Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/EWdn2dAvIsQSnWq-qfqoFQud5JU.roa
File: EWdn2dAvIsQSnWq-qfqoFQud5JU.roa (raw, json)
Hash identifier: vWk3309wRqpMvn92uqTEGWfnbFV7KQGX6oN/Zj7IR6g=
Subject key identifier: 11:67:67:D9:D0:2F:22:C4:12:9D:6A:BE:A9:FA:A8:15:0B:9D:E4:95
Certificate issuer: /CN=086282e751286fbbecc75ea6edcc254192c55c76
Certificate serial: 019D1F5506006CF5231CCB3C2E6404D1C942
Authority key identifier: 08:62:82:E7:51:28:6F:BB:EC:C7:5E:A6:ED:CC:25:41:92:C5:5C:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CGKC51Eob7vsx16m7cwlQZLFXHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/EWdn2dAvIsQSnWq-qfqoFQud5JU.roa
Signing time: Tue 24 Mar 2026 10:12:38 +0000
ROA not before: Tue 24 Mar 2026 10:12:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34086
IP address blocks: 46.29.96.0/21 maxlen: 24
82.192.98.0/23 maxlen: 24
93.188.240.0/21 maxlen: 24
94.100.240.0/20 maxlen: 24
160.44.0.0/16 maxlen: 24
160.44.192.0/20 maxlen: 24
160.44.192.0/21 maxlen: 21
160.44.200.0/21 maxlen: 21
185.9.216.0/22 maxlen: 24
217.150.144.0/20 maxlen: 24
2a00:da8::/32 maxlen: 32
2a00:da8:1fe::/48 maxlen: 48
2a00:da8:1ff::/48 maxlen: 48
2a00:da8:ff00::/40 maxlen: 40
2a00:da8:fffb::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/CGKC51Eob7vsx16m7cwlQZLFXHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/CGKC51Eob7vsx16m7cwlQZLFXHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CGKC51Eob7vsx16m7cwlQZLFXHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:55:06:00:6c:f5:23:1c:cb:3c:2e:64:04:d1:c9:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=086282e751286fbbecc75ea6edcc254192c55c76
Validity
Not Before: Mar 24 10:12:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=116767d9d02f22c4129d6abea9faa8150b9de495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:72:3a:46:e4:66:43:3c:7c:25:18:c2:cd:
92:06:37:92:71:4a:a9:f3:26:4f:b8:b5:2f:f5:8e:
88:03:8a:2f:84:cf:b5:38:d8:b6:69:4c:c3:97:fd:
16:1d:b2:e4:75:ed:57:94:09:70:bf:06:90:d2:e2:
c3:2a:c3:18:2d:9a:f7:bd:be:d4:a5:e9:64:e2:53:
75:09:7a:f5:53:76:53:1f:fd:36:9d:69:d5:73:a6:
ad:a7:53:68:b2:52:9e:93:5d:2e:18:81:52:c0:d7:
7f:fd:91:c6:07:46:90:da:e8:a2:3d:3b:a8:97:8a:
7f:9c:67:fc:9f:5a:8c:35:a1:95:db:2a:32:2d:cd:
8e:34:3d:7a:98:56:fd:e3:45:7b:5b:32:59:2b:91:
00:39:a0:62:3f:e3:a2:c8:ae:09:89:ce:19:8c:95:
4c:a5:92:87:5d:61:d1:89:a4:d1:78:83:b0:e1:c8:
f4:a4:1f:13:74:53:48:cc:94:49:e5:41:bb:3c:55:
21:de:23:5d:b6:63:bf:bf:06:ed:bf:d6:8d:10:72:
f4:4e:31:d8:51:21:53:6a:ba:5f:17:a8:a0:d8:9e:
82:e2:9a:28:2d:75:11:ba:df:10:36:0a:bf:ea:c5:
e8:e5:25:87:98:bc:b5:24:39:29:5e:8f:1f:12:c4:
ce:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:67:67:D9:D0:2F:22:C4:12:9D:6A:BE:A9:FA:A8:15:0B:9D:E4:95
X509v3 Authority Key Identifier:
keyid:08:62:82:E7:51:28:6F:BB:EC:C7:5E:A6:ED:CC:25:41:92:C5:5C:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CGKC51Eob7vsx16m7cwlQZLFXHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/EWdn2dAvIsQSnWq-qfqoFQud5JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/CGKC51Eob7vsx16m7cwlQZLFXHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.96.0/21
82.192.98.0/23
93.188.240.0/21
94.100.240.0/20
160.44.0.0/16
185.9.216.0/22
217.150.144.0/20
IPv6:
2a00:da8::/32
Signature Algorithm: sha256WithRSAEncryption
16:35:59:a4:0a:b4:85:85:c4:0f:7e:7b:d1:8b:01:0d:c0:24:
ed:32:3e:a4:54:d0:7f:e1:ac:1d:dc:e6:cf:fa:ec:37:bf:92:
10:55:d8:f9:06:54:fd:cc:54:7f:41:76:cd:7f:4c:71:aa:c2:
8e:05:3b:93:9c:5d:b9:42:d8:84:26:19:f5:b4:82:36:22:ca:
e3:c4:c5:ea:3c:be:56:77:da:df:69:a7:44:0d:6d:35:24:c1:
a2:66:2e:78:7f:00:d0:5e:02:83:a0:65:5b:37:2f:77:6e:5e:
53:d5:15:f0:99:7a:9d:31:27:85:b5:b5:6b:f8:16:0e:04:19:
2e:2c:9f:7a:21:7c:1c:a4:ae:2e:53:d6:e2:d6:12:63:97:92:
a6:89:2a:b5:c3:93:ec:cd:b4:bc:df:2f:d2:8e:80:11:8b:0c:
af:4a:6c:f3:8a:64:87:f5:47:7a:37:a6:85:5f:7d:41:d3:1a:
73:bc:be:1e:00:77:47:f6:e3:d4:06:a0:04:2e:b2:5c:e8:dd:
e7:bc:8c:d2:70:74:db:80:ae:cf:e3:53:cb:b3:d9:3c:56:a7:
23:d2:15:4a:2d:ad:1c:b1:f9:7a:39:8c:26:00:1e:d6:d6:42:
7a:6c:da:98:cd:31:ec:84:62:be:75:4b:aa:ee:30:00:02:db:
b7:e8:da:53
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ0fVQYAbPUjHMs8LmQE0clCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NjI4MmU3NTEyODZmYmJlY2M3NWVhNmVkY2MyNTQxOTJj
NTVjNzYwHhcNMjYwMzI0MTAxMjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY3NjdkOWQwMmYyMmM0MTI5ZDZhYmVhOWZhYTgxNTBiOWRlNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRNyOkbkZkM8fCUYws2SBjeScUqp
8yZPuLUv9Y6IA4ovhM+1ONi2aUzDl/0WHbLkde1XlAlwvwaQ0uLDKsMYLZr3vb7U
pelk4lN1CXr1U3ZTH/02nWnVc6atp1NoslKek10uGIFSwNd//ZHGB0aQ2uiiPTuo
l4p/nGf8n1qMNaGV2yoyLc2OND16mFb940V7WzJZK5EAOaBiP+OiyK4Jic4ZjJVM
pZKHXWHRiaTReIOw4cj0pB8TdFNIzJRJ5UG7PFUh3iNdtmO/vwbtv9aNEHL0TjHY
USFTarpfF6ig2J6C4pooLXURut8QNgq/6sXo5SWHmLy1JDkpXo8fEsTO0wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBFnZ9nQLyLEEp1qvqn6qBULneSVMB8GA1UdIwQY
MBaAFAhigudRKG+77Mdepu3MJUGSxVx2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0dLQzUxRW9iN3ZzeDE2bTdjd2xRWkxGWEhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZDg1OTgtZTllMi00NzA5LWI1MzUt
NmIwNGFhZGVlZjEwLzEvRVdkbjJkQXZJc1FTbldxLXFmcW9GUXVkNUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZDg1OTgtZTllMi00NzA5LWI1MzUtNmIwNGFhZGVlZjEw
LzEvQ0dLQzUxRW9iN3ZzeDE2bTdjd2xRWkxGWEhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQDLh1gAwQB
UsBiAwQDXbzwAwQEXmTwAwMAoCwDBAK5CdgDBATZlpAwDQQCAAIwBwMFACoADagw
DQYJKoZIhvcNAQELBQADggEBABY1WaQKtIWFxA9+e9GLAQ3AJO0yPqRU0H/hrB3c
5s/67De/khBV2PkGVP3MVH9Bds1/THGqwo4FO5OcXblC2IQmGfW0gjYiyuPExeo8
vlZ32t9pp0QNbTUkwaJmLnh/ANBeAoOgZVs3L3duXlPVFfCZep0xJ4W1tWv4Fg4E
GS4sn3ohfBykri5T1uLWEmOXkqaJKrXDk+zNtLzfL9KOgBGLDK9KbPOKZIf1R3o3
poVffUHTGnO8vh4Ad0f249QGoAQuslzo3ee8jNJwdNuArs/jU8uz2TxWpyPSFUot
rRyx+Xo5jCYAHtbWQnps2pjNMeyEYr51S6ruMAAC27fo2lM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:59:14 2026 by rpki-client