Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/EfVvtO8lm1Si6qLRzhqZyNiLA2A.roa
File: EfVvtO8lm1Si6qLRzhqZyNiLA2A.roa (raw, json)
Hash identifier: AGnC9j2XbsSg8ypobMy0WLL3qlGsIJiaIJ6n0xqsImU=
Subject key identifier: 11:F5:6F:B4:EF:25:9B:54:A2:EA:A2:D1:CE:1A:99:C8:D8:8B:03:60
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 019E1782EEBE79C17DB2CC7D86DB58FC8E9A
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/EfVvtO8lm1Si6qLRzhqZyNiLA2A.roa
Signing time: Mon 11 May 2026 14:48:37 +0000
ROA not before: Mon 11 May 2026 14:48:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58074
IP address blocks: 91.197.247.0/24 maxlen: 24
193.104.121.0/24 maxlen: 24
193.105.239.0/24 maxlen: 24
194.6.201.0/24 maxlen: 24
194.107.112.0/24 maxlen: 24
195.245.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 02:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:82:ee:be:79:c1:7d:b2:cc:7d:86:db:58:fc:8e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: May 11 14:48:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=11f56fb4ef259b54a2eaa2d1ce1a99c8d88b0360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:be:12:65:0a:bf:8e:10:9c:a9:c5:2d:78:e2:
be:c3:5c:33:f7:f9:f4:4a:d3:d5:73:f9:19:21:e7:
83:64:b8:02:31:31:f1:4a:e7:be:e9:d8:86:b7:c1:
de:fe:22:2f:88:92:45:15:ef:b3:a1:1f:ee:03:58:
f5:9b:21:b4:aa:f9:44:c2:36:5b:c7:dd:2c:4c:d6:
25:20:90:57:3b:4d:de:b5:62:51:ec:f0:46:79:f4:
b5:d3:44:ed:2a:e6:a6:cc:81:26:1a:c7:14:26:84:
9d:40:bc:7a:14:01:07:13:1e:91:ce:a6:66:4c:42:
da:1d:43:71:8b:f1:9a:7e:ac:9c:1f:d3:04:0b:a3:
d5:89:4a:ac:e1:ef:aa:9e:f0:a4:13:c5:1b:ff:ea:
9f:53:83:4d:e1:5e:76:01:72:3e:18:2b:f8:ab:6d:
64:dc:15:19:97:df:1f:a1:7c:01:5b:37:ad:fc:79:
c5:5f:e3:73:1c:10:e6:b0:20:fe:18:de:21:72:94:
40:05:ab:2a:d3:0b:65:c5:40:86:19:5e:05:56:35:
3b:56:aa:d8:fd:8a:13:eb:29:a5:4b:b3:f1:f1:43:
ed:6a:76:9c:f5:d7:cd:4d:3a:c7:56:de:93:8a:cc:
aa:7d:84:ed:d6:28:4e:17:cb:31:e7:d1:80:0d:c8:
79:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F5:6F:B4:EF:25:9B:54:A2:EA:A2:D1:CE:1A:99:C8:D8:8B:03:60
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/EfVvtO8lm1Si6qLRzhqZyNiLA2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.247.0/24
193.104.121.0/24
193.105.239.0/24
194.6.201.0/24
194.107.112.0/24
195.245.82.0/24
Signature Algorithm: sha256WithRSAEncryption
15:90:10:71:1e:e3:1f:74:3a:53:b1:4e:19:48:51:4f:1d:ce:
