Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/C-10eoHVV_ERuNuHp1M0fCx__Ag.roa
File: C-10eoHVV_ERuNuHp1M0fCx__Ag.roa (raw, json)
Hash identifier: kJJFsA3C5xKnlbqZn0ozkgC1qO7Vwfq9ha16s0RBd0k=
Subject key identifier: 0B:ED:74:7A:81:D5:57:F1:11:B8:DB:87:A7:53:34:7C:2C:7F:FC:08
Certificate issuer: /CN=cd3e6492d4731520c1eedbcda29679500ac083ab
Certificate serial: 019B7C1224B95892259C4B7E8FD70075970A
Authority key identifier: CD:3E:64:92:D4:73:15:20:C1:EE:DB:CD:A2:96:79:50:0A:C0:83:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/C-10eoHVV_ERuNuHp1M0fCx__Ag.roa
Signing time: Fri 02 Jan 2026 00:18:42 +0000
ROA not before: Fri 02 Jan 2026 00:18:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201843
IP address blocks: 2.58.224.0/22 maxlen: 22
2.58.224.0/24 maxlen: 24
2.58.225.0/24 maxlen: 24
2.58.226.0/24 maxlen: 24
2.58.227.0/24 maxlen: 24
185.61.204.0/24 maxlen: 24
185.61.205.0/24 maxlen: 24
185.61.206.0/23 maxlen: 23
185.133.96.0/22 maxlen: 22
185.133.96.0/24 maxlen: 24
185.133.97.0/24 maxlen: 24
185.133.98.0/24 maxlen: 24
185.133.99.0/24 maxlen: 24
185.191.64.0/24 maxlen: 24
185.191.65.0/24 maxlen: 24
185.191.66.0/24 maxlen: 24
185.191.67.0/24 maxlen: 24
185.238.48.0/22 maxlen: 22
185.238.48.0/23 maxlen: 23
185.238.48.0/24 maxlen: 24
185.238.49.0/24 maxlen: 24
185.238.50.0/24 maxlen: 24
185.238.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:12:24:b9:58:92:25:9c:4b:7e:8f:d7:00:75:97:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3e6492d4731520c1eedbcda29679500ac083ab
Validity
Not Before: Jan 2 00:18:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0bed747a81d557f111b8db87a753347c2c7ffc08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:80:a6:9f:e6:6b:cf:b1:2c:0d:db:7c:ec:c6:
dd:c4:c5:8c:ab:f3:65:53:b4:3d:e0:54:4a:6d:1d:
13:58:b2:0c:38:9c:c5:9e:f9:16:81:fd:8f:4f:e4:
b8:71:1e:d0:3f:6e:9d:79:fa:d8:95:a8:c2:a9:f3:
a5:ba:c3:3f:b9:60:f6:48:33:7b:af:a7:af:d9:17:
69:dc:fd:54:24:14:9f:a6:71:cd:05:68:77:b5:08:
3c:4b:98:5e:43:07:61:6b:f2:bc:94:b0:71:cb:82:
5f:85:ec:12:de:32:f6:12:b9:0a:1e:08:c0:ea:41:
1b:2a:35:40:1e:54:23:3a:14:65:53:a2:66:2f:4c:
65:50:eb:e2:a2:52:f4:dd:4c:01:86:4b:91:6d:85:
a9:25:51:20:28:ad:18:d0:0d:ac:21:b8:ed:e6:dd:
67:61:c6:02:31:d7:d0:8d:ca:32:ff:2a:28:cd:a3:
8c:6b:c0:69:15:1f:e0:9d:c7:25:97:8f:a1:03:e1:
dd:15:48:7f:77:93:c0:df:88:3e:8d:0a:ae:cc:3c:
7a:02:0b:a4:02:9b:04:7f:f5:ee:2a:90:10:24:cd:
c2:5a:07:ec:e6:6d:7f:c3:01:c8:78:68:b9:99:69:
17:c6:62:d9:ed:97:e4:8b:1e:9c:7c:d7:de:68:b6:
76:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:ED:74:7A:81:D5:57:F1:11:B8:DB:87:A7:53:34:7C:2C:7F:FC:08
X509v3 Authority Key Identifier:
keyid:CD:3E:64:92:D4:73:15:20:C1:EE:DB:CD:A2:96:79:50:0A:C0:83:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/C-10eoHVV_ERuNuHp1M0fCx__Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.224.0/22
185.61.204.0/22
185.133.96.0/22
185.191.64.0/22
185.238.48.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:d2:b0:77:37:cc:7d:cb:be:dd:34:c0:f2:fd:25:3c:ae:29:
f3:a3:94:32:a1:89:dd:a6:82:72:07:f0:7f:bc:fd:85:26:25:
48:f2:d3:23:f3:69:6f:4f:35:4d:80:78:95:d4:71:65:b4:a0:
2f:c8:74:20:d5:67:11:ca:43:87:11:b3:9b:b5:5e:09:07:2f:
60:a3:b5:4e:a0:24:66:01:c8:f3:45:b7:27:c7:17:b3:22:97:
eb:f1:aa:c6:c7:99:52:9d:f5:d8:ad:29:0c:c9:aa:58:db:bc:
85:00:23:c9:85:4c:6d:f0:20:69:b2:06:d4:5a:8f:34:d5:0b:
91:a6:d7:ca:bd:7f:29:d4:6d:03:80:04:4a:83:6d:4a:68:0c:
5f:4c:08:aa:c0:c0:66:db:83:67:65:db:83:94:59:78:a4:13:
78:e2:50:7d:3e:d0:37:ab:47:e8:e8:35:06:c2:05:2f:e7:7a:
26:94:08:99:94:59:89:28:94:53:6d:53:40:3a:e2:c7:25:95:
ba:cd:67:7d:ec:62:7b:c5:e5:10:65:fc:34:56:3d:f7:98:a6:
46:d2:eb:8f:21:ce:df:83:e8:33:6c:f1:6f:c0:87:4f:2b:08:
ed:ac:d1:03:86:59:cb:0b:95:50:f8:02:b3:b7:fb:45:ee:ab:
bc:43:2c:3d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZt8EiS5WJIlnEt+j9cAdZcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2U2NDkyZDQ3MzE1MjBjMWVlZGJjZGEyOTY3OTUwMGFj
MDgzYWIwHhcNMjYwMTAyMDAxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmVkNzQ3YTgxZDU1N2YxMTFiOGRiODdhNzUzMzQ3YzJjN2ZmYzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4Cmn+Zrz7EsDdt87MbdxMWMq/Nl
U7Q94FRKbR0TWLIMOJzFnvkWgf2PT+S4cR7QP26defrYlajCqfOlusM/uWD2SDN7
r6ev2Rdp3P1UJBSfpnHNBWh3tQg8S5heQwdha/K8lLBxy4JfhewS3jL2ErkKHgjA
6kEbKjVAHlQjOhRlU6JmL0xlUOviolL03UwBhkuRbYWpJVEgKK0Y0A2sIbjt5t1n
YcYCMdfQjcoy/yoozaOMa8BpFR/gnccll4+hA+HdFUh/d5PA34g+jQquzDx6Aguk
ApsEf/XuKpAQJM3CWgfs5m1/wwHIeGi5mWkXxmLZ7Zfkix6cfNfeaLZ29QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAvtdHqB1VfxEbjbh6dTNHwsf/wIMB8GA1UdIwQY
MBaAFM0+ZJLUcxUgwe7bzaKWeVAKwIOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YTEyNzQtMDNhYy00OTRkLWJhOGUt
Y2ZjZmZhM2MwNjY1LzEvQy0xMGVvSFZWX0VSdU51SHAxTTBmQ3hfX0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YTEyNzQtMDNhYy00OTRkLWJhOGUtY2ZjZmZhM2MwNjY1
LzEvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjrgAwQC
uT3MAwQCuYVgAwQCub9AAwQCue4wMA0GCSqGSIb3DQEBCwUAA4IBAQCe0rB3N8x9
y77dNMDy/SU8rinzo5QyoYndpoJyB/B/vP2FJiVI8tMj82lvTzVNgHiV1HFltKAv
yHQg1WcRykOHEbObtV4JBy9go7VOoCRmAcjzRbcnxxezIpfr8arGx5lSnfXYrSkM
yapY27yFACPJhUxt8CBpsgbUWo801QuRptfKvX8p1G0DgARKg21KaAxfTAiqwMBm
24NnZduDlFl4pBN44lB9PtA3q0fo6DUGwgUv53omlAiZlFmJKJRTbVNAOuLHJZW6
zWd97GJ7xeUQZfw0Vj33mKZG0uuPIc7fg+gzbPFvwIdPKwjtrNEDhlnLC5VQ+AKz
t/tF7qu8Qyw9
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:13:28 2026 by rpki-client