Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/epfTt_Q7rvrpNrb2W1NvRclfm3Y.roa
File: epfTt_Q7rvrpNrb2W1NvRclfm3Y.roa (raw, json)
Hash identifier: ns9XOAPT46RRfby7DesM2N3r4ja1gpR0OLgUpNLcOOU=
Subject key identifier: 7A:97:D3:B7:F4:3B:AE:FA:E9:36:B6:F6:5B:53:6F:45:C9:5F:9B:76
Certificate issuer: /CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Certificate serial: 019ECCCCCAC26FB6120992A0AF1CC0D73FDC
Authority key identifier: 95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/epfTt_Q7rvrpNrb2W1NvRclfm3Y.roa
Signing time: Mon 15 Jun 2026 19:40:33 +0000
ROA not before: Mon 15 Jun 2026 19:40:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211270
IP address blocks: 189.74.112.0/24 maxlen: 24
189.74.113.0/24 maxlen: 24
189.74.119.0/24 maxlen: 24
189.74.122.0/24 maxlen: 24
189.74.123.0/24 maxlen: 24
189.74.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:cc:cc:ca:c2:6f:b6:12:09:92:a0:af:1c:c0:d7:3f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95d108f0e85868c2bbe7db6d7377034c131eb224
Validity
Not Before: Jun 15 19:40:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7a97d3b7f43baefae936b6f65b536f45c95f9b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bb:d8:87:84:4a:0d:4e:7c:c8:c9:48:ca:94:
6e:e2:42:80:e2:6a:eb:f7:75:c4:3f:81:f3:e0:31:
07:db:bc:f6:16:32:b6:91:3d:fa:c0:ab:47:6e:f8:
56:f4:0f:b2:81:de:a8:5a:5d:f3:d6:4a:73:12:7b:
69:e8:51:24:c3:0c:87:8e:6d:79:55:f3:39:d4:fc:
1c:d1:da:b1:ac:39:43:5b:96:cb:e0:88:7a:3f:58:
38:7b:8f:46:2a:53:9a:f7:a6:ac:2e:0d:1f:79:e0:
2d:46:71:70:ef:ac:85:33:63:d3:9a:f0:73:cc:2e:
11:14:52:29:09:a8:d0:e2:46:0b:a7:cd:d0:3f:97:
9c:2f:99:92:64:27:02:b1:19:2d:5f:33:ee:c1:f7:
54:5d:97:f8:f2:cf:2c:7c:05:3d:bf:95:b3:41:ee:
75:a7:da:c5:a8:5a:48:35:c2:69:e5:43:c7:1f:13:
fb:b5:ae:ec:a0:67:d2:cd:8b:57:3b:bb:64:fd:85:
94:28:39:67:4e:a5:b7:3a:f5:04:79:25:f3:a6:67:
42:43:65:eb:03:34:a9:2c:e1:a8:67:86:ee:3d:c8:
63:4a:62:e9:55:da:58:30:f3:69:2d:d5:27:55:9f:
23:65:0c:92:75:7a:45:a6:b5:b4:5e:79:25:b1:33:
a0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:97:D3:B7:F4:3B:AE:FA:E9:36:B6:F6:5B:53:6F:45:C9:5F:9B:76
X509v3 Authority Key Identifier:
keyid:95:D1:08:F0:E8:58:68:C2:BB:E7:DB:6D:73:77:03:4C:13:1E:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldEI8OhYaMK759ttc3cDTBMesiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/epfTt_Q7rvrpNrb2W1NvRclfm3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ddb424-7eb2-495e-8bb6-72fb97d59ce4/1/ldEI8OhYaMK759ttc3cDTBMesiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
