Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bJH450OnObhgXWn3Y3WGEBbiPH0.roa
File: bJH450OnObhgXWn3Y3WGEBbiPH0.roa (raw, json)
Hash identifier: s7n+fWRiwO19kEhPzfMWzFZsaYn6bQsgKgv7upaUH+s=
Subject key identifier: 6C:91:F8:E7:43:A7:39:B8:60:5D:69:F7:63:75:86:10:16:E2:3C:7D
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019EAE9B935F5A8D160C09A05E37151F3868
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bJH450OnObhgXWn3Y3WGEBbiPH0.roa
Signing time: Tue 09 Jun 2026 22:58:11 +0000
ROA not before: Tue 09 Jun 2026 22:58:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47007
IP address blocks: 185.195.212.0/22 maxlen: 24
185.195.220.0/22 maxlen: 24
185.196.188.0/22 maxlen: 24
185.199.116.0/22 maxlen: 24
194.93.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:17:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ae:9b:93:5f:5a:8d:16:0c:09:a0:5e:37:15:1f:38:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 9 22:58:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6c91f8e743a739b8605d69f76375861016e23c7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ef:ba:bf:ac:89:d4:24:2c:db:29:26:2d:fa:
26:00:61:ca:49:c2:fe:f0:ac:9e:f7:cb:d0:73:8a:
79:b2:da:2d:6c:6d:62:53:ba:9a:e5:c1:e4:a6:ac:
95:f3:be:5b:c8:29:05:a5:cf:8d:07:48:52:ce:62:
87:f4:ce:09:8d:1d:6b:1b:6a:89:5c:7d:1b:30:80:
3d:88:a9:13:87:57:79:a9:bc:a7:b8:06:c3:a3:92:
35:d1:8f:66:70:c3:f4:d2:c2:5c:f2:48:70:0a:eb:
96:c3:54:dd:1c:5e:0f:f2:4d:7c:7b:a7:0e:05:dd:
d8:99:3e:86:32:0a:63:98:f9:e9:93:81:a7:3b:96:
92:e6:be:68:65:38:df:e9:e6:10:35:4a:4a:1c:7e:
76:98:8a:91:ba:ee:e7:bd:37:cc:6e:0d:cc:be:03:
ed:4e:4e:3b:73:56:83:1e:46:5b:94:6c:3c:77:10:
34:97:ba:f4:2c:48:55:3a:f6:52:1b:2b:31:55:ea:
87:2a:c8:4a:c0:4b:54:ce:7d:1e:b3:c7:c6:e5:31:
d4:a0:73:14:f5:44:5f:ab:8a:82:a7:d8:44:58:51:
a5:c6:6d:af:09:66:85:a4:fc:f2:09:83:88:88:74:
0c:64:bd:34:da:cc:14:65:e1:67:ac:91:a2:81:84:
e7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:91:F8:E7:43:A7:39:B8:60:5D:69:F7:63:75:86:10:16:E2:3C:7D
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bJH450OnObhgXWn3Y3WGEBbiPH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.93.4.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:24:69:97:c6:87:bc:33:f6:db:96:8b:28:17:65:8a:23:36:
63:89:46:c8:17:6c:9b:14:6f:eb:eb:0a:d2:4d:44:a8:d1:58:
75:b2:19:6b:db:f2:e6:f3:68:f9:0b:4a:b4:18:a5:6f:56:01:
77:b6:55:3b:40:81:02:27:4e:c4:21:a1:b7:95:07:74:ac:7d:
4b:ef:2b:a8:bf:d5:85:94:e9:0a:09:df:e6:28:ef:84:7e:aa:
14:78:52:9e:20:68:83:19:27:45:62:5b:1f:ed:41:80:b6:1e:
4f:f5:a5:d1:f7:c5:1f:18:4b:22:6c:0a:95:ba:d1:1f:46:29:
8c:87:72:3b:4b:7d:e3:11:80:96:fc:2d:16:17:80:0a:d9:d3:
8d:c9:30:4f:5c:c9:b6:e5:76:08:4f:37:0d:01:ec:46:61:73:
d6:e2:02:9b:fc:01:ec:fa:82:6c:c0:a7:e2:ba:2b:12:91:ae:
d5:50:2d:a3:26:de:3c:35:3f:d4:6c:f9:72:c3:41:b2:31:80:
e0:2c:16:0b:bf:07:a4:14:58:db:92:19:ef:84:78:1f:f4:29:
6c:5b:69:d0:eb:35:59:ca:46:f0:91:5f:ad:8a:f8:5f:3d:35:
2b:50:5f:35:d0:92:20:d7:e8:ec:b7:8d:d7:f5:7b:f7:9f:80:
2c:ec:c8:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6um5NfWo0WDAmgXjcVHzhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNjA5MjI1ODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzkxZjhlNzQzYTczOWI4NjA1ZDY5Zjc2Mzc1ODYxMDE2ZTIzYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO+6v6yJ1CQs2ykmLfomAGHKScL+
8Kye98vQc4p5stotbG1iU7qa5cHkpqyV875byCkFpc+NB0hSzmKH9M4JjR1rG2qJ
XH0bMIA9iKkTh1d5qbynuAbDo5I10Y9mcMP00sJc8khwCuuWw1TdHF4P8k18e6cO
Bd3YmT6GMgpjmPnpk4GnO5aS5r5oZTjf6eYQNUpKHH52mIqRuu7nvTfMbg3MvgPt
Tk47c1aDHkZblGw8dxA0l7r0LEhVOvZSGysxVeqHKshKwEtUzn0es8fG5THUoHMU
9URfq4qCp9hEWFGlxm2vCWaFpPzyCYOIiHQMZL002swUZeFnrJGigYTngwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGyR+OdDpzm4YF1p92N1hhAW4jx9MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvYkpINDUwT25PYmhnWFduM1kzV0dFQmJpUEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCucPUAwQC
ucPcAwQCucS8AwQCucd0AwQBwl0EMA0GCSqGSIb3DQEBCwUAA4IBAQCsJGmXxoe8
M/bblosoF2WKIzZjiUbIF2ybFG/r6wrSTUSo0Vh1shlr2/Lm82j5C0q0GKVvVgF3
tlU7QIECJ07EIaG3lQd0rH1L7yuov9WFlOkKCd/mKO+EfqoUeFKeIGiDGSdFYlsf
7UGAth5P9aXR98UfGEsibAqVutEfRimMh3I7S33jEYCW/C0WF4AK2dONyTBPXMm2
5XYITzcNAexGYXPW4gKb/AHs+oJswKfiuisSka7VUC2jJt48NT/UbPlyw0GyMYDg
LBYLvwekFFjbkhnvhHgf9ClsW2nQ6zVZykbwkV+tivhfPTUrUF810JIg1+jst43X
9Xv3n4As7Mhe
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:40:43 2026 by rpki-client