Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/EhbDV-ZEobAKZPJC0NEd9rEnh3M.roa
File: EhbDV-ZEobAKZPJC0NEd9rEnh3M.roa (raw, json)
Hash identifier: 8dSJ4V344uYPfv20kAYh7+/QdkqmIXoZCP2MoBXPCpg=
Subject key identifier: 12:16:C3:57:E6:44:A1:B0:0A:64:F2:42:D0:D1:1D:F6:B1:27:87:73
Certificate issuer: /CN=373b47a3cee79982adb170341d02026027332023
Certificate serial: 019B7F80771A320A2F37FAD0590116C2976E
Authority key identifier: 37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/EhbDV-ZEobAKZPJC0NEd9rEnh3M.roa
Signing time: Fri 02 Jan 2026 16:18:04 +0000
ROA not before: Fri 02 Jan 2026 16:18:04 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59503
IP address blocks: 5.159.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/NztHo87nmYKtsXA0HQICYCczICM.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/NztHo87nmYKtsXA0HQICYCczICM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:80:77:1a:32:0a:2f:37:fa:d0:59:01:16:c2:97:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=373b47a3cee79982adb170341d02026027332023
Validity
Not Before: Jan 2 16:18:04 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1216c357e644a1b00a64f242d0d11df6b1278773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7c:a6:16:e7:b4:24:44:c3:ea:e5:c7:6e:49:
78:80:d2:08:ec:53:d6:a1:26:cd:a9:17:46:7d:4c:
26:fa:82:9d:ac:4c:13:9b:63:af:59:e1:bc:84:03:
ab:ce:73:c7:6b:57:8d:91:e9:18:52:9f:c9:47:81:
8c:bd:62:ec:34:64:62:52:55:9b:e1:13:4b:6d:de:
88:de:e0:ec:3e:15:99:72:ea:3b:c3:b6:83:95:ed:
65:f6:9d:0f:7e:3a:19:c6:2e:34:55:e5:cc:e2:df:
57:00:e6:a1:db:fd:cb:e1:08:54:23:c0:1a:54:a6:
af:01:4a:61:6c:a8:ce:73:f9:57:c8:11:dd:2b:4d:
a1:bf:34:ab:3a:b9:2a:9d:f3:8f:46:a7:67:5d:2f:
56:c7:3a:9a:c5:c7:31:ab:1f:02:1b:bc:13:fb:33:
89:8f:86:6d:a3:f6:b0:12:1a:1b:30:03:f6:60:0f:
86:81:f3:00:3f:69:78:63:30:31:10:18:34:8e:be:
6a:ea:e9:2c:c4:b4:7e:8e:9e:33:84:d0:68:b5:fd:
3f:77:57:21:1d:df:bd:c7:7a:c8:5c:b9:d7:c9:b6:
e7:19:44:8d:26:95:34:de:98:ca:3d:71:e1:61:6c:
c6:bb:0f:d7:a8:28:37:4f:07:0d:a7:96:59:90:9f:
94:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:16:C3:57:E6:44:A1:B0:0A:64:F2:42:D0:D1:1D:F6:B1:27:87:73
X509v3 Authority Key Identifier:
keyid:37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/EhbDV-ZEobAKZPJC0NEd9rEnh3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/NztHo87nmYKtsXA0HQICYCczICM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.16.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:9d:f3:9b:64:fb:29:cc:22:fb:fb:32:27:3d:37:a8:18:55:
ed:97:39:21:b4:63:c8:95:4b:bd:8b:b6:a0:70:16:dd:b9:a6:
e7:68:79:9b:cd:48:a1:58:1d:53:bd:07:c4:e9:8b:fc:03:7f:
b9:7c:a2:8c:46:ee:ab:a0:8e:b3:15:41:79:0d:56:73:9d:b3:
7e:de:9c:2e:32:97:d1:4a:ca:ad:8a:e9:89:33:a2:e3:ce:69:
b6:e1:ba:49:ee:1a:30:e0:28:2a:f6:f7:f2:fc:b1:e4:f3:c8:
69:8f:1d:05:a8:c1:d5:af:43:c3:d5:56:f7:31:36:0a:27:71:
4e:e2:bb:48:66:1c:8d:fa:38:ef:3e:7d:17:65:72:b8:1d:37:
c5:d8:e0:27:84:23:5c:38:21:f4:1f:63:69:fa:85:a1:28:c4:
be:cc:ec:3d:7c:50:63:d9:e7:6a:a3:4c:35:40:7c:b4:58:5a:
e5:7c:63:10:51:f9:04:15:08:17:6a:97:7a:ba:66:16:b5:86:
41:6a:27:14:b6:e5:7a:9d:87:a8:27:72:2f:78:0c:c1:95:14:
6b:c2:b4:c4:6c:38:0c:20:e5:ab:25:5f:e0:56:8c:8c:50:16:
22:2d:c5:ff:83:8d:22:95:5c:b5:5c:c7:64:5d:28:21:ee:a2:
a7:58:e8:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/gHcaMgovN/rQWQEWwpduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3M2I0N2EzY2VlNzk5ODJhZGIxNzAzNDFkMDIwMjYwMjcz
MzIwMjMwHhcNMjYwMTAyMTYxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjE2YzM1N2U2NDRhMWIwMGE2NGYyNDJkMGQxMWRmNmIxMjc4NzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nymFue0JETD6uXHbkl4gNII7FPW
oSbNqRdGfUwm+oKdrEwTm2OvWeG8hAOrznPHa1eNkekYUp/JR4GMvWLsNGRiUlWb
4RNLbd6I3uDsPhWZcuo7w7aDle1l9p0PfjoZxi40VeXM4t9XAOah2/3L4QhUI8Aa
VKavAUphbKjOc/lXyBHdK02hvzSrOrkqnfOPRqdnXS9Wxzqaxccxqx8CG7wT+zOJ
j4Zto/awEhobMAP2YA+GgfMAP2l4YzAxEBg0jr5q6uksxLR+jp4zhNBotf0/d1ch
Hd+9x3rIXLnXybbnGUSNJpU03pjKPXHhYWzGuw/XqCg3TwcNp5ZZkJ+UyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBIWw1fmRKGwCmTyQtDRHfaxJ4dzMB8GA1UdIwQY
MBaAFDc7R6PO55mCrbFwNB0CAmAnMyAjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnp0SG84N25tWUt0c1hBMEhRSUNZQ2N6SUNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83YzJhMTUtYWM0ZC00NjRhLWE3N2Ut
MzJmOWEyODJmNTZjLzEvRWhiRFYtWkVvYkFLWlBKQzBORWQ5ckVuaDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83YzJhMTUtYWM0ZC00NjRhLWE3N2UtMzJmOWEyODJmNTZj
LzEvTnp0SG84N25tWUt0c1hBMEhRSUNZQ2N6SUNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZ8QMA0G
CSqGSIb3DQEBCwUAA4IBAQBPnfObZPspzCL7+zInPTeoGFXtlzkhtGPIlUu9i7ag
cBbduabnaHmbzUihWB1TvQfE6Yv8A3+5fKKMRu6roI6zFUF5DVZznbN+3pwuMpfR
SsqtiumJM6Ljzmm24bpJ7how4Cgq9vfy/LHk88hpjx0FqMHVr0PD1Vb3MTYKJ3FO
4rtIZhyN+jjvPn0XZXK4HTfF2OAnhCNcOCH0H2Np+oWhKMS+zOw9fFBj2edqo0w1
QHy0WFrlfGMQUfkEFQgXapd6umYWtYZBaicUtuV6nYeoJ3IveAzBlRRrwrTEbDgM
IOWrJV/gVoyMUBYiLcX/g40ilVy1XMdkXSgh7qKnWOhU
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:51:36 2026 by rpki-client