Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/eWL-hoY76ZRPfE40cOtpRD4XwKU.roa
File: eWL-hoY76ZRPfE40cOtpRD4XwKU.roa (raw, json)
Hash identifier: wkjPzGEG1n2W1H1lfwAtrZx9Xym+OoD613ECLeHzV5I=
Subject key identifier: 79:62:FE:86:86:3B:E9:94:4F:7C:4E:34:70:EB:69:44:3E:17:C0:A5
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 019CBE2E8C4140743C068776A6DE1EE8785C
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/eWL-hoY76ZRPfE40cOtpRD4XwKU.roa
Signing time: Thu 05 Mar 2026 13:27:27 +0000
ROA not before: Thu 05 Mar 2026 13:27:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39608
IP address blocks: 86.111.64.0/19 maxlen: 19
86.111.88.0/21 maxlen: 22
91.194.81.0/24 maxlen: 24
91.216.165.0/24 maxlen: 24
176.36.0.0/14 maxlen: 14
176.36.0.0/16 maxlen: 17
176.36.160.0/24 maxlen: 24
176.37.0.0/16 maxlen: 17
176.38.0.0/16 maxlen: 17
176.38.244.0/23 maxlen: 23
176.39.0.0/16 maxlen: 16
176.39.34.0/23 maxlen: 24
176.39.36.0/23 maxlen: 24
185.53.76.0/23 maxlen: 24
185.53.76.0/24 maxlen: 24
185.53.78.0/24 maxlen: 24
193.93.160.0/22 maxlen: 22
193.107.224.0/22 maxlen: 22
194.33.189.0/24 maxlen: 24
194.50.85.0/24 maxlen: 24
194.60.69.0/24 maxlen: 24
2a01:5800::/32 maxlen: 32
2a01:bf20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:be:2e:8c:41:40:74:3c:06:87:76:a6:de:1e:e8:78:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Mar 5 13:27:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7962fe86863be9944f7c4e3470eb69443e17c0a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:91:7f:33:32:7e:f4:98:3c:2d:c6:5a:4b:a6:
10:ce:00:39:a3:6b:c1:3b:06:24:26:1d:eb:87:11:
ee:11:05:ef:e1:6f:e4:c6:bc:9a:2e:c6:c3:ae:8c:
bc:d8:3d:b0:31:52:2b:51:14:91:67:05:ca:05:e0:
44:21:bf:b8:34:79:11:13:b1:5b:11:e1:1e:88:7e:
e4:59:52:4e:bf:3a:dc:3f:71:6e:61:19:e4:54:02:
17:f5:93:d4:bf:8e:3f:81:ad:76:9b:19:72:ad:0c:
c4:1d:2e:fe:bd:26:ff:b8:f8:7a:f0:75:9c:26:dd:
18:39:6e:7d:8b:6e:c4:6a:01:e5:3d:af:4a:67:19:
45:5a:8a:b0:a3:8e:94:a3:b3:ea:1c:1b:07:38:2b:
a6:3a:28:01:10:78:06:49:17:8d:3f:31:d7:12:ec:
60:ce:c0:04:60:bd:72:50:ca:f5:57:8f:cb:d6:9f:
74:e7:15:e8:05:f0:6e:65:ec:49:de:6f:74:f3:de:
e6:a3:27:fd:85:17:45:74:e8:ba:2f:e8:1c:2b:9f:
68:f9:c0:e8:44:6b:c9:9b:94:27:09:a3:c9:be:07:
39:db:02:7a:c6:b7:54:f9:05:47:5b:06:9b:11:c0:
94:ce:78:52:56:42:14:2f:4d:f4:be:0a:06:8c:ca:
cd:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:62:FE:86:86:3B:E9:94:4F:7C:4E:34:70:EB:69:44:3E:17:C0:A5
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/eWL-hoY76ZRPfE40cOtpRD4XwKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.64.0/19
