Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/EvsZzHKAsyx2_21mh73405LlA_Y.roa
File: EvsZzHKAsyx2_21mh73405LlA_Y.roa (raw, json)
Hash identifier: 7BIapcTmybitVEbkJcTH6zcqaYrzQJJ+qryowb4ctQQ=
Subject key identifier: 12:FB:19:CC:72:80:B3:2C:76:FF:6D:66:87:BD:F8:D3:92:E5:03:F6
Certificate issuer: /CN=f63fc5a11f96168267a08d8e50ada48383420b98
Certificate serial: 019C7020F0EF66EB81262B3CE4978013C631
Authority key identifier: F6:3F:C5:A1:1F:96:16:82:67:A0:8D:8E:50:AD:A4:83:83:42:0B:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9j_FoR-WFoJnoI2OUK2kg4NCC5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/EvsZzHKAsyx2_21mh73405LlA_Y.roa
Signing time: Wed 18 Feb 2026 09:42:12 +0000
ROA not before: Wed 18 Feb 2026 09:42:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44604
IP address blocks: 5.187.64.0/19 maxlen: 24
31.210.192.0/19 maxlen: 24
77.241.240.0/20 maxlen: 24
91.195.126.0/23 maxlen: 24
91.202.24.0/22 maxlen: 24
93.157.144.0/21 maxlen: 24
109.106.128.0/19 maxlen: 24
178.210.32.0/19 maxlen: 24
185.33.160.0/22 maxlen: 24
185.177.96.0/22 maxlen: 24
2a00:1440::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/9j_FoR-WFoJnoI2OUK2kg4NCC5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/9j_FoR-WFoJnoI2OUK2kg4NCC5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/9j_FoR-WFoJnoI2OUK2kg4NCC5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:20:f0:ef:66:eb:81:26:2b:3c:e4:97:80:13:c6:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f63fc5a11f96168267a08d8e50ada48383420b98
Validity
Not Before: Feb 18 09:42:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=12fb19cc7280b32c76ff6d6687bdf8d392e503f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fe:70:01:5f:1d:7f:e3:14:cc:b0:42:8a:8a:
b1:27:a5:5a:14:08:8a:7e:61:f3:aa:42:59:36:a1:
00:ce:3e:f6:bc:42:05:da:aa:01:d0:96:c0:27:c3:
1f:93:ec:dd:27:13:21:65:8b:0a:bc:f4:be:64:17:
c5:05:3c:07:b2:43:7d:e5:08:71:b6:18:04:2e:fd:
57:a9:51:3b:ef:09:4f:5d:2a:1f:f5:01:d5:46:fe:
31:5b:19:eb:a0:cd:14:dd:a6:31:a3:18:c0:2f:4d:
89:a5:28:4b:c2:7a:13:25:49:6a:71:0f:71:ac:76:
15:1a:e0:b0:c1:35:d1:67:ef:a4:79:da:0b:ba:90:
de:28:cd:a5:d2:32:d0:63:42:11:a8:d0:1a:38:9e:
a0:27:d5:c4:b2:3f:b3:d2:ae:28:5b:e9:5e:41:bb:
8f:d7:96:d0:a2:24:19:25:97:d1:07:6d:1a:d2:ab:
de:e2:74:9f:49:ec:1e:40:0a:2a:95:12:f7:b2:0e:
54:1d:b3:02:c1:bb:a2:21:57:05:43:43:9f:ee:65:
43:2c:10:b0:fc:3c:7b:f0:6c:62:75:a8:13:2b:ba:
4b:26:2c:07:52:74:6f:ac:42:1f:a9:94:9b:b6:3a:
b5:34:26:d3:68:2c:9e:04:2e:db:c5:e4:1f:9c:37:
19:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:FB:19:CC:72:80:B3:2C:76:FF:6D:66:87:BD:F8:D3:92:E5:03:F6
X509v3 Authority Key Identifier:
keyid:F6:3F:C5:A1:1F:96:16:82:67:A0:8D:8E:50:AD:A4:83:83:42:0B:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9j_FoR-WFoJnoI2OUK2kg4NCC5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/EvsZzHKAsyx2_21mh73405LlA_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/9j_FoR-WFoJnoI2OUK2kg4NCC5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.64.0/19
