Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/e0IO8bqjfjTN2ptijFjprlTLaRE.roa
File: e0IO8bqjfjTN2ptijFjprlTLaRE.roa (raw, json)
Hash identifier: 9sZhdhKP9fyYbwSx72b9jU27FiEqShoKF5831OnNy10=
Subject key identifier: 7B:42:0E:F1:BA:A3:7E:34:CD:DA:9B:62:8C:58:E9:AE:54:CB:69:11
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019D2C2B73B96253ABD4BE661F94C7CC4B29
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/e0IO8bqjfjTN2ptijFjprlTLaRE.roa
Signing time: Thu 26 Mar 2026 22:02:18 +0000
ROA not before: Thu 26 Mar 2026 22:02:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212667
IP address blocks: 45.8.156.0/24 maxlen: 24
45.85.64.0/24 maxlen: 24
45.85.67.0/24 maxlen: 24
45.144.38.0/24 maxlen: 24
45.145.3.0/24 maxlen: 24
85.8.187.0/24 maxlen: 24
185.21.140.0/24 maxlen: 24
194.32.250.0/24 maxlen: 24
194.61.234.0/24 maxlen: 24
213.139.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 20:56:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2c:2b:73:b9:62:53:ab:d4:be:66:1f:94:c7:cc:4b:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Mar 26 22:02:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7b420ef1baa37e34cdda9b628c58e9ae54cb6911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d7:63:32:c4:08:da:8d:a5:1f:99:60:c2:44:
5d:a9:c6:50:b6:0a:77:d6:cb:64:37:53:79:fb:4c:
31:3d:52:6b:4b:18:28:d5:99:8d:ea:8f:10:71:88:
82:f5:a9:66:03:df:a2:2e:0f:c2:96:95:da:11:c0:
66:6b:0b:33:41:ec:9a:6a:f3:68:ce:fb:aa:81:b7:
12:8a:92:9d:06:cf:ca:e2:a1:a7:e1:74:f5:69:04:
c8:fc:9e:31:fe:71:a0:63:a4:5c:91:31:d6:17:d7:
03:21:33:7a:79:59:0c:6c:e1:62:de:74:82:b9:56:
13:96:89:06:04:2c:75:9c:5a:fd:2a:68:80:c3:7c:
aa:ad:cb:42:c0:1a:30:5b:64:39:66:c7:eb:f3:f4:
63:ed:e4:14:1f:c4:5b:bf:13:f0:e0:1f:68:51:97:
e8:00:65:38:90:86:8b:32:57:aa:a5:ab:03:c5:2b:
de:03:b8:a0:34:2f:b4:8a:da:6c:09:c9:0e:39:15:
65:c3:31:f1:27:54:8e:68:5a:68:4d:c0:46:17:92:
f5:de:1d:27:1b:80:b4:0c:13:76:a7:8e:95:79:10:
02:14:47:69:38:56:e4:77:80:a0:8b:ab:74:ce:16:
ff:83:f2:7b:fb:9c:03:d3:0e:f0:24:76:b7:cf:73:
40:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:42:0E:F1:BA:A3:7E:34:CD:DA:9B:62:8C:58:E9:AE:54:CB:69:11
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/e0IO8bqjfjTN2ptijFjprlTLaRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.156.0/24
45.85.64.0/24
45.85.67.0/24
45.144.38.0/24
45.145.3.0/24
85.8.187.0/24
185.21.140.0/24
194.32.250.0/24
194.61.234.0/24
213.139.231.0/24
Signature Algorithm: sha256WithRSAEncryption
56:38:8f:d6:ad:94:eb:9f:10:44:e7:16:98:55:90:e2:c6:32:
62:21:6d:30:1e:f4:f2:6b:2a:5e:2d:e1:f2:43:4f:44:7f:d6:
50:6f:f6:d7:d2:37:e8:61:7b:7a:f5:52:48:f3:75:ba:c1:a3:
5b:05:b6:e5:93:be:d9:7d:7c:a4:87:77:e8:5d:4d:94:6f:7c:
0a:19:66:fc:05:2a:cb:7b:e7:50:85:79:22:d9:ce:cd:a4:06:
95:5e:a5:96:bd:f8:84:41:ba:9d:1d:71:f7:7c:d4:1c:4e:b0:
ac:7e:13:81:84:36:93:8a:8f:1e:a4:3d:7f:da:f1:37:55:08:
f6:8b:7e:4f:2b:d1:01:87:ce:10:c8:78:38:5a:1b:f8:fe:05:
e4:31:c5:64:d4:e7:31:6d:38:ce:c6:30:37:35:11:2c:f3:e6:
17:3a:b4:f4:c0:39:2c:b1:1b:c5:bf:e2:df:bd:84:fc:f7:33:
67:00:28:01:9a:ca:97:57:f8:72:18:1d:e3:17:71:e4:32:29:
e2:0c:f5:0e:c3:02:fc:5b:d0:12:fd:02:27:a9:b2:6c:4a:24:
1c:c0:99:16:be:72:19:fa:0e:3b:90:ef:5d:74:be:0d:70:f3:
65:bf:54:16:a0:40:28:b8:26:15:3b:fc:85:98:a8:71:ae:78:
1a:f4:f5:6f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ0sK3O5YlOr1L5mH5THzEspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjYwMzI2MjIwMjE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQyMGVmMWJhYTM3ZTM0Y2RkYTliNjI4YzU4ZTlhZTU0Y2I2OTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtdjMsQI2o2lH5lgwkRdqcZQtgp3
1stkN1N5+0wxPVJrSxgo1ZmN6o8QcYiC9almA9+iLg/ClpXaEcBmawszQeyaavNo
zvuqgbcSipKdBs/K4qGn4XT1aQTI/J4x/nGgY6RckTHWF9cDITN6eVkMbOFi3nSC
uVYTlokGBCx1nFr9KmiAw3yqrctCwBowW2Q5Zsfr8/Rj7eQUH8RbvxPw4B9oUZfo
AGU4kIaLMleqpasDxSveA7igNC+0itpsCckOORVlwzHxJ1SOaFpoTcBGF5L13h0n
G4C0DBN2p46VeRACFEdpOFbkd4Cgi6t0zhb/g/J7+5wD0w7wJHa3z3NARwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHtCDvG6o340zdqbYoxY6a5Uy2kRMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvZTBJTzhicWpmalROMnB0aWpGanBybFRMYVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQicAwQA
LVVAAwQALVVDAwQALZAmAwQALZEDAwQAVQi7AwQAuRWMAwQAwiD6AwQAwj3qAwQA
1YvnMA0GCSqGSIb3DQEBCwUAA4IBAQBWOI/WrZTrnxBE5xaYVZDixjJiIW0wHvTy
aypeLeHyQ09Ef9ZQb/bX0jfoYXt69VJI83W6waNbBbblk77ZfXykh3foXU2Ub3wK
GWb8BSrLe+dQhXki2c7NpAaVXqWWvfiEQbqdHXH3fNQcTrCsfhOBhDaTio8epD1/
2vE3VQj2i35PK9EBh84QyHg4Whv4/gXkMcVk1OcxbTjOxjA3NREs8+YXOrT0wDks
sRvFv+LfvYT89zNnACgBmsqXV/hyGB3jF3HkMiniDPUOwwL8W9AS/QInqbJsSiQc
wJkWvnIZ+g47kO9ddL4NcPNlv1QWoEAouCYVO/yFmKhxrnga9PVv
-----END CERTIFICATE-----
Generated at Fri Mar 27 04:50:48 2026 by rpki-client