Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/eG_gGxLivr2ewefCZXKvl9LEIQ4.roa
File: eG_gGxLivr2ewefCZXKvl9LEIQ4.roa (raw, json)
Hash identifier: 4AFKJ4zK1Zt8UICDrX7yj7rG6ous3rW3n9Muuzhoyfc=
Subject key identifier: 78:6F:E0:1B:12:E2:BE:BD:9E:C1:E7:C2:65:72:AF:97:D2:C4:21:0E
Certificate issuer: /CN=13d59fd683e3570d63895530ceb9f2c84fefe0a3
Certificate serial: 0197CA60AC70557BB4066A570C2F08C4966F
Authority key identifier: 13:D5:9F:D6:83:E3:57:0D:63:89:55:30:CE:B9:F2:C8:4F:EF:E0:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/eG_gGxLivr2ewefCZXKvl9LEIQ4.roa
Signing time: Wed 02 Jul 2025 09:03:42 +0000
ROA not before: Wed 02 Jul 2025 09:03:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38955
IP address blocks: 81.19.144.0/20 maxlen: 27
178.23.80.0/21 maxlen: 23
185.16.188.0/22 maxlen: 24
185.16.188.0/24 maxlen: 32
185.16.190.0/24 maxlen: 24
185.115.184.0/23 maxlen: 23
185.115.186.0/23 maxlen: 23
185.164.4.0/23 maxlen: 23
185.164.6.0/23 maxlen: 23
185.173.140.0/22 maxlen: 24
2a00:1a68::/32 maxlen: 34
2a0a:7c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.mft
rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:60:ac:70:55:7b:b4:06:6a:57:0c:2f:08:c4:96:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d59fd683e3570d63895530ceb9f2c84fefe0a3
Validity
Not Before: Jul 2 09:03:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=786fe01b12e2bebd9ec1e7c26572af97d2c4210e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9e:f2:44:af:9c:46:21:02:62:c0:b0:87:b8:
44:86:ae:de:18:fa:67:94:18:a4:dc:36:c2:4e:9f:
56:55:ce:b0:ce:7a:c1:e0:b7:1f:49:a8:82:2c:f9:
6a:f6:30:89:bb:31:0f:c0:f7:37:da:3d:20:b7:a6:
c0:8f:b7:34:95:24:a4:56:36:74:de:ed:30:d0:1e:
43:2a:82:07:7e:1a:48:8c:1e:f1:d8:d9:17:36:e1:
4e:00:2d:f7:84:ee:95:ea:4f:ea:8b:fb:1f:b2:42:
e0:f4:f4:a6:00:9d:f9:e3:a7:b7:3a:af:29:ed:f0:
81:10:c2:f3:b7:e5:a3:8b:31:5b:a0:f7:7f:34:c3:
af:3d:fc:19:ba:59:35:7f:05:ee:6b:65:9d:16:93:
aa:72:14:1d:8e:d6:dd:90:41:ba:13:31:85:5c:22:
b3:f0:29:40:88:45:5c:e9:ec:09:00:d0:e1:08:18:
90:e3:d5:48:c6:04:4d:75:73:97:d7:c3:41:9d:ef:
3e:01:b2:fc:d5:e2:52:b5:d3:ab:25:89:1b:fa:d5:
55:13:a5:06:f8:ce:31:e2:0b:25:70:b6:ab:c7:26:
c8:cc:40:b9:ad:b0:57:f2:fa:87:00:89:fd:65:af:
b3:20:99:f0:84:36:8e:0e:84:85:e3:7d:a6:0d:fc:
e4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:6F:E0:1B:12:E2:BE:BD:9E:C1:E7:C2:65:72:AF:97:D2:C4:21:0E
X509v3 Authority Key Identifier:
keyid:13:D5:9F:D6:83:E3:57:0D:63:89:55:30:CE:B9:F2:C8:4F:EF:E0:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/eG_gGxLivr2ewefCZXKvl9LEIQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/410eaf-f82d-47ff-9926-0b1b30895602/1/E9Wf1oPjVw1jiVUwzrnyyE_v4KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.144.0/20
