Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/ElW47ObyfnNKPgKpwIJenZynEps.roa
File: ElW47ObyfnNKPgKpwIJenZynEps.roa (raw, json)
Hash identifier: MYYtJ2cX574IGimZRbIB/INbKI/GwnvZia+SyQYKKgY=
Subject key identifier: 12:55:B8:EC:E6:F2:7E:73:4A:3E:02:A9:C0:82:5E:9D:9C:A7:12:9B
Certificate issuer: /CN=66259dea3e9cae6e819588c5c913f02d4410398b
Certificate serial: 019B7AC93F0B8A5B32777CFEC3FB79DC5267
Authority key identifier: 66:25:9D:EA:3E:9C:AE:6E:81:95:88:C5:C9:13:F0:2D:44:10:39:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZiWd6j6crm6BlYjFyRPwLUQQOYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/ElW47ObyfnNKPgKpwIJenZynEps.roa
Signing time: Thu 01 Jan 2026 18:19:27 +0000
ROA not before: Thu 01 Jan 2026 18:19:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41114
IP address blocks: 185.145.72.0/22 maxlen: 24
213.232.108.0/22 maxlen: 24
2a09:5180::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/ZiWd6j6crm6BlYjFyRPwLUQQOYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/ZiWd6j6crm6BlYjFyRPwLUQQOYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZiWd6j6crm6BlYjFyRPwLUQQOYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c9:3f:0b:8a:5b:32:77:7c:fe:c3:fb:79:dc:52:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66259dea3e9cae6e819588c5c913f02d4410398b
Validity
Not Before: Jan 1 18:19:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1255b8ece6f27e734a3e02a9c0825e9d9ca7129b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:80:b4:fd:9d:23:7e:e9:8f:1d:d6:72:d5:0b:
6b:b5:82:15:4d:e1:8e:b4:f1:54:11:44:4b:97:32:
20:9c:a8:1e:8b:9f:96:a2:e0:53:1b:bf:22:3c:72:
db:36:da:83:73:ad:f6:91:b1:14:f5:fa:ec:50:0a:
86:17:4a:ad:f5:86:12:86:22:42:6e:ef:0a:38:c5:
97:6a:df:79:70:ad:8c:2a:a2:0b:54:55:7b:2f:45:
07:fd:7b:b7:27:63:df:0c:2e:75:db:95:54:f3:5e:
33:ce:53:1f:6a:eb:9e:e5:fa:c4:80:da:6c:ad:b9:
56:42:5f:6f:b6:26:32:33:60:56:88:e1:08:80:de:
e4:f0:2b:8b:29:01:bd:c9:58:3a:cc:1a:f3:07:02:
0c:a8:b6:00:f8:ba:9b:3c:d6:e9:15:c0:1f:79:6d:
35:28:92:31:9f:0d:aa:89:bc:ac:08:2d:39:40:81:
55:d0:dc:8f:b2:a5:e1:a8:bf:31:95:f2:45:0c:43:
22:12:e9:d9:50:08:17:82:9d:d3:9b:df:11:30:c8:
89:93:90:96:6d:90:39:51:f2:3e:27:0d:7f:e6:f3:
04:15:f5:5a:df:ae:9a:8b:fe:97:a7:05:3f:e1:74:
bb:8c:68:9b:e7:d0:b3:ce:f0:95:d5:15:b5:ee:71:
93:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:55:B8:EC:E6:F2:7E:73:4A:3E:02:A9:C0:82:5E:9D:9C:A7:12:9B
X509v3 Authority Key Identifier:
keyid:66:25:9D:EA:3E:9C:AE:6E:81:95:88:C5:C9:13:F0:2D:44:10:39:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZiWd6j6crm6BlYjFyRPwLUQQOYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/ElW47ObyfnNKPgKpwIJenZynEps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/0b3249-fd49-4567-b36d-cbbe3242c2bd/1/ZiWd6j6crm6BlYjFyRPwLUQQOYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.72.0/22
