Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/30b398-1407-49c8-9963-bbbb48850735/1/en2MbnssfxDmdQApF9BpXZafTB4.roa
File: en2MbnssfxDmdQApF9BpXZafTB4.roa (raw, json)
Hash identifier: ER4VRDsyb1U6Mhi3DkYQHSd9SIwplFdtiKrG0UkksVE=
Subject key identifier: 7A:7D:8C:6E:7B:2C:7F:10:E6:75:00:29:17:D0:69:5D:96:9F:4C:1E
Certificate issuer: /CN=4b251080e96583dddfd3cb5742ef5e42658114b0
Certificate serial: 019D9A72AFA73A304C278FEDA8B730E4CB34
Authority key identifier: 4B:25:10:80:E9:65:83:DD:DF:D3:CB:57:42:EF:5E:42:65:81:14:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SyUQgOllg93f08tXQu9eQmWBFLA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/30b398-1407-49c8-9963-bbbb48850735/1/en2MbnssfxDmdQApF9BpXZafTB4.roa
Signing time: Fri 17 Apr 2026 07:58:20 +0000
ROA not before: Fri 17 Apr 2026 07:58:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31736
IP address blocks: 83.222.128.0/19 maxlen: 19
185.5.32.0/22 maxlen: 22
185.20.144.0/22 maxlen: 22
194.153.188.0/23 maxlen: 23
2a02:3b0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/30b398-1407-49c8-9963-bbbb48850735/1/SyUQgOllg93f08tXQu9eQmWBFLA.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/30b398-1407-49c8-9963-bbbb48850735/1/SyUQgOllg93f08tXQu9eQmWBFLA.mft
rsync://rpki.ripe.net/repository/DEFAULT/SyUQgOllg93f08tXQu9eQmWBFLA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:72:af:a7:3a:30:4c:27:8f:ed:a8:b7:30:e4:cb:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b251080e96583dddfd3cb5742ef5e42658114b0
Validity
Not Before: Apr 17 07:58:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7a7d8c6e7b2c7f10e675002917d0695d969f4c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0b:73:ad:fe:18:d1:1a:6a:f4:5f:49:8b:b8:
45:7f:b7:59:96:f7:b2:4a:f1:7e:b4:72:cc:3a:c0:
64:f0:d1:e1:45:76:d4:80:93:50:28:6c:b3:0b:19:
8c:70:b9:2c:56:90:cb:76:e4:fe:33:cb:d7:e9:bf:
68:37:a4:21:28:80:da:d4:ee:5c:11:76:bc:55:a2:
5c:b4:c9:b0:22:6e:d8:7a:b5:2b:f9:57:f1:46:9a:
f4:19:41:97:14:25:48:ca:9c:ae:ca:6c:3f:1f:f1:
39:76:fc:4b:1f:59:6f:0d:34:cc:1c:4d:41:95:cd:
11:40:f0:f5:6b:ff:ce:3a:d7:54:32:16:dd:7d:70:
16:e0:c6:84:8d:2b:a7:75:b7:ad:e6:b6:1a:6a:fa:
cc:21:f9:74:42:91:6f:fd:dc:92:8e:6b:f0:2e:db:
fa:7d:06:e9:ab:dd:40:4b:a3:3a:cc:9e:7d:58:78:
e7:65:a7:92:b6:97:e5:f3:29:23:63:4f:3a:a8:d1:
17:6a:2e:32:10:ef:22:59:c0:90:8d:b4:ab:bf:4c:
ed:64:97:23:52:9a:cc:57:ce:50:bb:17:6f:1d:f5:
91:e6:4b:d8:cb:b4:b9:85:d5:38:99:ce:79:ea:15:
8a:28:c6:03:d0:4b:c4:41:77:ee:32:13:0d:09:05:
68:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:7D:8C:6E:7B:2C:7F:10:E6:75:00:29:17:D0:69:5D:96:9F:4C:1E
X509v3 Authority Key Identifier:
keyid:4B:25:10:80:E9:65:83:DD:DF:D3:CB:57:42:EF:5E:42:65:81:14:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SyUQgOllg93f08tXQu9eQmWBFLA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/30b398-1407-49c8-9963-bbbb48850735/1/en2MbnssfxDmdQApF9BpXZafTB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/30b398-1407-49c8-9963-bbbb48850735/1/SyUQgOllg93f08tXQu9eQmWBFLA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.222.128.0/19
