Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/KEElIOPDkvYWfkBPu3wloTdF7y8.roa
File: KEElIOPDkvYWfkBPu3wloTdF7y8.roa (raw, json)
Hash identifier: +9b4sPZ8AQ30tCt7H4tLS/cHsGeFLEzYbt5LfCU9v9U=
Subject key identifier: 28:41:25:20:E3:C3:92:F6:16:7E:40:4F:BB:7C:25:A1:37:45:EF:2F
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 019D005751758096A94BAFE932A0968C0D91
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/KEElIOPDkvYWfkBPu3wloTdF7y8.roa
Signing time: Wed 18 Mar 2026 09:46:55 +0000
ROA not before: Wed 18 Mar 2026 09:46:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8315
IP address blocks: 83.98.128.0/18 maxlen: 24
83.98.140.0/24 maxlen: 24
83.98.192.0/21 maxlen: 24
83.98.200.0/22 maxlen: 24
83.98.208.0/20 maxlen: 24
89.18.160.0/22 maxlen: 24
89.18.168.0/21 maxlen: 24
89.18.180.0/22 maxlen: 24
89.30.128.0/18 maxlen: 24
89.30.171.0/24 maxlen: 24
89.30.192.0/19 maxlen: 24
89.30.208.0/20 maxlen: 24
89.30.224.0/21 maxlen: 24
213.189.0.0/21 maxlen: 24
213.189.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:57:51:75:80:96:a9:4b:af:e9:32:a0:96:8c:0d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Mar 18 09:46:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=28412520e3c392f6167e404fbb7c25a13745ef2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:77:db:07:89:a4:7f:b4:e3:fc:55:a0:c2:5b:
6d:25:57:1f:33:d0:da:a9:a0:5d:41:0d:f0:48:01:
4c:6f:99:32:e7:41:cd:1a:ca:59:21:28:bf:69:28:
d2:c3:38:03:91:7d:2e:b6:7f:2f:c2:71:e3:90:ce:
c2:81:79:03:40:7b:d4:06:38:6d:cb:73:22:af:1d:
43:c7:94:d0:e3:58:de:90:f0:fc:82:78:5b:38:93:
e5:07:95:6b:ff:c9:f0:83:8b:fa:62:b5:45:ed:80:
eb:6c:84:de:bf:21:73:60:b1:7e:ae:8d:2e:00:66:
85:91:ef:0a:e8:23:a4:b5:83:5d:da:89:e9:73:fd:
d7:5a:68:35:de:8a:9f:9f:c5:5a:92:cc:2b:e0:c4:
cf:fe:80:16:b3:9b:77:ee:a8:48:f3:4d:30:26:62:
d2:5e:7f:d9:25:80:14:d7:8b:d1:32:74:06:dd:0f:
69:b1:30:a4:99:b0:fb:ea:e1:b0:bf:ec:67:82:4b:
a9:f5:9c:43:b3:88:ad:c1:8d:3d:49:ef:ea:96:ae:
5a:e9:36:dc:93:60:bd:70:96:49:7d:ba:af:ce:36:
d2:25:00:ca:4e:9e:79:cf:ec:7f:28:53:ef:fc:c8:
d2:cb:06:0c:dc:e5:3b:cb:bd:02:31:1b:ce:54:b9:
c7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:41:25:20:E3:C3:92:F6:16:7E:40:4F:BB:7C:25:A1:37:45:EF:2F
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/KEElIOPDkvYWfkBPu3wloTdF7y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.98.128.0-83.98.203.255
