Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/8eKxWvb4zfv90IxvIhC6Agnivz8.roa
File: 8eKxWvb4zfv90IxvIhC6Agnivz8.roa (raw, json)
Hash identifier: G16RKdZkVBD70lbGrNUAVc96E/zqs6SATLQUigTHejI=
Subject key identifier: F1:E2:B1:5A:F6:F8:CD:FB:FD:D0:8C:6F:22:10:BA:02:09:E2:BF:3F
Certificate issuer: /CN=dc0e25e17a51696923a5c02966787409aac9aa36
Certificate serial: 019E016F7721A24E8D88E4867029A6104D18
Authority key identifier: DC:0E:25:E1:7A:51:69:69:23:A5:C0:29:66:78:74:09:AA:C9:AA:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3A4l4XpRaWkjpcApZnh0CarJqjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/8eKxWvb4zfv90IxvIhC6Agnivz8.roa
Signing time: Thu 07 May 2026 07:55:42 +0000
ROA not before: Thu 07 May 2026 07:55:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42551
IP address blocks: 178.249.62.0/24 maxlen: 24
178.249.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/3A4l4XpRaWkjpcApZnh0CarJqjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/3A4l4XpRaWkjpcApZnh0CarJqjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3A4l4XpRaWkjpcApZnh0CarJqjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:6f:77:21:a2:4e:8d:88:e4:86:70:29:a6:10:4d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc0e25e17a51696923a5c02966787409aac9aa36
Validity
Not Before: May 7 07:55:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f1e2b15af6f8cdfbfdd08c6f2210ba0209e2bf3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:32:93:07:00:5b:8e:67:92:9c:cd:48:54:38:
0c:43:15:5b:59:0a:1a:bc:a2:b3:48:01:01:6e:ab:
c7:aa:2d:16:75:6b:2b:82:cf:e4:7c:2b:8c:e2:6a:
30:22:07:62:c8:ef:9b:ed:37:55:f8:ce:58:7d:27:
15:09:bf:ec:de:6c:ab:4d:54:be:5e:cf:fa:72:8c:
33:ce:0b:59:ae:08:e3:76:3d:d4:9d:70:95:24:14:
98:d0:60:cd:31:27:05:b3:bb:3c:66:b7:e6:4a:f0:
66:e6:d8:4e:3a:ba:33:ad:3c:09:53:f1:64:a8:23:
c7:6f:d3:b0:2e:32:a4:24:c8:fe:e7:92:79:95:53:
7a:0a:7c:e7:c1:f0:cf:46:b8:44:e0:d6:96:2f:69:
68:2d:f9:41:db:1c:86:fb:f3:42:05:a7:cb:a5:5a:
25:9e:10:9d:82:d1:b1:37:08:36:fd:b7:6e:c6:a4:
c1:f3:c0:12:30:2b:ca:04:f5:4e:aa:e0:b5:9f:1b:
c0:70:7d:a8:14:34:15:6e:5c:55:80:1c:2a:bc:ca:
21:62:10:91:0b:55:ac:3a:2e:18:f1:df:e0:fb:34:
ef:d5:38:7c:73:be:97:9f:e5:5b:ec:3f:ab:11:ed:
de:2a:d2:b1:7d:06:9a:91:d0:c7:b4:30:db:28:a7:
b3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E2:B1:5A:F6:F8:CD:FB:FD:D0:8C:6F:22:10:BA:02:09:E2:BF:3F
X509v3 Authority Key Identifier:
keyid:DC:0E:25:E1:7A:51:69:69:23:A5:C0:29:66:78:74:09:AA:C9:AA:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3A4l4XpRaWkjpcApZnh0CarJqjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/8eKxWvb4zfv90IxvIhC6Agnivz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/3A4l4XpRaWkjpcApZnh0CarJqjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.249.62.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:ed:d4:4f:81:ad:61:b4:af:12:81:0d:50:32:8b:25:fe:fb:
a8:4b:dd:8b:26:9a:5c:a8:4c:cf:19:7a:3f:5e:df:b7:08:4e:
c8:28:53:32:56:42:f5:76:c1:45:c1:d8:18:a0:39:87:71:39:
f9:c8:4c:84:8a:a1:42:bf:d4:2b:e6:a9:46:6f:8f:7f:22:41:
f8:4c:8c:21:92:6c:92:75:11:ea:0a:a7:68:85:7a:82:c8:cb:
bd:15:ab:8d:16:76:1f:fd:85:8f:ba:25:c9:a3:c6:20:d0:57:
c6:49:49:18:3b:d1:c3:c3:63:f7:ef:d8:c2:8a:95:1f:2a:d6:
66:55:26:c4:9b:50:e6:d7:1f:07:47:d3:97:5c:41:53:1b:6b:
a4:4a:79:9a:c1:e8:ac:b0:53:37:60:9a:51:66:e4:0d:17:ce:
8d:ff:6e:61:50:10:ac:d6:7b:f6:fc:04:fd:7e:e3:3c:da:ea:
b9:91:8b:32:1a:08:e3:24:31:1d:ed:7b:0e:1d:5e:2f:e1:80:
e1:24:cc:8d:67:47:64:a1:c8:60:fd:01:8a:4d:e3:63:e6:c2:
67:9e:cc:8f:ef:ba:6d:7c:c2:af:45:f6:07:ad:20:86:ab:0b:
5a:09:f8:35:7e:d5:70:ef:37:36:a3:05:7b:dd:1f:c0:58:56:
27:13:d7:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4Bb3chok6NiOSGcCmmEE0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMGUyNWUxN2E1MTY5NjkyM2E1YzAyOTY2Nzg3NDA5YWFj
OWFhMzYwHhcNMjYwNTA3MDc1NTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWUyYjE1YWY2ZjhjZGZiZmRkMDhjNmYyMjEwYmEwMjA5ZTJiZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjKTBwBbjmeSnM1IVDgMQxVbWQoa
vKKzSAEBbqvHqi0WdWsrgs/kfCuM4mowIgdiyO+b7TdV+M5YfScVCb/s3myrTVS+
Xs/6cowzzgtZrgjjdj3UnXCVJBSY0GDNMScFs7s8ZrfmSvBm5thOOrozrTwJU/Fk
qCPHb9OwLjKkJMj+55J5lVN6CnznwfDPRrhE4NaWL2loLflB2xyG+/NCBafLpVol
nhCdgtGxNwg2/bduxqTB88ASMCvKBPVOquC1nxvAcH2oFDQVblxVgBwqvMohYhCR
C1WsOi4Y8d/g+zTv1Th8c76Xn+Vb7D+rEe3eKtKxfQaakdDHtDDbKKez4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHisVr2+M37/dCMbyIQugIJ4r8/MB8GA1UdIwQY
MBaAFNwOJeF6UWlpI6XAKWZ4dAmqyao2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0E0bDRYcFJhV2tqcGNBcFpuaDBDYXJKcWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8yY2M0NmMtOGM1MS00MzMwLWI2MjMt
MTgzNWNjOGExZDlkLzEvOGVLeFd2YjR6ZnY5MEl4dkloQzZBZ25pdno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8yY2M0NmMtOGM1MS00MzMwLWI2MjMtMTgzNWNjOGExZDlk
LzEvM0E0bDRYcFJhV2tqcGNBcFpuaDBDYXJKcWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsvk+MA0G
CSqGSIb3DQEBCwUAA4IBAQAM7dRPga1htK8SgQ1QMosl/vuoS92LJppcqEzPGXo/
Xt+3CE7IKFMyVkL1dsFFwdgYoDmHcTn5yEyEiqFCv9Qr5qlGb49/IkH4TIwhkmyS
dRHqCqdohXqCyMu9FauNFnYf/YWPuiXJo8Yg0FfGSUkYO9HDw2P379jCipUfKtZm
VSbEm1Dm1x8HR9OXXEFTG2ukSnmaweissFM3YJpRZuQNF86N/25hUBCs1nv2/AT9
fuM82uq5kYsyGgjjJDEd7XsOHV4v4YDhJMyNZ0dkochg/QGKTeNj5sJnnsyP77pt
fMKvRfYHrSCGqwtaCfg1ftVw7zc2owV73R/AWFYnE9ch
-----END CERTIFICATE-----
Generated at Wed May 13 04:20:29 2026 by rpki-client