Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ErtcVcw2GYlRZTrlk63dPvIw3ng.roa
File: ErtcVcw2GYlRZTrlk63dPvIw3ng.roa (raw, json)
Hash identifier: eqQL6XFCXqTUqZxNOL5Ki7lk7KYNSEhEaOydkZ6iXyQ=
Subject key identifier: 12:BB:5C:55:CC:36:19:89:51:65:3A:E5:93:AD:DD:3E:F2:30:DE:78
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019E01C9DCA5B17F3F71E36615695DD1ED56
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ErtcVcw2GYlRZTrlk63dPvIw3ng.roa
Signing time: Thu 07 May 2026 09:34:26 +0000
ROA not before: Thu 07 May 2026 09:34:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47952
IP address blocks: 185.185.235.0/24 maxlen: 24
194.127.116.0/24 maxlen: 24
194.127.117.0/24 maxlen: 24
194.127.118.0/24 maxlen: 24
194.127.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:c9:dc:a5:b1:7f:3f:71:e3:66:15:69:5d:d1:ed:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 7 09:34:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=12bb5c55cc36198951653ae593addd3ef230de78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fc:6b:4b:48:d1:88:10:fe:50:63:f6:2e:f7:
bc:3d:e8:d8:3d:95:a4:13:12:80:f9:21:08:c1:ce:
ae:a3:ec:4a:fa:fb:5a:1e:c1:41:28:bb:88:fb:55:
30:6a:35:e3:7a:d7:81:a8:8c:ee:7f:a1:c4:9a:0d:
36:f2:d4:0a:12:37:96:c0:5e:ed:54:98:5b:c8:b8:
22:af:17:d3:f2:de:f4:51:92:82:fb:92:9c:9b:d8:
54:b7:cf:1f:87:22:8d:6f:2b:db:2e:bc:74:5e:62:
d5:43:5b:9b:81:0d:c9:58:d0:91:2b:d9:e6:70:38:
f6:32:f8:42:d0:c8:b8:ec:5d:74:1b:f2:6a:dd:02:
f5:8a:10:fe:95:48:ca:09:97:46:72:53:e6:84:1c:
0d:d9:74:de:da:aa:3b:70:ea:78:ed:11:9d:1b:d0:
17:79:60:47:10:36:72:11:dc:40:c4:3a:41:1a:c8:
a8:dd:a3:06:3c:b0:b1:d5:80:5a:0d:c0:c0:5d:af:
8c:f6:42:ce:f8:5c:68:bb:fa:4e:f7:8c:49:9d:61:
9c:17:8b:a1:a7:aa:1b:a7:40:d5:55:4e:2e:3c:24:
30:40:fe:56:76:fb:ba:60:7e:ad:50:ab:3b:4f:97:
94:30:be:ad:10:78:df:58:13:a5:ae:35:85:08:16:
9c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:BB:5C:55:CC:36:19:89:51:65:3A:E5:93:AD:DD:3E:F2:30:DE:78
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ErtcVcw2GYlRZTrlk63dPvIw3ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.235.0/24
194.127.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:6a:12:51:5e:50:42:24:69:95:4a:cd:b1:49:f4:ae:48:20:
44:88:ca:49:bb:78:d8:9e:28:de:6d:6b:8b:5f:ea:61:47:b8:
11:a4:9b:70:0e:ce:57:2e:d9:15:e2:2e:d7:b0:27:64:3b:bd:
7c:8d:9e:5c:90:23:24:2f:34:9d:4b:0f:63:a2:58:21:f4:a7:
48:27:ff:a2:fb:a9:8f:ff:3d:40:bc:ed:5f:ab:a8:2b:5d:07:
97:57:90:66:41:1e:c6:50:46:2f:67:2a:f7:c0:65:99:1f:1b:
bc:a0:72:0c:e6:84:c7:b0:07:53:19:90:9d:04:50:44:0d:76:
a5:44:82:4e:3e:b0:58:64:25:b6:91:0f:a1:57:ea:68:93:3c:
7a:22:0a:df:62:b4:d1:5b:7c:64:6f:ac:44:0f:d5:45:c3:48:
67:79:4d:17:0f:02:0e:a7:e3:1c:9c:bc:30:93:1e:84:2a:7e:
eb:51:b2:ec:e0:e5:d5:30:bc:d0:9c:28:50:45:83:bf:2f:69:
6e:21:07:67:5c:ac:77:3d:17:db:76:67:e5:26:ba:94:04:d9:
54:b2:90:46:7a:3e:d7:a1:88:d6:31:53:8f:c4:85:c5:f5:59:
c2:4a:ea:4f:32:c6:74:d4:31:92:7f:db:80:1a:ad:62:52:02:
6c:6d:2e:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4BydylsX8/ceNmFWld0e1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjYwNTA3MDkzNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmJiNWM1NWNjMzYxOTg5NTE2NTNhZTU5M2FkZGQzZWYyMzBkZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvxrS0jRiBD+UGP2Lve8PejYPZWk
ExKA+SEIwc6uo+xK+vtaHsFBKLuI+1UwajXjeteBqIzuf6HEmg028tQKEjeWwF7t
VJhbyLgirxfT8t70UZKC+5Kcm9hUt88fhyKNbyvbLrx0XmLVQ1ubgQ3JWNCRK9nm
cDj2MvhC0Mi47F10G/Jq3QL1ihD+lUjKCZdGclPmhBwN2XTe2qo7cOp47RGdG9AX
eWBHEDZyEdxAxDpBGsio3aMGPLCx1YBaDcDAXa+M9kLO+Fxou/pO94xJnWGcF4uh
p6obp0DVVU4uPCQwQP5Wdvu6YH6tUKs7T5eUML6tEHjfWBOlrjWFCBackQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBK7XFXMNhmJUWU65ZOt3T7yMN54MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvRXJ0Y1ZjdzJHWWxSWlRybGs2M2RQdkl3M25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAubnrAwQC
wn90MA0GCSqGSIb3DQEBCwUAA4IBAQClahJRXlBCJGmVSs2xSfSuSCBEiMpJu3jY
nijebWuLX+phR7gRpJtwDs5XLtkV4i7XsCdkO718jZ5ckCMkLzSdSw9jolgh9KdI
J/+i+6mP/z1AvO1fq6grXQeXV5BmQR7GUEYvZyr3wGWZHxu8oHIM5oTHsAdTGZCd
BFBEDXalRIJOPrBYZCW2kQ+hV+pokzx6IgrfYrTRW3xkb6xED9VFw0hneU0XDwIO
p+McnLwwkx6EKn7rUbLs4OXVMLzQnChQRYO/L2luIQdnXKx3PRfbdmflJrqUBNlU
spBGej7XoYjWMVOPxIXF9VnCSupPMsZ01DGSf9uAGq1iUgJsbS41
-----END CERTIFICATE-----
Generated at Wed May 13 02:38:05 2026 by rpki-client