Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/EGCxmj_3P4OdgMPqYMZRoqDAaa0.roa
File: EGCxmj_3P4OdgMPqYMZRoqDAaa0.roa (raw, json)
Hash identifier: F/HUrp6QsLnvcSoouuAdZYE36oDXQmOSKH9XVdoGe+Q=
Subject key identifier: 10:60:B1:9A:3F:F7:3F:83:9D:80:C3:EA:60:C6:51:A2:A0:C0:69:AD
Certificate issuer: /CN=cd1f73345794ce4817ea99e8d8cfcea71bd78367
Certificate serial: 019B7910D3827616556DC60D2D39959A9718
Authority key identifier: CD:1F:73:34:57:94:CE:48:17:EA:99:E8:D8:CF:CE:A7:1B:D7:83:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/EGCxmj_3P4OdgMPqYMZRoqDAaa0.roa
Signing time: Thu 01 Jan 2026 10:18:24 +0000
ROA not before: Thu 01 Jan 2026 10:18:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214555
IP address blocks: 193.221.121.0/24 maxlen: 24
212.56.56.0/24 maxlen: 24
2a14:7640::/32 maxlen: 32
2a14:7641::/32 maxlen: 32
2a14:7642::/32 maxlen: 32
2a14:7643::/32 maxlen: 32
2a14:7644::/32 maxlen: 32
2a14:7645::/32 maxlen: 32
2a14:7646::/32 maxlen: 32
2a14:7647::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/zR9zNFeUzkgX6pno2M_OpxvXg2c.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/zR9zNFeUzkgX6pno2M_OpxvXg2c.mft
rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 10:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:10:d3:82:76:16:55:6d:c6:0d:2d:39:95:9a:97:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd1f73345794ce4817ea99e8d8cfcea71bd78367
Validity
Not Before: Jan 1 10:18:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1060b19a3ff73f839d80c3ea60c651a2a0c069ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:45:69:35:17:3b:ef:e7:c6:96:06:20:30:b5:
6c:61:3a:92:69:52:0d:b1:17:9e:13:85:9c:1c:64:
b2:ae:5a:3a:b8:e2:41:ce:4b:2f:88:c6:f8:6d:2a:
ab:86:b8:6f:cf:1c:59:5d:30:38:c8:73:bd:ed:f1:
8f:42:fe:97:6f:98:32:21:b3:d6:7f:27:aa:92:a0:
e3:b4:b7:e5:bd:b7:59:dd:cc:77:5b:3d:03:fa:0d:
32:35:7f:b0:8c:2e:b0:1d:68:97:86:b7:48:80:cf:
37:3a:44:6a:65:3c:fa:19:71:6b:bf:72:27:ee:2f:
49:3b:5d:25:10:a5:e7:89:a6:9d:36:a2:cb:7d:4b:
01:a5:ea:8b:ac:fa:a4:99:9f:af:63:55:07:bd:7f:
9f:c1:ab:6d:7b:d7:a9:2d:99:89:8b:f4:44:70:63:
1d:18:53:bf:f2:a3:ce:7e:7a:82:65:ca:68:2b:f7:
4f:c2:48:b0:1b:f3:63:92:c8:05:d8:ea:91:95:4a:
aa:07:35:7e:9d:f9:57:8f:30:a5:94:c0:97:a4:14:
1e:07:5a:d6:ac:70:3a:35:c0:8b:34:8c:09:d1:ac:
09:dd:2d:94:64:4a:df:23:08:f5:21:8f:21:63:7f:
fd:5b:f8:37:9b:a8:0a:08:9b:b1:4c:c8:09:56:b3:
18:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:60:B1:9A:3F:F7:3F:83:9D:80:C3:EA:60:C6:51:A2:A0:C0:69:AD
X509v3 Authority Key Identifier:
keyid:CD:1F:73:34:57:94:CE:48:17:EA:99:E8:D8:CF:CE:A7:1B:D7:83:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/EGCxmj_3P4OdgMPqYMZRoqDAaa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/zR9zNFeUzkgX6pno2M_OpxvXg2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.221.121.0/24
