Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/eNrRny52Eiu7YfDMlBGjKC4VVI0.roa
File: eNrRny52Eiu7YfDMlBGjKC4VVI0.roa (raw, json)
Hash identifier: cPx5AwXrpFAEKzDlA+d9QlLxdKd+eCrpsk0lWaPywAs=
Subject key identifier: 78:DA:D1:9F:2E:76:12:2B:BB:61:F0:CC:94:11:A3:28:2E:15:54:8D
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019CEE0BFFCF4F1B937251DFCDD73F88A0FE
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/eNrRny52Eiu7YfDMlBGjKC4VVI0.roa
Signing time: Sat 14 Mar 2026 20:31:29 +0000
ROA not before: Sat 14 Mar 2026 20:31:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36454
IP address blocks: 65.181.112.0/24 maxlen: 24
65.181.116.0/24 maxlen: 24
65.181.123.0/24 maxlen: 24
65.181.124.0/24 maxlen: 24
65.181.125.0/24 maxlen: 24
69.57.189.0/24 maxlen: 24
162.208.8.0/24 maxlen: 24
162.208.9.0/24 maxlen: 24
162.208.10.0/24 maxlen: 24
162.208.11.0/24 maxlen: 24
185.181.253.0/24 maxlen: 24
185.181.254.0/24 maxlen: 24
185.181.255.0/24 maxlen: 24
192.243.96.0/24 maxlen: 24
192.243.97.0/24 maxlen: 24
192.243.98.0/24 maxlen: 24
192.243.99.0/24 maxlen: 24
192.243.100.0/24 maxlen: 24
192.243.101.0/24 maxlen: 24
192.243.102.0/24 maxlen: 24
192.243.103.0/24 maxlen: 24
192.243.104.0/24 maxlen: 24
192.243.105.0/24 maxlen: 24
192.243.106.0/24 maxlen: 24
192.243.107.0/24 maxlen: 24
192.243.108.0/24 maxlen: 24
192.243.109.0/24 maxlen: 24
192.243.111.0/24 maxlen: 24
192.250.224.0/20 maxlen: 20
192.250.226.0/24 maxlen: 24
192.250.227.0/24 maxlen: 24
192.250.236.0/24 maxlen: 24
194.39.123.0/24 maxlen: 24
194.39.148.0/24 maxlen: 24
194.39.149.0/24 maxlen: 24
195.250.25.0/24 maxlen: 24
198.38.90.0/24 maxlen: 24
199.175.48.0/24 maxlen: 24
199.175.49.0/24 maxlen: 24
199.175.50.0/24 maxlen: 24
199.175.51.0/24 maxlen: 24
199.175.52.0/24 maxlen: 24
199.175.53.0/24 maxlen: 24
199.175.54.0/24 maxlen: 24
199.175.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ee:0b:ff:cf:4f:1b:93:72:51:df:cd:d7:3f:88:a0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Mar 14 20:31:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=78dad19f2e76122bbb61f0cc9411a3282e15548d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:00:91:7f:e0:1b:ae:10:e8:86:9b:14:3b:
19:ef:8b:ab:36:fb:a0:c8:68:97:bb:38:6b:95:76:
b1:e4:42:e5:8b:ef:f4:28:c9:33:0c:17:c2:5d:58:
2f:e9:6d:5e:20:49:b7:86:da:52:be:49:d3:f5:a2:
75:d2:75:eb:9f:1a:a8:a3:f5:5a:87:cd:08:be:68:
b7:19:b2:d0:c7:db:2f:fa:db:58:69:dd:56:9a:e4:
f9:95:ec:9c:b6:66:07:5a:b2:72:a5:1a:97:14:fa:
71:0f:1b:27:35:bb:25:f3:46:f2:05:d2:8f:8c:b2:
32:bc:ac:40:07:d0:e5:00:62:f0:4a:5f:fd:24:ef:
b3:a1:db:a7:fb:a2:b9:3e:15:bf:51:98:76:44:ae:
f7:4f:52:e9:b1:6b:85:56:0b:7b:a6:05:c5:83:44:
0f:02:8e:a3:68:4c:b3:a3:4e:f6:b4:4d:3f:ad:64:
f6:84:d3:e4:ae:81:eb:c0:d4:a5:2d:d3:d1:93:bf:
02:d1:49:0a:d3:bf:65:06:40:95:30:e5:29:a1:bd:
74:97:08:99:5c:7f:a8:ee:41:43:1d:99:d4:49:a8:
f4:96:fe:14:41:fa:cf:52:47:64:36:1b:96:ec:3f:
b4:b4:69:88:2e:6f:4a:e9:ab:1a:e0:21:72:aa:5b:
49:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:DA:D1:9F:2E:76:12:2B:BB:61:F0:CC:94:11:A3:28:2E:15:54:8D
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/eNrRny52Eiu7YfDMlBGjKC4VVI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.181.112.0/24
65.181.116.0/24
65.181.123.0-65.181.125.255
69.57.189.0/24
162.208.8.0/22
185.181.253.0-185.181.255.255
192.243.96.0-192.243.109.255
192.243.111.0/24
192.250.224.0/20
194.39.123.0/24
194.39.148.0/23
195.250.25.0/24
198.38.90.0/24
199.175.48.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:c8:26:81:50:ea:11:74:5e:03:90:47:7a:5f:c2:35:53:40:
47:00:d4:79:a8:21:d3:aa:45:58:99:78:d5:58:60:83:8d:4b:
2f:d9:81:c9:2d:a1:7d:8a:47:2f:91:0f:29:56:50:9f:6a:8b:
0c:d0:19:5b:6a:cc:45:8e:c6:70:6f:74:1d:3d:8d:e6:9e:bf:
2f:09:f8:9b:3e:05:67:44:76:a8:e8:8d:29:fa:40:61:e8:c7:
27:5c:73:11:5e:3f:2e:35:e2:e5:a9:3c:51:aa:8e:86:07:58:
47:8c:e9:09:a7:e5:73:0b:00:9f:e6:36:b9:06:6f:30:22:eb:
81:e5:6d:81:b3:9f:73:08:a4:ca:69:a7:05:4e:94:42:7d:d8:
61:30:7c:c9:7c:4a:5a:d2:6e:5a:9d:54:44:a3:5c:1d:4a:85:
ea:c3:c9:db:c9:17:47:91:5e:36:33:e8:95:1a:33:b2:56:ef:
53:42:bb:75:3f:12:78:41:7b:7f:ea:cd:d4:40:2d:5a:75:d0:
f6:61:31:39:73:67:e0:aa:17:bb:d1:f2:c7:cd:51:49:92:ca:
ab:7d:6a:f6:e4:cb:ad:b7:50:a1:3d:ae:09:a9:9c:10:c1:59:
74:87:69:01:b5:bd:d6:cc:29:bd:2d:50:5f:d1:67:6d:c3:d3:
8d:46:ea:34
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZzuC//PTxuTclHfzdc/iKD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjYwMzE0MjAzMTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGRhZDE5ZjJlNzYxMjJiYmI2MWYwY2M5NDExYTMyODJlMTU1NDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5oAkX/gG64Q6IabFDsZ74urNvug
yGiXuzhrlXax5ELli+/0KMkzDBfCXVgv6W1eIEm3htpSvknT9aJ10nXrnxqoo/Va
h80Ivmi3GbLQx9sv+ttYad1WmuT5leyctmYHWrJypRqXFPpxDxsnNbsl80byBdKP
jLIyvKxAB9DlAGLwSl/9JO+zodun+6K5PhW/UZh2RK73T1LpsWuFVgt7pgXFg0QP
Ao6jaEyzo072tE0/rWT2hNPkroHrwNSlLdPRk78C0UkK079lBkCVMOUpob10lwiZ
XH+o7kFDHZnUSaj0lv4UQfrPUkdkNhuW7D+0tGmILm9K6asa4CFyqltJQQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFHja0Z8udhIru2HwzJQRoyguFVSNMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvZU5yUm55NTJFaXU3WWZETWxCR2pLQzRWVkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwcQQCAAEwawMEAEG1cAME
AEG1dDAMAwQAQbV7AwQBQbV8AwQARTm9AwQCotAIMAsDBAC5tf0DAwG5tDAMAwQF
wPNgAwQBwPNsAwQAwPNvAwQEwPrgAwQAwid7AwQBwieUAwQAw/oZAwQAxiZaAwQD
x68wMA0GCSqGSIb3DQEBCwUAA4IBAQALyCaBUOoRdF4DkEd6X8I1U0BHANR5qCHT
qkVYmXjVWGCDjUsv2YHJLaF9ikcvkQ8pVlCfaosM0BlbasxFjsZwb3QdPY3mnr8v
CfibPgVnRHao6I0p+kBh6McnXHMRXj8uNeLlqTxRqo6GB1hHjOkJp+VzCwCf5ja5
Bm8wIuuB5W2Bs59zCKTKaacFTpRCfdhhMHzJfEpa0m5anVREo1wdSoXqw8nbyRdH
kV42M+iVGjOyVu9TQrt1PxJ4QXt/6s3UQC1addD2YTE5c2fgqhe70fLHzVFJksqr
fWr25Mutt1ChPa4JqZwQwVl0h2kBtb3WzCm9LVBf0Wdtw9ONRuo0
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:13:38 2026 by rpki-client