Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/cLKkpt1ii1WUp85E1A0XDCuFVcE.roa
File: cLKkpt1ii1WUp85E1A0XDCuFVcE.roa (raw, json)
Hash identifier: oA+IEHSSCMbEbtt8WTlNZuDaN89m3EtuPX1qL5SdfU0=
Subject key identifier: 70:B2:A4:A6:DD:62:8B:55:94:A7:CE:44:D4:0D:17:0C:2B:85:55:C1
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019E2C79C012A0AF7CCA632F0C20EEC59568
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/cLKkpt1ii1WUp85E1A0XDCuFVcE.roa
Signing time: Fri 15 May 2026 16:30:37 +0000
ROA not before: Fri 15 May 2026 16:30:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 64267
IP address blocks: 89.106.26.0/24 maxlen: 24
103.102.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 13:19:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2c:79:c0:12:a0:af:7c:ca:63:2f:0c:20:ee:c5:95:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: May 15 16:30:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=70b2a4a6dd628b5594a7ce44d40d170c2b8555c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d9:2f:11:18:ac:83:e3:44:de:de:a5:2f:ce:
d5:5a:4d:82:22:76:26:6d:48:1b:fa:9c:88:4a:2b:
74:0e:11:4e:c4:cc:47:67:73:61:e1:a0:6f:52:f3:
ac:28:8a:09:48:67:3f:36:0a:64:b9:8f:d4:7a:85:
c5:30:a7:1b:d8:40:e0:00:08:2f:66:23:40:64:09:
91:c8:03:29:80:0b:87:68:ca:60:b8:0d:9a:21:c9:
23:f2:b9:27:00:45:11:ca:ae:25:a7:74:56:3a:0c:
e9:fb:fd:9f:44:dc:c6:ed:30:f1:b4:0f:11:7d:11:
92:40:4b:9b:1e:d6:de:33:14:58:42:8b:f6:10:5f:
4b:97:2c:4a:49:5a:8c:82:53:ce:7d:f4:85:02:18:
44:aa:6f:19:19:6e:d0:28:74:ea:d8:ee:33:b1:a1:
58:62:56:8c:47:67:7f:ac:8e:1c:ee:aa:d2:83:7d:
48:77:df:c6:5b:b3:a0:31:78:5d:ed:8b:2b:74:f3:
42:1f:c3:16:d3:5a:16:8d:1a:d8:48:d3:dd:fa:a9:
cc:f5:29:5d:f7:0e:79:71:05:94:a1:21:82:c4:09:
95:2f:98:ce:6c:0b:a1:19:99:6e:e5:40:c4:5a:b2:
6d:6a:53:2a:17:ee:7e:09:e8:8b:ee:f5:2a:50:99:
cc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B2:A4:A6:DD:62:8B:55:94:A7:CE:44:D4:0D:17:0C:2B:85:55:C1
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/cLKkpt1ii1WUp85E1A0XDCuFVcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.26.0/24
103.102.132.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:26:fa:d5:91:b4:e9:35:41:3b:47:13:31:84:6f:9b:74:67:
f9:9a:ee:0e:78:8b:57:b7:44:eb:c9:1b:ef:ef:4a:1c:a0:4c:
bb:2f:31:96:0f:a2:90:a4:1a:73:c5:09:f5:38:53:66:48:93:
75:5b:c7:66:28:11:0e:97:7e:66:af:8c:2d:40:33:36:9e:09:
b2:28:2f:68:82:f3:97:52:3e:c2:b2:a7:83:c4:7b:b5:e0:87:
6b:e5:0c:cb:1c:94:f5:c8:45:f2:e5:52:32:0e:37:e9:5d:9d:
2d:b8:ac:10:22:41:d9:3e:ce:da:0e:34:4b:32:f0:c0:80:e6:
7c:b2:ec:4f:d1:48:ea:25:50:d2:8b:16:d1:ee:20:d5:c2:f3:
36:ea:aa:04:ef:dc:39:18:68:54:fc:8e:0e:03:c4:0c:df:94:
9d:93:b8:93:6b:9b:2a:b7:38:7b:d7:af:5f:aa:24:f5:b1:46:
20:06:8c:31:09:8c:41:fc:b2:2b:1c:84:aa:4a:2c:5d:a7:6c:
a7:5d:a4:40:10:cd:c2:ba:e1:5f:6b:2a:9c:b1:0f:c8:94:f4:
14:7e:64:16:25:b9:ba:19:c1:f5:03:b6:9d:4f:35:99:64:f6:
ca:6a:67:02:2d:20:9a:68:1f:11:e0:3e:08:00:7b:a4:15:8e:
51:c9:0b:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4secASoK98ymMvDCDuxZVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNTE1MTYzMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGIyYTRhNmRkNjI4YjU1OTRhN2NlNDRkNDBkMTcwYzJiODU1NWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdkvERisg+NE3t6lL87VWk2CInYm
bUgb+pyISit0DhFOxMxHZ3Nh4aBvUvOsKIoJSGc/NgpkuY/UeoXFMKcb2EDgAAgv
ZiNAZAmRyAMpgAuHaMpguA2aIckj8rknAEURyq4lp3RWOgzp+/2fRNzG7TDxtA8R
fRGSQEubHtbeMxRYQov2EF9LlyxKSVqMglPOffSFAhhEqm8ZGW7QKHTq2O4zsaFY
YlaMR2d/rI4c7qrSg31Id9/GW7OgMXhd7YsrdPNCH8MW01oWjRrYSNPd+qnM9Sld
9w55cQWUoSGCxAmVL5jObAuhGZlu5UDEWrJtalMqF+5+CeiL7vUqUJnM2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCypKbdYotVlKfORNQNFwwrhVXBMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvY0xLa3B0MWlpMVdVcDg1RTFBMFhEQ3VGVmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWWoaAwQA
Z2aEMA0GCSqGSIb3DQEBCwUAA4IBAQDhJvrVkbTpNUE7RxMxhG+bdGf5mu4OeItX
t0TryRvv70ocoEy7LzGWD6KQpBpzxQn1OFNmSJN1W8dmKBEOl35mr4wtQDM2ngmy
KC9ogvOXUj7CsqeDxHu14Idr5QzLHJT1yEXy5VIyDjfpXZ0tuKwQIkHZPs7aDjRL
MvDAgOZ8suxP0UjqJVDSixbR7iDVwvM26qoE79w5GGhU/I4OA8QM35Sdk7iTa5sq
tzh7169fqiT1sUYgBowxCYxB/LIrHISqSixdp2ynXaRAEM3CuuFfayqcsQ/IlPQU
fmQWJbm6GcH1A7adTzWZZPbKamcCLSCaaB8R4D4IAHukFY5RyQtl
-----END CERTIFICATE-----
Generated at Wed Jun 3 23:21:25 2026 by rpki-client