Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/eiTWJKHAu5xriuE2QvW7x5YIzOU.roa
File: eiTWJKHAu5xriuE2QvW7x5YIzOU.roa (raw, json)
Hash identifier: s87ilBuA43+J3H8PQ6AAVQPStmwyHIxSZQ+1oBAYKOg=
Subject key identifier: 7A:24:D6:24:A1:C0:BB:9C:6B:8A:E1:36:42:F5:BB:C7:96:08:CC:E5
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 0197CB4CE04ED045D927332CF97354F5A3C2
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/eiTWJKHAu5xriuE2QvW7x5YIzOU.roa
Signing time: Wed 02 Jul 2025 13:21:42 +0000
ROA not before: Wed 02 Jul 2025 13:21:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34305
IP address blocks: 85.12.26.0/24 maxlen: 24
85.12.27.0/24 maxlen: 24
85.12.28.0/22 maxlen: 24
85.12.32.0/20 maxlen: 20
85.12.48.0/21 maxlen: 21
85.12.58.0/23 maxlen: 24
85.12.60.0/22 maxlen: 22
91.148.208.0/20 maxlen: 20
185.91.28.0/24 maxlen: 24
193.138.220.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
2a01:788::/32 maxlen: 48
2a01:788:4::/48 maxlen: 48
2a01:788:1000::/48 maxlen: 48
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 07:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:4c:e0:4e:d0:45:d9:27:33:2c:f9:73:54:f5:a3:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Jul 2 13:21:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a24d624a1c0bb9c6b8ae13642f5bbc79608cce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:be:a7:24:54:29:02:ac:a9:75:41:44:41:f3:
fc:6d:17:88:ad:2b:a1:83:d5:e4:ae:70:93:6c:ec:
47:96:c1:6b:6a:d8:bb:8b:e7:d4:f3:12:ad:3e:8e:
ef:76:e8:f5:cd:0b:6a:55:7d:56:25:fa:b3:ac:b8:
d0:e6:8f:be:f6:d0:0d:f8:72:f7:61:21:55:bc:a4:
0a:c0:59:08:c7:6c:18:30:55:c3:25:d4:ee:13:49:
89:d1:1f:1d:94:7b:ee:72:f5:8d:fc:1d:ed:69:a7:
eb:f3:cc:06:5f:5c:a1:2e:ee:79:30:15:5d:15:3b:
4c:a7:c8:94:fa:04:dd:3c:22:fb:cc:27:ac:c3:81:
c7:16:3e:2f:18:12:63:f0:75:2b:80:04:39:f4:fd:
a9:6e:ba:34:91:cd:34:72:24:2b:c7:87:79:8f:8c:
21:48:fe:cf:f7:c6:cc:a6:4c:fb:33:c9:c5:02:01:
39:61:40:d9:c7:55:32:cb:de:13:38:c7:1d:be:98:
2e:87:25:92:33:68:5f:a0:33:c7:b6:d8:98:c1:ac:
e4:b0:7a:73:c8:4a:6b:ee:7c:a4:d4:42:f0:05:97:
66:8e:33:e1:3b:98:90:69:aa:0a:47:d2:04:e7:13:
5e:0f:cb:85:ed:35:a2:f3:3d:01:31:7d:8f:a0:f0:
18:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:24:D6:24:A1:C0:BB:9C:6B:8A:E1:36:42:F5:BB:C7:96:08:CC:E5
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/eiTWJKHAu5xriuE2QvW7x5YIzOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.26.0-85.12.55.255
85.12.58.0-85.12.63.255
91.148.208.0/20
185.91.28.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788::/32
Signature Algorithm: sha256WithRSAEncryption
0c:69:3e:70:4d:5b:fd:90:c6:d9:a0:00:4f:df:97:42:c2:0c:
f2:4f:52:fa:25:d9:a1:a5:ba:22:e3:7d:be:32:49:8a:9c:54:
76:6b:65:a6:ae:1c:5f:bf:d0:c5:70:e7:fa:7f:09:41:2e:2c:
c1:5c:30:67:fa:b0:8c:18:7c:29:c5:64:d8:60:9b:e2:67:22:
24:f2:f8:75:f1:d3:b1:86:30:75:fc:ca:af:76:7f:a0:46:d4:
54:12:72:d8:c4:3e:7f:7a:71:d1:ca:68:71:ad:ed:f9:56:6a:
ea:94:0e:62:e6:59:6a:76:95:7d:d9:21:2b:37:df:51:b4:81:
d7:6a:2d:9b:8b:dd:fe:2f:20:14:47:04:08:b9:b3:73:7f:0d:
e5:e7:71:67:05:09:9c:2c:ec:23:7b:16:f3:2f:83:6b:53:76:
e1:7f:d3:08:29:5e:82:45:e9:ee:d2:45:5b:21:28:9c:06:4d:
03:5d:44:75:f6:52:ab:c1:50:b4:2f:5e:6b:61:9c:f6:e1:01:
ce:7b:e1:36:c6:26:8e:db:4a:ea:52:2c:31:94:62:e7:73:60:
db:4a:f3:1f:8f:61:3e:78:8a:3a:7b:6b:c6:27:f2:cd:08:be:
f9:79:4d:02:b9:30:b2:07:d6:23:3a:ce:fe:e5:46:e8:0f:47:
6b:25:a3:0f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZfLTOBO0EXZJzMs+XNU9aPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjUwNzAyMTMyMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTI0ZDYyNGExYzBiYjljNmI4YWUxMzY0MmY1YmJjNzk2MDhjY2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq76nJFQpAqypdUFEQfP8bReIrSuh
g9XkrnCTbOxHlsFrati7i+fU8xKtPo7vduj1zQtqVX1WJfqzrLjQ5o++9tAN+HL3
YSFVvKQKwFkIx2wYMFXDJdTuE0mJ0R8dlHvucvWN/B3taafr88wGX1yhLu55MBVd
FTtMp8iU+gTdPCL7zCesw4HHFj4vGBJj8HUrgAQ59P2pbro0kc00ciQrx4d5j4wh
SP7P98bMpkz7M8nFAgE5YUDZx1Uyy94TOMcdvpguhyWSM2hfoDPHttiYwazksHpz
yEpr7nyk1ELwBZdmjjPhO5iQaaoKR9IE5xNeD8uF7TWi8z0BMX2PoPAY9QIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFHok1iShwLuca4rhNkL1u8eWCMzlMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvZWlUV0pLSEF1NXhyaXVFMlF2Vzd4NVlJek9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0MAwDBAFVDBoD
BANVDDAwDAMEAVUMOgMEBlUMAAMEBFuU0AMEALlbHAMEAMGK3AMEAcPIVDANBAIA
AjAHAwUAKgEHiDANBgkqhkiG9w0BAQsFAAOCAQEADGk+cE1b/ZDG2aAAT9+XQsIM
8k9S+iXZoaW6IuN9vjJJipxUdmtlpq4cX7/QxXDn+n8JQS4swVwwZ/qwjBh8KcVk
2GCb4mciJPL4dfHTsYYwdfzKr3Z/oEbUVBJy2MQ+f3px0cpoca3t+VZq6pQOYuZZ
anaVfdkhKzffUbSB12otm4vd/i8gFEcECLmzc38N5edxZwUJnCzsI3sW8y+Da1N2
4X/TCClegkXp7tJFWyEonAZNA11EdfZSq8FQtC9ea2Gc9uEBznvhNsYmjttK6lIs
MZRi53Ng20rzH49hPniKOntrxifyzQi++XlNArkwsgfWIzrO/uVG6A9HayWjDw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 17:05:50 2025 by rpki-client