Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/356YY-G2IgwXZ8Z6xUkXqO6Msfc.roa
File: 356YY-G2IgwXZ8Z6xUkXqO6Msfc.roa (raw, json)
Hash identifier: 3yPXuEjybc7pQx1CfOJGvK5clzMFrA4qzadcknOJqzA=
Subject key identifier: DF:9E:98:63:E1:B6:22:0C:17:67:C6:7A:C5:49:17:A8:EE:8C:B1:F7
Certificate issuer: /CN=e8b62bbe9eeb5a3d66e1cc223adedc53b177c4ee
Certificate serial: 019D61ECDB157EBC0DA7E8D17D2E95FC3224
Authority key identifier: E8:B6:2B:BE:9E:EB:5A:3D:66:E1:CC:22:3A:DE:DC:53:B1:77:C4:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/356YY-G2IgwXZ8Z6xUkXqO6Msfc.roa
Signing time: Mon 06 Apr 2026 08:33:25 +0000
ROA not before: Mon 06 Apr 2026 08:33:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213168
IP address blocks: 91.211.145.0/24 maxlen: 24
147.236.144.0/22 maxlen: 24
147.236.156.0/22 maxlen: 24
212.104.212.0/24 maxlen: 24
212.104.213.0/24 maxlen: 24
2a13:8140::/48 maxlen: 48
2a13:8140:1::/48 maxlen: 48
2a13:8140:2::/48 maxlen: 48
2a13:8140:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/6LYrvp7rWj1m4cwiOt7cU7F3xO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/6LYrvp7rWj1m4cwiOt7cU7F3xO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:61:ec:db:15:7e:bc:0d:a7:e8:d1:7d:2e:95:fc:32:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b62bbe9eeb5a3d66e1cc223adedc53b177c4ee
Validity
Not Before: Apr 6 08:33:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=df9e9863e1b6220c1767c67ac54917a8ee8cb1f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c0:e1:97:68:0d:cb:4d:53:1f:d7:7d:cb:0e:
22:6a:7d:43:42:ab:ce:01:63:d8:8e:72:eb:f5:a1:
29:3f:f2:4a:0f:7a:9f:b4:2b:52:b1:52:30:4a:67:
79:e2:ba:ec:a2:24:d4:4c:d1:30:dc:56:f5:e8:c1:
0b:4a:b0:7c:35:b5:dc:59:ec:0e:fb:0e:89:33:e2:
c2:92:52:cb:49:92:4b:c9:60:72:96:54:8c:a8:ac:
be:2f:3c:94:f4:88:eb:00:b0:5b:e5:e6:59:17:22:
02:89:5b:7b:40:56:93:8f:8a:c6:8e:cb:38:d4:db:
bb:3a:22:e7:ac:cd:39:74:62:2e:dc:8f:77:cb:ca:
71:f5:da:9e:64:0b:bd:d5:01:25:54:7f:16:23:8c:
f5:57:70:64:a1:21:cc:39:e1:48:a2:a9:7c:6b:57:
ae:de:bd:5a:49:9a:dd:6b:18:2b:4a:30:5c:dc:19:
14:06:53:0c:84:2c:84:fe:89:a9:00:25:25:2d:c7:
37:94:87:0c:73:9f:02:ca:55:e7:58:b8:c5:5d:c6:
ce:ce:03:3e:25:93:df:dc:d2:33:43:e0:50:68:3e:
0d:bf:c5:01:08:58:e2:fa:eb:c1:88:94:6b:66:ca:
7f:aa:ca:5a:66:1f:32:76:79:2f:22:40:e3:39:7d:
1b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9E:98:63:E1:B6:22:0C:17:67:C6:7A:C5:49:17:A8:EE:8C:B1:F7
X509v3 Authority Key Identifier:
keyid:E8:B6:2B:BE:9E:EB:5A:3D:66:E1:CC:22:3A:DE:DC:53:B1:77:C4:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/356YY-G2IgwXZ8Z6xUkXqO6Msfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/6LYrvp7rWj1m4cwiOt7cU7F3xO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.145.0/24