1c:df:35:1f:cf:e6:65:f5:c4:8a:40:16:ed:36:54:7d:a1:e7:
e1:e7:ee:6e:5d:f9:f9:35:a9:91:7e:df:cb:56:f6:dd:c0:34:
78:96:01:c0:b2:3a:51:19:64:4b:73:ec:28:80:57:8d:4e:d5:
bd:0e:1a:73:4e:10:6e:f9:ac:48:45:7f:f4:23:0a:75:e5:16:
d5:be:f1:53:64:c8:b2:94:6f:ee:e4:cb:a2:6e:ef:ff:45:35:
5a:8e:cf:cc:9c:50:3c:69:2e:8a:d2:24:c7:b3:bb:dd:0c:5c:
54:7b:a9:d1:cd:d8:df:7e:e5:3c:7d:42:cf:67:73:cc:e4:95:
c9:99:cc:af:57:cb:b8:80:a6:58:52:ea:ee:f7:1d:1e:8e:66:
a1:6f:8d:c4:c0:c8:b0:6d:90:ed:90:15:ae:68:1c:73:2e:ea:
86:91:f9:ae:ad:1d:f5:ac:b6:32:4e:5c:11:2e:55:2c:ea:23:
64:ec:2e:53:09:bc:bf:32:de:2f:a1:0a:59:0a:74:24:49:c9:
85:1a:e0:4c:e7:64:13:c5:b8:f1:20:69:0c:72:22:16:0c:d0:
58:48:e0:a1:23:ea:78:56:e8:49:35:19:50:fd:93:e7:d0:e3:
de:ee:1d:26
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ4Xgu6+ecF9ssx9httY/I6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNGRiNzYyMzI0MWQ3ZTY2NzhmYzI1NzUxZmE0ZTBiNjY2
NTE4NmIwHhcNMjYwNTExMTQ0ODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWY1NmZiNGVmMjU5YjU0YTJlYWEyZDFjZTFhOTljOGQ4OGIwMzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq74SZQq/jhCcqcUteOK+w1wz9/n0
StPVc/kZIeeDZLgCMTHxSue+6diGt8He/iIviJJFFe+zoR/uA1j1myG0qvlEwjZb
x90sTNYlIJBXO03etWJR7PBGefS100TtKuamzIEmGscUJoSdQLx6FAEHEx6RzqZm
TELaHUNxi/GafqycH9MEC6PViUqs4e+qnvCkE8Ub/+qfU4NN4V52AXI+GCv4q21k
3BUZl98foXwBWzet/HnFX+NzHBDmsCD+GN4hcpRABasq0wtlxUCGGV4FVjU7VqrY
/YoT6ymlS7Px8UPtanac9dfNTTrHVt6TisyqfYTt1ihOF8sx59GADch50wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBH1b7TvJZtUouqi0c4amcjYiwNgMB8GA1UdIwQY
MBaAFMBNt2IyQdfmZ4/CV1H6TgtmZRhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMt
MDQyM2YyNjNmMmNiLzEvRWZWdnRPOGxtMVNpNnFMUnpocVp5TmlMQTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82ZTg3NGUtNzNmZS00ZGJiLWI3NGMtMDQyM2YyNjNmMmNi
LzEvd0UyM1lqSkIxLVpuajhKWFVmcE9DMlpsR0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8X3AwQA
wWh5AwQAwWnvAwQAwgbJAwQAwmtwAwQAw/VSMA0GCSqGSIb3DQEBCwUAA4IBAQAV
kBBxHuMfdDpTsU4ZSFFPHc4c3zUfz+Zl9cSKQBbtNlR9oefh5+5uXfn5NamRft/L
VvbdwDR4lgHAsjpRGWRLc+wogFeNTtW9DhpzThBu+axIRX/0Iwp15RbVvvFTZMiy
lG/u5Muibu//RTVajs/MnFA8aS6K0iTHs7vdDFxUe6nRzdjffuU8fULPZ3PM5JXJ
mcyvV8u4gKZYUuru9x0ejmahb43EwMiwbZDtkBWuaBxzLuqGkfmurR31rLYyTlwR
LlUs6iNk7C5TCby/Mt4voQpZCnQkScmFGuBM52QTxbjxIGkMciIWDNBYSOChI+p4
VuhJNRlQ/ZPn0OPe7h0m
-----END CERTIFICATE-----
Generated at Wed May 13 12:40:25 2026 by rpki-client