Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/EcVb7JNJifPpvwcAjqtAg6vi2Xc.roa
File: EcVb7JNJifPpvwcAjqtAg6vi2Xc.roa (raw, json)
Hash identifier: mm4OOwG5SG+HqTpp8VfmTmhzslFhiA7H7+fw+8qk+jA=
Subject key identifier: 11:C5:5B:EC:93:49:89:F3:E9:BF:07:00:8E:AB:40:83:AB:E2:D9:77
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019E4FA7CA3A3814A49F9FB6086CC46CBA9F
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/EcVb7JNJifPpvwcAjqtAg6vi2Xc.roa
Signing time: Fri 22 May 2026 12:27:36 +0000
ROA not before: Fri 22 May 2026 12:27:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212706
IP address blocks: 89.23.105.0/24 maxlen: 24
89.23.106.0/24 maxlen: 24
89.23.110.0/24 maxlen: 24
111.88.212.0/24 maxlen: 24
111.88.213.0/24 maxlen: 24
111.88.214.0/24 maxlen: 24
111.88.215.0/24 maxlen: 24
153.80.178.0/24 maxlen: 24
153.80.179.0/24 maxlen: 24
185.159.128.0/24 maxlen: 24
185.159.129.0/24 maxlen: 24
185.159.130.0/24 maxlen: 24
185.159.131.0/24 maxlen: 24
185.228.232.0/24 maxlen: 24
185.228.233.0/24 maxlen: 24
185.228.234.0/24 maxlen: 24
185.230.190.0/24 maxlen: 24
185.230.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 21:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:a7:ca:3a:38:14:a4:9f:9f:b6:08:6c:c4:6c:ba:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: May 22 12:27:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=11c55bec934989f3e9bf07008eab4083abe2d977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e5:f3:36:b3:47:a8:34:5d:00:b0:41:6e:de:
b4:7c:0c:df:b5:c6:49:e0:8c:c8:03:2f:cf:c1:78:
24:31:a5:06:e1:19:9b:c9:52:c3:9e:b2:b8:e4:3b:
8a:da:71:d8:c4:e1:9e:18:39:ec:85:08:49:e0:cc:
0c:0e:a8:5b:9b:a6:aa:3c:f9:ed:50:a0:b6:76:35:
d8:b6:79:1b:68:d5:94:f3:8d:e7:84:d6:9c:b0:c4:
a8:28:61:47:d8:29:5a:d1:8f:83:2c:be:26:83:e6:
6d:c1:a1:11:d6:2e:e5:b7:6e:d5:d7:46:3a:94:8c:
30:fd:ec:43:c5:e9:45:39:c6:fe:0e:63:dd:56:cb:
11:56:31:fe:81:24:35:c9:85:85:6e:1a:41:4c:c8:
1a:a3:38:60:e5:6e:85:52:72:eb:f3:f5:9c:47:6a:
9a:fa:24:05:d9:7d:44:74:9c:fc:da:8f:d0:30:5a:
68:d3:6a:63:e5:b5:10:b1:ca:04:fc:68:fa:73:99:
1d:73:dd:7b:92:08:35:a3:d5:61:13:a0:71:71:5e:
80:b9:0d:ad:dd:5f:64:9b:f3:0a:38:5e:f5:f4:42:
fc:75:4d:51:9a:99:f8:a3:38:75:3b:dd:47:3f:08:
f9:e2:d9:7b:da:ad:71:df:ed:77:d9:55:f8:d5:88:
00:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C5:5B:EC:93:49:89:F3:E9:BF:07:00:8E:AB:40:83:AB:E2:D9:77