189.74.112.0/23
189.74.119.0/24
189.74.122.0/23
189.74.127.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:86:5b:87:97:5e:0a:ff:f4:68:b1:c5:0b:1b:d6:6e:db:82:
69:7a:e6:21:41:2f:65:d0:6d:d6:5b:aa:07:ff:c9:5c:f0:6e:
a2:75:e7:2d:18:80:76:18:bd:92:b0:92:36:87:0e:13:a3:6c:
a9:c8:e0:6b:07:08:aa:ce:e4:ef:2e:94:7b:db:84:4d:c3:e9:
b8:dc:7d:58:c9:14:e4:57:f2:63:c2:e2:31:41:4a:68:39:97:
a6:f1:6a:6b:a5:6a:2d:13:ed:26:39:63:68:ec:dc:31:5b:4e:
1a:75:e2:0f:61:9a:ab:64:e4:d5:15:e6:b6:4a:a2:af:c3:30:
dd:9f:7c:81:5f:e8:eb:6e:4f:ac:50:bf:a6:18:d8:dc:aa:b8:
e1:dd:9a:c9:86:3e:2f:1c:c8:10:54:13:02:64:4f:e7:16:35:
93:64:38:c7:9f:96:91:88:f7:bf:b9:2f:b4:d3:5b:8b:24:f9:
38:22:b8:8b:0b:43:45:79:64:19:46:d0:ac:d4:61:7e:a4:74:
30:eb:c0:37:20:16:61:fa:6b:43:74:7f:9b:41:65:60:ef:10:
a6:97:c1:71:f8:73:9a:4b:f3:ab:62:82:27:de:fe:f7:60:e3:
63:a3:a7:74:38:32:9f:d6:4d:bb:64:79:3f:98:9f:36:9b:c4:
e4:47:f0:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ7MzMrCb7YSCZKgrxzA1z/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZDEwOGYwZTg1ODY4YzJiYmU3ZGI2ZDczNzcwMzRjMTMx
ZWIyMjQwHhcNMjYwNjE1MTk0MDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTk3ZDNiN2Y0M2JhZWZhZTkzNmI2ZjY1YjUzNmY0NWM5NWY5Yjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybvYh4RKDU58yMlIypRu4kKA4mrr
93XEP4Hz4DEH27z2FjK2kT36wKtHbvhW9A+ygd6oWl3z1kpzEntp6FEkwwyHjm15
VfM51Pwc0dqxrDlDW5bL4Ih6P1g4e49GKlOa96asLg0feeAtRnFw76yFM2PTmvBz
zC4RFFIpCajQ4kYLp83QP5ecL5mSZCcCsRktXzPuwfdUXZf48s8sfAU9v5WzQe51
p9rFqFpINcJp5UPHHxP7ta7soGfSzYtXO7tk/YWUKDlnTqW3OvUEeSXzpmdCQ2Xr
AzSpLOGoZ4buPchjSmLpVdpYMPNpLdUnVZ8jZQySdXpFprW0XnklsTOguQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHqX07f0O6766Ta29ltTb0XJX5t2MB8GA1UdIwQY
MBaAFJXRCPDoWGjCu+fbbXN3A0wTHrIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYt
NzJmYjk3ZDU5Y2U0LzEvZXBmVHRfUTdydnJwTnJiMlcxTnZSY2xmbTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9kZGI0MjQtN2ViMi00OTVlLThiYjYtNzJmYjk3ZDU5Y2U0
LzEvbGRFSThPaFlhTUs3NTl0dGMzY0RUQk1lc2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBvUpwAwQA
vUp3AwQBvUp6AwQAvUp/MA0GCSqGSIb3DQEBCwUAA4IBAQBchluHl14K//RoscUL
G9Zu24JpeuYhQS9l0G3WW6oH/8lc8G6idectGIB2GL2SsJI2hw4To2ypyOBrBwiq
zuTvLpR724RNw+m43H1YyRTkV/JjwuIxQUpoOZem8WprpWotE+0mOWNo7NwxW04a
deIPYZqrZOTVFea2SqKvwzDdn3yBX+jrbk+sUL+mGNjcqrjh3ZrJhj4vHMgQVBMC
ZE/nFjWTZDjHn5aRiPe/uS+001uLJPk4IriLC0NFeWQZRtCs1GF+pHQw68A3IBZh
+mtDdH+bQWVg7xCml8Fx+HOaS/OrYoIn3v73YONjo6d0ODKf1k27ZHk/mJ82m8Tk
R/De
-----END CERTIFICATE-----
Generated at Wed Jun 17 10:33:18 2026 by rpki-client