Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/30rSP67H4gX5RMgOxT5dBfg20_g.roa
File: 30rSP67H4gX5RMgOxT5dBfg20_g.roa (raw, json)
Hash identifier: pLbD0z+swzOFRKhR78b058ocPOqvyBgBR9Tg94u9QPE=
Subject key identifier: DF:4A:D2:3F:AE:C7:E2:05:F9:44:C8:0E:C5:3E:5D:05:F8:36:D3:F8
Certificate issuer: /CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Certificate serial: 019E60103A8BD190DB58EA49B10CB9B6902A
Authority key identifier: EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/30rSP67H4gX5RMgOxT5dBfg20_g.roa
Signing time: Mon 25 May 2026 16:55:36 +0000
ROA not before: Mon 25 May 2026 16:55:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49592
IP address blocks: 83.143.119.0/24 maxlen: 24
2a07:cec0:4402::/48 maxlen: 48
2a07:cec0:4403::/48 maxlen: 48
2a07:cec0:4404::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.mft
rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 04:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:60:10:3a:8b:d1:90:db:58:ea:49:b1:0c:b9:b6:90:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Validity
Not Before: May 25 16:55:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=df4ad23faec7e205f944c80ec53e5d05f836d3f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2b:e6:05:bf:73:a0:d3:b3:bb:da:33:a7:4f:
da:0b:9c:cd:c4:60:d3:79:0c:eb:db:ff:51:5c:c1:
7f:46:ad:69:44:fd:32:c6:d2:7d:48:e2:4b:ee:2a:
0c:4f:0a:37:47:85:f5:24:06:e2:d8:26:fe:0c:58:
95:80:cf:e0:23:a8:77:d9:f5:47:2d:73:a8:4b:66:
27:fd:5e:a5:3f:67:44:43:68:aa:91:08:e6:23:9e:
ee:e9:05:9f:ce:d5:b7:e2:be:4e:a2:4f:05:b3:fd:
46:da:c2:b1:ed:43:f0:c8:44:84:23:4d:ba:ee:58:
87:75:ca:f8:ce:df:2e:59:7c:7a:c0:15:4b:eb:c5:
20:ae:20:5f:6e:2b:f6:4b:2b:74:4d:77:42:9f:f1:
2a:95:e7:84:e9:04:fb:75:a2:46:0b:a1:54:cb:35:
54:62:6d:4a:61:4c:2e:2a:67:37:57:7e:82:7e:8a:
8d:1e:ed:db:0c:7c:a1:76:3d:9b:e5:7b:c7:9d:0d:
ef:38:ad:a2:ee:05:02:c4:3f:ee:a9:01:29:cf:3f:
a6:cf:1c:b9:ae:ef:e1:9a:01:98:a6:f9:4e:c3:36:
a3:02:6e:ff:d9:db:d9:48:84:1d:87:85:a4:48:92:
40:04:7e:c0:e7:b1:87:9f:a8:93:7c:7e:ee:61:30:
14:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:4A:D2:3F:AE:C7:E2:05:F9:44:C8:0E:C5:3E:5D:05:F8:36:D3:F8
X509v3 Authority Key Identifier:
keyid:EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/30rSP67H4gX5RMgOxT5dBfg20_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.119.0/24
IPv6:
2a07:cec0:4402::-2a07:cec0:4404:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
