Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/EbDq1H3GYNlV-pWH7oxYVIFCOeQ.roa
File: EbDq1H3GYNlV-pWH7oxYVIFCOeQ.roa (raw, json)
Hash identifier: tnICdwbvLAigV1OID0LYGnSR8KT0LAqAy7yMNrmoo5k=
Subject key identifier: 11:B0:EA:D4:7D:C6:60:D9:55:FA:95:87:EE:8C:58:54:81:42:39:E4
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019DF8A146F2974F11D7FF7939C28A466FB4
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/EbDq1H3GYNlV-pWH7oxYVIFCOeQ.roa
Signing time: Tue 05 May 2026 14:53:32 +0000
ROA not before: Tue 05 May 2026 14:53:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199967
IP address blocks: 77.36.62.0/24 maxlen: 24
91.245.184.0/24 maxlen: 24
91.245.185.0/24 maxlen: 24
91.245.186.0/24 maxlen: 24
91.245.187.0/24 maxlen: 24
91.246.192.0/24 maxlen: 24
91.246.193.0/24 maxlen: 24
91.246.194.0/24 maxlen: 24
91.246.195.0/24 maxlen: 24
93.120.100.0/24 maxlen: 24
93.120.101.0/24 maxlen: 24
93.120.102.0/24 maxlen: 24
93.120.103.0/24 maxlen: 24
93.120.104.0/24 maxlen: 24
93.120.105.0/24 maxlen: 24
93.120.106.0/24 maxlen: 24
93.120.107.0/24 maxlen: 24
93.120.108.0/24 maxlen: 24
93.120.109.0/24 maxlen: 24
93.120.110.0/24 maxlen: 24
93.120.111.0/24 maxlen: 24
93.120.112.0/24 maxlen: 24
93.120.113.0/24 maxlen: 24
93.120.114.0/24 maxlen: 24
93.120.115.0/24 maxlen: 24
93.120.116.0/24 maxlen: 24
93.120.117.0/24 maxlen: 24
93.120.118.0/24 maxlen: 24
93.120.119.0/24 maxlen: 24
93.120.124.0/24 maxlen: 24
93.120.125.0/24 maxlen: 24
93.120.126.0/24 maxlen: 24
93.120.127.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
176.113.180.0/24 maxlen: 24
176.113.181.0/24 maxlen: 24
176.113.182.0/24 maxlen: 24
176.113.183.0/24 maxlen: 24
176.113.184.0/24 maxlen: 24
176.113.185.0/24 maxlen: 24
176.113.186.0/24 maxlen: 24
176.113.187.0/24 maxlen: 24
176.113.188.0/24 maxlen: 24
176.113.189.0/24 maxlen: 24
176.113.190.0/24 maxlen: 24
176.113.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f8:a1:46:f2:97:4f:11:d7:ff:79:39:c2:8a:46:6f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 5 14:53:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=11b0ead47dc660d955fa9587ee8c5854814239e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7e:6f:42:7b:37:41:6b:7b:bc:5e:28:88:3b:
c8:07:2e:1b:5a:a6:8d:0e:62:88:8e:7c:3b:8a:bc:
78:3b:8a:9d:41:02:21:32:aa:75:70:01:8f:26:d4:
cd:11:cc:7e:e8:83:b8:ed:77:11:63:4c:b8:90:dc:
2c:33:b7:ac:07:93:35:ff:55:2a:8c:5e:d0:e6:7d:
96:47:8f:ea:ff:43:78:2b:81:97:ce:c1:db:64:46:
25:39:82:c2:c9:3d:cc:ae:94:3b:90:2e:e2:f3:a3:
0a:42:bb:1d:d2:5c:65:38:65:80:34:ee:ba:97:eb:
c7:02:33:2f:ec:e1:dd:76:45:3d:cb:72:40:20:82:
c9:0e:bf:b3:c4:d0:41:2f:83:3c:90:4c:e2:87:ed:
97:1f:d3:13:16:32:79:e7:01:bd:4e:09:f5:d3:6b:
01:b3:97:9b:cd:d7:82:37:d8:46:1c:67:e6:8f:6b:
18:12:c1:7c:91:50:5a:91:1a:4a:8b:0d:15:63:fa:
