Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/3nZbiTfRWpAlEmQ4zjJnFmwfoxw.roa
File: 3nZbiTfRWpAlEmQ4zjJnFmwfoxw.roa (raw, json)
Hash identifier: Q7woYVQeLKKXi6htgm6dHQCqTD/A9ebhyuLYd2vRUXk=
Subject key identifier: DE:76:5B:89:37:D1:5A:90:25:12:64:38:CE:32:67:16:6C:1F:A3:1C
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019EA7FF16203AE2EACD26A3D94E15DDEB78
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/3nZbiTfRWpAlEmQ4zjJnFmwfoxw.roa
Signing time: Mon 08 Jun 2026 16:09:32 +0000
ROA not before: Mon 08 Jun 2026 16:09:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 89.106.14.0/24 maxlen: 24
89.106.16.0/24 maxlen: 24
89.106.18.0/24 maxlen: 24
89.106.21.0/24 maxlen: 24
89.106.22.0/24 maxlen: 24
94.229.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:ff:16:20:3a:e2:ea:cd:26:a3:d9:4e:15:dd:eb:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 8 16:09:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=de765b8937d15a9025126438ce3267166c1fa31c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:82:47:bf:3d:3f:8b:02:89:da:a7:2e:ac:78:
70:a4:b5:fb:69:81:a1:05:6e:32:e2:0d:b4:5d:a8:
09:14:88:ec:8b:40:9a:9f:aa:91:14:00:a3:9a:b9:
db:6b:86:6c:76:cb:e0:68:b6:02:29:03:28:c1:c0:
7c:28:85:4d:bb:d2:99:45:14:85:8a:53:bd:33:25:
31:c2:14:b4:b0:6c:c8:52:07:94:61:41:47:63:9d:
21:f1:e4:ba:96:04:ba:0b:fb:5a:b6:a2:ca:97:e1:
da:a4:b7:65:44:f3:2b:27:c0:e0:41:00:f4:fa:54:
95:16:41:50:05:5f:1e:35:9b:39:7b:0f:6e:35:1b:
81:fd:a3:91:11:11:30:b1:11:fe:28:4a:79:21:3a:
e2:21:64:8d:fd:5f:7a:3c:21:5a:25:85:b8:24:fa:
a1:0e:1d:86:62:96:f6:bf:0f:f9:a3:ca:97:d9:5d:
10:4f:37:15:9c:f5:2b:89:e9:bc:ba:67:ca:96:b1:
64:9f:14:bd:d6:5e:9b:62:f8:55:ac:65:8e:e2:25:
02:c1:e9:b4:6c:c1:f8:a8:15:31:75:84:82:3c:d1:
27:93:75:33:49:0a:55:6c:b4:aa:8e:7a:48:04:a4:
23:a3:00:72:c5:3e:f0:87:e0:9c:e3:a6:85:ea:99:
9d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:76:5B:89:37:D1:5A:90:25:12:64:38:CE:32:67:16:6C:1F:A3:1C
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/3nZbiTfRWpAlEmQ4zjJnFmwfoxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.14.0/24
89.106.16.0/24
89.106.18.0/24
89.106.21.0-89.106.22.255
94.229.208.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:09:79:83:e8:92:5b:60:8e:9a:0a:35:fb:f0:67:e8:05:77:
09:c2:b1:16:6b:cd:e2:71:19:97:aa:4c:23:85:b6:82:8f:fc:
6f:6c:cd:eb:2e:42:68:4f:c0:cc:e2:b4:1e:80:15:4e:b3:27:
a6:cb:0a:ac:47:83:95:df:d3:ab:30:c7:89:df:a3:fe:2e:b1:
ed:72:2e:de:a3:f1:24:99:46:31:dd:dc:8a:1a:d3:f9:3a:d8:
73:e5:42:07:43:29:7c:7e:5a:2c:05:34:a7:94:42:48:87:12:
9a:34:f3:67:f6:5b:59:4a:5d:d9:3b:1e:82:7b:e2:2c:89:c9:
f0:dc:64:38:7a:11:dd:72:04:47:ed:5c:ce:07:90:a3:43:7b:
4f:44:dd:ca:b7:7d:92:26:f3:72:84:cc:f0:15:d8:e9:f2:77:
88:a5:c4:37:e9:cd:e6:30:01:10:df:7d:01:55:04:ff:cc:15:
05:f4:d4:47:db:13:d7:9a:6a:50:29:7b:29:aa:07:bd:98:55:
18:d2:91:50:0f:95:5d:57:27:63:14:98:fb:d5:8c:c3:76:47:
64:a5:94:d8:c3:d7:04:70:51:93:e0:6d:76:e2:47:05:5b:a7:
1e:3f:91:40:bd:47:95:1a:91:94:c2:87:b5:30:0e:87:b3:3f:
64:82:8d:f8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ6n/xYgOuLqzSaj2U4V3et4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNjA4MTYwOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTc2NWI4OTM3ZDE1YTkwMjUxMjY0MzhjZTMyNjcxNjZjMWZhMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoJHvz0/iwKJ2qcurHhwpLX7aYGh
BW4y4g20XagJFIjsi0Can6qRFACjmrnba4ZsdsvgaLYCKQMowcB8KIVNu9KZRRSF
ilO9MyUxwhS0sGzIUgeUYUFHY50h8eS6lgS6C/tatqLKl+HapLdlRPMrJ8DgQQD0
+lSVFkFQBV8eNZs5ew9uNRuB/aOREREwsRH+KEp5ITriIWSN/V96PCFaJYW4JPqh
Dh2GYpb2vw/5o8qX2V0QTzcVnPUriem8umfKlrFknxS91l6bYvhVrGWO4iUCwem0
bMH4qBUxdYSCPNEnk3UzSQpVbLSqjnpIBKQjowByxT7wh+Cc46aF6pmdAwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFN52W4k30VqQJRJkOM4yZxZsH6McMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvM25aYmlUZlJXcEFsRW1RNHpqSm5GbXdmb3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWWoOAwQA
WWoQAwQAWWoSMAwDBABZahUDBABZahYDBABe5dAwDQYJKoZIhvcNAQELBQADggEB
ALkJeYPokltgjpoKNfvwZ+gFdwnCsRZrzeJxGZeqTCOFtoKP/G9szesuQmhPwMzi
tB6AFU6zJ6bLCqxHg5Xf06swx4nfo/4use1yLt6j8SSZRjHd3Ioa0/k62HPlQgdD
KXx+WiwFNKeUQkiHEpo082f2W1lKXdk7HoJ74iyJyfDcZDh6Ed1yBEftXM4HkKND
e09E3cq3fZIm83KEzPAV2Onyd4ilxDfpzeYwARDffQFVBP/MFQX01EfbE9eaalAp
eymqB72YVRjSkVAPlV1XJ2MUmPvVjMN2R2SllNjD1wRwUZPgbXbiRwVbpx4/kUC9
R5UakZTCh7UwDoezP2SCjfg=
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:34:33 2026 by rpki-client