63:af:22:1b:ef:73:ba:53:b6:09:08:95:ef:8f:f0:e5:a2:38:
35:ad:db:c8:d8:ba:62:2a:fa:15:9a:60:2d:2a:17:16:b7:d7:
e0:87:92:1b:42:b8:81:b2:52:cc:2f:67:24:af:b3:e3:c3:f8:
ab:4b:c2:c9:5a:f0:e0:45:01:4e:c6:89:b3:f6:f0:82:12:8b:
7b:c7:48:61:cf:5e:80:c2:1e:cd:5f:50:2f:36:d1:67:6f:a5:
1e:b5:cf:fc:05:b7:31:88:ed:00:be:26:e5:f4:a6:77:bf:83:
c7:b0:ab:eb:3b:99:cd:6b:9c:f4:7c:73:d0:fa:a4:af:ea:c9:
a4:26:dc:1b:33:c1:00:ff:98:28:ef:aa:cf:3a:26:9a:7b:b2:
11:53:b7:39:6f:08:51:f0:14:90:de:d0:00:30:dd:d2:b7:d6:
37:ad:df:d8:30:ea:1a:d9:8e:17:1f:2c:4e:fc:f0:9b:ee:77:
1c:f0:f6:5f:45:e5:13:2a:e0:07:e6:de:43:04:0c:ba:f7:96:
54:39:1c:72:07:0f:25:f9:33:1f:ac:1e:5e:36:5c:0c:af:46:
98:e5:75:33:a3:54:17:96:2d:9b:ab:90:42:82:d5:4c:82:63:
73:0f:7f:85:8c:8a:ad:c9:59:48:4e:68:36:cb:40:c1:6a:0d:
37:cc:1f:a0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ5gEDqL0ZDbWOpJsQy5tpAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTViNjIzNDdhMWI2NGNlYTQ5YTJhYjNhYjQ5ODNjMzQ4
NjFmYjIwHhcNMjYwNTI1MTY1NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjRhZDIzZmFlYzdlMjA1Zjk0NGM4MGVjNTNlNWQwNWY4MzZkM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyvmBb9zoNOzu9ozp0/aC5zNxGDT
eQzr2/9RXMF/Rq1pRP0yxtJ9SOJL7ioMTwo3R4X1JAbi2Cb+DFiVgM/gI6h32fVH
LXOoS2Yn/V6lP2dEQ2iqkQjmI57u6QWfztW34r5Ook8Fs/1G2sKx7UPwyESEI026
7liHdcr4zt8uWXx6wBVL68UgriBfbiv2Syt0TXdCn/EqleeE6QT7daJGC6FUyzVU
Ym1KYUwuKmc3V36CfoqNHu3bDHyhdj2b5XvHnQ3vOK2i7gUCxD/uqQEpzz+mzxy5
ru/hmgGYpvlOwzajAm7/2dvZSIQdh4WkSJJABH7A57GHn6iTfH7uYTAUbQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFN9K0j+ux+IF+UTIDsU+XQX4NtP4MB8GA1UdIwQY
MBaAFO+ltiNHobZM6kmiqzq0mDw0hh+yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQt
MDEzZDJhMTFjMGE1LzEvMzByU1A2N0g0Z1g1Uk1nT3hUNWRCZmcyMF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQtMDEzZDJhMTFjMGE1
LzEvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAU493MBoE
AgACMBQwEgMHASoHzsBEAgMHACoHzsBEBDANBgkqhkiG9w0BAQsFAAOCAQEAY68i
G+9zulO2CQiV74/w5aI4Na3byNi6Yir6FZpgLSoXFrfX4IeSG0K4gbJSzC9nJK+z
48P4q0vCyVrw4EUBTsaJs/bwghKLe8dIYc9egMIezV9QLzbRZ2+lHrXP/AW3MYjt
AL4m5fSmd7+Dx7Cr6zuZzWuc9Hxz0Pqkr+rJpCbcGzPBAP+YKO+qzzommnuyEVO3
OW8IUfAUkN7QADDd0rfWN63f2DDqGtmOFx8sTvzwm+53HPD2X0XlEyrgB+beQwQM
uveWVDkccgcPJfkzH6weXjZcDK9GmOV1M6NUF5Ytm6uQQoLVTIJjcw9/hYyKrclZ
SE5oNstAwWoNN8wfoA==
-----END CERTIFICATE-----
Generated at Wed Jun 17 11:42:11 2026 by rpki-client