Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/EZJCF-3VYqAtHwHmBMOUCkvXbcA.roa
File: EZJCF-3VYqAtHwHmBMOUCkvXbcA.roa (raw, json)
Hash identifier: QobsnFoST9wBaNk8bu7gDV5Cli0VvTFXJFnIu3CFSig=
Subject key identifier: 11:92:42:17:ED:D5:62:A0:2D:1F:01:E6:04:C3:94:0A:4B:D7:6D:C0
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 019E170A12FAF5914A2C721A072935D44DB3
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/EZJCF-3VYqAtHwHmBMOUCkvXbcA.roa
Signing time: Mon 11 May 2026 12:36:36 +0000
ROA not before: Mon 11 May 2026 12:36:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34305
IP address blocks: 85.12.26.0/24 maxlen: 24
85.12.27.0/24 maxlen: 24
85.12.28.0/22 maxlen: 24
85.12.32.0/20 maxlen: 20
85.12.48.0/21 maxlen: 21
85.12.58.0/23 maxlen: 24
85.12.60.0/22 maxlen: 22
91.148.208.0/20 maxlen: 20
185.91.28.0/24 maxlen: 24
193.138.220.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
2a01:788:4::/48 maxlen: 48
2a01:788:1000::/48 maxlen: 48
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:0a:12:fa:f5:91:4a:2c:72:1a:07:29:35:d4:4d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: May 11 12:36:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=11924217edd562a02d1f01e604c3940a4bd76dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:39:b0:58:9f:45:28:e6:81:14:30:cf:ea:ff:
f9:5c:37:0f:31:c8:88:ec:d3:a3:f6:bd:04:c1:36:
d4:21:42:09:48:e7:be:04:ad:8e:e2:48:cc:d3:fb:
e0:12:82:50:8a:c1:7b:eb:bb:1c:9f:ef:f6:b8:2b:
f9:8d:5b:f5:f5:f4:ee:bc:6c:20:34:c6:d3:8a:47:
84:4e:8f:e5:75:95:08:60:f4:ba:00:ed:b4:11:5f:
d5:0a:2b:99:88:1b:33:3f:ee:85:6f:4a:f1:2e:4a:
b6:12:0d:70:fe:46:fa:5d:ce:8a:5c:bf:29:49:b7:
e6:12:92:20:04:ff:92:5b:0e:23:2c:ee:51:45:7c:
d0:24:b2:ee:ec:4d:45:47:6f:e3:9f:e3:77:78:1a:
19:54:5c:05:76:26:67:fd:5c:85:9d:03:8d:16:9d:
f3:f0:d6:d7:0c:8d:d5:a1:61:38:ae:b7:c4:40:fa:
b3:3e:8d:38:c6:fe:16:fa:63:8c:99:84:95:d7:af:
0a:fd:5e:c9:98:e8:91:9b:ef:e7:75:7f:21:da:74:
16:32:eb:02:cd:90:d5:f1:67:62:47:62:2b:3a:85:
60:06:b7:01:c2:09:59:29:f4:c1:df:09:6f:ff:5f:
c6:d6:86:43:fb:95:93:19:89:67:bf:08:08:e8:3a:
3d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:92:42:17:ED:D5:62:A0:2D:1F:01:E6:04:C3:94:0A:4B:D7:6D:C0
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/EZJCF-3VYqAtHwHmBMOUCkvXbcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.26.0-85.12.55.255
85.12.58.0-85.12.63.255
91.148.208.0/20
