Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EKopMi17Rmal1WSFvXHywexZ7d0.roa
File: EKopMi17Rmal1WSFvXHywexZ7d0.roa (raw, json)
Hash identifier: 3foURyIqZ3kBE8mGYLI1t1HZcOYJwmbR6erqxk+IFlM=
Subject key identifier: 10:AA:29:32:2D:7B:46:66:A5:D5:64:85:BD:71:F2:C1:EC:59:ED:DD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E9179ADAD3206A3A98E57DE2013A7ACBC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EKopMi17Rmal1WSFvXHywexZ7d0.roa
Signing time: Thu 04 Jun 2026 07:12:11 +0000
ROA not before: Thu 04 Jun 2026 07:12:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 81.5.156.0/24 maxlen: 24
81.168.41.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
82.153.67.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.139.0/24 maxlen: 24
82.153.140.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
82.153.250.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
109.176.209.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.217.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
109.176.219.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
109.176.221.0/24 maxlen: 24
109.176.222.0/24 maxlen: 24
109.176.223.0/24 maxlen: 24
109.176.249.0/24 maxlen: 24
213.152.61.0/24 maxlen: 24
213.152.62.0/24 maxlen: 24
213.210.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:91:79:ad:ad:32:06:a3:a9:8e:57:de:20:13:a7:ac:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 4 07:12:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=10aa29322d7b4666a5d56485bd71f2c1ec59eddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ac:4e:88:63:c2:3b:e8:47:15:ee:05:51:bf:
b6:3b:a1:55:47:82:4f:a1:46:fb:6c:c3:e1:a8:59:
6a:1b:39:b9:24:0d:3c:5d:e4:90:33:b7:0a:73:48:
a7:b8:00:3d:f0:af:84:1b:d7:fc:78:b9:d7:3e:7c:
77:4a:d3:53:10:d8:d6:d9:24:26:0b:11:33:49:fd:
1e:0e:0c:4b:d7:71:30:af:c2:46:bb:e3:b9:ec:8a:
24:8e:8e:50:fa:ee:52:3f:e3:9e:ee:fb:71:cc:ea:
3e:c1:21:1a:ac:63:f5:3a:f0:1e:41:9a:60:23:c4:
3e:86:8f:3a:5f:a1:3c:3c:49:3d:dc:6a:f1:53:4a:
a2:6f:f1:23:20:16:4d:b1:79:51:7f:93:c6:e4:c7:
46:c3:d9:79:a5:b0:38:49:c2:21:a2:cb:79:d3:8a:
3a:cf:e8:22:66:72:2a:8a:30:8b:2d:ac:07:27:e2:
1a:88:05:39:a4:b4:18:1f:0b:e6:bf:22:41:8b:9a:
43:56:93:6f:79:89:f3:40:4e:5c:ef:2b:76:d9:6f:
dc:37:44:a8:0d:51:85:de:bc:90:70:a3:9e:83:ae:
71:dc:82:f9:06:05:cf:b4:bc:df:9a:5d:67:4d:99:
b8:79:26:a9:4a:f7:29:93:e1:54:ea:13:00:b8:2e:
76:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:AA:29:32:2D:7B:46:66:A5:D5:64:85:BD:71:F2:C1:EC:59:ED:DD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/EKopMi17Rmal1WSFvXHywexZ7d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.123.0/24
82.152.111.0/24
