Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/EKFVe3lhYj6jr5_3RpA87baa62A.roa
File: EKFVe3lhYj6jr5_3RpA87baa62A.roa (raw, json)
Hash identifier: iFYcc4LAzWal4NgvTgKRECkxudvUvf7OtOA2IykPmM0=
Subject key identifier: 10:A1:55:7B:79:61:62:3E:A3:AF:9F:F7:46:90:3C:ED:B6:9A:EB:60
Certificate issuer: /CN=69844e1374f1c4581bfbf7ad4638a112d316fbe4
Certificate serial: 019C6CD87C7BEB315DF3E47E09E13C61AD74
Authority key identifier: 69:84:4E:13:74:F1:C4:58:1B:FB:F7:AD:46:38:A1:12:D3:16:FB:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYROE3TxxFgb-_etRjihEtMW--Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/EKFVe3lhYj6jr5_3RpA87baa62A.roa
Signing time: Tue 17 Feb 2026 18:24:12 +0000
ROA not before: Tue 17 Feb 2026 18:24:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30238
IP address blocks: 194.165.202.0/24 maxlen: 24
194.165.205.0/24 maxlen: 24
195.146.160.0/24 maxlen: 24
195.146.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/aYROE3TxxFgb-_etRjihEtMW--Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/aYROE3TxxFgb-_etRjihEtMW--Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/aYROE3TxxFgb-_etRjihEtMW--Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6c:d8:7c:7b:eb:31:5d:f3:e4:7e:09:e1:3c:61:ad:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69844e1374f1c4581bfbf7ad4638a112d316fbe4
Validity
Not Before: Feb 17 18:24:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=10a1557b7961623ea3af9ff746903cedb69aeb60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a3:7f:86:da:0d:be:11:e6:0d:c6:5d:92:c3:
ab:ff:a1:fb:b4:b4:c8:40:7c:ad:dd:84:fb:8e:b0:
9e:6a:b3:f8:48:cb:fa:64:ae:0e:aa:ff:35:c3:9b:
a9:bc:be:51:c8:f1:51:51:d6:2c:79:ce:3b:2d:89:
fb:3e:04:9e:ea:d6:07:ad:4a:59:c7:bb:73:96:23:
9c:cc:ef:e2:d9:81:59:21:81:99:be:11:f1:7c:4e:
16:b5:d3:2d:e0:af:71:58:e0:f3:0f:10:bd:52:39:
7e:d3:d2:40:b9:17:e9:61:3d:54:51:18:6a:a3:10:
13:4c:b0:6f:cd:9d:98:84:84:a3:06:45:9e:17:83:
e9:f1:12:b3:63:49:02:e9:9d:1e:df:e9:c6:c0:e9:
fa:f6:d8:b0:b3:96:4c:72:3c:7f:41:01:a9:c1:70:
19:92:a3:2a:24:c5:c5:8e:1c:15:e0:67:7d:31:e7:
c1:8e:24:bd:a6:8f:21:80:97:0a:9f:c1:cb:36:9a:
36:4d:5c:10:89:7b:d7:c0:68:8a:b1:a5:45:39:98:
d6:11:d8:9b:40:dc:62:2d:5b:5b:be:c1:2b:82:52:
99:15:34:6a:96:43:63:85:2a:05:83:f1:4e:b1:0b:
7f:46:8e:18:0e:c8:c2:66:c5:87:0b:a0:29:c8:0a:
7a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A1:55:7B:79:61:62:3E:A3:AF:9F:F7:46:90:3C:ED:B6:9A:EB:60
X509v3 Authority Key Identifier:
keyid:69:84:4E:13:74:F1:C4:58:1B:FB:F7:AD:46:38:A1:12:D3:16:FB:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYROE3TxxFgb-_etRjihEtMW--Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/EKFVe3lhYj6jr5_3RpA87baa62A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/aYROE3TxxFgb-_etRjihEtMW--Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.202.0/24
