Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/T868o8bdajrSRrh6Hj-zuq2nC-0.roa
File: T868o8bdajrSRrh6Hj-zuq2nC-0.roa (raw, json)
Hash identifier: Y/WVeHf99wur+wONYnuLO9A6BJ+FBaPQGBcYM4EU8u0=
Subject key identifier: 4F:CE:BC:A3:C6:DD:6A:3A:D2:46:B8:7A:1E:3F:B3:BA:AD:A7:0B:ED
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019DDA8EDEF4C1A59DB525521932AF6EE23C
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/T868o8bdajrSRrh6Hj-zuq2nC-0.roa
Signing time: Wed 29 Apr 2026 18:44:49 +0000
ROA not before: Wed 29 Apr 2026 18:44:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402298
IP address blocks: 94.229.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 14:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:da:8e:de:f4:c1:a5:9d:b5:25:52:19:32:af:6e:e2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Apr 29 18:44:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4fcebca3c6dd6a3ad246b87a1e3fb3baada70bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:b5:2a:c6:2d:ca:42:ea:0c:43:2e:30:17:
60:d8:1a:34:a5:b0:8b:87:44:d0:b2:49:63:67:32:
b3:45:8a:2d:be:16:03:b5:b5:68:49:da:22:83:c8:
47:66:26:a1:6c:99:d5:d8:ec:9a:a6:71:e7:78:82:
31:19:f9:e3:d0:7b:47:50:68:43:34:2f:89:47:7a:
f8:9b:21:1c:de:42:96:f0:02:48:6e:cf:b5:a5:74:
cc:83:17:75:0a:15:45:15:8c:b7:aa:4a:69:8d:59:
7b:03:b0:01:5e:2e:19:4c:a6:73:44:86:51:79:c1:
3e:ad:5e:02:94:c2:cb:a8:db:e1:65:28:a6:fd:1f:
a1:60:d4:c3:c5:e3:f6:71:75:f7:cd:a4:2f:f0:6f:
31:cd:79:aa:09:54:cb:fa:6b:70:77:08:7f:22:53:
70:49:62:f4:10:54:6a:39:20:76:5d:37:95:b3:51:
46:1a:0a:5e:eb:40:61:24:15:47:29:36:b7:d1:e3:
17:be:41:39:76:94:d9:69:a6:55:7b:3e:58:15:5e:
2a:0c:9a:65:04:4f:48:5e:f3:bc:2f:2e:b0:dd:0f:
27:a5:87:81:b9:df:8b:00:01:85:0e:9a:55:91:3f:
49:46:18:bd:00:74:16:2e:4d:60:a6:1f:df:68:1b:
67:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:CE:BC:A3:C6:DD:6A:3A:D2:46:B8:7A:1E:3F:B3:BA:AD:A7:0B:ED
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/T868o8bdajrSRrh6Hj-zuq2nC-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.229.222.0/24
Signature Algorithm: sha256WithRSAEncryption
17:c7:d7:f3:22:52:0d:30:60:44:ea:53:1a:28:1d:62:4b:15:
f3:81:6c:28:8c:8c:36:88:1a:15:e1:b5:8e:0e:ef:0b:a0:c1:
fc:62:6e:1e:50:9c:72:7a:0d:62:7a:6e:f3:10:3b:54:e9:7f:
11:84:50:8f:6b:f0:a6:fc:6f:5a:19:91:52:d2:04:57:9f:44:
57:76:43:8f:06:ac:48:1d:3d:2d:39:05:61:e3:f4:c1:a6:6f:
6a:33:c6:a2:af:6f:6e:e2:84:7c:e7:2f:a7:1d:bd:ff:03:0b:
55:fe:5d:ae:59:90:02:74:3e:40:71:3f:68:c5:d1:eb:f6:e1:
2e:e7:af:27:75:dd:f4:39:d2:24:f0:c9:d0:f1:08:e0:7e:58:
59:41:0a:86:98:fa:3b:e8:22:d2:26:6f:cb:14:92:84:aa:2c:
7f:a3:de:37:5b:07:f2:f3:e4:5a:cb:47:cd:c2:38:b2:69:ee:
3e:22:7b:5e:4f:a3:ce:85:4a:2a:19:6b:ff:ea:5d:a3:89:0b:
f8:38:b6:e2:dc:a8:6b:5d:ad:8e:85:e7:78:c5:a7:47:44:38:
b3:ae:c6:d9:15:d1:37:0c:50:59:2d:fa:90:cc:04:70:d5:27:
8b:2d:a2:8f:ef:b2:db:a6:2c:59:55:44:c0:16:eb:13:56:59:
52:84:4d:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3ajt70waWdtSVSGTKvbuI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNDI5MTg0NDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmNlYmNhM2M2ZGQ2YTNhZDI0NmI4N2ExZTNmYjNiYWFkYTcwYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuW1KsYtykLqDEMuMBdg2Bo0pbCL
h0TQskljZzKzRYotvhYDtbVoSdoig8hHZiahbJnV2OyapnHneIIxGfnj0HtHUGhD
NC+JR3r4myEc3kKW8AJIbs+1pXTMgxd1ChVFFYy3qkppjVl7A7ABXi4ZTKZzRIZR
ecE+rV4ClMLLqNvhZSim/R+hYNTDxeP2cXX3zaQv8G8xzXmqCVTL+mtwdwh/IlNw
SWL0EFRqOSB2XTeVs1FGGgpe60BhJBVHKTa30eMXvkE5dpTZaaZVez5YFV4qDJpl
BE9IXvO8Ly6w3Q8npYeBud+LAAGFDppVkT9JRhi9AHQWLk1gph/faBtneQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/OvKPG3Wo60ka4eh4/s7qtpwvtMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvVDg2OG84YmRhanJTUnJoNkhqLXp1cTJuQy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXuXeMA0G
CSqGSIb3DQEBCwUAA4IBAQAXx9fzIlINMGBE6lMaKB1iSxXzgWwojIw2iBoV4bWO
Du8LoMH8Ym4eUJxyeg1iem7zEDtU6X8RhFCPa/Cm/G9aGZFS0gRXn0RXdkOPBqxI
HT0tOQVh4/TBpm9qM8air29u4oR85y+nHb3/AwtV/l2uWZACdD5AcT9oxdHr9uEu
568ndd30OdIk8MnQ8QjgflhZQQqGmPo76CLSJm/LFJKEqix/o943Wwfy8+Ray0fN
wjiyae4+InteT6POhUoqGWv/6l2jiQv4OLbi3KhrXa2Ohed4xadHRDizrsbZFdE3
DFBZLfqQzARw1SeLLaKP77LbpixZVUTAFusTVllShE0g
-----END CERTIFICATE-----
Generated at Thu Apr 30 17:26:11 2026 by rpki-client