Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/73w728JM_x1QPkRho6ayS2pn7ic.roa
File: 73w728JM_x1QPkRho6ayS2pn7ic.roa (raw, json)
Hash identifier: /cQ+q3vkd3K1yk9hMAXyz6j6vHwTaha1iWwZt1dE1ss=
Subject key identifier: EF:7C:3B:DB:C2:4C:FF:1D:50:3E:44:61:A3:A6:B2:4B:6A:67:EE:27
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019EB6AFC0317882BF0E7B9D6DE9E633EE85
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/73w728JM_x1QPkRho6ayS2pn7ic.roa
Signing time: Thu 11 Jun 2026 12:37:11 +0000
ROA not before: Thu 11 Jun 2026 12:37:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 134488
IP address blocks: 189.12.48.0/24 maxlen: 24
189.73.18.0/24 maxlen: 24
189.75.185.0/24 maxlen: 24
191.219.18.0/24 maxlen: 24
191.222.242.0/24 maxlen: 24
191.222.244.0/24 maxlen: 24
200.102.183.0/24 maxlen: 24
201.11.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:17:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b6:af:c0:31:78:82:bf:0e:7b:9d:6d:e9:e6:33:ee:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 11 12:37:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ef7c3bdbc24cff1d503e4461a3a6b24b6a67ee27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c0:42:be:98:fa:bf:68:c8:1f:aa:e5:93:5c:
2b:e8:6c:ce:51:8e:d5:01:ce:74:a0:05:d6:41:2b:
80:f6:e6:5d:09:d3:68:28:00:16:be:a5:a7:67:82:
c0:59:62:25:59:0d:0a:09:08:70:13:a8:75:0c:a4:
fc:fe:27:26:bb:a9:5b:01:b0:c3:d3:b4:b5:d9:ab:
7e:2b:79:f4:f0:ee:61:92:66:e2:d3:e9:ab:a6:c1:
3e:58:2c:dd:cf:a1:d0:a2:c8:d6:30:f7:25:8a:6c:
71:b2:13:cd:4e:8f:21:65:25:29:99:23:3e:d9:a8:
f0:91:c7:45:c1:26:b5:d1:14:3a:9f:02:dd:56:1c:
ca:02:4a:75:9f:d8:40:40:38:72:08:c3:ad:eb:70:
75:e7:65:b1:35:df:bf:36:6a:14:7f:8b:8c:28:06:
56:74:f7:78:31:fd:9b:a1:37:a9:d3:88:7f:3f:83:
31:09:39:df:96:cc:b5:b7:70:fa:01:47:28:b2:cf:
2d:4c:bc:e3:b7:3a:15:ad:08:43:b3:70:92:dd:ba:
9b:af:50:c4:fe:05:5a:e2:9e:b3:a9:be:64:a5:8f:
15:18:41:85:e4:ab:1e:1f:16:39:2a:23:83:f5:eb:
5e:22:81:a3:0c:93:9b:a4:fe:f5:d8:bf:4d:9d:69:
97:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:7C:3B:DB:C2:4C:FF:1D:50:3E:44:61:A3:A6:B2:4B:6A:67:EE:27
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/73w728JM_x1QPkRho6ayS2pn7ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
189.12.48.0/24
189.73.18.0/24
189.75.185.0/24
191.219.18.0/24
191.222.242.0/24
191.222.244.0/24
200.102.183.0/24
201.11.233.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:e7:4a:5c:9a:13:42:0a:b8:74:a1:aa:54:b7:e2:65:5d:de:
40:92:ea:e4:bf:52:b5:07:3b:0f:33:4a:7c:05:f6:b6:33:8d:
c0:d7:96:33:53:64:41:74:09:0a:34:97:fa:e9:e9:8a:c7:0a:
16:93:48:71:97:c4:22:3c:8c:3f:0a:57:40:26:8a:08:ca:12:
13:e2:ad:e1:b7:0d:03:15:39:db:f1:f6:a2:e5:3e:a7:7b:5b:
94:dd:77:55:78:c3:69:b3:06:f6:dc:13:08:2b:8c:a7:84:90:
05:3b:fb:cb:39:f0:aa:b4:5c:0c:0c:5c:bd:58:7e:27:a9:d4:
22:bf:ed:3d:43:83:69:4b:32:b8:0e:91:3c:77:3e:c0:70:fe:
33:4e:50:5d:3c:cc:9e:6e:76:bf:9a:53:17:50:aa:e9:a6:41:
26:a4:f0:5b:f4:d1:91:56:ae:f2:54:1d:e0:de:20:51:1a:03:
db:de:ec:3d:6a:da:51:07:4d:7f:24:9d:3a:ad:3f:e0:bb:8a:
90:e9:d7:67:c3:55:5c:f6:02:64:d0:28:f7:c5:75:c3:19:b7:
16:27:07:36:42:d9:18:97:c4:35:b2:20:bf:77:d2:64:aa:62:
b1:fe:0c:21:35:27:97:70:9c:f0:6d:4d:3b:ea:25:48:95:05:
e1:61:6c:3c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ62r8AxeIK/DnudbenmM+6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNjExMTIzNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjdjM2JkYmMyNGNmZjFkNTAzZTQ0NjFhM2E2YjI0YjZhNjdlZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38BCvpj6v2jIH6rlk1wr6GzOUY7V
Ac50oAXWQSuA9uZdCdNoKAAWvqWnZ4LAWWIlWQ0KCQhwE6h1DKT8/icmu6lbAbDD
07S12at+K3n08O5hkmbi0+mrpsE+WCzdz6HQosjWMPclimxxshPNTo8hZSUpmSM+
2ajwkcdFwSa10RQ6nwLdVhzKAkp1n9hAQDhyCMOt63B152WxNd+/NmoUf4uMKAZW
dPd4Mf2boTep04h/P4MxCTnflsy1t3D6AUcoss8tTLzjtzoVrQhDs3CS3bqbr1DE
/gVa4p6zqb5kpY8VGEGF5KseHxY5KiOD9eteIoGjDJObpP712L9NnWmXDQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFO98O9vCTP8dUD5EYaOmsktqZ+4nMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvNzN3NzI4Sk1feDFRUGtSaG82YXlTMnBuN2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAvQwwAwQA
vUkSAwQAvUu5AwQAv9sSAwQAv97yAwQAv970AwQAyGa3AwQAyQvpMA0GCSqGSIb3
DQEBCwUAA4IBAQC850pcmhNCCrh0oapUt+JlXd5Akurkv1K1BzsPM0p8Bfa2M43A
15YzU2RBdAkKNJf66emKxwoWk0hxl8QiPIw/CldAJooIyhIT4q3htw0DFTnb8fai
5T6ne1uU3XdVeMNpswb23BMIK4ynhJAFO/vLOfCqtFwMDFy9WH4nqdQiv+09Q4Np
SzK4DpE8dz7AcP4zTlBdPMyebna/mlMXUKrppkEmpPBb9NGRVq7yVB3g3iBRGgPb
3uw9atpRB01/JJ06rT/gu4qQ6ddnw1Vc9gJk0Cj3xXXDGbcWJwc2QtkYl8Q1siC/
d9JkqmKx/gwhNSeXcJzwbU076iVIlQXhYWw8
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:36:13 2026 by rpki-client