83.98.208.0/20
89.18.160.0/22
89.18.168.0/21
89.18.180.0/22
89.30.128.0-89.30.231.255
213.189.0.0/21
213.189.16.0/20
Signature Algorithm: sha256WithRSAEncryption
3b:ca:50:a4:2d:eb:66:dd:77:17:c3:5c:10:eb:10:42:c4:22:
0d:94:fa:b6:27:0c:1e:66:7f:86:ab:ff:60:90:5e:fd:0a:ae:
5b:de:a4:df:4c:05:43:bf:0a:60:fc:bf:4e:47:68:61:8e:7d:
5d:7a:bd:78:5b:98:12:43:1b:2b:90:aa:9c:ee:7a:4c:28:66:
59:07:64:43:b8:77:c6:63:16:f2:1e:da:ca:c9:5d:b1:e4:5c:
a5:29:02:8f:37:a0:fa:bc:87:44:4b:62:6e:92:56:70:35:09:
13:b7:7f:c5:98:ba:c3:c4:9f:82:1e:4b:27:89:0b:55:6a:59:
a3:46:f4:3e:d0:46:af:50:56:f5:19:d7:d2:ff:6a:61:75:4b:
88:b2:26:88:a8:73:31:ea:fb:3f:f0:e2:c4:12:f2:19:bd:74:
f0:27:ba:09:2e:f4:4c:5a:b7:0c:38:96:86:0d:3e:0b:2f:27:
07:37:8a:db:c3:b6:ae:ac:0b:ec:9e:bc:c6:77:5e:31:32:af:
87:6c:68:ef:1e:4b:9a:2a:6e:e2:43:f3:75:6d:e5:63:97:54:
70:e7:01:5a:3d:fb:50:27:5c:c9:e6:32:83:be:99:cb:cf:48:
f8:14:d5:ec:23:50:01:a4:84:0c:9b:0c:f8:41:b7:38:66:d0:
37:5e:1c:f3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZ0AV1F1gJapS6/pMqCWjA2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjYwMzE4MDk0NjU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODQxMjUyMGUzYzM5MmY2MTY3ZTQwNGZiYjdjMjVhMTM3NDVlZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XfbB4mkf7Tj/FWgwlttJVcfM9Da
qaBdQQ3wSAFMb5ky50HNGspZISi/aSjSwzgDkX0utn8vwnHjkM7CgXkDQHvUBjht
y3Mirx1Dx5TQ41jekPD8gnhbOJPlB5Vr/8nwg4v6YrVF7YDrbITevyFzYLF+ro0u
AGaFke8K6COktYNd2onpc/3XWmg13oqfn8Vakswr4MTP/oAWs5t37qhI800wJmLS
Xn/ZJYAU14vRMnQG3Q9psTCkmbD76uGwv+xngkup9ZxDs4itwY09Se/qlq5a6Tbc
k2C9cJZJfbqvzjbSJQDKTp55z+x/KFPv/MjSywYM3OU7y70CMRvOVLnHNwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFChBJSDjw5L2Fn5AT7t8JaE3Re8vMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvS0VFbElPUERrdllXZmtCUHUzd2xvVGRGN3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAdTYoAD
BAJTYsgDBARTYtADBAJZEqADBANZEqgDBAJZErQwDAMEB1kegAMEA1ke4AMEA9W9
AAMEBNW9EDANBgkqhkiG9w0BAQsFAAOCAQEAO8pQpC3rZt13F8NcEOsQQsQiDZT6
ticMHmZ/hqv/YJBe/QquW96k30wFQ78KYPy/TkdoYY59XXq9eFuYEkMbK5CqnO56
TChmWQdkQ7h3xmMW8h7aysldseRcpSkCjzeg+ryHREtibpJWcDUJE7d/xZi6w8Sf
gh5LJ4kLVWpZo0b0PtBGr1BW9RnX0v9qYXVLiLImiKhzMer7P/DixBLyGb108Ce6
CS70TFq3DDiWhg0+Cy8nBzeK28O2rqwL7J68xndeMTKvh2xo7x5Lmipu4kPzdW3l
Y5dUcOcBWj37UCdcyeYyg76Zy89I+BTV7CNQAaSEDJsM+EG3OGbQN14c8w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:46:32 2026 by rpki-client