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/EcVb7JNJifPpvwcAjqtAg6vi2Xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.105.0-89.23.106.255
89.23.110.0/24
111.88.212.0/22
153.80.178.0/23
185.159.128.0/22
185.228.232.0-185.228.234.255
185.230.190.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:97:8f:7a:13:5a:f4:1d:8d:40:31:81:0b:e7:90:ec:99:93:
a9:08:28:c7:7e:8c:45:c7:41:9d:59:4b:c7:bb:46:e2:d4:39:
13:0c:b0:de:4a:be:28:f2:c7:3c:2f:9c:12:96:a8:7b:a7:11:
8c:60:7b:92:e0:dc:51:c0:c6:e6:b6:e6:b8:50:b5:8b:7d:0c:
7a:6d:ae:c8:09:0f:89:33:75:3b:a0:63:28:13:32:2d:2b:fd:
20:07:66:d4:1b:3e:bc:5e:da:b4:af:65:7e:bc:b6:a4:34:c7:
e9:d0:c9:b3:10:2f:5b:1c:0f:fb:7c:c2:92:b3:b5:69:bb:18:
7d:8a:79:61:2a:8d:3d:9b:25:08:54:23:45:79:0f:5b:6e:db:
4d:ea:91:05:e3:b2:16:2a:6b:a8:b9:1b:48:bc:e1:6c:97:61:
40:33:13:0e:76:36:0c:85:b2:8b:85:15:59:f0:08:ef:25:65:
f8:43:90:3d:5a:0b:79:da:76:80:4e:6f:e4:d4:75:29:27:6f:
6b:81:d5:c3:f4:10:a4:70:3a:fa:12:71:09:45:c6:b6:b2:c4:
bf:a8:be:dc:89:78:a3:53:43:70:52:52:b3:25:7f:e6:e1:8d:
94:8b:87:0b:a0:79:38:0b:a9:60:2a:e7:42:f2:68:64:a0:59:
4b:7e:bf:1c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ5Pp8o6OBSkn5+2CGzEbLqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjYwNTIyMTIyNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWM1NWJlYzkzNDk4OWYzZTliZjA3MDA4ZWFiNDA4M2FiZTJkOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOXzNrNHqDRdALBBbt60fAzftcZJ
4IzIAy/PwXgkMaUG4RmbyVLDnrK45DuK2nHYxOGeGDnshQhJ4MwMDqhbm6aqPPnt
UKC2djXYtnkbaNWU843nhNacsMSoKGFH2Cla0Y+DLL4mg+ZtwaER1i7lt27V10Y6
lIww/exDxelFOcb+DmPdVssRVjH+gSQ1yYWFbhpBTMgaozhg5W6FUnLr8/WcR2qa
+iQF2X1EdJz82o/QMFpo02pj5bUQscoE/Gj6c5kdc917kgg1o9VhE6BxcV6AuQ2t
3V9km/MKOF719EL8dU1Rmpn4ozh1O91HPwj54tl72q1x3+132VX41YgAQQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFBHFW+yTSYnz6b8HAI6rQIOr4tl3MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvRWNWYjdKTkppZlBwdndjQWpxdEFnNnZpMlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBABZF2kD
BABZF2oDBABZF24DBAJvWNQDBAGZULIDBAK5n4AwDAMEA7nk6AMEALnk6gMEAbnm
vjANBgkqhkiG9w0BAQsFAAOCAQEAT5ePehNa9B2NQDGBC+eQ7JmTqQgox36MRcdB
nVlLx7tG4tQ5Ewyw3kq+KPLHPC+cEpaoe6cRjGB7kuDcUcDG5rbmuFC1i30Mem2u
yAkPiTN1O6BjKBMyLSv9IAdm1Bs+vF7atK9lfry2pDTH6dDJsxAvWxwP+3zCkrO1
absYfYp5YSqNPZslCFQjRXkPW27bTeqRBeOyFiprqLkbSLzhbJdhQDMTDnY2DIWy
i4UVWfAI7yVl+EOQPVoLedp2gE5v5NR1KSdva4HVw/QQpHA6+hJxCUXGtrLEv6i+
3Il4o1NDcFJSsyV/5uGNlIuHC6B5OAupYCrnQvJoZKBZS36/HA==
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:11:18 2026 by rpki-client