206.0/24 maxlen: 24
195.114.193.0/24 maxlen: 24
195.114.201.0/24 maxlen: 24
195.114.206.0/24 maxlen: 24
195.114.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 17:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d5:55:e1:d3:62:93:89:9d:bc:54:ca:83:29:14:df:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jun 17 11:27:15 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7afda19947ed5d8bfceb8ac4a6a1b305924aa7e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:a7:d0:e2:80:9e:ce:d4:3d:ec:f0:df:b3:e1:
64:01:f5:55:05:5b:d7:ae:4a:c8:31:69:38:f0:8f:
fa:45:ca:b4:8a:c3:33:a2:f0:c6:cd:59:ec:69:66:
08:d0:1d:90:2f:b6:75:fe:84:52:7c:69:10:cc:85:
ff:6a:c1:5b:cf:98:fb:43:6f:ba:48:39:15:f4:09:
07:ee:3e:fd:76:aa:3b:3a:f4:24:0a:3f:e2:e7:f8:
ce:db:e2:68:29:6d:a3:76:5d:34:c4:94:4f:06:be:
3e:bb:c8:25:9e:27:06:8f:b3:92:25:40:a4:34:be:
71:3a:4a:e2:04:13:dc:7c:5a:c6:0a:cf:ad:55:b9:
20:8e:fb:4f:65:90:f6:38:89:5a:1f:04:60:e9:d6:
d4:83:e8:6a:23:4d:3a:6d:80:28:85:b9:fa:c8:4a:
de:fc:0d:57:41:b0:23:12:f5:78:96:b6:65:8f:01:
d0:df:5f:f4:9f:b0:11:4a:9c:c6:f8:26:37:bf:ad:
05:d7:6f:f6:ce:57:ae:6d:57:09:94:75:37:1c:bd:
57:a7:81:e4:1a:f0:91:bc:19:1c:b3:25:38:52:4d:
d3:cf:7a:ce:e1:8f:21:fe:c3:a9:34:53:9d:f8:72:
4d:fc:16:8e:6e:79:0a:17:3a:0c:ef:0e:2d:84:96:
c2:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:FD:A1:99:47:ED:5D:8B:FC:EB:8A:C4:A6:A1:B3:05:92:4A:A7:E8
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/ev2hmUftXYv864rEpqGzBZJKp-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.206.0/24
195.114.193.0/24
195.114.201.0/24
195.114.206.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:8a:d6:03:7f:cc:03:24:dc:5f:2c:9c:20:f8:c5:8c:5a:72:
25:b0:c5:13:15:71:2f:ec:12:fa:05:26:ea:da:28:ea:c2:86:
0d:dd:54:38:a2:c9:70:77:17:09:92:b6:9d:e8:cb:d6:70:f0:
e2:13:ae:59:f6:a2:d4:83:3e:5a:fb:85:95:14:e8:e9:0e:d4:
f0:98:65:9c:6b:11:a6:73:d7:77:e8:c3:dd:65:05:76:1d:ae:
29:ce:dd:ff:32:1c:d2:86:f7:89:54:bb:d7:cf:2d:ae:d1:ca:
5b:ba:a1:59:8f:bf:31:0b:92:7d:cd:ce:12:58:f7:fe:ca:da:
ce:48:98:3f:26:20:49:90:d2:9f:14:29:b1:99:58:df:73:29:
32:ca:e0:aa:ad:ce:60:67:c8:a2:21:e8:f0:50:ef:fd:b9:c8:
fb:6d:73:45:1b:3c:1f:d9:0c:54:90:7e:c2:37:bb:4d:f9:37:
0e:df:2f:f5:74:4a:f4:1f:2f:5f:6b:9e:0b:27:cf:cd:2e:a3:
7b:6f:cd:cc:0f:00:5c:ee:15:c6:51:7e:7d:ce:6f:3f:3d:86:
70:8b:1a:f1:2b:16:5b:c0:2b:c1:d4:ff:4c:05:71:0f:c9:01:
51:d2:88:26:1c:c0:97:bc:c9:65:db:8d:51:02:25:fb:c9:3b:
51:77:2d:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ7VVeHTYpOJnbxUyoMpFN+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjYwNjE3MTEyNzE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWZkYTE5OTQ3ZWQ1ZDhiZmNlYjhhYzRhNmExYjMwNTkyNGFhN2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qfQ4oCeztQ97PDfs+FkAfVVBVvX
rkrIMWk48I/6Rcq0isMzovDGzVnsaWYI0B2QL7Z1/oRSfGkQzIX/asFbz5j7Q2+6
SDkV9AkH7j79dqo7OvQkCj/i5/jO2+JoKW2jdl00xJRPBr4+u8glnicGj7OSJUCk
NL5xOkriBBPcfFrGCs+tVbkgjvtPZZD2OIlaHwRg6dbUg+hqI006bYAohbn6yEre
/A1XQbAjEvV4lrZljwHQ31/0n7ARSpzG+CY3v60F12/2zleubVcJlHU3HL1Xp4Hk
GvCRvBkcsyU4Uk3Tz3rO4Y8h/sOpNFOd+HJN/BaObnkKFzoM7w4thJbCAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHr9oZlH7V2L/OuKxKahswWSSqfoMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvZXYyaG1VZnRYWXY4NjRyRXBxR3pCWkpLcC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwo/OAwQA
w3LBAwQAw3LJAwQBw3LOMA0GCSqGSIb3DQEBCwUAA4IBAQA+itYDf8wDJNxfLJwg
+MWMWnIlsMUTFXEv7BL6BSbq2ijqwoYN3VQ4oslwdxcJkrad6MvWcPDiE65Z9qLU
gz5a+4WVFOjpDtTwmGWcaxGmc9d36MPdZQV2Ha4pzt3/MhzShveJVLvXzy2u0cpb
uqFZj78xC5J9zc4SWPf+ytrOSJg/JiBJkNKfFCmxmVjfcykyyuCqrc5gZ8iiIejw
UO/9ucj7bXNFGzwf2QxUkH7CN7tN+TcO3y/1dEr0Hy9fa54LJ8/NLqN7b83MDwBc
7hXGUX59zm8/PYZwixrxKxZbwCvB1P9MBXEPyQFR0ogmHMCXvMll241RAiX7yTtR
dy0T
-----END CERTIFICATE-----
Generated at Sat Jun 20 02:15:37 2026 by rpki-client