194.165.205.0/24
195.146.160.0/24
195.146.162.0/24
Signature Algorithm: sha256WithRSAEncryption
66:53:ee:a1:f8:a2:72:29:24:ee:40:7b:70:19:59:50:91:20:
d6:ea:f0:42:99:d4:1c:90:12:31:b6:86:17:90:0e:3a:87:ad:
41:2a:11:3d:8c:d5:53:9f:5d:b7:ec:da:ba:b4:80:b3:81:ce:
d4:89:50:82:f3:ee:ce:07:ea:5e:e8:44:7e:06:88:ba:3f:d8:
6b:77:3d:e4:40:51:b2:b3:ac:8e:47:11:c0:84:1d:c6:82:f3:
3b:bc:9f:dd:b4:9b:e2:e7:9f:94:67:e4:74:7d:48:6f:88:05:
da:f8:8d:ea:9a:87:30:4e:7a:ed:8c:84:a1:f9:da:2b:d2:dc:
02:96:6e:47:01:d9:be:7d:55:a3:e8:54:e3:66:68:f0:27:6f:
9e:e8:84:04:5e:1f:63:cb:37:b5:8a:9d:0a:8b:70:32:9d:40:
de:86:2d:bd:c2:6e:5e:98:4b:5f:c4:67:35:14:37:4c:1d:e9:
c2:9e:03:5a:42:67:37:ae:e3:bc:4b:51:0a:c5:62:8a:7e:ef:
26:e9:25:d6:8f:36:e4:73:23:87:92:cd:f3:f7:fb:ed:9a:7a:
57:de:c0:30:f3:b3:16:08:a7:11:43:20:de:e1:d7:dd:09:70:
0b:0e:70:d6:c1:0b:1b:82:7b:fa:e3:2f:1b:dd:5b:f0:dd:b3:
ea:d8:e4:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZxs2Hx76zFd8+R+CeE8Ya10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODQ0ZTEzNzRmMWM0NTgxYmZiZjdhZDQ2MzhhMTEyZDMx
NmZiZTQwHhcNMjYwMjE3MTgyNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGExNTU3Yjc5NjE2MjNlYTNhZjlmZjc0NjkwM2NlZGI2OWFlYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaN/htoNvhHmDcZdksOr/6H7tLTI
QHyt3YT7jrCearP4SMv6ZK4Oqv81w5upvL5RyPFRUdYsec47LYn7PgSe6tYHrUpZ
x7tzliOczO/i2YFZIYGZvhHxfE4WtdMt4K9xWODzDxC9Ujl+09JAuRfpYT1UURhq
oxATTLBvzZ2YhISjBkWeF4Pp8RKzY0kC6Z0e3+nGwOn69tiws5ZMcjx/QQGpwXAZ
kqMqJMXFjhwV4Gd9MefBjiS9po8hgJcKn8HLNpo2TVwQiXvXwGiKsaVFOZjWEdib
QNxiLVtbvsErglKZFTRqlkNjhSoFg/FOsQt/Ro4YDsjCZsWHC6ApyAp6owIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBChVXt5YWI+o6+f90aQPO22mutgMB8GA1UdIwQY
MBaAFGmEThN08cRYG/v3rUY4oRLTFvvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlST0UzVHh4RmdiLV9ldFJqaWhFdE1XLS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8zZDU0YjktYTc2My00NTE0LTk0Njct
OGFhZWY3NmMyZTk4LzEvRUtGVmUzbGhZajZqcjVfM1JwQTg3YmFhNjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8zZDU0YjktYTc2My00NTE0LTk0NjctOGFhZWY3NmMyZTk4
LzEvYVlST0UzVHh4RmdiLV9ldFJqaWhFdE1XLS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwqXKAwQA
wqXNAwQAw5KgAwQAw5KiMA0GCSqGSIb3DQEBCwUAA4IBAQBmU+6h+KJyKSTuQHtw
GVlQkSDW6vBCmdQckBIxtoYXkA46h61BKhE9jNVTn1237Nq6tICzgc7UiVCC8+7O
B+pe6ER+Boi6P9hrdz3kQFGys6yORxHAhB3GgvM7vJ/dtJvi55+UZ+R0fUhviAXa
+I3qmocwTnrtjISh+dor0twClm5HAdm+fVWj6FTjZmjwJ2+e6IQEXh9jyze1ip0K
i3AynUDehi29wm5emEtfxGc1FDdMHenCngNaQmc3ruO8S1EKxWKKfu8m6SXWjzbk
cyOHks3z9/vtmnpX3sAw87MWCKcRQyDe4dfdCXALDnDWwQsbgnv64y8b3Vvw3bPq
2OR4
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:44:06 2026 by rpki-client