Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/ehaKAZDsgptgxfrqnqiqx4cGkMY.roa
File: ehaKAZDsgptgxfrqnqiqx4cGkMY.roa (raw, json)
Hash identifier: S/A90QiQp5NxapBhTE6IOmZsEJSD0lD9cI1LgP0qnqI=
Subject key identifier: 7A:16:8A:01:90:EC:82:9B:60:C5:FA:EA:9E:A8:AA:C7:87:06:90:C6
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 01985AF826F3E11A2BA3A05B555DCF5D6C3A
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/ehaKAZDsgptgxfrqnqiqx4cGkMY.roa
Signing time: Wed 30 Jul 2025 10:54:28 +0000
ROA not before: Wed 30 Jul 2025 10:54:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 37.235.3.0/24 maxlen: 24
37.235.4.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
37.235.7.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.228.0/24 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.244.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
45.84.252.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
94.16.98.0/24 maxlen: 24
94.16.100.0/24 maxlen: 24
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
144.208.192.0/18 maxlen: 32
144.208.204.0/24 maxlen: 24
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.207.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.216.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
144.208.229.0/24 maxlen: 24
144.208.230.0/24 maxlen: 24
144.208.231.0/24 maxlen: 24
144.208.232.0/24 maxlen: 24
144.208.233.0/24 maxlen: 24
144.208.235.0/24 maxlen: 24
144.208.236.0/24 maxlen: 24
144.208.237.0/24 maxlen: 24
144.208.238.0/24 maxlen: 24
144.208.240.0/24 maxlen: 24
144.208.241.0/24 maxlen: 24
144.208.242.0/24 maxlen: 24
144.208.244.0/24 maxlen: 24
144.208.254.0/24 maxlen: 24
144.208.255.0/24 maxlen: 24
176.123.54.0/23 maxlen: 23
178.255.152.0/21 maxlen: 32
185.2.176.0/22 maxlen: 32
185.2.176.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
185.81.206.0/24 maxlen: 24
185.81.209.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
185.228.148.0/22 maxlen: 22
188.65.72.0/21 maxlen: 32
188.172.192.0/18 maxlen: 32
188.172.208.0/24 maxlen: 24
188.172.230.0/23 maxlen: 23
188.172.247.0/24 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
194.1.206.0/24 maxlen: 32
213.227.160.0/19 maxlen: 32
213.227.184.0/24 maxlen: 24
217.146.0.0/19 maxlen: 24
217.146.6.0/24 maxlen: 24
217.146.7.0/24 maxlen: 24
2a00:11c0::/32 maxlen: 128
2a00:11c0:13::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:22::/48 maxlen: 48
2a00:11c0:24::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:40::/48 maxlen: 48
2a00:11c0:41::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:46::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:5c::/48 maxlen: 48
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:6c::/48 maxlen: 48
2a00:11c0:79::/48 maxlen: 48
2a00:11c0:80::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:87::/48 maxlen: 48
2a00:11c0:88::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:99::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a00:11c0:1011::/48 maxlen: 48
2a00:11c0:1334::/48 maxlen: 48
2a00:11c0:1335::/48 maxlen: 48
2a00:11c0:1798::/48 maxlen: 48
2a00:11c0:179a::/48 maxlen: 48
2a00:11c0:179b::/48 maxlen: 48
2a00:11c0:9021::/48 maxlen: 48
2a01:aea0::/32 maxlen: 32
2a01:aea0::/40 maxlen: 40
2a01:aea0:dd1::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a05:8900:28::/48 maxlen: 48
2a05:8900:36::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:f8:26:f3:e1:1a:2b:a3:a0:5b:55:5d:cf:5d:6c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jul 30 10:54:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a168a0190ec829b60c5faea9ea8aac7870690c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:29:6f:1f:a7:5d:39:b9:1c:a5:04:2e:80:06:
3f:ef:67:09:8d:6e:3d:a2:f5:81:af:d4:6c:91:38:
cc:c8:e5:ad:aa:d6:89:17:9f:58:5c:9e:0d:14:ef:
fa:e9:e0:51:d2:2f:db:1b:64:1e:93:ae:2a:79:09:
43:03:62:50:cb:31:98:92:ac:4e:f4:b6:ba:61:20:
45:36:49:ab:dc:37:8f:1b:c0:87:37:1d:87:c9:b3:
0e:39:61:52:42:e3:29:23:0f:19:d8:d2:4d:e5:d6:
87:de:55:26:df:2c:7e:84:02:ca:88:f4:bb:cf:28:
16:b1:d5:23:9a:18:d4:ec:42:9c:36:06:19:65:a6:
a5:fa:48:0f:25:64:ce:0c:d7:80:4d:40:33:fc:46:
e6:55:c6:ca:da:c1:b2:e3:60:84:3f:3a:4a:a1:d7:
84:6a:b7:14:b2:a2:05:7c:f9:1a:83:14:0a:26:2f:
91:fd:63:ea:b8:49:71:0c:70:6c:9d:ba:2b:6f:99:
d5:f9:d8:af:64:82:d3:c6:55:3f:6b:b1:f6:3f:0c:
d2:4a:f0:85:aa:b1:c9:0e:22:e9:4a:d0:64:0a:95:
21:60:32:3f:88:39:47:2f:a3:1e:14:30:2f:ec:fd:
ce:15:18:98:c3:9f:a8:0c:9b:2d:c0:6f:bd:b5:d8:
e6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:16:8A:01:90:EC:82:9B:60:C5:FA:EA:9E:A8:AA:C7:87:06:90:C6
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/ehaKAZDsgptgxfrqnqiqx4cGkMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.235.7.0/24
37.252.224.0/19
45.84.252.0/24
45.132.61.0-45.132.63.255
94.16.98.0/24
94.16.100.0/24
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.206.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
2a05:8900:28::/48
2a05:8900:36::/48
Signature Algorithm: sha256WithRSAEncryption
be:2a:b0:2e:17:ed:79:dd:f6:41:b3:89:09:a2:ef:6e:f9:35:
8f:cf:2c:47:77:1f:3d:66:c3:7a:c7:c1:0b:46:63:94:87:44:
b9:59:d9:34:cc:3c:4c:fd:f0:ac:9b:e7:c0:77:dc:64:c5:46:
f8:ee:d8:b9:2d:6f:a9:02:1c:44:bc:bd:df:2c:96:37:79:0c:
7a:a1:37:56:bc:4c:68:27:06:35:e7:3c:1c:5e:41:c8:56:c0:
92:c9:ca:9e:ed:41:be:68:15:dc:73:b7:cc:2c:61:db:ba:a5:
81:4d:82:00:36:6e:e1:9a:c7:31:25:c2:a5:70:f5:d4:d6:32:
43:f2:01:02:b4:02:be:4e:57:88:b5:09:f3:a9:e7:6c:d3:60:
cb:dd:99:bf:94:45:07:10:fa:e8:0c:46:2e:1c:b4:18:1b:46:
74:66:17:fe:9a:5b:38:bb:2c:27:e8:af:6e:db:f6:3e:c9:a7:
68:91:e0:ac:e1:cc:94:8d:10:ba:18:54:1f:95:24:7c:d0:75:
6a:12:1b:a9:d0:dc:c1:90:8f:33:df:97:02:b5:9f:87:cf:82:
98:49:1d:7e:e6:08:31:2c:87:26:34:9b:f1:b3:fa:68:8e:c4:
44:7d:49:a2:e8:aa:d6:34:9d:ae:23:62:1a:ad:7f:f9:9a:0d:
7a:ee:b3:80
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZha+Cbz4Roro6BbVV3PXWw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjUwNzMwMTA1NDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTE2OGEwMTkwZWM4MjliNjBjNWZhZWE5ZWE4YWFjNzg3MDY5MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ClvH6ddObkcpQQugAY/72cJjW49
ovWBr9RskTjMyOWtqtaJF59YXJ4NFO/66eBR0i/bG2Qek64qeQlDA2JQyzGYkqxO
9La6YSBFNkmr3DePG8CHNx2HybMOOWFSQuMpIw8Z2NJN5daH3lUm3yx+hALKiPS7
zygWsdUjmhjU7EKcNgYZZaal+kgPJWTODNeATUAz/EbmVcbK2sGy42CEPzpKodeE
arcUsqIFfPkagxQKJi+R/WPquElxDHBsnborb5nV+divZILTxlU/a7H2PwzSSvCF
qrHJDiLpStBkCpUhYDI/iDlHL6MeFDAv7P3OFRiYw5+oDJstwG+9tdjmOwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFHoWigGQ7IKbYMX66p6oqseHBpDGMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvZWhhS0FaRHNncHRneGZycW5xaXF4NGNHa01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCBrwQCAAEwgagwDAME
ACXrAwMEASXrBAMEACXrBwMEBSX84AMEAC1U/DAMAwQALYQ9AwQGLYQAAwQAXhBi
AwQAXhBkMAwDBABeEH0DBABeEH4DBAaQ0MADBAGwezYDBAOy/5gDBAK5ArADBAG5
MugDBAC5MusDBAC5Uc4DBAC5UdEDBAK5dGADBAK55JQDBAO8QUgDBAa8rMADBAHB
IXIDBADCAc4DBAXV46ADBAXZkgAwJgQCAAIwIAMFACoAEcADBQAqAa6gAwcAKgWJ
AAAoAwcAKgWJAAA2MA0GCSqGSIb3DQEBCwUAA4IBAQC+KrAuF+153fZBs4kJou9u
+TWPzyxHdx89ZsN6x8ELRmOUh0S5Wdk0zDxM/fCsm+fAd9xkxUb47ti5LW+pAhxE
vL3fLJY3eQx6oTdWvExoJwY15zwcXkHIVsCSycqe7UG+aBXcc7fMLGHbuqWBTYIA
Nm7hmscxJcKlcPXU1jJD8gECtAK+TleItQnzqeds02DL3Zm/lEUHEProDEYuHLQY
G0Z0Zhf+mls4uywn6K9u2/Y+yadokeCs4cyUjRC6GFQflSR80HVqEhup0NzBkI8z
35cCtZ+Hz4KYSR1+5ggxLIcmNJvxs/pojsREfUmi6KrWNJ2uI2IarX/5mg167rOA
-----END CERTIFICATE-----
Generated at Tue Aug 5 23:04:50 2025 by rpki-client