185.91.28.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788:4::/48
2a01:788:1000::/48
2a01:788:aaaa::-2a01:788:aaac:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
50:8d:b1:c6:59:0d:59:91:e5:26:8c:f5:89:00:b4:fb:36:a8:
f5:43:27:bd:18:45:16:7c:4f:1a:2f:bd:c2:90:b9:db:2e:1f:
2a:e2:0e:df:9e:6c:05:f0:ad:6f:72:63:2c:26:19:04:d9:f1:
5e:4d:74:68:8e:58:74:64:b9:3b:15:03:d9:27:4e:25:f3:a4:
c0:af:5c:3e:82:ee:0e:4c:13:14:a3:3c:6e:5a:f2:82:37:6b:
55:11:60:0c:b9:26:b0:e3:66:2d:65:d6:35:ce:fd:43:63:4e:
81:e8:25:b3:fe:04:55:fd:37:c7:bd:14:d6:60:12:e8:0a:a4:
d2:81:02:17:50:c2:fb:25:c5:dc:94:60:8c:a9:52:3b:d5:2e:
b7:94:c2:cc:be:86:48:e2:8f:5b:56:97:bd:6b:0d:97:2b:ce:
0a:b1:85:d5:ea:6a:02:c1:e9:6f:d6:e1:07:2c:f6:06:73:fd:
a5:02:42:d2:a9:96:ca:0e:0c:79:cf:7f:fe:45:53:17:bb:6c:
db:14:c5:b3:af:b7:dd:40:18:7d:a3:39:ab:12:c7:cc:56:aa:
61:37:2d:eb:32:ee:8e:d4:fc:de:d2:cb:d6:db:b5:ad:4b:5e:
c8:0a:23:41:e7:72:2b:17:fc:a9:fa:8c:6b:07:5a:79:b1:b9:
15:9f:15:a8
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZ4XChL69ZFKLHIaByk11E2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjYwNTExMTIzNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTkyNDIxN2VkZDU2MmEwMmQxZjAxZTYwNGMzOTQwYTRiZDc2ZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8DmwWJ9FKOaBFDDP6v/5XDcPMciI
7NOj9r0EwTbUIUIJSOe+BK2O4kjM0/vgEoJQisF767scn+/2uCv5jVv19fTuvGwg
NMbTikeETo/ldZUIYPS6AO20EV/VCiuZiBszP+6Fb0rxLkq2Eg1w/kb6Xc6KXL8p
SbfmEpIgBP+SWw4jLO5RRXzQJLLu7E1FR2/jn+N3eBoZVFwFdiZn/VyFnQONFp3z
8NbXDI3VoWE4rrfEQPqzPo04xv4W+mOMmYSV168K/V7JmOiRm+/ndX8h2nQWMusC
zZDV8WdiR2IrOoVgBrcBwglZKfTB3wlv/1/G1oZD+5WTGYlnvwgI6Do9ywIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFBGSQhft1WKgLR8B5gTDlApL123AMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvRVpKQ0YtM1ZZcUF0SHdIbUJNT1VDa3ZYYmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajA6BAIAATA0MAwDBAFVDBoD
BANVDDAwDAMEAVUMOgMEBlUMAAMEBFuU0AMEALlbHAMEAMGK3AMEAcPIVDAsBAIA
AjAmAwcAKgEHiAAEAwcAKgEHiBAAMBIDBwEqAQeIqqoDBwAqAQeIqqwwDQYJKoZI
hvcNAQELBQADggEBAFCNscZZDVmR5SaM9YkAtPs2qPVDJ70YRRZ8TxovvcKQudsu
HyriDt+ebAXwrW9yYywmGQTZ8V5NdGiOWHRkuTsVA9knTiXzpMCvXD6C7g5MExSj
PG5a8oI3a1URYAy5JrDjZi1l1jXO/UNjToHoJbP+BFX9N8e9FNZgEugKpNKBAhdQ
wvslxdyUYIypUjvVLreUwsy+hkjij1tWl71rDZcrzgqxhdXqagLB6W/W4Qcs9gZz
/aUCQtKplsoODHnPf/5FUxe7bNsUxbOvt91AGH2jOasSx8xWqmE3Lesy7o7U/N7S
y9bbta1LXsgKI0HncisX/Kn6jGsHWnmxuRWfFag=
-----END CERTIFICATE-----
Generated at Wed May 13 06:55:59 2026 by rpki-client