Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bS8x6aHgeok_tszg9qFYr78UTOw.roa
File: bS8x6aHgeok_tszg9qFYr78UTOw.roa (raw, json)
Hash identifier: tq/45ej/aWlrBRYZpIIKRKrlet11blQAIAdvN5X01k8=
Subject key identifier: 6D:2F:31:E9:A1:E0:7A:89:3F:B6:CC:E0:F6:A1:58:AF:BF:14:4C:EC
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019EBCC1669F06DECB9704AFD1433450A2A9
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bS8x6aHgeok_tszg9qFYr78UTOw.roa
Signing time: Fri 12 Jun 2026 16:54:11 +0000
ROA not before: Fri 12 Jun 2026 16:54:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 154132
IP address blocks: 189.12.56.0/24 maxlen: 24
189.75.184.0/24 maxlen: 24
191.217.168.0/24 maxlen: 24
191.219.17.0/24 maxlen: 24
191.222.241.0/24 maxlen: 24
200.102.184.0/24 maxlen: 24
200.165.31.0/24 maxlen: 24
200.181.88.0/24 maxlen: 24
201.11.232.0/24 maxlen: 24
201.14.216.0/24 maxlen: 24
201.24.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:17:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bc:c1:66:9f:06:de:cb:97:04:af:d1:43:34:50:a2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 12 16:54:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6d2f31e9a1e07a893fb6cce0f6a158afbf144cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3d:1d:bc:5f:de:d0:47:ad:6c:9a:3c:c8:cd:
9d:29:1a:10:55:f1:92:ed:3f:a9:e4:bb:88:2e:5f:
67:12:4e:b9:a9:8a:51:9d:fe:92:c0:fb:30:48:c9:
94:66:8f:17:4f:60:0d:44:e1:b8:77:45:47:29:5e:
2b:e5:2e:33:ad:f3:c5:0d:0d:54:8a:48:3d:20:e1:
64:92:55:03:39:d4:c3:33:c9:00:3a:f5:a2:cd:85:
cb:58:68:ec:4b:96:cd:7e:7c:dc:0e:dc:22:10:27:
80:48:56:21:17:81:b3:c0:55:c9:3f:45:1e:a8:b3:
c7:c8:42:8a:04:fd:37:6c:02:52:2b:5c:5f:90:78:
75:c3:0b:f9:79:c5:68:ad:8f:0d:0f:71:a8:7e:79:
dd:60:bf:50:62:b3:2d:2d:ca:1f:9c:1d:7b:0e:35:
e3:e3:20:6b:59:48:af:c1:71:91:e0:6f:0e:22:84:
80:56:d7:7d:06:c4:42:e5:82:63:10:13:5e:d2:48:
ef:d2:5a:5c:12:62:b7:4a:9a:65:06:cf:8e:53:78:
46:67:e0:01:48:58:11:b3:55:21:bc:4a:98:9f:5f:
90:22:7c:bf:46:e9:55:5a:d5:da:4a:12:38:3a:60:
f2:24:a5:90:29:31:c3:71:fc:5c:28:86:95:f3:b5:
31:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:2F:31:E9:A1:E0:7A:89:3F:B6:CC:E0:F6:A1:58:AF:BF:14:4C:EC
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bS8x6aHgeok_tszg9qFYr78UTOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
189.12.56.0/24
189.75.184.0/24
191.217.168.0/24
191.219.17.0/24
191.222.241.0/24
200.102.184.0/24
200.165.31.0/24
200.181.88.0/24
201.11.232.0/24
201.14.216.0/24
201.24.194.0/24
Signature Algorithm: sha256WithRSAEncryption
79:7b:45:06:f2:82:0e:b6:5c:56:5d:16:fb:c2:5b:17:bd:33:
23:57:96:3b:fd:aa:3f:c3:04:65:4e:be:d3:04:60:c0:73:d5:
ca:6e:48:27:60:d3:27:d9:7b:b4:7d:88:9f:fd:65:c7:4c:b5:
b7:72:57:23:11:3a:0b:74:c2:ed:95:06:c1:ef:90:01:32:5a:
0a:a4:6d:17:3a:2e:e9:b4:e9:e5:e1:c1:0e:3a:8c:91:80:41:
fe:46:47:53:1a:4c:8a:6e:f7:35:09:f2:89:56:f3:e5:f9:1c:
c2:1c:b4:fa:4c:6f:74:4c:aa:5a:5c:17:55:52:73:ce:87:e1:
c3:d2:7b:03:ee:41:de:da:9e:ed:6b:f4:17:d4:9c:01:06:53:
01:bd:05:b1:1b:6e:78:dd:7a:b9:b9:33:f2:87:8e:65:ea:17:
24:0f:74:74:c1:5e:ad:84:b3:c5:e8:66:bb:e2:55:25:f6:0a:
39:05:b1:94:75:dd:d6:9b:9c:50:a1:7a:d3:a9:6c:c3:cd:87:
39:74:86:06:78:47:26:83:25:20:25:33:e1:a7:b3:f7:e2:1e:
4e:02:80:05:59:12:22:34:92:ef:86:82:42:15:28:e5:90:cc:
89:e7:f6:60:17:42:46:c9:06:b4:10:42:21:30:4d:0b:e9:e4:
d3:7e:11:37
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ68wWafBt7LlwSv0UM0UKKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNjEyMTY1NDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJmMzFlOWExZTA3YTg5M2ZiNmNjZTBmNmExNThhZmJmMTQ0Y2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7T0dvF/e0EetbJo8yM2dKRoQVfGS
7T+p5LuILl9nEk65qYpRnf6SwPswSMmUZo8XT2ANROG4d0VHKV4r5S4zrfPFDQ1U
ikg9IOFkklUDOdTDM8kAOvWizYXLWGjsS5bNfnzcDtwiECeASFYhF4GzwFXJP0Ue
qLPHyEKKBP03bAJSK1xfkHh1wwv5ecVorY8ND3GofnndYL9QYrMtLcofnB17DjXj
4yBrWUivwXGR4G8OIoSAVtd9BsRC5YJjEBNe0kjv0lpcEmK3SpplBs+OU3hGZ+AB
SFgRs1UhvEqYn1+QIny/RulVWtXaShI4OmDyJKWQKTHDcfxcKIaV87UxUQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFG0vMemh4HqJP7bM4PahWK+/FEzsMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvYlM4eDZhSGdlb2tfdHN6ZzlxRllyNzhVVE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAvQw4AwQA
vUu4AwQAv9moAwQAv9sRAwQAv97xAwQAyGa4AwQAyKUfAwQAyLVYAwQAyQvoAwQA
yQ7YAwQAyRjCMA0GCSqGSIb3DQEBCwUAA4IBAQB5e0UG8oIOtlxWXRb7wlsXvTMj
V5Y7/ao/wwRlTr7TBGDAc9XKbkgnYNMn2Xu0fYif/WXHTLW3clcjEToLdMLtlQbB
75ABMloKpG0XOi7ptOnl4cEOOoyRgEH+RkdTGkyKbvc1CfKJVvPl+RzCHLT6TG90
TKpaXBdVUnPOh+HD0nsD7kHe2p7ta/QX1JwBBlMBvQWxG2543Xq5uTPyh45l6hck
D3R0wV6thLPF6Ga74lUl9go5BbGUdd3Wm5xQoXrTqWzDzYc5dIYGeEcmgyUgJTPh
p7P34h5OAoAFWRIiNJLvhoJCFSjlkMyJ5/ZgF0JGyQa0EEIhME0L6eTTfhE3
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:45:19 2026 by rpki-client