31.210.192.0/19
77.241.240.0/20
91.195.126.0/23
91.202.24.0/22
93.157.144.0/21
109.106.128.0/19
178.210.32.0/19
185.33.160.0/22
185.177.96.0/22
IPv6:
2a00:1440::/32
Signature Algorithm: sha256WithRSAEncryption
84:10:82:5c:de:f9:ec:19:f4:c1:cc:5a:e5:c6:88:c7:93:b4:
53:e1:40:4a:3b:cb:5c:f5:7a:ab:ce:bf:f3:f9:32:ae:10:15:
24:fe:0f:ed:e2:73:77:65:cc:a3:33:a4:ed:89:7f:43:35:94:
52:f3:2d:69:6f:ba:1e:4c:ce:b8:f1:a9:e5:c7:d5:e3:2e:ff:
fa:99:1e:b2:70:eb:c5:0b:1f:ee:2d:0b:2f:4d:87:cf:5f:0c:
79:5f:53:27:53:0b:68:33:ec:e4:ec:40:be:d7:c8:f5:d9:9b:
a1:d7:62:41:34:7d:95:b8:4f:3b:26:37:4d:0e:45:dc:09:83:
b3:d8:33:9b:99:22:79:a6:3f:27:1b:25:9e:f3:51:29:6f:dc:
77:13:b6:61:bf:d7:99:75:33:37:1a:a6:60:8c:43:36:2e:e1:
ae:65:ec:0c:bc:9d:f2:f9:cf:6e:55:fe:25:b6:e8:5b:79:be:
d0:e8:e3:5b:d3:4f:38:72:1d:18:53:5c:e1:a4:9b:d3:b9:0f:
83:31:cd:91:83:e2:2c:09:2e:b9:0c:fe:06:d5:48:45:d5:d6:
f0:31:c2:bb:89:35:e1:24:f9:75:c9:7c:12:be:83:b8:7f:29:
ac:62:e9:1c:76:67:7e:e2:69:7a:5f:e6:e9:cf:20:35:2c:a9:
6d:28:52:a0
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZxwIPDvZuuBJis85JeAE8YxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2M2ZjNWExMWY5NjE2ODI2N2EwOGQ4ZTUwYWRhNDgzODM0
MjBiOTgwHhcNMjYwMjE4MDk0MjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmZiMTljYzcyODBiMzJjNzZmZjZkNjY4N2JkZjhkMzkyZTUwM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0v5wAV8df+MUzLBCioqxJ6VaFAiK
fmHzqkJZNqEAzj72vEIF2qoB0JbAJ8Mfk+zdJxMhZYsKvPS+ZBfFBTwHskN95Qhx
thgELv1XqVE77wlPXSof9QHVRv4xWxnroM0U3aYxoxjAL02JpShLwnoTJUlqcQ9x
rHYVGuCwwTXRZ++kedoLupDeKM2l0jLQY0IRqNAaOJ6gJ9XEsj+z0q4oW+leQbuP
15bQoiQZJZfRB20a0qve4nSfSeweQAoqlRL3sg5UHbMCwbuiIVcFQ0Of7mVDLBCw
/Dx78GxidagTK7pLJiwHUnRvrEIfqZSbtjq1NCbTaCyeBC7bxeQfnDcZDQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFBL7GcxygLMsdv9tZoe9+NOS5QP2MB8GA1UdIwQY
MBaAFPY/xaEflhaCZ6CNjlCtpIODQguYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpfRm9SLVdGb0pub0kyT1VLMmtnNE5DQzVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi81MTQ0MzctOTNlYS00OGMxLTkxMjct
OGI3NzE2MzU0YzhkLzEvRXZzWnpIS0FzeXgyXzIxbWg3MzQwNUxsQV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi81MTQ0MzctOTNlYS00OGMxLTkxMjctOGI3NzE2MzU0Yzhk
LzEvOWpfRm9SLVdGb0pub0kyT1VLMmtnNE5DQzVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFBbtAAwQF
H9LAAwQETfHwAwQBW8N+AwQCW8oYAwQDXZ2QAwQFbWqAAwQFstIgAwQCuSGgAwQC
ubFgMA0EAgACMAcDBQAqABRAMA0GCSqGSIb3DQEBCwUAA4IBAQCEEIJc3vnsGfTB
zFrlxojHk7RT4UBKO8tc9Xqrzr/z+TKuEBUk/g/t4nN3ZcyjM6TtiX9DNZRS8y1p
b7oeTM648anlx9XjLv/6mR6ycOvFCx/uLQsvTYfPXwx5X1MnUwtoM+zk7EC+18j1
2Zuh12JBNH2VuE87JjdNDkXcCYOz2DObmSJ5pj8nGyWe81Epb9x3E7Zhv9eZdTM3
GqZgjEM2LuGuZewMvJ3y+c9uVf4ltuhbeb7Q6ONb0084ch0YU1zhpJvTuQ+DMc2R
g+IsCS65DP4G1UhF1dbwMcK7iTXhJPl1yXwSvoO4fymsYukcdmd+4ml6X+bpzyA1
LKltKFKg
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:08:15 2026 by rpki-client