Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8EjvhdCY10s6rJL2lstbYDDS8Zk.roa
File: 8EjvhdCY10s6rJL2lstbYDDS8Zk.roa (raw, json)
Hash identifier: zyVAOnZHvPFSd2GuW015EovOlVdXkn1IpAGNB0HbAVk=
Subject key identifier: F0:48:EF:85:D0:98:D7:4B:3A:AC:92:F6:96:CB:5B:60:30:D2:F1:99
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D2BE7B2F749986873A285994CC98D63F3
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8EjvhdCY10s6rJL2lstbYDDS8Zk.roa
Signing time: Thu 26 Mar 2026 20:48:18 +0000
ROA not before: Thu 26 Mar 2026 20:48:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211009
IP address blocks: 2a0d:b841::/32 maxlen: 32
2a0e:19c7::/32 maxlen: 32
2a11:b4c4::/32 maxlen: 32
2a12:2803::/32 maxlen: 32
2a12:8787::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:e7:b2:f7:49:98:68:73:a2:85:99:4c:c9:8d:63:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 26 20:48:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f048ef85d098d74b3aac92f696cb5b6030d2f199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b7:b7:86:1d:38:b9:87:8e:b8:01:22:2b:1b:
8d:54:5d:eb:f5:bf:52:14:cd:58:67:0f:56:7d:e0:
7b:2b:77:d5:bf:c9:64:76:8c:3a:61:c0:d5:84:b7:
9d:16:cb:07:8f:0b:92:15:4e:17:a3:18:bc:71:dc:
10:32:0d:b2:9a:53:19:76:3a:58:06:46:c4:f6:7a:
13:ce:37:c9:6d:56:57:3f:17:09:84:66:74:27:6b:
bc:24:f3:6a:ed:fb:cf:ed:43:47:8c:9a:6b:71:85:
b9:2b:ab:ec:5b:2b:4e:13:39:8d:be:08:56:15:f0:
5f:02:98:f8:cd:28:f4:43:9f:c4:08:1c:43:f7:ef:
01:30:fe:7b:0c:df:61:37:60:7c:25:c9:7f:66:31:
60:06:3f:66:e4:6f:24:8d:0f:9d:0b:f6:7f:45:72:
31:12:00:ca:62:b5:12:c1:72:75:aa:7f:51:01:08:
23:d0:4d:c7:9a:ca:f6:fc:be:5a:25:80:1a:0a:99:
80:b7:81:93:49:d7:be:c5:ba:ae:8e:df:ae:63:5b:
a2:96:4c:27:ef:32:83:a3:c1:cf:f2:c9:32:2d:cd:
83:1c:6a:97:13:fa:3f:4e:2c:7a:0e:5e:a1:16:08:
38:f1:dc:ce:dc:bf:1b:d6:1a:7b:d9:85:6d:6b:24:
2e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:48:EF:85:D0:98:D7:4B:3A:AC:92:F6:96:CB:5B:60:30:D2:F1:99
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8EjvhdCY10s6rJL2lstbYDDS8Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b841::/32
2a0e:19c7::/32
2a11:b4c4::/32
2a12:2803::/32
2a12:8787::/32
Signature Algorithm: sha256WithRSAEncryption
8d:e3:dc:2e:65:56:a3:38:2b:f8:0a:56:e9:98:1e:53:9f:3a:
48:c3:69:95:4c:5f:f6:47:dd:55:17:b7:0c:fe:53:53:1f:41:
12:9a:32:7c:9d:b8:80:65:b6:c7:5d:34:0c:55:21:49:be:60:
d0:65:2f:f1:00:05:9a:81:b4:71:9e:13:94:5e:22:32:70:42:
77:d9:c3:f7:2e:56:0e:7f:a2:c6:f6:df:fb:c9:7c:8c:2d:b4:
c2:87:09:fc:5c:77:eb:64:85:6d:42:71:4e:81:3d:51:71:cf:
fe:a6:7c:52:56:42:b8:4d:55:be:ce:f3:cb:93:2b:4d:36:22:
bc:82:37:56:ca:3c:42:ae:75:22:a7:40:ce:13:bc:8b:a9:9a:
6b:1c:e7:61:57:78:3f:b5:89:13:05:6e:3c:e1:38:e6:85:ac:
c8:e7:2c:85:d2:e6:b5:42:fa:eb:d9:73:38:56:e7:cb:ce:8a:
c0:0c:87:d7:a4:3c:8d:7d:8b:50:34:c5:49:a9:8e:d2:df:d6:
3a:62:87:57:49:a8:40:4b:a2:94:b4:e2:6e:a8:20:4b:14:af:
4e:68:5f:5f:7e:67:03:cf:1d:e8:9b:c3:e1:22:92:04:ec:95:
73:21:9d:3e:2f:c3:34:3c:f1:e2:34:e7:86:55:8f:19:0a:3c:
08:26:1b:f1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ0r57L3SZhoc6KFmUzJjWPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMzI2MjA0ODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQ4ZWY4NWQwOThkNzRiM2FhYzkyZjY5NmNiNWI2MDMwZDJmMTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Le3hh04uYeOuAEiKxuNVF3r9b9S
FM1YZw9WfeB7K3fVv8lkdow6YcDVhLedFssHjwuSFU4Xoxi8cdwQMg2ymlMZdjpY
BkbE9noTzjfJbVZXPxcJhGZ0J2u8JPNq7fvP7UNHjJprcYW5K6vsWytOEzmNvghW
FfBfApj4zSj0Q5/ECBxD9+8BMP57DN9hN2B8Jcl/ZjFgBj9m5G8kjQ+dC/Z/RXIx
EgDKYrUSwXJ1qn9RAQgj0E3Hmsr2/L5aJYAaCpmAt4GTSde+xbqujt+uY1uilkwn
7zKDo8HP8skyLc2DHGqXE/o/Tix6Dl6hFgg48dzO3L8b1hp72YVtayQuTQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPBI74XQmNdLOqyS9pbLW2Aw0vGZMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvOEVqdmhkQ1kxMHM2ckpMMmxzdGJZRERTOFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKg24QQMF
ACoOGccDBQAqEbTEAwUAKhIoAwMFACoSh4cwDQYJKoZIhvcNAQELBQADggEBAI3j
3C5lVqM4K/gKVumYHlOfOkjDaZVMX/ZH3VUXtwz+U1MfQRKaMnyduIBltsddNAxV
IUm+YNBlL/EABZqBtHGeE5ReIjJwQnfZw/cuVg5/osb23/vJfIwttMKHCfxcd+tk
hW1CcU6BPVFxz/6mfFJWQrhNVb7O88uTK002IryCN1bKPEKudSKnQM4TvIupmmsc
52FXeD+1iRMFbjzhOOaFrMjnLIXS5rVC+uvZczhW58vOisAMh9ekPI19i1A0xUmp
jtLf1jpih1dJqEBLopS04m6oIEsUr05oX19+ZwPPHeibw+EikgTslXMhnT4vwzQ8
8eI054ZVjxkKPAgmG/E=
-----END CERTIFICATE-----
Generated at Sat Mar 28 14:29:51 2026 by rpki-client