Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/8XJI8Ab5Kn4iGwXJ6PSkR-OvFH4.roa
File: 8XJI8Ab5Kn4iGwXJ6PSkR-OvFH4.roa (raw, json)
Hash identifier: SgXQOVpKdakFip4Eu8vjLUkRXfKk3oyvAOpf3ZBZws8=
Subject key identifier: F1:72:48:F0:06:F9:2A:7E:22:1B:05:C9:E8:F4:A4:47:E3:AF:14:7E
Certificate issuer: /CN=2ee56d4d7b1d1a06ce89f746f79b656c7348c525
Certificate serial: 019B7DCA3B4169CE951809B1FEA289711D1D
Authority key identifier: 2E:E5:6D:4D:7B:1D:1A:06:CE:89:F7:46:F7:9B:65:6C:73:48:C5:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LuVtTXsdGgbOifdG95tlbHNIxSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/8XJI8Ab5Kn4iGwXJ6PSkR-OvFH4.roa
Signing time: Fri 02 Jan 2026 08:19:24 +0000
ROA not before: Fri 02 Jan 2026 08:19:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203507
IP address blocks: 5.104.152.0/22 maxlen: 22
185.123.224.0/22 maxlen: 22
185.123.224.0/23 maxlen: 23
185.123.224.0/24 maxlen: 24
185.123.225.0/24 maxlen: 24
185.123.226.0/23 maxlen: 23
185.123.226.0/24 maxlen: 24
185.123.227.0/24 maxlen: 24
193.28.13.0/24 maxlen: 24
195.245.199.0/24 maxlen: 24
212.79.224.0/19 maxlen: 19
2a06:e380::/29 maxlen: 32
2a06:e380::/36 maxlen: 36
2a06:e380::/48 maxlen: 48
2a06:e380:1::/48 maxlen: 48
2a06:e380:8000::/36 maxlen: 36
2a06:e380:8000::/48 maxlen: 48
2a06:e380:8001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/LuVtTXsdGgbOifdG95tlbHNIxSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/LuVtTXsdGgbOifdG95tlbHNIxSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/LuVtTXsdGgbOifdG95tlbHNIxSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:ca:3b:41:69:ce:95:18:09:b1:fe:a2:89:71:1d:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ee56d4d7b1d1a06ce89f746f79b656c7348c525
Validity
Not Before: Jan 2 08:19:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f17248f006f92a7e221b05c9e8f4a447e3af147e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:95:08:6a:c9:4a:0c:36:fc:3a:24:3c:25:
7e:58:ee:b5:63:5b:fb:d9:fb:68:85:80:d2:a4:93:
1c:cd:6f:c4:de:97:a8:cc:f7:3a:bb:19:69:73:df:
a2:0f:e6:d2:28:46:b0:d2:9e:3f:71:47:ff:5b:94:
8d:a4:2d:90:6e:be:b3:c5:ca:14:55:02:48:73:a2:
a3:b0:2e:31:34:15:c7:c5:9e:48:4c:b9:ec:89:5f:
69:e4:bd:64:7a:09:0d:07:8d:d2:a1:fb:d6:32:0c:
ce:d0:2a:71:52:90:34:bc:0c:ed:e9:15:da:3a:05:
b4:c4:64:87:7c:30:fa:35:d1:f4:e9:ed:95:71:ff:
3c:c1:57:78:34:f0:f3:96:b4:8f:7e:99:9f:86:89:
86:e5:3e:d9:1b:7e:c6:3a:ef:bd:61:ff:71:b8:f2:
77:9b:f6:4a:2c:0c:7b:fd:ec:ad:8f:c1:aa:0d:e7:
f0:f2:1b:5d:6c:11:a4:4c:d6:cb:29:93:ee:04:df:
bc:47:18:4b:dc:b1:85:ad:42:92:6b:0b:7d:1c:a8:
62:60:31:32:6f:80:d3:7e:8f:03:a0:5a:da:29:6b:
99:4f:97:fa:87:f0:b3:c0:cd:c3:93:a5:ad:45:84:
ae:4a:cc:37:86:00:4d:f6:60:69:9f:2b:b6:1d:4f:
59:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:72:48:F0:06:F9:2A:7E:22:1B:05:C9:E8:F4:A4:47:E3:AF:14:7E
X509v3 Authority Key Identifier:
keyid:2E:E5:6D:4D:7B:1D:1A:06:CE:89:F7:46:F7:9B:65:6C:73:48:C5:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LuVtTXsdGgbOifdG95tlbHNIxSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/8XJI8Ab5Kn4iGwXJ6PSkR-OvFH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/LuVtTXsdGgbOifdG95tlbHNIxSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.152.0/22
185.123.224.0/22
193.28.13.0/24
195.245.199.0/24
212.79.224.0/19
IPv6:
2a06:e380::/29
Signature Algorithm: sha256WithRSAEncryption
17:fc:9b:3f:51:8f:f3:1e:ca:2b:c7:1e:96:68:14:57:81:e1:
c2:7b:c0:8e:ee:34:d2:dc:41:5e:a3:88:0c:c3:d8:52:26:46:
a4:44:40:24:07:aa:c8:d4:ab:ea:5b:b6:6f:f0:6e:a6:43:de:
ec:70:bc:b2:d8:25:6f:68:21:6f:65:22:5a:66:7a:f2:e7:48:
60:bb:a7:48:ff:d8:14:1b:19:b3:e0:db:d7:24:ab:15:18:3d:
00:67:3c:3c:ad:99:58:c2:cb:a3:57:09:e0:b9:5c:40:20:f8:
eb:46:60:dd:3d:7d:fb:5c:8b:eb:f5:b3:30:84:e9:e1:94:66:
79:58:b3:c0:6f:af:4d:64:1f:f0:81:b8:0b:cb:54:22:96:6f:
ce:fc:1f:ce:b3:1b:b1:1f:23:3f:e8:9e:5f:63:40:7c:36:4d:
68:ba:2d:d4:ba:6c:14:20:87:f0:8e:8c:e0:d5:2e:6a:50:05:
f0:2c:f9:1a:97:66:6f:ec:f1:16:93:83:bb:5f:6c:ef:a2:7a:
0b:ec:e0:8e:82:88:26:ee:4a:18:d5:45:3e:e9:19:14:7e:f1:
4e:ab:1d:a2:a6:fd:37:5c:63:28:fd:af:1f:2a:27:f7:5f:24:
ac:6e:58:42:1e:2e:1b:e6:14:79:29:73:95:44:3b:ca:eb:fc:
d6:6b:66:39
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZt9yjtBac6VGAmx/qKJcR0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZTU2ZDRkN2IxZDFhMDZjZTg5Zjc0NmY3OWI2NTZjNzM0
OGM1MjUwHhcNMjYwMTAyMDgxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTcyNDhmMDA2ZjkyYTdlMjIxYjA1YzllOGY0YTQ0N2UzYWYxNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurOVCGrJSgw2/DokPCV+WO61Y1v7
2ftohYDSpJMczW/E3peozPc6uxlpc9+iD+bSKEaw0p4/cUf/W5SNpC2Qbr6zxcoU
VQJIc6KjsC4xNBXHxZ5ITLnsiV9p5L1kegkNB43SofvWMgzO0CpxUpA0vAzt6RXa
OgW0xGSHfDD6NdH06e2Vcf88wVd4NPDzlrSPfpmfhomG5T7ZG37GOu+9Yf9xuPJ3
m/ZKLAx7/eytj8GqDefw8htdbBGkTNbLKZPuBN+8RxhL3LGFrUKSawt9HKhiYDEy
b4DTfo8DoFraKWuZT5f6h/CzwM3Dk6WtRYSuSsw3hgBN9mBpnyu2HU9ZeQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPFySPAG+Sp+IhsFyej0pEfjrxR+MB8GA1UdIwQY
MBaAFC7lbU17HRoGzon3RvebZWxzSMUlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHVWdFRYc2RHZ2JPaWZkRzk1dGxiSE5JeFNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lMGI2N2UtMjY5MC00YTg4LTlkMTYt
MjJlOThkZTI2MTA2LzEvOFhKSThBYjVLbjRpR3dYSjZQU2tSLU92Rkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9lMGI2N2UtMjY5MC00YTg4LTlkMTYtMjJlOThkZTI2MTA2
LzEvTHVWdFRYc2RHZ2JPaWZkRzk1dGxiSE5JeFNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBWiYAwQC
uXvgAwQAwRwNAwQAw/XHAwQF1E/gMA0EAgACMAcDBQMqBuOAMA0GCSqGSIb3DQEB
CwUAA4IBAQAX/Js/UY/zHsorxx6WaBRXgeHCe8CO7jTS3EFeo4gMw9hSJkakREAk
B6rI1KvqW7Zv8G6mQ97scLyy2CVvaCFvZSJaZnry50hgu6dI/9gUGxmz4NvXJKsV
GD0AZzw8rZlYwsujVwnguVxAIPjrRmDdPX37XIvr9bMwhOnhlGZ5WLPAb69NZB/w
gbgLy1Qilm/O/B/OsxuxHyM/6J5fY0B8Nk1oui3UumwUIIfwjozg1S5qUAXwLPka
l2Zv7PEWk4O7X2zvonoL7OCOgogm7koY1UU+6RkUfvFOqx2ipv03XGMo/a8fKif3
XySsblhCHi4b5hR5KXOVRDvK6/zWa2Y5
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:46:30 2026 by rpki-client