Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2ef0f1-5082-48df-94fe-f7531a2b6247/1/E_z2BKaRiyCl5DiOiOwXUEhZn00.roa
File: E_z2BKaRiyCl5DiOiOwXUEhZn00.roa (raw, json)
Hash identifier: Ww/zs+NOD1x0VZOxV9lQwUEeAnQENZNlMv0OGXlh9YY=
Subject key identifier: 13:FC:F6:04:A6:91:8B:20:A5:E4:38:8E:88:EC:17:50:48:59:9F:4D
Certificate issuer: /CN=075fdb0de4051347a21e9628ac41736734cb4f2b
Certificate serial: 019CFDC851AFD27BCEFD00BE8A70E1E8D0C6
Authority key identifier: 07:5F:DB:0D:E4:05:13:47:A2:1E:96:28:AC:41:73:67:34:CB:4F:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1_bDeQFE0eiHpYorEFzZzTLTys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2ef0f1-5082-48df-94fe-f7531a2b6247/1/E_z2BKaRiyCl5DiOiOwXUEhZn00.roa
Signing time: Tue 17 Mar 2026 21:51:29 +0000
ROA not before: Tue 17 Mar 2026 21:51:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25400
IP address blocks: 79.174.16.0/24 maxlen: 24
79.174.18.0/24 maxlen: 24
79.174.19.0/24 maxlen: 24
194.146.8.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/2ef0f1-5082-48df-94fe-f7531a2b6247/1/B1_bDeQFE0eiHpYorEFzZzTLTys.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/2ef0f1-5082-48df-94fe-f7531a2b6247/1/B1_bDeQFE0eiHpYorEFzZzTLTys.mft
rsync://rpki.ripe.net/repository/DEFAULT/B1_bDeQFE0eiHpYorEFzZzTLTys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fd:c8:51:af:d2:7b:ce:fd:00:be:8a:70:e1:e8:d0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=075fdb0de4051347a21e9628ac41736734cb4f2b
Validity
Not Before: Mar 17 21:51:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=13fcf604a6918b20a5e4388e88ec175048599f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:37:72:cb:1b:5c:66:7d:b8:76:c4:f4:71:d2:
e5:a7:ed:02:66:63:4f:d0:6d:30:69:c5:0d:ab:d1:
5b:a2:07:aa:7f:0d:84:a4:2d:c9:3b:7f:7a:12:8d:
5c:7a:ef:e5:81:2b:0c:6a:23:00:fd:05:fe:e5:e4:
a1:75:26:c9:6e:20:e5:25:64:14:e4:ae:a8:66:45:
e1:63:0b:95:7c:fb:8b:a7:fb:80:21:b3:bd:d7:99:
28:65:c4:22:6e:12:00:94:c6:52:eb:33:ed:cd:69:
06:7d:c9:3a:89:ec:a2:49:a5:7a:76:4e:23:b3:1b:
56:70:1e:fe:ed:61:50:ce:6d:5f:41:96:63:ac:08:
7a:e4:ba:82:7b:42:b8:8b:cf:24:cf:78:0f:bf:f8:
91:ab:41:d9:c9:9d:95:df:e4:8e:b9:db:cc:84:a2:
0e:a7:ed:b5:05:d0:f1:ad:1d:bb:66:24:ce:f8:08:
d5:a1:98:05:b2:e6:e1:5c:be:e3:d8:42:90:83:99:
26:2d:12:b9:0c:d5:93:4d:45:98:d5:3b:d0:44:f2:
69:3b:27:2b:25:1a:c4:ec:1a:a2:c3:5f:49:2c:6d:
93:5d:00:b7:47:40:05:8c:95:a8:a1:c8:ca:8a:4a:
e6:30:1c:86:9a:23:4d:12:45:c5:d3:dd:e5:10:bc:
93:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:FC:F6:04:A6:91:8B:20:A5:E4:38:8E:88:EC:17:50:48:59:9F:4D
X509v3 Authority Key Identifier:
