Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/EIHaA-kqHMY3VGz2zGhcyg96icM.roa
File: EIHaA-kqHMY3VGz2zGhcyg96icM.roa (raw, json)
Hash identifier: GMZVh1uSCtapeUdEuygvRZAgUKKTHEWmyIXya3Lw3WI=
Subject key identifier: 10:81:DA:03:E9:2A:1C:C6:37:54:6C:F6:CC:68:5C:CA:0F:7A:89:C3
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019E269C4A8E01E69B5A1BBC86A06F9F927D
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/EIHaA-kqHMY3VGz2zGhcyg96icM.roa
Signing time: Thu 14 May 2026 13:10:37 +0000
ROA not before: Thu 14 May 2026 13:10:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13213
IP address blocks: 5.253.45.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:26:9c:4a:8e:01:e6:9b:5a:1b:bc:86:a0:6f:9f:92:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: May 14 13:10:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1081da03e92a1cc637546cf6cc685cca0f7a89c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f3:e9:7c:db:46:4a:eb:e1:68:97:b0:00:6e:
fa:f6:d9:61:a2:ef:a6:65:4a:17:a1:2f:e9:51:ed:
31:95:87:2b:43:58:d6:45:16:38:f0:63:0e:c2:09:
60:e4:ef:f9:ca:d4:d7:1e:66:cc:23:f0:8b:a0:87:
5c:3f:6a:bb:3c:10:19:dd:e3:9d:f8:ff:3a:a0:f5:
20:ff:0d:6b:21:bb:44:f2:d7:f2:10:fa:6a:c6:56:
c3:d3:62:9f:4d:61:d7:90:8a:90:f3:96:af:8c:c2:
bf:2f:24:36:be:75:29:36:1e:fe:43:b1:05:8d:14:
92:13:a4:e8:cd:ae:af:b8:14:1f:e8:05:3d:d6:82:
ad:df:9e:40:e2:37:fe:10:be:f7:81:54:ef:51:e5:
32:0e:b7:87:d2:a8:3f:6a:f7:9c:3d:33:89:c4:07:
47:d3:ed:5a:b0:66:70:e7:72:60:06:1a:34:ca:9c:
7d:2c:65:b2:c2:8e:a6:9f:d3:ed:2c:3e:80:87:00:
99:f8:e0:7f:e4:a6:ed:65:d9:c1:25:8b:14:1e:20:
19:85:6a:c1:71:40:6a:7c:b4:0e:e1:64:43:7d:a4:
12:81:8c:2e:1c:c9:2f:05:89:73:a4:be:f4:73:7c:
f3:5d:f5:bc:29:16:52:95:06:a5:a4:70:72:5c:36:
f6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:81:DA:03:E9:2A:1C:C6:37:54:6C:F6:CC:68:5C:CA:0F:7A:89:C3
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/EIHaA-kqHMY3VGz2zGhcyg96icM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.45.0/24
45.9.6.0/24
45.66.152.0/24
45.66.154.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:d1:89:71:8f:16:bb:56:e7:01:61:65:d4:2e:ce:9b:d6:96:
b1:cf:50:09:11:e2:07:c9:f5:3a:e7:aa:8c:57:92:dc:84:79:
95:9f:6c:44:ba:b4:b3:e0:78:a5:4e:cc:e7:3f:f9:02:36:5e:
cc:dc:90:2c:04:00:71:40:3f:b1:90:e0:80:5d:82:f8:6d:c9:
ef:16:e4:18:43:fc:fa:45:a9:80:53:74:21:70:8b:9a:ce:b3:
9c:dd:eb:44:d1:8f:0b:f8:46:71:56:a7:39:f1:79:f7:da:5b:
13:ea:7e:75:0b:c0:ae:ce:8a:69:f4:e8:b8:6f:85:a0:94:d7:
17:b4:57:80:3e:31:76:84:99:a1:81:b5:2e:54:f0:61:79:c7:
93:11:ce:1a:2e:8a:63:3c:08:b6:df:e5:e3:0f:ed:7c:40:b2:
22:6d:15:df:5f:e4:8b:63:bb:17:30:b0:31:9d:8f:a4:28:57:
77:51:6d:de:73:1e:96:20:5e:18:ce:95:0e:27:59:f1:fc:9d:
1b:37:bf:8b:f5:c4:d2:3f:4e:a9:a5:50:54:82:e5:33:2f:dc:
60:77:7f:fb:a8:f3:c0:3a:e5:d0:a9:bc:85:34:59:a9:af:b0:
85:9c:4a:62:0c:b9:6f:58:c4:6e:95:bf:7b:2d:e1:62:60:6a:
2f:2b:9f:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4mnEqOAeabWhu8hqBvn5J9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNTE0MTMxMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDgxZGEwM2U5MmExY2M2Mzc1NDZjZjZjYzY4NWNjYTBmN2E4OWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPPpfNtGSuvhaJewAG769tlhou+m
ZUoXoS/pUe0xlYcrQ1jWRRY48GMOwglg5O/5ytTXHmbMI/CLoIdcP2q7PBAZ3eOd
+P86oPUg/w1rIbtE8tfyEPpqxlbD02KfTWHXkIqQ85avjMK/LyQ2vnUpNh7+Q7EF
jRSSE6Toza6vuBQf6AU91oKt355A4jf+EL73gVTvUeUyDreH0qg/avecPTOJxAdH
0+1asGZw53JgBho0ypx9LGWywo6mn9PtLD6AhwCZ+OB/5KbtZdnBJYsUHiAZhWrB
cUBqfLQO4WRDfaQSgYwuHMkvBYlzpL70c3zzXfW8KRZSlQalpHByXDb2AwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBCB2gPpKhzGN1Rs9sxoXMoPeonDMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRUlIYUEta3FITVkzVkd6MnpHaGN5Zzk2aWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABf0tAwQA
LQkGAwQALUKYAwQALUKaMA0GCSqGSIb3DQEBCwUAA4IBAQBq0Ylxjxa7VucBYWXU
Ls6b1paxz1AJEeIHyfU656qMV5LchHmVn2xEurSz4HilTsznP/kCNl7M3JAsBABx
QD+xkOCAXYL4bcnvFuQYQ/z6RamAU3QhcIuazrOc3etE0Y8L+EZxVqc58Xn32lsT
6n51C8Cuzopp9Oi4b4WglNcXtFeAPjF2hJmhgbUuVPBheceTEc4aLopjPAi23+Xj
D+18QLIibRXfX+SLY7sXMLAxnY+kKFd3UW3ecx6WIF4YzpUOJ1nx/J0bN7+L9cTS
P06ppVBUguUzL9xgd3/7qPPAOuXQqbyFNFmpr7CFnEpiDLlvWMRulb97LeFiYGov
K58u
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:55 2026 by rpki-client