Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/4h2CKrEG0zBXhUvh0QRtju6nDO8.roa
File: 4h2CKrEG0zBXhUvh0QRtju6nDO8.roa (raw, json)
Hash identifier: 7r8KAs2j6Yww58kBTUpyYdSq5ad0gOR+q03EcWoTYfs=
Subject key identifier: E2:1D:82:2A:B1:06:D3:30:57:85:4B:E1:D1:04:6D:8E:EE:A7:0C:EF
Certificate issuer: /CN=ec5ada0dc900a13c83b70ac3f587fb8c2e1df030
Certificate serial: 019C8F538D34F59AA74338A3EFEDF471E57C
Authority key identifier: EC:5A:DA:0D:C9:00:A1:3C:83:B7:0A:C3:F5:87:FB:8C:2E:1D:F0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7FraDckAoTyDtwrD9Yf7jC4d8DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/4h2CKrEG0zBXhUvh0QRtju6nDO8.roa
Signing time: Tue 24 Feb 2026 11:05:43 +0000
ROA not before: Tue 24 Feb 2026 11:05:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51580
IP address blocks: 31.193.16.0/20 maxlen: 24
46.17.152.0/21 maxlen: 24
80.66.208.0/20 maxlen: 24
81.173.100.0/22 maxlen: 24
89.105.76.0/22 maxlen: 24
89.105.76.0/23 maxlen: 23
89.105.78.0/23 maxlen: 23
109.238.16.0/20 maxlen: 24
141.105.152.0/21 maxlen: 24
145.14.160.0/19 maxlen: 24
178.218.148.0/22 maxlen: 24
178.250.64.0/21 maxlen: 24
185.5.180.0/22 maxlen: 24
185.55.88.0/22 maxlen: 24
185.121.148.0/22 maxlen: 24
185.139.28.0/22 maxlen: 24
185.180.180.0/23 maxlen: 24
194.110.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/7FraDckAoTyDtwrD9Yf7jC4d8DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/7FraDckAoTyDtwrD9Yf7jC4d8DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7FraDckAoTyDtwrD9Yf7jC4d8DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:53:8d:34:f5:9a:a7:43:38:a3:ef:ed:f4:71:e5:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec5ada0dc900a13c83b70ac3f587fb8c2e1df030
Validity
Not Before: Feb 24 11:05:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e21d822ab106d33057854be1d1046d8eeea70cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c6:83:d6:02:2f:d7:19:bb:5d:ed:c5:31:5e:
fc:58:b2:aa:e2:cc:75:ee:d9:49:69:6c:fa:e9:03:
60:70:33:94:45:82:d6:41:62:01:eb:96:6a:b6:58:
e7:6d:1c:33:e2:51:77:f8:b5:c1:1e:5e:b6:3d:6e:
5a:1c:75:e3:ec:f9:8c:49:22:34:46:c4:50:d7:5d:
8e:e6:8b:d7:3b:39:db:31:08:0d:dc:f8:18:ed:ea:
54:85:ab:e9:0c:46:a9:1f:5c:b7:54:19:ea:2f:8f:
fc:b8:e0:4f:2c:da:9e:ab:de:f0:12:8f:86:86:ee:
a2:01:d3:4d:9c:1d:2b:f1:8e:d8:b2:92:a8:c3:ce:
a7:ac:18:d7:a2:6e:dd:ea:69:8d:9d:f3:ca:bd:cf:
98:06:f1:60:24:1f:21:72:d1:8c:a6:7a:76:a9:5b:
f3:e8:b2:02:50:2a:94:ab:4a:c0:3b:06:ea:69:cb:
94:00:e5:91:bc:a5:9a:43:a4:6e:e5:4d:9f:00:c4:
40:2f:1d:ba:87:5e:50:8d:20:d7:d0:b3:1d:e0:66:
ba:30:ee:fc:1b:45:19:c1:cd:c4:eb:b1:dc:72:30:
ae:d5:15:d4:4b:aa:38:fb:11:d1:f0:24:ad:27:91:
56:19:03:3d:23:21:c8:b0:cd:e8:7e:1a:0c:49:ec:
10:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1D:82:2A:B1:06:D3:30:57:85:4B:E1:D1:04:6D:8E:EE:A7:0C:EF
X509v3 Authority Key Identifier:
keyid:EC:5A:DA:0D:C9:00:A1:3C:83:B7:0A:C3:F5:87:FB:8C:2E:1D:F0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7FraDckAoTyDtwrD9Yf7jC4d8DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/4h2CKrEG0zBXhUvh0QRtju6nDO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/7FraDckAoTyDtwrD9Yf7jC4d8DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.16.0/20