keyid:07:5F:DB:0D:E4:05:13:47:A2:1E:96:28:AC:41:73:67:34:CB:4F:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1_bDeQFE0eiHpYorEFzZzTLTys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2ef0f1-5082-48df-94fe-f7531a2b6247/1/E_z2BKaRiyCl5DiOiOwXUEhZn00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2ef0f1-5082-48df-94fe-f7531a2b6247/1/B1_bDeQFE0eiHpYorEFzZzTLTys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.16.0/24
79.174.18.0/23
194.146.8.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:0f:c9:9d:f4:4a:46:ba:0e:c5:95:df:18:00:9e:9e:44:05:
80:f5:7f:7c:a3:21:57:6d:7a:c9:93:31:ab:b9:c3:61:c9:34:
be:7b:53:5f:67:3e:6f:a2:09:e6:3e:1b:04:a0:57:71:6a:9f:
1e:b4:d6:f0:e2:b8:f7:44:b8:0b:48:75:2f:fb:c2:d4:79:19:
8d:f4:ab:f5:34:1e:7b:cf:5f:4a:9d:ed:cf:4d:97:63:7a:04:
cc:cb:fb:7f:07:95:91:6f:44:6a:7d:d4:da:7b:c1:7a:54:93:
49:b6:3d:06:b8:c6:bd:51:ca:0b:ce:cb:69:a7:a8:94:a2:aa:
26:d8:40:a6:8f:f8:8c:a1:dd:11:40:19:e1:ad:f6:5e:84:bd:
62:69:27:00:e3:6e:12:69:43:7d:18:b4:fe:f4:ca:98:56:e1:
66:dd:8b:27:bb:32:83:7a:59:e6:f7:be:c0:c1:dd:11:90:de:
11:65:1d:3a:f2:ee:fa:02:56:da:8d:42:ab:60:2e:0a:9d:25:
93:32:b6:10:fb:94:59:7d:ad:5e:4d:b7:76:c0:42:1e:fe:1c:
39:3b:51:1f:2d:68:62:9b:2f:b0:26:7b:73:15:7d:37:b9:77:
1c:81:34:fc:bf:8c:5f:ac:00:bf:45:c0:ed:19:c7:db:e2:84:
a9:11:6f:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZz9yFGv0nvO/QC+inDh6NDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NWZkYjBkZTQwNTEzNDdhMjFlOTYyOGFjNDE3MzY3MzRj
YjRmMmIwHhcNMjYwMzE3MjE1MTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2ZjZjYwNGE2OTE4YjIwYTVlNDM4OGU4OGVjMTc1MDQ4NTk5ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jdyyxtcZn24dsT0cdLlp+0CZmNP
0G0wacUNq9Fbogeqfw2EpC3JO396Eo1ceu/lgSsMaiMA/QX+5eShdSbJbiDlJWQU
5K6oZkXhYwuVfPuLp/uAIbO915koZcQibhIAlMZS6zPtzWkGfck6ieyiSaV6dk4j
sxtWcB7+7WFQzm1fQZZjrAh65LqCe0K4i88kz3gPv/iRq0HZyZ2V3+SOudvMhKIO
p+21BdDxrR27ZiTO+AjVoZgFsubhXL7j2EKQg5kmLRK5DNWTTUWY1TvQRPJpOycr
JRrE7Bqiw19JLG2TXQC3R0AFjJWoocjKikrmMByGmiNNEkXF093lELyTfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBP89gSmkYsgpeQ4jojsF1BIWZ9NMB8GA1UdIwQY
MBaAFAdf2w3kBRNHoh6WKKxBc2c0y08rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFfYkRlUUZFMGVpSHBZb3JFRnpaelRMVHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yZWYwZjEtNTA4Mi00OGRmLTk0ZmUt
Zjc1MzFhMmI2MjQ3LzEvRV96MkJLYVJpeUNsNURpT2lPd1hVRWhabjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yZWYwZjEtNTA4Mi00OGRmLTk0ZmUtZjc1MzFhMmI2MjQ3
LzEvQjFfYkRlUUZFMGVpSHBZb3JFRnpaelRMVHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT64QAwQB
T64SAwQCwpIIMA0GCSqGSIb3DQEBCwUAA4IBAQAOD8md9EpGug7Fld8YAJ6eRAWA
9X98oyFXbXrJkzGrucNhyTS+e1NfZz5vognmPhsEoFdxap8etNbw4rj3RLgLSHUv
+8LUeRmN9Kv1NB57z19Kne3PTZdjegTMy/t/B5WRb0RqfdTae8F6VJNJtj0GuMa9
UcoLzstpp6iUoqom2ECmj/iMod0RQBnhrfZehL1iaScA424SaUN9GLT+9MqYVuFm
3YsnuzKDelnm977Awd0RkN4RZR068u76AlbajUKrYC4KnSWTMrYQ+5RZfa1eTbd2
wEIe/hw5O1EfLWhimy+wJntzFX03uXccgTT8v4xfrAC/RcDtGcfb4oSpEW9Q
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:09:29 2026 by rpki-client