5a:e8:46:7b:28:ac:70:7f:d9:ee:dc:f4:07:4d:33:
2e:e5:59:02:96:9f:cb:4f:e0:ed:7f:1f:ce:29:67:
6c:9d:e6:90:25:44:ba:87:d3:12:0e:3b:69:96:e0:
75:77:61:21:7e:fc:d2:44:33:55:ba:26:9d:98:44:
ce:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B0:EA:D4:7D:C6:60:D9:55:FA:95:87:EE:8C:58:54:81:42:39:E4
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/EbDq1H3GYNlV-pWH7oxYVIFCOeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.62.0/24
91.245.184.0/22
91.246.192.0/22
93.120.100.0-93.120.119.255
93.120.124.0/22
176.96.94.0/24
176.113.180.0-176.113.191.255
Signature Algorithm: sha256WithRSAEncryption
a6:10:64:e8:f1:b1:bf:13:0f:64:73:a8:60:89:6d:ff:43:65:
95:97:00:20:dc:30:28:f2:35:69:6f:b6:42:25:0d:c6:f0:73:
99:41:ee:74:60:6f:38:78:ca:e4:47:a8:ca:42:2f:ce:0c:44:
4e:f0:be:03:3b:e8:81:51:e1:b8:cf:9e:fc:8a:6e:cc:2b:68:
3d:3c:52:36:96:d5:fe:04:89:43:32:f2:ee:60:a5:42:02:90:
1b:d6:97:d7:c1:f0:1c:e3:5c:31:aa:12:29:b8:d4:fc:4b:d5:
39:f9:28:db:cf:ef:1a:d5:5e:dd:0b:6a:de:b2:6d:05:34:fc:
d6:a9:f7:d0:81:8c:31:ac:3a:af:eb:ad:bf:c1:37:f1:d0:03:
2a:8e:84:ed:49:66:7b:57:90:b7:e1:2c:97:ca:72:ef:f7:9c:
4e:0d:c7:06:01:0b:d5:c5:d5:14:f6:d2:7a:b1:3e:14:bf:b7:
c0:50:20:70:76:6d:6b:28:34:1a:0e:35:4a:10:51:64:03:df:
6c:2e:f2:d9:19:ec:52:62:cf:54:a5:fa:20:95:4a:80:d7:30:
06:81:ab:94:1e:aa:7e:33:d7:a3:19:43:a6:7d:45:05:8c:72:
40:3f:f1:33:69:d3:52:32:25:32:3b:92:58:40:00:46:ec:a0:
2c:6f:ca:5e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ34oUbyl08R1/95OcKKRm+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjYwNTA1MTQ1MzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWIwZWFkNDdkYzY2MGQ5NTVmYTk1ODdlZThjNTg1NDgxNDIzOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH5vQns3QWt7vF4oiDvIBy4bWqaN
DmKIjnw7irx4O4qdQQIhMqp1cAGPJtTNEcx+6IO47XcRY0y4kNwsM7esB5M1/1Uq
jF7Q5n2WR4/q/0N4K4GXzsHbZEYlOYLCyT3MrpQ7kC7i86MKQrsd0lxlOGWANO66
l+vHAjMv7OHddkU9y3JAIILJDr+zxNBBL4M8kEzih+2XH9MTFjJ55wG9Tgn102sB
s5ebzdeCN9hGHGfmj2sYEsF8kVBakRpKiw0VY/pa6EZ7KKxwf9nu3PQHTTMu5VkC
lp/LT+Dtfx/OKWdsneaQJUS6h9MSDjtpluB1d2EhfvzSRDNVuiadmETOIQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFBGw6tR9xmDZVfqVh+6MWFSBQjnkMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvRWJEcTFIM0dZTmxWLXBXSDdveFlWSUZDT2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQATSQ+AwQC
W/W4AwQCW/bAMAwDBAJdeGQDBANdeHADBAJdeHwDBACwYF4wDAMEArBxtAMEBrBx
gDANBgkqhkiG9w0BAQsFAAOCAQEAphBk6PGxvxMPZHOoYIlt/0NllZcAINwwKPI1
aW+2QiUNxvBzmUHudGBvOHjK5EeoykIvzgxETvC+AzvogVHhuM+e/IpuzCtoPTxS
NpbV/gSJQzLy7mClQgKQG9aX18HwHONcMaoSKbjU/EvVOfko28/vGtVe3Qtq3rJt
BTT81qn30IGMMaw6r+utv8E38dADKo6E7Ulme1eQt+Esl8py7/ecTg3HBgEL1cXV
FPbSerE+FL+3wFAgcHZtayg0Gg41ShBRZAPfbC7y2RnsUmLPVKX6IJVKgNcwBoGr
lB6qfjPXoxlDpn1FBYxyQD/xM2nTUjIlMjuSWEAARuygLG/KXg==
-----END CERTIFICATE-----
Generated at Wed May 13 06:56:07 2026 by rpki-client