147.236.144.0/22
147.236.156.0/22
212.104.212.0/23
IPv6:
2a13:8140::/46
Signature Algorithm: sha256WithRSAEncryption
ac:0a:0b:9f:14:3d:c8:90:f9:b8:66:d4:15:37:44:ff:7d:be:
8b:b7:b2:99:de:ec:20:e7:a7:e3:b2:b1:b1:33:94:35:79:1c:
8f:d9:0d:bf:6e:e5:03:6a:53:7d:4f:38:df:ec:7b:af:b6:b8:
4c:d5:cd:7f:7f:7b:7a:ad:98:5e:51:70:b0:e1:fd:1f:4e:9a:
fe:55:89:ff:63:f2:1c:c3:36:32:f7:3f:af:4e:0c:5e:28:6a:
37:69:ff:9d:f4:4c:50:69:84:ae:82:b8:a1:e9:14:5d:8c:b7:
dd:e0:c9:72:d5:5c:b1:9e:2b:a9:5a:d6:8a:22:22:72:96:77:
ad:53:1f:eb:6c:de:de:9f:39:8e:b7:f9:6c:2c:94:58:0f:89:
a6:c1:4d:1d:14:36:ca:54:b2:0a:a3:02:f5:7c:72:03:57:94:
14:38:dd:62:c4:40:e9:f0:11:61:fa:86:c8:34:c3:45:46:f8:
8e:8a:c2:c4:d2:cb:84:63:14:98:89:3d:be:97:4d:19:d8:7c:
9c:84:18:3b:f3:cb:a8:2c:c2:b8:8f:4d:45:0b:7d:54:33:81:
22:52:f9:cd:81:82:44:e9:f5:df:ba:82:6d:36:29:8c:43:3c:
83:b3:eb:3d:55:3f:61:1d:8c:a6:b7:45:44:bc:bd:d1:cb:e7:
50:bb:54:6a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZ1h7NsVfrwNp+jRfS6V/DIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjYyYmJlOWVlYjVhM2Q2NmUxY2MyMjNhZGVkYzUzYjE3
N2M0ZWUwHhcNMjYwNDA2MDgzMzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjllOTg2M2UxYjYyMjBjMTc2N2M2N2FjNTQ5MTdhOGVlOGNiMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcDhl2gNy01TH9d9yw4ian1DQqvO
AWPYjnLr9aEpP/JKD3qftCtSsVIwSmd54rrsoiTUTNEw3Fb16MELSrB8NbXcWewO
+w6JM+LCklLLSZJLyWByllSMqKy+LzyU9IjrALBb5eZZFyICiVt7QFaTj4rGjss4
1Nu7OiLnrM05dGIu3I93y8px9dqeZAu91QElVH8WI4z1V3BkoSHMOeFIoql8a1eu
3r1aSZrdaxgrSjBc3BkUBlMMhCyE/ompACUlLcc3lIcMc58CylXnWLjFXcbOzgM+
JZPf3NIzQ+BQaD4Nv8UBCFji+uvBiJRrZsp/qspaZh8ydnkvIkDjOX0b8QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFN+emGPhtiIMF2fGesVJF6jujLH3MB8GA1UdIwQY
MBaAFOi2K76e61o9ZuHMIjre3FOxd8TuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxZcnZwN3JXajFtNGN3aU90N2NVN0YzeE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYTBiYTktZjRmZS00OWJjLWEzNjgt
YjNjYmI1YWQyYWQwLzEvMzU2WVktRzJJZ3dYWjhaNnhVa1hxTzZNc2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYTBiYTktZjRmZS00OWJjLWEzNjgtYjNjYmI1YWQyYWQw
LzEvNkxZcnZwN3JXajFtNGN3aU90N2NVN0YzeE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAW9ORAwQC
k+yQAwQCk+ycAwQB1GjUMA8EAgACMAkDBwIqE4FAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAKwKC58UPciQ+bhm1BU3RP99vou3spne7CDnp+OysbEzlDV5HI/ZDb9u5QNq
U31PON/se6+2uEzVzX9/e3qtmF5RcLDh/R9Omv5Vif9j8hzDNjL3P69ODF4oajdp
/530TFBphK6CuKHpFF2Mt93gyXLVXLGeK6la1ooiInKWd61TH+ts3t6fOY63+Wws
lFgPiabBTR0UNspUsgqjAvV8cgNXlBQ43WLEQOnwEWH6hsg0w0VG+I6KwsTSy4Rj
FJiJPb6XTRnYfJyEGDvzy6gswriPTUULfVQzgSJS+c2BgkTp9d+6gm02KYxDPIOz
6z1VP2EdjKa3RUS8vdHL51C7VGo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:55:43 2026 by rpki-client