Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/Eo6V5YnuCJr9FvEX2DYqWrELADI.roa
File: Eo6V5YnuCJr9FvEX2DYqWrELADI.roa (raw, json)
Hash identifier: lChhm1otin5POSG81kYUPCqjBD0lABLrbTGgjSwCBss=
Subject key identifier: 12:8E:95:E5:89:EE:08:9A:FD:16:F1:17:D8:36:2A:5A:B1:0B:00:32
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 01985CECF27093FE4A1E16F75C04D3192888
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/Eo6V5YnuCJr9FvEX2DYqWrELADI.roa
Signing time: Wed 30 Jul 2025 20:01:28 +0000
ROA not before: Wed 30 Jul 2025 20:01:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44565
IP address blocks: 79.171.16.0/24 maxlen: 24
79.171.17.0/24 maxlen: 24
79.171.18.0/24 maxlen: 24
79.171.19.0/24 maxlen: 24
79.171.20.0/24 maxlen: 24
79.171.21.0/24 maxlen: 24
93.186.112.0/24 maxlen: 24
93.186.113.0/24 maxlen: 24
93.186.114.0/24 maxlen: 24
93.186.115.0/24 maxlen: 24
93.186.116.0/24 maxlen: 24
93.186.117.0/24 maxlen: 24
93.186.118.0/24 maxlen: 24
93.186.119.0/24 maxlen: 24
93.186.120.0/24 maxlen: 24
93.186.121.0/24 maxlen: 24
93.186.122.0/24 maxlen: 24
93.186.123.0/24 maxlen: 24
93.186.124.0/24 maxlen: 24
93.186.126.0/24 maxlen: 24
93.186.127.0/24 maxlen: 24
188.124.1.0/24 maxlen: 24
188.124.2.0/24 maxlen: 24
188.124.4.0/24 maxlen: 24
188.124.7.0/24 maxlen: 24
188.124.8.0/24 maxlen: 24
188.124.9.0/24 maxlen: 24
188.124.10.0/24 maxlen: 24
188.124.11.0/24 maxlen: 24
188.124.12.0/24 maxlen: 24
188.124.13.0/24 maxlen: 24
188.124.14.0/24 maxlen: 24
188.124.15.0/24 maxlen: 24
188.124.16.0/24 maxlen: 24
188.124.17.0/24 maxlen: 24
188.124.18.0/24 maxlen: 24
188.124.19.0/24 maxlen: 24
188.124.20.0/24 maxlen: 24
188.124.21.0/24 maxlen: 24
188.124.23.0/24 maxlen: 24
188.124.24.0/24 maxlen: 24
188.124.25.0/24 maxlen: 24
188.124.26.0/24 maxlen: 24
188.124.27.0/24 maxlen: 24
188.124.28.0/24 maxlen: 24
188.124.29.0/24 maxlen: 24
188.124.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5c:ec:f2:70:93:fe:4a:1e:16:f7:5c:04:d3:19:28:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Jul 30 20:01:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=128e95e589ee089afd16f117d8362a5ab10b0032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:73:bd:41:5a:c0:25:67:52:24:9d:66:86:2e:
f4:a1:98:42:ad:16:44:65:04:49:7b:85:d2:3c:19:
8a:09:f4:c2:6e:13:dd:fe:6e:ea:9c:45:75:b6:4d:
d3:13:2b:6b:df:ac:4c:68:a6:ff:19:55:a8:b0:d1:
78:d9:99:4f:7f:e2:24:46:b5:30:72:6d:12:a6:e4:
2f:a4:e5:ec:3d:e9:ad:14:40:6f:41:1f:f1:c0:1a:
d2:51:7a:37:5c:65:60:37:32:2c:1e:14:47:1b:4b:
1d:c1:4d:81:fb:fe:b8:cf:6d:64:50:57:be:ad:17:
c0:da:93:38:25:15:f9:d2:eb:d6:ff:9a:93:cb:62:
6b:81:47:a3:dd:09:55:71:30:f4:8a:bc:67:2c:2c:
34:6b:cf:0f:1a:ef:7a:bf:c4:51:44:60:55:5b:f2:
3a:be:ab:c1:a2:dc:fb:5e:bf:97:70:db:6d:9a:c2:
a1:4b:66:84:57:93:55:cf:33:e6:7d:f3:46:b9:9c:
24:b3:34:3d:b1:a4:c0:b8:3c:b2:0d:d7:7d:76:b3:
0b:96:16:cc:68:94:09:e2:0d:3d:26:d9:ef:71:70:
e4:98:e6:fc:00:d4:a6:0c:5b:28:11:59:47:b9:f3:
c5:8b:b1:2d:3c:6c:4b:1f:5e:5b:38:76:68:dd:df:
97:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:8E:95:E5:89:EE:08:9A:FD:16:F1:17:D8:36:2A:5A:B1:0B:00:32
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/Eo6V5YnuCJr9FvEX2DYqWrELADI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.16.0-79.171.21.255
93.186.112.0-93.186.124.255
93.186.126.0/23
188.124.1.0-188.124.2.255
188.124.4.0/24
188.124.7.0-188.124.21.255
188.124.23.0-188.124.30.255
Signature Algorithm: sha256WithRSAEncryption
0d:56:90:9e:87:ca:52:89:1a:ae:61:c5:dd:1c:e4:42:c1:71:
d6:b2:4f:cd:44:73:0a:1e:9a:9e:02:bc:1f:37:59:54:94:27:
ee:de:aa:dd:52:08:4f:b4:db:35:0a:dd:15:32:db:ae:bd:f6:
0d:64:e1:6e:bf:0d:e1:f7:08:b2:2c:cc:07:37:97:f9:1b:85:
67:d7:79:fc:6d:07:0e:9b:2f:ff:ed:99:25:21:9b:d6:21:df:
1a:ed:b7:0b:29:8f:f3:15:b0:3c:c3:d8:82:42:f6:13:b4:91:
09:b8:b9:15:27:3e:cc:68:c2:d5:7a:f7:bc:c5:2c:14:fc:bf:
82:27:55:30:89:92:ea:5f:bc:21:06:db:03:86:9e:5f:8d:47:
c6:94:26:03:6a:21:7d:49:3f:24:37:2c:46:4f:20:af:a3:8a:
cf:ab:d6:1f:32:6e:e0:4b:2a:31:77:f5:d7:33:c4:dd:c3:8d:
82:4e:d1:cf:cb:84:b5:68:93:52:f8:00:88:05:fe:98:01:6e:
32:2e:6d:64:1a:48:f9:79:5d:34:91:d5:43:c2:2b:a7:97:66:
4a:c0:31:76:e2:d9:42:18:6c:07:3c:2a:5a:a6:2b:6c:64:cb:
4a:26:4d:7e:ac:70:c8:51:57:87:61:cf:c7:d9:8c:7c:9c:6b:
31:1d:61:80
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZhc7PJwk/5KHhb3XATTGSiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjUwNzMwMjAwMTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjhlOTVlNTg5ZWUwODlhZmQxNmYxMTdkODM2MmE1YWIxMGIwMDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXO9QVrAJWdSJJ1mhi70oZhCrRZE
ZQRJe4XSPBmKCfTCbhPd/m7qnEV1tk3TEytr36xMaKb/GVWosNF42ZlPf+IkRrUw
cm0SpuQvpOXsPemtFEBvQR/xwBrSUXo3XGVgNzIsHhRHG0sdwU2B+/64z21kUFe+
rRfA2pM4JRX50uvW/5qTy2JrgUej3QlVcTD0irxnLCw0a88PGu96v8RRRGBVW/I6
vqvBotz7Xr+XcNttmsKhS2aEV5NVzzPmffNGuZwkszQ9saTAuDyyDdd9drMLlhbM
aJQJ4g09JtnvcXDkmOb8ANSmDFsoEVlHufPFi7EtPGxLH15bOHZo3d+X6QIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFBKOleWJ7gia/RbxF9g2KlqxCwAyMB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvRW82VjVZbnVDSnI5RnZFWDJEWXFXckVMQURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSMAwDBARPqxAD
BAFPqxQwDAMEBF26cAMEAF26fAMEAV26fjAMAwQAvHwBAwQAvHwCAwQAvHwEMAwD
BAC8fAcDBAG8fBQwDAMEALx8FwMEALx8HjANBgkqhkiG9w0BAQsFAAOCAQEADVaQ
nofKUokarmHF3RzkQsFx1rJPzURzCh6angK8HzdZVJQn7t6q3VIIT7TbNQrdFTLb
rr32DWThbr8N4fcIsizMBzeX+RuFZ9d5/G0HDpsv/+2ZJSGb1iHfGu23CymP8xWw
PMPYgkL2E7SRCbi5FSc+zGjC1Xr3vMUsFPy/gidVMImS6l+8IQbbA4aeX41HxpQm
A2ohfUk/JDcsRk8gr6OKz6vWHzJu4EsqMXf11zPE3cONgk7Rz8uEtWiTUvgAiAX+
mAFuMi5tZBpI+XldNJHVQ8Irp5dmSsAxduLZQhhsBzwqWqYrbGTLSiZNfqxwyFFX
h2HPx9mMfJxrMR1hgA==
-----END CERTIFICATE-----
Generated at Thu Aug 7 14:33:07 2025 by rpki-client