178.23.80.0/21
185.16.188.0/22
185.115.184.0/22
185.164.4.0/22
185.173.140.0/22
IPv6:
2a00:1a68::/32
2a0a:7c00::/29
Signature Algorithm: sha256WithRSAEncryption
b5:a4:80:ea:91:09:b5:7e:56:03:19:93:1f:8a:76:a1:1d:9f:
49:71:14:b2:f7:76:07:13:c1:c4:71:82:fc:ac:17:0a:ed:1f:
73:32:53:cb:fd:00:4c:55:90:0a:8a:4a:19:39:7c:9a:38:32:
f5:ad:99:de:8a:e9:14:f6:c6:b3:38:67:5f:a2:fb:0c:66:1c:
8e:89:b6:55:d0:0a:df:5a:96:4b:73:ef:54:bb:47:cc:92:46:
99:de:2c:d9:ab:77:bb:b9:68:4b:78:b5:a5:12:dc:f0:3e:fc:
e0:c4:9d:2b:9b:cb:9a:01:74:9a:5f:c0:45:ec:a3:31:c8:92:
4f:5b:40:ed:6a:0a:7e:9d:f2:46:59:e7:5a:79:54:24:57:7e:
f4:ec:aa:e4:1d:21:1a:9c:bd:04:34:8c:93:d0:ff:77:b5:3e:
20:be:f9:ef:dc:be:42:aa:66:5c:d4:e7:dc:79:71:4f:35:73:
75:5f:75:44:b2:63:22:53:02:45:42:5c:68:55:7b:d2:87:c9:
9a:01:ba:ff:45:87:6e:5e:87:e5:b8:e0:8a:fd:50:bd:e2:3e:
36:23:e0:ce:37:bb:ff:ab:05:d9:ff:4f:a3:73:f9:5f:e3:7b:
95:d2:0c:de:40:4b:8b:16:56:54:5c:3c:88:11:f7:04:c6:a0:
7d:c1:f1:35
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZfKYKxwVXu0BmpXDC8IxJZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDU5ZmQ2ODNlMzU3MGQ2Mzg5NTUzMGNlYjlmMmM4NGZl
ZmUwYTMwHhcNMjUwNzAyMDkwMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODZmZTAxYjEyZTJiZWJkOWVjMWU3YzI2NTcyYWY5N2QyYzQyMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z7yRK+cRiECYsCwh7hEhq7eGPpn
lBik3DbCTp9WVc6wznrB4LcfSaiCLPlq9jCJuzEPwPc32j0gt6bAj7c0lSSkVjZ0
3u0w0B5DKoIHfhpIjB7x2NkXNuFOAC33hO6V6k/qi/sfskLg9PSmAJ3546e3Oq8p
7fCBEMLzt+WjizFboPd/NMOvPfwZulk1fwXua2WdFpOqchQdjtbdkEG6EzGFXCKz
8ClAiEVc6ewJANDhCBiQ49VIxgRNdXOX18NBne8+AbL81eJStdOrJYkb+tVVE6UG
+M4x4gslcLarxybIzEC5rbBX8vqHAIn9Za+zIJnwhDaODoSF432mDfzkvwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFHhv4BsS4r69nsHnwmVyr5fSxCEOMB8GA1UdIwQY
MBaAFBPVn9aD41cNY4lVMM658shP7+CjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlXZjFvUGpWdzFqaVZVd3pybnl5RV92NEtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80MTBlYWYtZjgyZC00N2ZmLTk5MjYt
MGIxYjMwODk1NjAyLzEvZUdfZ0d4TGl2cjJld2VmQ1pYS3ZsOUxFSVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80MTBlYWYtZjgyZC00N2ZmLTk5MjYtMGIxYjMwODk1NjAy
LzEvRTlXZjFvUGpWdzFqaVZVd3pybnl5RV92NEtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQEUROQAwQD
shdQAwQCuRC8AwQCuXO4AwQCuaQEAwQCua2MMBQEAgACMA4DBQAqABpoAwUDKgp8
ADANBgkqhkiG9w0BAQsFAAOCAQEAtaSA6pEJtX5WAxmTH4p2oR2fSXEUsvd2BxPB
xHGC/KwXCu0fczJTy/0ATFWQCopKGTl8mjgy9a2Z3orpFPbGszhnX6L7DGYcjom2
VdAK31qWS3PvVLtHzJJGmd4s2at3u7loS3i1pRLc8D784MSdK5vLmgF0ml/AReyj
MciST1tA7WoKfp3yRlnnWnlUJFd+9Oyq5B0hGpy9BDSMk9D/d7U+IL7579y+Qqpm
XNTn3HlxTzVzdV91RLJjIlMCRUJcaFV70ofJmgG6/0WHbl6H5bjgiv1QveI+NiPg
zje7/6sF2f9Po3P5X+N7ldIM3kBLixZWVFw8iBH3BMagfcHxNQ==
-----END CERTIFICATE-----
Generated at Sat Jul 26 16:31:51 2025 by rpki-client