82.153.67.0/24
82.153.73.0/24
82.153.78.0/24
82.153.137.0/24
82.153.139.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.240.0/24
82.153.250.0/24
89.213.153.0/24
109.176.209.0/24
109.176.211.0/24
109.176.216.0/21
109.176.249.0/24
213.152.61.0-213.152.62.255
213.210.40.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:49:b2:c9:43:eb:21:e2:04:2e:df:b1:b2:a6:63:b7:e9:25:
61:94:3f:8b:fa:b2:d8:76:6e:fb:f4:fb:d4:9e:c9:b7:9a:d8:
6b:2a:88:07:df:a3:55:d4:c4:3a:fc:41:4b:f8:f3:aa:2c:0e:
7f:cc:a2:cb:c6:6d:28:27:79:7e:f9:d3:5c:cd:4c:45:31:5c:
cc:29:27:e3:9e:f2:2c:4b:1b:b6:c0:f5:12:6a:c4:a0:07:1e:
28:33:39:7a:ba:f4:f0:91:eb:93:71:fc:9e:6d:cc:b1:a6:e6:
b5:a1:7c:65:d3:bc:ab:5e:d2:06:41:5c:9e:97:8e:3e:97:76:
19:57:30:f4:aa:8a:dd:c3:c4:44:f4:2d:50:cb:21:78:ee:18:
df:6a:da:fc:95:7a:4f:d7:ea:1f:76:ce:9d:af:a1:14:cc:18:
1e:3f:9f:f0:d6:7c:0b:da:79:95:24:ce:e1:d2:a6:7d:c2:5c:
45:2f:a1:f0:5c:da:2a:c7:ce:ca:70:e1:0d:86:16:ef:42:a2:
54:a5:c1:c9:37:63:c8:7e:95:05:47:b4:8d:15:c3:57:cf:92:
23:56:ea:30:b2:90:7f:8e:e4:ec:9a:c0:8f:5a:a1:b5:9e:f8:
5a:e8:bb:5e:09:bf:73:0d:f8:f4:38:07:93:38:43:19:06:92:
0a:58:c1:5c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZ6Rea2tMgajqY5X3iATp6y8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNjA0MDcxMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGFhMjkzMjJkN2I0NjY2YTVkNTY0ODViZDcxZjJjMWVjNTllZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKxOiGPCO+hHFe4FUb+2O6FVR4JP
oUb7bMPhqFlqGzm5JA08XeSQM7cKc0inuAA98K+EG9f8eLnXPnx3StNTENjW2SQm
CxEzSf0eDgxL13Ewr8JGu+O57Iokjo5Q+u5SP+Oe7vtxzOo+wSEarGP1OvAeQZpg
I8Q+ho86X6E8PEk93GrxU0qib/EjIBZNsXlRf5PG5MdGw9l5pbA4ScIhost504o6
z+giZnIqijCLLawHJ+IaiAU5pLQYHwvmvyJBi5pDVpNveYnzQE5c7yt22W/cN0So
DVGF3ryQcKOeg65x3IL5BgXPtLzfml1nTZm4eSapSvcpk+FU6hMAuC52OQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFBCqKTIte0ZmpdVkhb1x8sHsWe3dMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRUtvcE1pMTdSbWFsMVdTRnZYSHl3ZXhaN2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBABR
BZwDBABRqCkDBABRqHsDBABSmG8DBABSmUMDBABSmUkDBABSmU4DBABSmYkwDAME
AFKZiwMEAFKZjAMEAFKZ3QMEAFKZ3wMEAFKZ8AMEAFKZ+gMEAFnVmQMEAG2w0QME
AG2w0wMEA22w2AMEAG2w+TAMAwQA1Zg9AwQA1Zg+AwQA1dIoMA0GCSqGSIb3DQEB
CwUAA4IBAQCoSbLJQ+sh4gQu37GypmO36SVhlD+L+rLYdm779PvUnsm3mthrKogH
36NV1MQ6/EFL+POqLA5/zKLLxm0oJ3l++dNczUxFMVzMKSfjnvIsSxu2wPUSasSg
Bx4oMzl6uvTwkeuTcfyebcyxpua1oXxl07yrXtIGQVyel44+l3YZVzD0qordw8RE
9C1QyyF47hjfatr8lXpP1+ofds6dr6EUzBgeP5/w1nwL2nmVJM7h0qZ9wlxFL6Hw
XNoqx87KcOENhhbvQqJUpcHJN2PIfpUFR7SNFcNXz5IjVuowspB/juTsmsCPWqG1
nvha6LteCb9zDfj0OAeTOEMZBpIKWMFc
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:38:31 2026 by rpki-client