212.56.56.0/24
IPv6:
2a14:7640::/29
Signature Algorithm: sha256WithRSAEncryption
28:61:e1:6e:e9:c9:aa:87:b9:d8:4d:1f:1e:5e:11:9f:f7:f7:
2a:3a:80:65:34:a3:98:0d:8e:7a:12:95:2e:48:24:43:0e:97:
14:4b:00:d2:dc:8f:8f:59:df:e8:00:57:fc:ff:2d:b8:27:1c:
fc:0e:9a:47:10:ff:18:c1:f6:a1:8e:10:2f:e4:ae:d7:88:2e:
bc:6f:93:03:d3:8e:d7:f2:84:73:4f:77:c9:c8:58:86:cf:f5:
b6:16:6c:a4:0f:1d:0a:04:88:5c:86:81:09:8c:73:43:44:4f:
35:2d:e0:31:e5:66:f1:d8:3e:c4:ca:21:59:2e:ed:0c:3c:97:
9f:8f:6e:42:f5:18:bc:fe:ae:8a:71:af:15:dd:41:8f:0c:d2:
1c:b8:12:7a:19:e8:cc:9a:de:fd:a5:f4:38:44:73:f6:b9:a4:
2d:cd:8e:91:38:2b:e9:d4:ba:96:64:8f:1e:d3:c3:f4:60:c5:
c7:4e:c9:98:93:a9:d0:de:23:8b:12:a4:c4:f0:a5:59:cd:1e:
29:04:99:2f:74:21:d2:8d:5f:34:0a:06:52:6e:f7:e8:86:8c:
36:af:c8:c6:37:9d:a2:c3:cf:8c:60:30:92:7f:91:2a:0e:c1:
1d:3d:34:d3:2e:b5:08:7f:f5:96:5b:0a:95:30:cb:b3:58:55:
49:29:c7:90
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt5ENOCdhZVbcYNLTmVmpcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWY3MzM0NTc5NGNlNDgxN2VhOTllOGQ4Y2ZjZWE3MWJk
NzgzNjcwHhcNMjYwMTAxMTAxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDYwYjE5YTNmZjczZjgzOWQ4MGMzZWE2MGM2NTFhMmEwYzA2OWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9UVpNRc77+fGlgYgMLVsYTqSaVIN
sReeE4WcHGSyrlo6uOJBzksviMb4bSqrhrhvzxxZXTA4yHO97fGPQv6Xb5gyIbPW
fyeqkqDjtLflvbdZ3cx3Wz0D+g0yNX+wjC6wHWiXhrdIgM83OkRqZTz6GXFrv3In
7i9JO10lEKXniaadNqLLfUsBpeqLrPqkmZ+vY1UHvX+fwatte9epLZmJi/REcGMd
GFO/8qPOfnqCZcpoK/dPwkiwG/NjksgF2OqRlUqqBzV+nflXjzCllMCXpBQeB1rW
rHA6NcCLNIwJ0awJ3S2UZErfIwj1IY8hY3/9W/g3m6gKCJuxTMgJVrMYqQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBBgsZo/9z+DnYDD6mDGUaKgwGmtMB8GA1UdIwQY
MBaAFM0fczRXlM5IF+qZ6NjPzqcb14NnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelI5ek5GZVV6a2dYNnBubzJNX09weHZYZzJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MDExNzAtZTYwNi00ZmQxLTg1MDQt
N2YwZDA3YmE0YWYzLzEvRUdDeG1qXzNQNE9kZ01QcVlNWlJvcURBYWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MDExNzAtZTYwNi00ZmQxLTg1MDQtN2YwZDA3YmE0YWYz
LzEvelI5ek5GZVV6a2dYNnBubzJNX09weHZYZzJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwd15AwQA
1Dg4MA0EAgACMAcDBQMqFHZAMA0GCSqGSIb3DQEBCwUAA4IBAQAoYeFu6cmqh7nY
TR8eXhGf9/cqOoBlNKOYDY56EpUuSCRDDpcUSwDS3I+PWd/oAFf8/y24Jxz8DppH
EP8YwfahjhAv5K7XiC68b5MD047X8oRzT3fJyFiGz/W2FmykDx0KBIhchoEJjHND
RE81LeAx5Wbx2D7EyiFZLu0MPJefj25C9Ri8/q6Kca8V3UGPDNIcuBJ6GejMmt79
pfQ4RHP2uaQtzY6ROCvp1LqWZI8e08P0YMXHTsmYk6nQ3iOLEqTE8KVZzR4pBJkv
dCHSjV80CgZSbvfohow2r8jGN52iw8+MYDCSf5EqDsEdPTTTLrUIf/WWWwqVMMuz
WFVJKceQ
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:01:20 2026 by rpki-client