91.194.81.0/24
91.216.165.0/24
176.36.0.0/14
185.53.76.0-185.53.78.255
193.93.160.0/22
193.107.224.0/22
194.33.189.0/24
194.50.85.0/24
194.60.69.0/24
IPv6:
2a01:5800::/32
2a01:bf20::/32
Signature Algorithm: sha256WithRSAEncryption
0e:ca:1e:ff:6b:2e:45:68:79:d3:94:7a:e3:96:72:35:b1:2b:
4f:cc:51:f2:4a:2a:6f:47:4d:d2:e3:20:ff:8c:29:84:a2:cf:
aa:1e:3c:65:90:52:d1:77:1f:53:29:48:80:3e:10:64:d8:a4:
9d:33:4b:ff:5c:d9:71:d4:e0:3a:f0:87:86:f1:ed:17:f7:b5:
79:82:1e:d5:96:8e:cc:f0:5b:4c:14:b9:26:39:5d:b6:c3:4f:
2b:01:74:52:cf:e3:9a:7b:2c:ad:68:86:30:30:9b:b3:3e:fd:
d6:44:61:d2:ea:32:48:bb:f4:3b:b8:2c:93:33:d1:5f:fe:0a:
b1:b8:fe:d9:ac:ba:28:78:ae:0e:64:4f:fa:58:d0:e6:7e:cf:
0f:d8:09:ba:c2:46:4c:56:df:87:1c:e9:3f:0f:de:5d:43:2d:
72:b6:24:df:e6:e9:0d:e9:c6:25:2a:f5:62:8a:de:54:8a:5d:
1b:c3:6a:67:83:3a:b7:24:cf:31:2f:79:7f:1a:49:6f:62:81:
0b:dd:e8:cb:ea:93:39:e3:5a:3c:24:14:68:ca:0d:9f:5a:fe:
08:0a:4d:d6:95:03:83:3f:9a:58:aa:3b:4e:11:f2:2c:5e:f0:
7a:d9:9c:90:ed:17:4e:ac:b0:5e:29:79:9f:d4:82:2d:01:f7:
6a:72:ef:26
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZy+LoxBQHQ8Bod2pt4e6HhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjYwMzA1MTMyNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTYyZmU4Njg2M2JlOTk0NGY3YzRlMzQ3MGViNjk0NDNlMTdjMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJF/MzJ+9Jg8LcZaS6YQzgA5o2vB
OwYkJh3rhxHuEQXv4W/kxryaLsbDroy82D2wMVIrURSRZwXKBeBEIb+4NHkRE7Fb
EeEeiH7kWVJOvzrcP3FuYRnkVAIX9ZPUv44/ga12mxlyrQzEHS7+vSb/uPh68HWc
Jt0YOW59i27EagHlPa9KZxlFWoqwo46Uo7PqHBsHOCumOigBEHgGSReNPzHXEuxg
zsAEYL1yUMr1V4/L1p905xXoBfBuZexJ3m90897moyf9hRdFdOi6L+gcK59o+cDo
RGvJm5QnCaPJvgc52wJ6xrdU+QVHWwabEcCUznhSVkIUL030vgoGjMrNowIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFHli/oaGO+mUT3xONHDraUQ+F8ClMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL2VXTC1ob1k3NlpSUGZFNDBjT3RwUkQ0WHdLVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwcgYIKwYBBQUHAQcBAf8EYzBhMEkEAgABMEMDBAVWb0AD
BABbwlEDBABb2KUDAwKwJDAMAwQCuTVMAwQAuTVOAwQCwV2gAwQCwWvgAwQAwiG9
AwQAwjJVAwQAwjxFMBQEAgACMA4DBQAqAVgAAwUAKgG/IDANBgkqhkiG9w0BAQsF
AAOCAQEADsoe/2suRWh505R645ZyNbErT8xR8koqb0dN0uMg/4wphKLPqh48ZZBS
0XcfUylIgD4QZNiknTNL/1zZcdTgOvCHhvHtF/e1eYIe1ZaOzPBbTBS5JjldtsNP
KwF0Us/jmnssrWiGMDCbsz791kRh0uoySLv0O7gskzPRX/4Ksbj+2ay6KHiuDmRP
+ljQ5n7PD9gJusJGTFbfhxzpPw/eXUMtcrYk3+bpDenGJSr1YoreVIpdG8NqZ4M6
tyTPMS95fxpJb2KBC93oy+qTOeNaPCQUaMoNn1r+CApN1pUDgz+aWKo7ThHyLF7w
etmckO0XTqywXil5n9SCLQH3anLvJg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:06:04 2026 by rpki-client