213.232.108.0/22
IPv6:
2a09:5180::/29
Signature Algorithm: sha256WithRSAEncryption
22:51:ef:4c:dd:25:bc:78:5c:00:06:1d:d0:df:dc:f0:c9:c5:
da:84:46:c2:2c:50:ad:14:14:70:31:6f:2b:e7:7b:a5:d8:ca:
f3:0e:e9:d8:65:a2:e1:8e:79:29:28:88:a0:c5:53:53:15:62:
c0:1d:b7:cc:dd:03:9a:0a:97:01:4e:3d:92:3c:c1:2b:6b:ba:
24:08:53:3f:23:b5:96:19:11:a5:d8:bd:6d:14:b3:18:08:a4:
0c:74:a1:1a:bb:0d:2b:c0:70:c9:a3:1c:e9:6d:cf:cf:e2:70:
26:a7:5b:6c:14:69:1a:d4:5f:e1:e7:88:b5:a1:2e:06:1f:bf:
05:d9:8c:81:e0:a3:4f:e0:60:6a:7f:04:a9:7e:b0:66:e5:7c:
1e:05:35:f3:73:01:1a:45:43:26:4e:e2:b6:60:75:33:8c:0e:
48:7d:39:15:af:f2:3b:8b:74:79:40:54:1f:1c:16:ad:f0:87:
c4:67:c6:ea:43:8b:0a:0f:90:7f:f1:77:76:1e:0b:c9:26:54:
64:03:0f:81:18:8d:dd:b6:c4:10:78:85:36:ff:74:8a:b1:fa:
19:ed:97:bf:e1:de:87:f0:6f:d5:28:0d:3c:53:c3:27:41:35:
5c:86:2e:bb:1d:ae:ca:b6:da:17:f5:da:b5:2a:e6:a9:e7:6d:
0e:9e:b8:cc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt6yT8Lilsyd3z+w/t53FJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MjU5ZGVhM2U5Y2FlNmU4MTk1ODhjNWM5MTNmMDJkNDQx
MDM5OGIwHhcNMjYwMTAxMTgxOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjU1YjhlY2U2ZjI3ZTczNGEzZTAyYTljMDgyNWU5ZDljYTcxMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoC0/Z0jfumPHdZy1QtrtYIVTeGO
tPFUEURLlzIgnKgei5+WouBTG78iPHLbNtqDc632kbEU9frsUAqGF0qt9YYShiJC
bu8KOMWXat95cK2MKqILVFV7L0UH/Xu3J2PfDC5125VU814zzlMfauue5frEgNps
rblWQl9vtiYyM2BWiOEIgN7k8CuLKQG9yVg6zBrzBwIMqLYA+LqbPNbpFcAfeW01
KJIxnw2qibysCC05QIFV0NyPsqXhqL8xlfJFDEMiEunZUAgXgp3Tm98RMMiJk5CW
bZA5UfI+Jw1/5vMEFfVa366ai/6XpwU/4XS7jGib59CzzvCV1RW17nGTnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBJVuOzm8n5zSj4CqcCCXp2cpxKbMB8GA1UdIwQY
MBaAFGYlneo+nK5ugZWIxckT8C1EEDmLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmlXZDZqNmNybTZCbFlqRnlSUHdMVVFRT1lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8wYjMyNDktZmQ0OS00NTY3LWIzNmQt
Y2JiZTMyNDJjMmJkLzEvRWxXNDdPYnlmbk5LUGdLcHdJSmVuWnluRXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8wYjMyNDktZmQ0OS00NTY3LWIzNmQtY2JiZTMyNDJjMmJk
LzEvWmlXZDZqNmNybTZCbFlqRnlSUHdMVVFRT1lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZFIAwQC
1ehsMA0EAgACMAcDBQMqCVGAMA0GCSqGSIb3DQEBCwUAA4IBAQAiUe9M3SW8eFwA
Bh3Q39zwycXahEbCLFCtFBRwMW8r53ul2MrzDunYZaLhjnkpKIigxVNTFWLAHbfM
3QOaCpcBTj2SPMEra7okCFM/I7WWGRGl2L1tFLMYCKQMdKEauw0rwHDJoxzpbc/P
4nAmp1tsFGka1F/h54i1oS4GH78F2YyB4KNP4GBqfwSpfrBm5XweBTXzcwEaRUMm
TuK2YHUzjA5IfTkVr/I7i3R5QFQfHBat8IfEZ8bqQ4sKD5B/8Xd2HgvJJlRkAw+B
GI3dtsQQeIU2/3SKsfoZ7Ze/4d6H8G/VKA08U8MnQTVchi67Ha7KttoX9dq1Kuap
520OnrjM
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:28:58 2026 by rpki-client