Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/8eLGuq2wm0ST75Nc6wYZHuCYsJE.roa
File: 8eLGuq2wm0ST75Nc6wYZHuCYsJE.roa (raw, json)
Hash identifier: vMrV06h4dj90hrIPC+644OzHHG7+LEnFLgT6M0Py4q0=
Subject key identifier: F1:E2:C6:BA:AD:B0:9B:44:93:EF:93:5C:EB:06:19:1E:E0:98:B0:91
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019CFD281A3423968CD7E1F89BD72F395F80
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/8eLGuq2wm0ST75Nc6wYZHuCYsJE.roa
Signing time: Tue 17 Mar 2026 18:56:29 +0000
ROA not before: Tue 17 Mar 2026 18:56:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62904
IP address blocks: 31.172.69.0/24 maxlen: 24
31.172.79.0/24 maxlen: 24
81.85.77.0/24 maxlen: 24
194.154.27.0/24 maxlen: 24
217.177.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fd:28:1a:34:23:96:8c:d7:e1:f8:9b:d7:2f:39:5f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Mar 17 18:56:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f1e2c6baadb09b4493ef935ceb06191ee098b091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4b:b7:cc:e2:48:6a:88:4f:25:e0:c6:d1:43:
62:a6:11:a4:26:70:7b:bd:6d:b9:98:2c:fe:80:61:
a4:10:99:94:a8:cb:15:12:f4:85:61:6e:c2:f1:c4:
ac:4c:14:b8:0e:00:cc:5b:0b:89:fe:3b:bb:d4:52:
fa:e4:fb:4d:56:54:ee:a4:89:a9:88:df:70:49:14:
0a:50:2d:49:9a:6d:7e:00:10:90:88:93:31:14:32:
fe:81:16:89:41:68:82:b5:a8:1c:84:f3:b2:9e:01:
e8:5c:0b:c8:d3:18:d9:13:58:e6:3c:47:7b:7a:76:
9a:1c:a9:3c:94:39:d1:5e:85:c1:1b:70:9e:3a:9a:
a4:9d:61:fa:3a:9a:ff:dd:9c:7c:1a:2a:f2:cd:63:
fc:d4:b9:f0:9d:b8:8b:5a:c3:4c:c9:32:3f:87:97:
25:8b:7e:04:d5:98:57:2d:4e:b9:c9:87:af:eb:1d:
3a:4f:5a:40:2f:cd:fa:42:2e:80:65:60:dd:4f:aa:
58:f2:4e:b1:bd:d6:27:26:2d:4a:6c:ef:9a:9c:b3:
25:93:e7:d6:4f:f6:21:21:08:3a:ba:df:c0:92:08:
20:47:0c:5a:c1:ca:af:02:06:e7:32:ff:3a:cb:a8:
17:1c:fd:f6:a5:59:57:51:bb:db:f6:96:1d:e3:9d:
68:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E2:C6:BA:AD:B0:9B:44:93:EF:93:5C:EB:06:19:1E:E0:98:B0:91
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/8eLGuq2wm0ST75Nc6wYZHuCYsJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.69.0/24
31.172.79.0/24
81.85.77.0/24
194.154.27.0/24
217.177.75.0/24
Signature Algorithm: sha256WithRSAEncryption
97:fd:80:ed:a0:4a:f3:6b:e0:e4:0b:fd:10:c0:43:3a:41:30:
58:04:c5:d9:88:f0:22:59:6e:25:5f:f6:be:12:59:b2:eb:8e:
39:dc:58:50:70:71:e4:c9:71:17:bf:cc:21:a1:63:18:b7:9c:
64:88:7f:8d:49:a6:29:d1:37:b5:1e:b7:58:61:5b:6d:9b:8e:
65:a1:39:b7:0d:5a:15:51:1a:ab:3b:47:09:1f:37:8e:34:19:
86:90:2a:08:4d:68:04:ad:f6:cb:4d:ec:a9:56:fa:9b:55:46:
ec:09:34:50:af:af:a3:48:06:1d:d5:b4:48:2f:f0:05:79:de:
22:54:e3:e4:ae:e9:b7:f7:72:7c:62:3f:bb:32:0b:61:90:d7:
3e:08:9b:b7:26:da:2f:72:d8:44:08:6f:16:60:09:6b:1a:f9:
15:63:f4:dc:85:46:46:1a:31:70:4e:e8:92:b0:91:aa:b8:57:
33:e1:62:d7:d7:77:a8:02:2b:57:7d:bd:21:54:c8:1e:60:6a:
9c:00:85:70:fb:31:82:91:d7:2f:a8:0d:f1:cf:4c:70:20:bc:
b5:35:d2:3e:4f:e6:52:ef:02:88:51:50:ad:35:60:af:ea:7e:
d5:9d:81:fe:fc:5f:08:3b:c2:ab:b7:7b:0b:82:1f:3b:08:16:
03:10:e8:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZz9KBo0I5aM1+H4m9cvOV+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwMzE3MTg1NjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWUyYzZiYWFkYjA5YjQ0OTNlZjkzNWNlYjA2MTkxZWUwOThiMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUu3zOJIaohPJeDG0UNiphGkJnB7
vW25mCz+gGGkEJmUqMsVEvSFYW7C8cSsTBS4DgDMWwuJ/ju71FL65PtNVlTupImp
iN9wSRQKUC1Jmm1+ABCQiJMxFDL+gRaJQWiCtagchPOyngHoXAvI0xjZE1jmPEd7
enaaHKk8lDnRXoXBG3CeOpqknWH6Opr/3Zx8GiryzWP81LnwnbiLWsNMyTI/h5cl
i34E1ZhXLU65yYev6x06T1pAL836Qi6AZWDdT6pY8k6xvdYnJi1KbO+anLMlk+fW
T/YhIQg6ut/AkgggRwxawcqvAgbnMv86y6gXHP32pVlXUbvb9pYd451oJwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPHixrqtsJtEk++TXOsGGR7gmLCRMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvOGVMR3VxMndtMFNUNzVOYzZ3WVpIdUNZc0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH6xFAwQA
H6xPAwQAUVVNAwQAwpobAwQA2bFLMA0GCSqGSIb3DQEBCwUAA4IBAQCX/YDtoErz
a+DkC/0QwEM6QTBYBMXZiPAiWW4lX/a+Elmy64453FhQcHHkyXEXv8whoWMYt5xk
iH+NSaYp0Te1HrdYYVttm45loTm3DVoVURqrO0cJHzeONBmGkCoITWgErfbLTeyp
VvqbVUbsCTRQr6+jSAYd1bRIL/AFed4iVOPkrum393J8Yj+7MgthkNc+CJu3Jtov
cthECG8WYAlrGvkVY/TchUZGGjFwTuiSsJGquFcz4WLX13eoAitXfb0hVMgeYGqc
AIVw+zGCkdcvqA3xz0xwILy1NdI+T+ZS7wKIUVCtNWCv6n7VnYH+/F8IO8Krt3sL
gh87CBYDEOiZ
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:12:16 2026 by rpki-client