46.17.152.0/21
80.66.208.0/20
81.173.100.0/22
89.105.76.0/22
109.238.16.0/20
141.105.152.0/21
145.14.160.0/19
178.218.148.0/22
178.250.64.0/21
185.5.180.0/22
185.55.88.0/22
185.121.148.0/22
185.139.28.0/22
185.180.180.0/23
194.110.56.0/22
Signature Algorithm: sha256WithRSAEncryption
77:9e:3a:0c:ae:c9:a0:78:cf:d3:47:66:ce:84:65:0c:4d:6a:
e7:3c:f6:dd:00:39:b8:de:ca:c1:38:8a:e5:e3:20:1a:07:47:
d2:f1:1a:63:58:05:e5:78:fd:bb:6e:15:de:51:0c:48:8a:5f:
34:4b:20:21:95:ef:27:05:80:f4:c5:ed:51:77:2e:50:39:43:
bf:0c:12:4c:e9:2d:7e:f6:99:c8:95:ae:6c:aa:0e:d7:e4:61:
e3:6d:f7:d0:e3:68:84:07:03:8b:67:50:88:ec:0e:04:c8:ce:
30:1c:82:94:06:25:cc:c1:b9:40:b2:0a:39:af:ac:2e:9f:9b:
5a:fc:85:f6:02:28:8a:0f:9c:82:8f:c1:b3:47:bf:fe:f8:fc:
d3:b6:f0:ef:42:3b:db:17:b1:e3:3d:82:7d:73:ee:0d:42:bf:
ae:ef:23:7d:9d:aa:18:78:73:34:aa:58:f5:fd:4a:7f:d9:88:
4f:27:b9:60:c7:95:96:94:69:71:ba:e3:ff:5e:8f:e9:e8:43:
e2:66:4c:64:e9:91:09:4e:d2:ac:8c:3a:f5:88:cd:38:ae:cd:
f1:24:f0:65:9c:29:c6:af:09:95:4d:5e:13:b5:3b:92:12:fa:
1d:19:f9:87:0f:8a:ce:c4:25:93:6f:f6:6f:f9:1b:04:89:e6:
84:85:81:cc
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZyPU4009ZqnQzij7+30ceV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNWFkYTBkYzkwMGExM2M4M2I3MGFjM2Y1ODdmYjhjMmUx
ZGYwMzAwHhcNMjYwMjI0MTEwNTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFkODIyYWIxMDZkMzMwNTc4NTRiZTFkMTA0NmQ4ZWVlYTcwY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucaD1gIv1xm7Xe3FMV78WLKq4sx1
7tlJaWz66QNgcDOURYLWQWIB65ZqtljnbRwz4lF3+LXBHl62PW5aHHXj7PmMSSI0
RsRQ112O5ovXOznbMQgN3PgY7epUhavpDEapH1y3VBnqL4/8uOBPLNqeq97wEo+G
hu6iAdNNnB0r8Y7YspKow86nrBjXom7d6mmNnfPKvc+YBvFgJB8hctGMpnp2qVvz
6LICUCqUq0rAOwbqacuUAOWRvKWaQ6Ru5U2fAMRALx26h15QjSDX0LMd4Ga6MO78
G0UZwc3E67HccjCu1RXUS6o4+xHR8CStJ5FWGQM9IyHIsM3ofhoMSewQzwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFOIdgiqxBtMwV4VL4dEEbY7upwzvMB8GA1UdIwQY
MBaAFOxa2g3JAKE8g7cKw/WH+4wuHfAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZyYURja0FvVHlEdHdyRDlZZjdqQzRkOERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jYTczNGItNWEwYi00YTAzLTgxMzEt
Y2ZlZmVhZWU4NjVlLzEvNGgyQ0tyRUcwekJYaFV2aDBRUnRqdTZuRE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jYTczNGItNWEwYi00YTAzLTgxMzEtY2ZlZmVhZWU4NjVl
LzEvN0ZyYURja0FvVHlEdHdyRDlZZjdqQzRkOERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQEH8EQAwQD
LhGYAwQEUELQAwQCUa1kAwQCWWlMAwQEbe4QAwQDjWmYAwQFkQ6gAwQCstqUAwQD
svpAAwQCuQW0AwQCuTdYAwQCuXmUAwQCuYscAwQBubS0AwQCwm44MA0GCSqGSIb3
DQEBCwUAA4IBAQB3njoMrsmgeM/TR2bOhGUMTWrnPPbdADm43srBOIrl4yAaB0fS
8RpjWAXleP27bhXeUQxIil80SyAhle8nBYD0xe1Rdy5QOUO/DBJM6S1+9pnIla5s
qg7X5GHjbffQ42iEBwOLZ1CI7A4EyM4wHIKUBiXMwblAsgo5r6wun5ta/IX2AiiK
D5yCj8GzR7/++PzTtvDvQjvbF7HjPYJ9c+4NQr+u7yN9naoYeHM0qlj1/Up/2YhP
J7lgx5WWlGlxuuP/Xo/p6EPiZkxk6ZEJTtKsjDr1iM04rs3xJPBlnCnGrwmVTV4T
tTuSEvodGfmHD4rOxCWTb/Zv+RsEieaEhYHM
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:04:58 2026 by rpki-client