Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/EfpVxb3w25F3sNkLrln2F-Pr3ts.roa
File: EfpVxb3w25F3sNkLrln2F-Pr3ts.roa (raw, json)
Hash identifier: jAlVuQ7bpdLn44AQfyyGB6BxK5JUz15l5y9pTz0Wm90=
Subject key identifier: 11:FA:55:C5:BD:F0:DB:91:77:B0:D9:0B:AE:59:F6:17:E3:EB:DE:DB
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019DD166C95E23433CBCF06FB804606B0490
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/EfpVxb3w25F3sNkLrln2F-Pr3ts.roa
Signing time: Tue 28 Apr 2026 00:04:27 +0000
ROA not before: Tue 28 Apr 2026 00:04:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 62.192.100.0/23 maxlen: 23
62.192.106.0/23 maxlen: 23
195.143.0.0/21 maxlen: 24
195.143.15.0/24 maxlen: 24
195.143.17.0/24 maxlen: 24
195.143.18.0/24 maxlen: 24
195.143.22.0/23 maxlen: 24
195.143.28.0/22 maxlen: 24
195.143.34.0/24 maxlen: 24
195.143.36.0/22 maxlen: 24
195.143.82.0/24 maxlen: 24
195.143.84.0/24 maxlen: 24
195.143.86.0/23 maxlen: 24
195.143.88.0/23 maxlen: 24
195.143.98.0/23 maxlen: 24
195.143.107.0/24 maxlen: 24
195.143.108.0/22 maxlen: 24
195.143.113.0/24 maxlen: 24
195.143.114.0/23 maxlen: 24
195.143.116.0/24 maxlen: 24
195.143.118.0/23 maxlen: 24
195.143.121.0/24 maxlen: 24
195.143.123.0/24 maxlen: 24
195.143.132.0/24 maxlen: 24
195.143.134.0/24 maxlen: 24
195.143.144.0/22 maxlen: 24
195.143.148.0/24 maxlen: 24
195.143.152.0/22 maxlen: 24
195.143.160.0/23 maxlen: 24
195.143.163.0/24 maxlen: 24
195.143.164.0/22 maxlen: 24
195.143.176.0/24 maxlen: 24
195.143.178.0/24 maxlen: 24
195.143.187.0/24 maxlen: 24
195.143.190.0/23 maxlen: 24
195.143.192.0/20 maxlen: 24
195.143.208.0/21 maxlen: 24
195.143.216.0/24 maxlen: 24
195.143.224.0/22 maxlen: 24
195.143.230.0/23 maxlen: 24
195.143.232.0/21 maxlen: 24
195.143.240.0/22 maxlen: 24
195.143.246.0/23 maxlen: 24
195.143.248.0/22 maxlen: 24
195.143.252.0/24 maxlen: 24
195.143.254.0/23 maxlen: 24
213.169.194.0/23 maxlen: 23
213.169.248.0/23 maxlen: 23
213.169.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d1:66:c9:5e:23:43:3c:bc:f0:6f:b8:04:60:6b:04:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Apr 28 00:04:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=11fa55c5bdf0db9177b0d90bae59f617e3ebdedb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6e:7a:e9:ff:fc:0e:3c:e3:bf:24:2c:73:8a:
89:2a:83:8a:aa:1c:43:f7:fe:24:98:33:79:b2:74:
f9:8d:52:ff:18:df:a0:aa:24:c4:7a:a0:d9:02:75:
58:69:b8:db:4f:b6:4e:3c:6e:0b:5f:ed:7a:1c:ce:
60:e0:3f:5c:ec:20:bd:c7:4c:20:7c:4d:17:de:37:
5d:26:6c:ce:1d:ca:ef:16:bf:ef:bc:6b:6d:ba:0f:
82:17:7d:c8:78:67:48:1f:8f:1f:d9:62:8c:19:ed:
2b:40:88:0d:58:e1:13:35:4a:6e:32:53:4f:9b:8d:
aa:b0:9d:72:af:61:77:25:06:5b:6d:79:13:6d:e3:
0b:18:97:87:e4:16:aa:04:5e:0f:61:71:bd:82:e2:
f3:31:c1:03:78:65:32:70:cf:db:b9:38:6b:6a:56:
b0:a7:3b:2d:9d:b2:a3:5f:57:4e:16:19:e9:e6:94:
24:80:1c:dc:83:03:53:0c:58:c4:24:17:48:16:ef:
6e:a9:8b:49:18:19:9c:95:53:17:f1:a5:1c:67:bc:
1a:a8:47:e4:68:96:ed:57:2b:5f:dd:4d:3e:32:8c:
ed:4e:97:0d:af:e6:c3:2c:d5:4a:66:da:ed:4b:fa:
9a:e9:62:2b:75:6c:22:f9:ef:0d:ed:12:51:ae:e2:
e5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:FA:55:C5:BD:F0:DB:91:77:B0:D9:0B:AE:59:F6:17:E3:EB:DE:DB
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/EfpVxb3w25F3sNkLrln2F-Pr3ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.100.0/23
