Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/EKOknUpftnx0Q7axH9neRzx4NSA.roa
File: EKOknUpftnx0Q7axH9neRzx4NSA.roa (raw, json)
Hash identifier: n+4PMTNbAHk9TtNsZ242IVt0Y1GiuJ2mxezao/gIwZc=
Subject key identifier: 10:A3:A4:9D:4A:5F:B6:7C:74:43:B6:B1:1F:D9:DE:47:3C:78:35:20
Certificate issuer: /CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Certificate serial: 019CD8DEBC903D8BE796CE43A5B06660A57D
Authority key identifier: 6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/EKOknUpftnx0Q7axH9neRzx4NSA.roa
Signing time: Tue 10 Mar 2026 17:50:01 +0000
ROA not before: Tue 10 Mar 2026 17:50:01 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204033
IP address blocks: 176.126.127.0/24 maxlen: 24
185.20.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d8:de:bc:90:3d:8b:e7:96:ce:43:a5:b0:66:60:a5:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Validity
Not Before: Mar 10 17:50:01 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=10a3a49d4a5fb67c7443b6b11fd9de473c783520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e5:5d:9e:e6:1b:f9:85:84:e7:b6:14:f2:98:
16:7d:bb:49:20:45:e0:e7:53:6b:37:4d:ca:62:32:
b3:62:79:99:bd:0e:e1:ea:5a:ef:d0:0b:81:f5:8a:
99:49:8a:dc:50:29:fd:82:26:c5:1b:73:05:58:d7:
ff:b4:12:57:51:54:6a:6f:35:0e:75:eb:3f:ad:c6:
97:23:e7:61:37:82:22:d8:18:2a:e9:a2:2b:bc:71:
80:5b:97:ac:56:6e:83:8d:0a:14:64:a4:65:f7:28:
48:e5:8d:17:f2:e2:2a:8d:de:26:80:50:65:1c:61:
68:30:36:5c:84:7f:53:61:47:97:07:6c:17:1b:49:
24:cf:4c:ed:8f:71:ed:52:87:60:e3:04:c2:9e:05:
f6:fa:ad:81:0b:bc:7b:3e:14:f2:56:e0:ed:9d:90:
c8:33:12:c9:89:41:f5:13:e2:5a:47:84:a0:3e:f8:
37:c9:d5:56:b5:eb:2d:2c:4c:6c:92:35:3f:29:6f:
29:06:5b:a5:8f:ea:f3:6c:a8:97:ee:cf:78:63:df:
5c:71:7e:9d:ea:3b:80:c2:ee:46:f0:11:0c:24:1e:
b2:6c:87:59:2b:2c:88:39:6c:84:90:14:e0:43:0d:
28:f1:92:e0:09:b0:2b:06:f4:fd:12:bd:ab:fc:3f:
14:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A3:A4:9D:4A:5F:B6:7C:74:43:B6:B1:1F:D9:DE:47:3C:78:35:20
X509v3 Authority Key Identifier:
keyid:6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/EKOknUpftnx0Q7axH9neRzx4NSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.127.0/24
185.20.7.0/24
Signature Algorithm: sha256WithRSAEncryption
47:2f:51:42:ac:29:e9:2d:d3:5f:67:15:1e:7e:c2:24:14:57:
19:55:77:0a:27:40:79:09:8c:74:f4:1c:b8:3a:8a:f6:d1:91:
3c:83:b0:92:37:de:f0:5d:12:3d:cb:88:c6:bc:ba:71:40:45:
3a:75:0d:ce:2c:bc:19:7f:fc:9c:90:e7:da:02:7a:0f:de:d1:
58:24:d7:e7:24:22:fe:c9:1b:5e:34:e3:80:e9:38:84:87:60:
b5:c4:2f:8b:23:9e:e1:26:bc:81:ef:11:e9:f6:cf:ff:d6:c8:
f4:8f:b8:26:45:ba:3b:c4:bf:c8:91:fc:bc:76:a6:7b:d4:47:
59:9b:a0:1e:f0:59:6a:8d:0f:61:2c:b7:03:10:f1:ba:b3:e5:
37:e0:6d:0d:49:19:a1:1a:98:20:a0:0d:bb:61:d9:e4:0b:b8:
72:de:f8:07:74:40:1e:15:8c:69:17:62:73:4f:2c:80:f8:b3:
cc:be:9e:59:74:33:6e:39:0a:ea:5e:15:87:6a:95:aa:5b:e3:
c5:37:38:24:a2:da:7d:0d:f5:8c:ee:a8:77:32:c8:08:c3:0b:
29:9c:d1:d4:08:4e:c2:5b:e2:bc:ba:51:de:ca:6a:55:31:a1:
bf:63:f9:d7:27:aa:42:c4:6a:78:49:be:b1:5f:1f:38:4f:ac:
54:d2:91:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZzY3ryQPYvnls5DpbBmYKV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzY5YzNkNzAzMGNlYzE5ZjhmYjY2ZTU0M2JkZTY1NTk1
NzA4YTIwHhcNMjYwMzEwMTc1MDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGEzYTQ5ZDRhNWZiNjdjNzQ0M2I2YjExZmQ5ZGU0NzNjNzgzNTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+VdnuYb+YWE57YU8pgWfbtJIEXg
51NrN03KYjKzYnmZvQ7h6lrv0AuB9YqZSYrcUCn9gibFG3MFWNf/tBJXUVRqbzUO
des/rcaXI+dhN4Ii2Bgq6aIrvHGAW5esVm6DjQoUZKRl9yhI5Y0X8uIqjd4mgFBl
HGFoMDZchH9TYUeXB2wXG0kkz0ztj3HtUodg4wTCngX2+q2BC7x7PhTyVuDtnZDI
MxLJiUH1E+JaR4SgPvg3ydVWtestLExskjU/KW8pBlulj+rzbKiX7s94Y99ccX6d
6juAwu5G8BEMJB6ybIdZKyyIOWyEkBTgQw0o8ZLgCbArBvT9Er2r/D8UwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBCjpJ1KX7Z8dEO2sR/Z3kc8eDUgMB8GA1UdIwQY
MBaAFGzGnD1wMM7Bn4+2blQ73mVZVwiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEt
MWFlYjZhNGU0NWFkLzEvRUtPa25VcGZ0bngwUTdheEg5bmVSeng0TlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEtMWFlYjZhNGU0NWFk
LzEvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsH5/AwQA
uRQHMA0GCSqGSIb3DQEBCwUAA4IBAQBHL1FCrCnpLdNfZxUefsIkFFcZVXcKJ0B5
CYx09By4Oor20ZE8g7CSN97wXRI9y4jGvLpxQEU6dQ3OLLwZf/yckOfaAnoP3tFY
JNfnJCL+yRteNOOA6TiEh2C1xC+LI57hJryB7xHp9s//1sj0j7gmRbo7xL/Ikfy8
dqZ71EdZm6Ae8FlqjQ9hLLcDEPG6s+U34G0NSRmhGpggoA27YdnkC7hy3vgHdEAe
FYxpF2JzTyyA+LPMvp5ZdDNuOQrqXhWHapWqW+PFNzgkotp9DfWM7qh3MsgIwwsp
nNHUCE7CW+K8ulHeympVMaG/Y/nXJ6pCxGp4Sb6xXx84T6xU0pHl
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:01:27 2026 by rpki-client