Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/y2bpJoeWEE3ranh4SrRh4diluJc.roa
File: y2bpJoeWEE3ranh4SrRh4diluJc.roa (raw, json)
Hash identifier: xg6FnQe2uH4NQJEcPUgFDYJG30pmaEKoG4A8gCwkHJE=
Subject key identifier: CB:66:E9:26:87:96:10:4D:EB:6A:78:78:4A:B4:61:E1:D8:A5:B8:97
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019EB2A7F3C160FD0A94177BFA0E5DF129E0
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/y2bpJoeWEE3ranh4SrRh4diluJc.roa
Signing time: Wed 10 Jun 2026 17:50:11 +0000
ROA not before: Wed 10 Jun 2026 17:50:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 74.112.152.0/22 maxlen: 24
94.229.212.0/24 maxlen: 24
201.14.221.0/24 maxlen: 24
205.237.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b2:a7:f3:c1:60:fd:0a:94:17:7b:fa:0e:5d:f1:29:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 10 17:50:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cb66e9268796104deb6a78784ab461e1d8a5b897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:16:cf:e3:31:8a:3d:01:aa:38:f5:10:a8:ee:
ee:4c:4b:0d:d4:e1:1e:da:99:ce:6b:52:a8:b9:8b:
2a:30:ad:8a:2b:a8:d4:b9:dd:53:6f:a1:2f:51:10:
24:8e:2a:87:a4:5d:95:71:ff:bb:15:b9:1c:32:9f:
46:d7:ec:60:95:de:e0:65:56:61:4e:21:65:5a:9f:
55:f6:0c:28:ae:20:b2:2c:43:3c:d6:2c:35:25:e7:
61:dd:c5:07:2d:33:d6:98:97:52:9e:9a:e6:9c:a4:
e6:7d:5d:a4:78:73:f2:84:17:b8:ec:72:f5:b5:91:
5e:ff:0a:8f:c1:84:29:5c:ec:bd:7b:6f:50:0c:a1:
57:22:d2:3e:cb:57:93:87:eb:42:05:fd:ee:16:c0:
13:20:f1:3e:c5:4b:e8:86:7c:3d:bc:69:20:54:ae:
0f:33:df:5e:e0:ea:9c:34:45:1d:92:b8:3f:43:57:
cd:dd:70:42:b0:e8:37:97:15:eb:7f:24:37:ec:c9:
2b:ab:ee:9d:ea:40:b3:a0:0a:cd:09:d2:b7:86:f4:
c2:9e:93:e9:ed:f0:b9:ca:8e:47:61:51:a4:27:a7:
45:8e:dd:2b:1d:e4:4d:2b:4a:76:a3:f7:c1:25:48:
a7:7e:a1:72:73:8b:0e:46:94:cc:2a:34:13:6f:b8:
7b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:66:E9:26:87:96:10:4D:EB:6A:78:78:4A:B4:61:E1:D8:A5:B8:97
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/y2bpJoeWEE3ranh4SrRh4diluJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.112.152.0/22
94.229.212.0/24
201.14.221.0/24
205.237.88.0/22
Signature Algorithm: sha256WithRSAEncryption
30:aa:08:ec:8a:d8:88:50:90:6d:8b:95:3b:25:b7:be:4c:c0:
5e:e0:05:df:cc:67:a5:f1:d9:9f:e1:c9:2d:fe:62:4d:1f:68:
e7:75:e8:bc:fd:ce:3b:77:87:41:79:a8:ae:10:85:a0:70:10:
e7:ed:91:0a:11:59:7b:f2:e0:2e:c0:a8:40:f7:3c:8c:d8:26:
59:5f:92:cd:c5:94:7f:31:f2:33:82:c1:70:ec:b3:69:aa:7a:
ec:7d:0b:ad:b0:01:a1:70:b2:ee:41:7e:59:3b:98:1e:dd:4f:
a4:b2:22:7b:b8:f3:14:46:50:1f:78:52:53:57:3d:03:91:fc:
50:38:68:6f:49:82:7a:24:f4:6a:b5:72:ea:bc:0e:0b:ac:87:
99:7c:4d:1b:5e:be:fe:4f:56:3a:86:c7:b0:3b:82:1c:dc:52:
d3:0a:cb:46:54:7b:01:9c:64:b7:5b:c9:a2:f6:dd:01:7b:db:
20:5a:09:88:96:3a:9f:c4:ca:37:8f:56:dd:72:d1:7a:3e:30:
ef:09:da:5b:0e:e4:13:0a:d5:2a:5a:23:aa:c0:7c:c2:2a:ca:
46:92:1b:80:eb:98:ed:1d:1a:d1:a6:e1:e2:f3:b1:97:c0:c1:
b3:70:40:0c:fc:42:6f:23:2c:21:02:57:f6:e6:ee:00:5f:f1:
0b:45:bc:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6yp/PBYP0KlBd7+g5d8SngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNjEwMTc1MDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjY2ZTkyNjg3OTYxMDRkZWI2YTc4Nzg0YWI0NjFlMWQ4YTViODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhbP4zGKPQGqOPUQqO7uTEsN1OEe
2pnOa1KouYsqMK2KK6jUud1Tb6EvURAkjiqHpF2Vcf+7FbkcMp9G1+xgld7gZVZh
TiFlWp9V9gworiCyLEM81iw1Jedh3cUHLTPWmJdSnprmnKTmfV2keHPyhBe47HL1
tZFe/wqPwYQpXOy9e29QDKFXItI+y1eTh+tCBf3uFsATIPE+xUvohnw9vGkgVK4P
M99e4OqcNEUdkrg/Q1fN3XBCsOg3lxXrfyQ37Mkrq+6d6kCzoArNCdK3hvTCnpPp
7fC5yo5HYVGkJ6dFjt0rHeRNK0p2o/fBJUinfqFyc4sORpTMKjQTb7h76wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMtm6SaHlhBN62p4eEq0YeHYpbiXMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEveTJicEpvZVdFRTNyYW5oNFNyUmg0ZGlsdUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCSnCYAwQA
XuXUAwQAyQ7dAwQCze1YMA0GCSqGSIb3DQEBCwUAA4IBAQAwqgjsitiIUJBti5U7
Jbe+TMBe4AXfzGel8dmf4ckt/mJNH2jndei8/c47d4dBeaiuEIWgcBDn7ZEKEVl7
8uAuwKhA9zyM2CZZX5LNxZR/MfIzgsFw7LNpqnrsfQutsAGhcLLuQX5ZO5ge3U+k
siJ7uPMURlAfeFJTVz0DkfxQOGhvSYJ6JPRqtXLqvA4LrIeZfE0bXr7+T1Y6hsew
O4Ic3FLTCstGVHsBnGS3W8mi9t0Be9sgWgmIljqfxMo3j1bdctF6PjDvCdpbDuQT
CtUqWiOqwHzCKspGkhuA65jtHRrRpuHi87GXwMGzcEAM/EJvIywhAlf25u4AX/EL
Rbwx
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:54:52 2026 by rpki-client