Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/EZY7A-eju651goeVkZLLp1VSmig.roa
File: EZY7A-eju651goeVkZLLp1VSmig.roa (raw, json)
Hash identifier: aCnJkcFWyIJao1foOWzQ1b4E1esuGzdYX4+9n2A6cdM=
Subject key identifier: 11:96:3B:03:E7:A3:BB:AE:75:82:87:95:91:92:CB:A7:55:52:9A:28
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 019D53F12564A1D204CCB17E6D12DCA7AC78
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/EZY7A-eju651goeVkZLLp1VSmig.roa
Signing time: Fri 03 Apr 2026 15:23:25 +0000
ROA not before: Fri 03 Apr 2026 15:23:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203466
IP address blocks: 188.208.197.0/24 maxlen: 24
188.214.194.0/24 maxlen: 24
213.134.13.0/24 maxlen: 24
2a06:f940:1::/48 maxlen: 48
2a06:f940:2::/48 maxlen: 48
2a06:f940:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:53:f1:25:64:a1:d2:04:cc:b1:7e:6d:12:dc:a7:ac:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Apr 3 15:23:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=11963b03e7a3bbae758287959192cba755529a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:79:8a:e8:b0:9e:4b:fa:43:c2:57:dc:38:98:
eb:6a:63:20:98:5d:e8:60:95:ac:a9:4c:41:c2:c5:
8a:f4:78:1d:45:1c:79:be:b2:f1:9d:24:70:40:cb:
d2:9e:6f:d5:10:da:ff:07:89:a7:bf:55:67:01:8d:
b9:9a:5c:43:bf:88:69:ae:1d:db:08:aa:cf:b8:0e:
13:57:e2:37:3a:91:25:79:3e:2e:b1:d7:14:dc:b0:
56:85:30:3d:13:84:bc:24:48:f0:2b:e1:5b:64:87:
5c:82:7e:2f:8d:ed:2b:97:5a:61:e4:5d:13:67:55:
46:75:b8:c4:49:97:05:b9:d8:2c:18:b0:6b:ed:69:
c2:ba:77:53:89:f8:60:20:02:93:5f:a1:dc:fd:47:
bc:4e:81:25:5f:40:41:d8:15:d8:70:8e:4a:7b:32:
53:6c:bc:75:2e:7c:10:4f:bf:bf:69:d1:3d:15:88:
1c:7b:dc:eb:c8:59:0f:73:84:41:d0:bf:b7:1d:79:
61:53:e2:e1:4b:7d:53:13:73:2a:b3:b9:ba:aa:46:
9d:7d:df:a1:16:df:79:4b:88:7f:5b:e1:dd:57:75:
98:69:fd:f8:1c:bb:a6:90:32:55:16:2b:b4:b4:17:
49:3f:e2:15:55:1d:05:fb:9e:ea:a8:12:38:2d:b7:
cc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:96:3B:03:E7:A3:BB:AE:75:82:87:95:91:92:CB:A7:55:52:9A:28
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/EZY7A-eju651goeVkZLLp1VSmig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.197.0/24
188.214.194.0/24
213.134.13.0/24
IPv6:
2a06:f940:1::-2a06:f940:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6d:d6:c9:24:14:8f:66:83:b9:15:cf:6c:ef:95:32:03:e4:76:
11:0e:c4:75:ec:0c:b9:9e:cf:a7:59:b2:61:aa:12:f9:ee:f7:
18:7f:b7:81:eb:55:56:81:9d:27:a3:54:ce:94:88:ae:eb:a1:
1c:14:cd:e2:be:29:08:ec:9f:11:72:a6:4b:18:b1:bf:eb:d6:
98:72:32:88:03:19:46:bd:84:29:ee:01:4b:d9:39:fb:53:7b:
8a:37:10:39:bd:9d:96:8c:f3:bc:83:c6:a0:a1:cd:74:17:31:
d1:60:4e:ce:b1:48:46:ae:8b:24:e9:9c:b3:94:19:00:44:45:
5c:84:7e:e2:ce:2c:78:29:fa:64:b4:12:0c:16:a1:40:b8:d8:
ad:6e:35:08:43:a8:00:59:fe:fc:4d:18:e1:b6:11:60:31:c1:
a1:a1:81:fa:50:90:84:55:73:d7:c9:c4:a9:34:72:cd:86:be:
06:ec:b2:58:a3:ae:d0:e6:49:23:9e:d3:fc:32:7f:d2:b1:08:
7d:2a:5e:4e:7e:39:03:62:e3:c1:b8:5c:b4:98:13:f5:61:a9:
06:a9:6a:27:5f:4c:6c:14:61:ba:83:5f:a3:d9:6f:76:90:96:
10:e4:66:6c:f0:09:d0:da:a9:93:8e:60:72:fd:c6:1d:7e:11:
52:10:48:17
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ1T8SVkodIEzLF+bRLcp6x4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjYwNDAzMTUyMzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTk2M2IwM2U3YTNiYmFlNzU4Mjg3OTU5MTkyY2JhNzU1NTI5YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnmK6LCeS/pDwlfcOJjramMgmF3o
YJWsqUxBwsWK9HgdRRx5vrLxnSRwQMvSnm/VENr/B4mnv1VnAY25mlxDv4hprh3b
CKrPuA4TV+I3OpEleT4usdcU3LBWhTA9E4S8JEjwK+FbZIdcgn4vje0rl1ph5F0T
Z1VGdbjESZcFudgsGLBr7WnCundTifhgIAKTX6Hc/Ue8ToElX0BB2BXYcI5KezJT
bLx1LnwQT7+/adE9FYgce9zryFkPc4RB0L+3HXlhU+LhS31TE3Mqs7m6qkadfd+h
Ft95S4h/W+HdV3WYaf34HLumkDJVFiu0tBdJP+IVVR0F+57qqBI4LbfMgQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBGWOwPno7uudYKHlZGSy6dVUpooMB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xL0VaWTdBLWVqdTY1MWdvZVZrWkxMcDFWU21pZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRwYIKwYBBQUHAQcBAf8EODA2MBgEAgABMBIDBAC80MUD
BAC81sIDBADVhg0wGgQCAAIwFDASAwcAKgb5QAABAwcCKgb5QAAAMA0GCSqGSIb3
DQEBCwUAA4IBAQBt1skkFI9mg7kVz2zvlTID5HYRDsR17Ay5ns+nWbJhqhL57vcY
f7eB61VWgZ0no1TOlIiu66EcFM3ivikI7J8RcqZLGLG/69aYcjKIAxlGvYQp7gFL
2Tn7U3uKNxA5vZ2WjPO8g8agoc10FzHRYE7OsUhGrosk6ZyzlBkAREVchH7izix4
KfpktBIMFqFAuNitbjUIQ6gAWf78TRjhthFgMcGhoYH6UJCEVXPXycSpNHLNhr4G
7LJYo67Q5kkjntP8Mn/SsQh9Kl5OfjkDYuPBuFy0mBP1YakGqWonX0xsFGG6g1+j
2W92kJYQ5GZs8AnQ2qmTjmBy/cYdfhFSEEgX
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:34:34 2026 by rpki-client