185.5.32.0/22
185.20.144.0/22
194.153.188.0/23
IPv6:
2a02:3b0::/32
Signature Algorithm: sha256WithRSAEncryption
75:eb:bb:2a:1d:74:52:59:bc:f5:2d:70:15:53:b8:80:ec:56:
80:cf:84:e5:39:30:de:e3:c3:a1:44:b0:72:6d:8c:21:74:e9:
51:da:f3:46:f1:73:b1:1a:38:39:ac:ad:49:3a:0e:33:1f:17:
19:2e:7f:bd:3a:95:02:b2:67:25:21:27:f2:7c:94:fe:48:2f:
ba:99:f9:af:bc:ce:f0:04:95:3b:9f:35:76:84:a2:91:e0:b0:
f4:67:4f:b7:ee:9d:30:62:fd:a5:31:d5:43:be:72:62:a2:bc:
f0:36:ea:50:7e:b7:bd:f5:ba:48:83:33:57:57:5e:f2:1e:29:
5f:5e:05:c6:64:e2:d0:6f:1f:7b:27:9d:f8:f9:30:31:c2:3f:
66:09:46:bb:d4:6c:27:86:97:42:8e:69:0c:f8:c0:9d:ab:f5:
9d:92:d1:ff:a8:f2:e0:01:82:45:86:75:be:d8:15:9b:a7:d5:
7f:d7:05:b6:cb:5d:11:f3:8b:b0:c7:8b:22:b2:fb:8b:99:b2:
b9:74:f0:99:7a:03:3f:aa:00:46:0d:59:c1:0c:9f:fc:83:8f:
12:6c:6f:54:68:3d:52:89:c3:a3:7f:c3:79:3c:c9:f7:64:a7:
79:d1:63:4a:05:e7:7d:22:75:21:bd:63:bb:52:28:a9:91:cd:
fc:ed:7f:f7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ2acq+nOjBMJ4/tqLcw5Ms0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMjUxMDgwZTk2NTgzZGRkZmQzY2I1NzQyZWY1ZTQyNjU4
MTE0YjAwHhcNMjYwNDE3MDc1ODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTdkOGM2ZTdiMmM3ZjEwZTY3NTAwMjkxN2QwNjk1ZDk2OWY0YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgtzrf4Y0Rpq9F9Ji7hFf7dZlvey
SvF+tHLMOsBk8NHhRXbUgJNQKGyzCxmMcLksVpDLduT+M8vX6b9oN6QhKIDa1O5c
EXa8VaJctMmwIm7YerUr+VfxRpr0GUGXFCVIypyuymw/H/E5dvxLH1lvDTTMHE1B
lc0RQPD1a//OOtdUMhbdfXAW4MaEjSundbet5rYaavrMIfl0QpFv/dySjmvwLtv6
fQbpq91AS6M6zJ59WHjnZaeStpfl8ykjY086qNEXai4yEO8iWcCQjbSrv0ztZJcj
UprMV85QuxdvHfWR5kvYy7S5hdU4mc556hWKKMYD0EvEQXfuMhMNCQVo4wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHp9jG57LH8Q5nUAKRfQaV2Wn0weMB8GA1UdIwQY
MBaAFEslEIDpZYPd39PLV0LvXkJlgRSwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3lVUWdPbGxnOTNmMDh0WFF1OWVRbVdCRkxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8zMGIzOTgtMTQwNy00OWM4LTk5NjMt
YmJiYjQ4ODUwNzM1LzEvZW4yTWJuc3NmeERtZFFBcEY5QnBYWmFmVEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8zMGIzOTgtMTQwNy00OWM4LTk5NjMtYmJiYjQ4ODUwNzM1
LzEvU3lVUWdPbGxnOTNmMDh0WFF1OWVRbVdCRkxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFU96AAwQC
uQUgAwQCuRSQAwQBwpm8MA0EAgACMAcDBQAqAgOwMA0GCSqGSIb3DQEBCwUAA4IB
AQB167sqHXRSWbz1LXAVU7iA7FaAz4TlOTDe48OhRLBybYwhdOlR2vNG8XOxGjg5
rK1JOg4zHxcZLn+9OpUCsmclISfyfJT+SC+6mfmvvM7wBJU7nzV2hKKR4LD0Z0+3
7p0wYv2lMdVDvnJiorzwNupQfre99bpIgzNXV17yHilfXgXGZOLQbx97J534+TAx
wj9mCUa71GwnhpdCjmkM+MCdq/WdktH/qPLgAYJFhnW+2BWbp9V/1wW2y10R84uw
x4sisvuLmbK5dPCZegM/qgBGDVnBDJ/8g48SbG9UaD1SicOjf8N5PMn3ZKd50WNK
Bed9InUhvWO7Uiipkc387X/3
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:23:16 2026 by rpki-client