62.192.106.0/23
195.143.0.0/21
195.143.15.0/24
195.143.17.0-195.143.18.255
195.143.22.0/23
195.143.28.0/22
195.143.34.0/24
195.143.36.0/22
195.143.82.0/24
195.143.84.0/24
195.143.86.0-195.143.89.255
195.143.98.0/23
195.143.107.0-195.143.111.255
195.143.113.0-195.143.116.255
195.143.118.0/23
195.143.121.0/24
195.143.123.0/24
195.143.132.0/24
195.143.134.0/24
195.143.144.0-195.143.148.255
195.143.152.0/22
195.143.160.0/23
195.143.163.0-195.143.167.255
195.143.176.0/24
195.143.178.0/24
195.143.187.0/24
195.143.190.0-195.143.216.255
195.143.224.0/22
195.143.230.0-195.143.243.255
195.143.246.0-195.143.252.255
195.143.254.0/23
213.169.194.0/23
213.169.248.0/23
213.169.254.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:97:db:f0:4b:2a:40:78:5d:6c:97:cf:82:03:89:79:54:ef:
ed:a9:52:f6:2d:76:87:ca:e0:56:93:59:5b:3d:04:d0:d1:b9:
57:ac:e0:79:d8:5b:2f:7a:15:78:f3:2b:a3:5a:dd:be:e7:88:
08:1f:2e:2e:b3:2e:fc:00:42:49:1e:e5:d1:9f:d7:e2:e4:e9:
1c:f2:11:68:0f:43:a4:eb:b9:bd:c4:03:d4:e8:1a:04:ac:fe:
53:9b:4a:f0:c4:90:a6:f3:aa:5c:3a:96:9d:22:ce:ca:16:73:
fe:8d:ec:2e:2e:b5:e2:58:38:7f:ec:49:48:bb:cb:af:74:3a:
95:be:46:4d:2f:86:d7:cd:00:d1:e2:d7:3a:3b:e8:fd:c5:00:
c6:10:d9:6d:7a:a0:fa:de:61:9c:81:66:94:68:d8:5e:ba:fc:
ac:52:9c:ea:38:f9:52:ba:f2:2e:9d:2a:68:af:19:43:26:1b:
55:e9:67:23:20:f1:29:fb:c2:8a:d1:64:86:1f:f9:c1:e4:2a:
0b:8c:fe:0f:20:66:45:27:a0:7a:24:64:42:6e:e6:de:26:33:
f3:02:2b:53:c2:51:a7:4c:96:36:f1:a6:f7:b9:cc:bc:6c:13:
aa:75:a0:5b:d0:bf:0f:c8:09:05:55:47:c2:bf:46:8a:b2:bd:
b0:09:77:f6
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZ3RZsleI0M8vPBvuARgawSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNDI4MDAwNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWZhNTVjNWJkZjBkYjkxNzdiMGQ5MGJhZTU5ZjYxN2UzZWJkZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG566f/8DjzjvyQsc4qJKoOKqhxD
9/4kmDN5snT5jVL/GN+gqiTEeqDZAnVYabjbT7ZOPG4LX+16HM5g4D9c7CC9x0wg
fE0X3jddJmzOHcrvFr/vvGttug+CF33IeGdIH48f2WKMGe0rQIgNWOETNUpuMlNP
m42qsJ1yr2F3JQZbbXkTbeMLGJeH5BaqBF4PYXG9guLzMcEDeGUycM/buThralaw
pzstnbKjX1dOFhnp5pQkgBzcgwNTDFjEJBdIFu9uqYtJGBmclVMX8aUcZ7waqEfk
aJbtVytf3U0+MoztTpcNr+bDLNVKZtrtS/qa6WIrdWwi+e8N7RJRruLlbQIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFBH6VcW98NuRd7DZC65Z9hfj697bMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvRWZwVnhiM3cyNUYzc05rTHJsbjJGLVByM3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCASIEAgABMIIB
GgMEAT7AZAMEAT7AagMEA8OPAAMEAMOPDzAMAwQAw48RAwQAw48SAwQBw48WAwQC
w48cAwQAw48iAwQCw48kAwQAw49SAwQAw49UMAwDBAHDj1YDBAHDj1gDBAHDj2Iw
DAMEAMOPawMEBMOPYDAMAwQAw49xAwQAw490AwQBw492AwQAw495AwQAw497AwQA
w4+EAwQAw4+GMAwDBATDj5ADBADDj5QDBALDj5gDBAHDj6AwDAMEAMOPowMEA8OP
oAMEAMOPsAMEAMOPsgMEAMOPuzAMAwQBw4++AwQAw4/YAwQCw4/gMAwDBAHDj+YD
BALDj/AwDAMEAcOP9gMEAMOP/AMEAcOP/gMEAdWpwgMEAdWp+AMEAdWp/jANBgkq
hkiG9w0BAQsFAAOCAQEAfpfb8EsqQHhdbJfPggOJeVTv7alS9i12h8rgVpNZWz0E
0NG5V6zgedhbL3oVePMro1rdvueICB8uLrMu/ABCSR7l0Z/X4uTpHPIRaA9DpOu5
vcQD1OgaBKz+U5tK8MSQpvOqXDqWnSLOyhZz/o3sLi614lg4f+xJSLvLr3Q6lb5G
TS+G180A0eLXOjvo/cUAxhDZbXqg+t5hnIFmlGjYXrr8rFKc6jj5UrryLp0qaK8Z
QyYbVelnIyDxKfvCitFkhh/5weQqC4z+DyBmRSegeiRkQm7m3iYz8wIrU8JRp0yW
NvGm97nMvGwTqnWgW9C/D8gJBVVHwr9GirK9sAl39g==
-----END CERTIFICATE-----
Generated at Tue May 12 21:47:59 2026 by rpki-client