Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/EFGLC8SL84p1q1K-j3Uf3V3IW44.roa
File: EFGLC8SL84p1q1K-j3Uf3V3IW44.roa (raw, json)
Hash identifier: 4PnC9POkZ3ZS5ZMz+CxTTugtS6AWFe8U3aLCVUVr204=
Subject key identifier: 10:51:8B:0B:C4:8B:F3:8A:75:AB:52:BE:8F:75:1F:DD:5D:C8:5B:8E
Certificate issuer: /CN=3074d651dfec4b0d371e02505b1f8693ed1d8e02
Certificate serial: 019B7C12777ADCA17E6B4F228521CCFB0ED5
Authority key identifier: 30:74:D6:51:DF:EC:4B:0D:37:1E:02:50:5B:1F:86:93:ED:1D:8E:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHTWUd_sSw03HgJQWx-Gk-0djgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/EFGLC8SL84p1q1K-j3Uf3V3IW44.roa
Signing time: Fri 02 Jan 2026 00:19:03 +0000
ROA not before: Fri 02 Jan 2026 00:19:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204989
IP address blocks: 45.89.168.0/22 maxlen: 24
185.104.160.0/22 maxlen: 24
2a06:3200::/29 maxlen: 32
2a0f:a7c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/MHTWUd_sSw03HgJQWx-Gk-0djgI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/MHTWUd_sSw03HgJQWx-Gk-0djgI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHTWUd_sSw03HgJQWx-Gk-0djgI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:12:77:7a:dc:a1:7e:6b:4f:22:85:21:cc:fb:0e:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3074d651dfec4b0d371e02505b1f8693ed1d8e02
Validity
Not Before: Jan 2 00:19:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=10518b0bc48bf38a75ab52be8f751fdd5dc85b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:8e:e8:6b:5e:f1:b2:77:c1:e6:f6:a8:96:1a:
f6:e0:09:64:34:68:25:ea:41:af:0b:c8:1b:d3:40:
74:09:c8:5e:cf:2c:c4:7b:3c:a0:a1:b8:d1:0e:f9:
61:25:e0:af:4e:9d:75:e9:79:0e:ba:95:84:6e:42:
3a:6d:fb:be:ac:42:13:41:47:81:a5:63:ab:fb:58:
e1:56:3a:4f:42:ba:56:1c:18:c0:66:89:af:90:2c:
5e:d5:ca:dc:33:95:03:ac:2d:9f:f6:c1:32:ab:65:
a4:84:26:1b:78:64:c2:ad:8a:56:23:a6:6f:39:78:
73:ec:6f:b1:90:cb:6f:37:6d:33:05:8a:14:17:b7:
d8:c9:ab:6d:9e:b0:12:aa:d4:74:22:1a:10:1d:0a:
44:b7:7e:ea:03:f7:1b:12:2c:2c:ef:9c:a0:0d:78:
f0:6c:19:8f:15:87:fd:87:da:a4:7c:e3:d8:a0:6c:
f4:c7:1d:26:56:2f:1a:6e:75:03:91:26:2b:02:ea:
25:9d:ac:ce:cc:ab:cd:58:bd:e5:fc:a4:de:3c:48:
61:57:61:c8:b3:66:b4:29:ae:de:49:0b:14:29:79:
6a:8f:db:4a:13:ea:11:46:f6:62:0a:af:ab:63:81:
e0:c4:05:b5:3f:3c:3b:b0:57:b2:da:28:a9:a3:b6:
e7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:51:8B:0B:C4:8B:F3:8A:75:AB:52:BE:8F:75:1F:DD:5D:C8:5B:8E
X509v3 Authority Key Identifier:
keyid:30:74:D6:51:DF:EC:4B:0D:37:1E:02:50:5B:1F:86:93:ED:1D:8E:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHTWUd_sSw03HgJQWx-Gk-0djgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/EFGLC8SL84p1q1K-j3Uf3V3IW44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/21283f-f7aa-4a67-9570-92ba2d5077c3/1/MHTWUd_sSw03HgJQWx-Gk-0djgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.168.0/22
