Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/0c6111-58f7-4b75-bcab-90bc4624c7b2/1/eBuAc98eLhdzaSpEXuI8KUheXdk.roa
File: eBuAc98eLhdzaSpEXuI8KUheXdk.roa (raw, json)
Hash identifier: ZAyeKkTZKpzp6DSuRIfinH6S1nkpaZ2M6lG5LcE6ZAA=
Subject key identifier: 78:1B:80:73:DF:1E:2E:17:73:69:2A:44:5E:E2:3C:29:48:5E:5D:D9
Certificate issuer: /CN=7470dfc0bb5ce06d86df24fe3caa4b4ef34178f4
Certificate serial: 019B7E382FDE54E5DE55871156C5C0DD0EDD
Authority key identifier: 74:70:DF:C0:BB:5C:E0:6D:86:DF:24:FE:3C:AA:4B:4E:F3:41:78:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dHDfwLtc4G2G3yT-PKpLTvNBePQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/0c6111-58f7-4b75-bcab-90bc4624c7b2/1/eBuAc98eLhdzaSpEXuI8KUheXdk.roa
Signing time: Fri 02 Jan 2026 10:19:30 +0000
ROA not before: Fri 02 Jan 2026 10:19:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34141
IP address blocks: 217.198.16.0/20 maxlen: 20
217.198.16.0/21 maxlen: 21
217.198.24.0/22 maxlen: 22
217.198.28.0/23 maxlen: 23
217.198.30.0/23 maxlen: 23
2a02:7d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/0c6111-58f7-4b75-bcab-90bc4624c7b2/1/dHDfwLtc4G2G3yT-PKpLTvNBePQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/0c6111-58f7-4b75-bcab-90bc4624c7b2/1/dHDfwLtc4G2G3yT-PKpLTvNBePQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/dHDfwLtc4G2G3yT-PKpLTvNBePQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:38:2f:de:54:e5:de:55:87:11:56:c5:c0:dd:0e:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7470dfc0bb5ce06d86df24fe3caa4b4ef34178f4
Validity
Not Before: Jan 2 10:19:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=781b8073df1e2e1773692a445ee23c29485e5dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:57:56:3d:6c:62:ad:36:23:f3:9a:d0:cb:68:
5e:68:89:61:6f:b1:6c:54:a7:43:89:21:bf:1d:14:
b3:27:83:0b:79:6a:78:78:0f:2a:5d:ae:25:e5:fe:
fc:93:c6:ab:e6:b9:ac:2f:b2:f6:a9:78:15:8d:83:
de:86:c8:b3:89:24:ba:17:99:25:22:59:d8:7f:cb:
ac:89:37:67:d5:43:b6:2f:b6:8f:f4:9b:2e:5a:8a:
05:e8:e5:cf:8c:f2:0e:a9:9c:3d:94:3f:57:b1:1b:
50:42:16:ed:ad:5f:33:0a:8b:39:7a:9f:76:87:a1:
09:ee:df:4b:b6:df:6c:f7:30:92:ea:30:fb:24:50:
b6:d5:44:46:f0:0e:08:97:28:9e:5c:54:1a:19:74:
25:66:ba:78:f2:09:91:65:a8:54:5a:98:67:a4:af:
7a:8a:67:de:1d:1e:99:56:0e:41:24:41:15:c0:df:
88:de:09:ef:54:d2:18:00:06:ab:78:b4:79:13:0e:
eb:79:11:31:13:2f:51:f4:8f:a4:55:cb:4f:14:5d:
74:1c:88:38:38:d3:89:e2:7c:18:3a:f6:95:30:e7:
3c:1d:d1:d7:10:5b:78:68:a2:d2:ee:91:ff:b8:1a:
c1:49:0d:97:aa:6d:6c:ce:1e:86:74:3e:2a:12:18:
0e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:1B:80:73:DF:1E:2E:17:73:69:2A:44:5E:E2:3C:29:48:5E:5D:D9
X509v3 Authority Key Identifier:
keyid:74:70:DF:C0:BB:5C:E0:6D:86:DF:24:FE:3C:AA:4B:4E:F3:41:78:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHDfwLtc4G2G3yT-PKpLTvNBePQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/0c6111-58f7-4b75-bcab-90bc4624c7b2/1/eBuAc98eLhdzaSpEXuI8KUheXdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/0c6111-58f7-4b75-bcab-90bc4624c7b2/1/dHDfwLtc4G2G3yT-PKpLTvNBePQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.16.0/20
IPv6:
2a02:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:35:48:71:20:f5:10:26:75:6a:99:0f:6e:66:ba:22:f9:94:
b9:89:d4:33:ba:cf:39:f3:e9:d9:cb:75:19:db:84:b7:b8:62:
b9:69:8d:d0:35:ae:b0:4e:4b:7d:73:b9:7e:26:55:d0:f5:ce:
26:32:81:f0:a7:cc:81:84:7e:e0:f0:5e:dd:a0:7c:07:dd:a1:
5a:c3:f6:4e:84:ee:7b:fa:83:39:1c:cc:53:cf:74:3a:17:c0:
18:bf:51:3b:23:b5:a5:a6:27:a1:90:4e:b3:86:de:c3:67:77:
7b:12:39:d4:4b:8c:62:86:49:6b:83:ec:3f:a0:c6:26:3a:20:
a3:8f:18:47:1f:1c:ca:b0:5c:35:f9:a1:97:4c:10:a9:dd:1c:
07:ef:d3:37:ef:e8:95:49:0a:98:f1:f8:c1:d8:00:4c:44:6c:
58:45:f4:76:3e:56:e6:d7:92:a2:fc:4a:0d:46:3a:25:fa:eb:
eb:74:59:32:2d:09:86:1a:42:23:62:9e:44:98:06:2e:2a:7b:
12:10:81:83:85:01:4f:82:eb:61:35:bb:30:13:1c:38:a8:36:
47:a0:e4:41:7a:d0:1c:63:4d:db:ed:0c:b0:4a:61:ef:ea:c4:
b6:72:3d:33:77:e2:aa:c3:63:45:82:04:0f:ec:5a:dd:94:1a:
67:87:aa:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt+OC/eVOXeVYcRVsXA3Q7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzBkZmMwYmI1Y2UwNmQ4NmRmMjRmZTNjYWE0YjRlZjM0
MTc4ZjQwHhcNMjYwMTAyMTAxOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODFiODA3M2RmMWUyZTE3NzM2OTJhNDQ1ZWUyM2MyOTQ4NWU1ZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1dWPWxirTYj85rQy2heaIlhb7Fs
VKdDiSG/HRSzJ4MLeWp4eA8qXa4l5f78k8ar5rmsL7L2qXgVjYPehsiziSS6F5kl
IlnYf8usiTdn1UO2L7aP9JsuWooF6OXPjPIOqZw9lD9XsRtQQhbtrV8zCos5ep92
h6EJ7t9Ltt9s9zCS6jD7JFC21URG8A4IlyieXFQaGXQlZrp48gmRZahUWphnpK96
imfeHR6ZVg5BJEEVwN+I3gnvVNIYAAareLR5Ew7reRExEy9R9I+kVctPFF10HIg4
ONOJ4nwYOvaVMOc8HdHXEFt4aKLS7pH/uBrBSQ2Xqm1szh6GdD4qEhgOoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHgbgHPfHi4Xc2kqRF7iPClIXl3ZMB8GA1UdIwQY
MBaAFHRw38C7XOBtht8k/jyqS07zQXj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhEZndMdGM0RzJHM3lULVBLcExUdk5CZVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8wYzYxMTEtNThmNy00Yjc1LWJjYWIt
OTBiYzQ2MjRjN2IyLzEvZUJ1QWM5OGVMaGR6YVNwRVh1SThLVWhlWGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8wYzYxMTEtNThmNy00Yjc1LWJjYWItOTBiYzQ2MjRjN2Iy
LzEvZEhEZndMdGM0RzJHM3lULVBLcExUdk5CZVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2cYQMA0E
AgACMAcDBQAqAgfQMA0GCSqGSIb3DQEBCwUAA4IBAQAtNUhxIPUQJnVqmQ9uZroi
+ZS5idQzus858+nZy3UZ24S3uGK5aY3QNa6wTkt9c7l+JlXQ9c4mMoHwp8yBhH7g
8F7doHwH3aFaw/ZOhO57+oM5HMxTz3Q6F8AYv1E7I7WlpiehkE6zht7DZ3d7EjnU
S4xihklrg+w/oMYmOiCjjxhHHxzKsFw1+aGXTBCp3RwH79M37+iVSQqY8fjB2ABM
RGxYRfR2Plbm15Ki/EoNRjol+uvrdFkyLQmGGkIjYp5EmAYuKnsSEIGDhQFPguth
NbswExw4qDZHoORBetAcY03b7QywSmHv6sS2cj0zd+Kqw2NFggQP7FrdlBpnh6r4
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:18:35 2026 by rpki-client