185.104.160.0/22
IPv6:
2a06:3200::/29
2a0f:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
61:96:d3:f7:e9:8b:2f:52:49:41:d7:d1:1b:dc:3c:a0:97:e2:
d4:f4:79:96:de:38:46:81:ad:3b:a8:dc:d8:ed:6b:07:d2:52:
8a:87:43:02:e3:27:26:2d:06:5c:3c:91:b2:03:6d:d0:15:52:
89:9a:91:07:2f:b3:e1:7f:90:22:1a:08:ae:7b:be:a3:19:e6:
46:e1:3d:5d:6b:0d:34:b1:d6:23:b6:ec:2d:fb:3b:82:9c:9d:
03:6b:02:50:c2:c8:8a:bb:1b:15:c3:ca:d0:a9:da:c3:95:38:
58:60:5b:6a:95:09:f2:12:4c:3f:c1:2a:f8:e7:b7:6f:90:0b:
59:9f:9b:b3:b6:bf:83:e2:46:c3:65:13:2c:f5:cf:e5:82:9a:
66:14:ce:25:66:f7:23:cc:b8:94:3d:ee:96:a9:2c:a1:0b:af:
98:91:d4:39:ee:ad:66:c5:5c:fa:4c:af:bb:f6:e7:12:d5:f1:
cf:1a:ae:e3:bf:1f:ec:06:20:ba:70:0b:cd:18:5c:c4:55:e9:
5b:cd:13:3f:d5:9c:40:a0:87:f4:60:6c:d6:3a:b3:17:4d:50:
b3:23:73:d1:35:f9:50:9d:6d:8c:95:84:97:55:61:eb:a2:20:
b9:d6:4a:22:7e:0a:14:38:13:c6:0e:07:16:01:09:a4:0f:cb:
c0:f8:cb:18
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZt8End63KF+a08ihSHM+w7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzRkNjUxZGZlYzRiMGQzNzFlMDI1MDViMWY4NjkzZWQx
ZDhlMDIwHhcNMjYwMTAyMDAxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDUxOGIwYmM0OGJmMzhhNzVhYjUyYmU4Zjc1MWZkZDVkYzg1YjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2I7oa17xsnfB5vaolhr24AlkNGgl
6kGvC8gb00B0CchezyzEezygobjRDvlhJeCvTp116XkOupWEbkI6bfu+rEITQUeB
pWOr+1jhVjpPQrpWHBjAZomvkCxe1crcM5UDrC2f9sEyq2WkhCYbeGTCrYpWI6Zv
OXhz7G+xkMtvN20zBYoUF7fYyattnrASqtR0IhoQHQpEt37qA/cbEiws75ygDXjw
bBmPFYf9h9qkfOPYoGz0xx0mVi8abnUDkSYrAuolnazOzKvNWL3l/KTePEhhV2HI
s2a0Ka7eSQsUKXlqj9tKE+oRRvZiCq+rY4HgxAW1Pzw7sFey2iipo7bnbQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBBRiwvEi/OKdatSvo91H91dyFuOMB8GA1UdIwQY
MBaAFDB01lHf7EsNNx4CUFsfhpPtHY4CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhUV1VkX3NTdzAzSGdKUVd4LUdrLTBkamdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMTI4M2YtZjdhYS00YTY3LTk1NzAt
OTJiYTJkNTA3N2MzLzEvRUZHTEM4U0w4NHAxcTFLLWozVWYzVjNJVzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yMTI4M2YtZjdhYS00YTY3LTk1NzAtOTJiYTJkNTA3N2Mz
LzEvTUhUV1VkX3NTdzAzSGdKUVd4LUdrLTBkamdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVmoAwQC
uWigMBQEAgACMA4DBQMqBjIAAwUDKg+nwDANBgkqhkiG9w0BAQsFAAOCAQEAYZbT
9+mLL1JJQdfRG9w8oJfi1PR5lt44RoGtO6jc2O1rB9JSiodDAuMnJi0GXDyRsgNt
0BVSiZqRBy+z4X+QIhoIrnu+oxnmRuE9XWsNNLHWI7bsLfs7gpydA2sCUMLIirsb
FcPK0Knaw5U4WGBbapUJ8hJMP8Eq+Oe3b5ALWZ+bs7a/g+JGw2UTLPXP5YKaZhTO
JWb3I8y4lD3ulqksoQuvmJHUOe6tZsVc+kyvu/bnEtXxzxqu478f7AYgunALzRhc
xFXpW80TP9WcQKCH9GBs1jqzF01QsyNz0TX5UJ1tjJWEl1Vh66IgudZKIn4KFDgT
xg4HFgEJpA/LwPjLGA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:15:12 2026 by rpki-client