Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/7E2GqeDScAsEfeR_jfhcvFHNh2c.roa
File: 7E2GqeDScAsEfeR_jfhcvFHNh2c.roa (raw, json)
Hash identifier: eYH8Had8LzNIpCqpDD0w753CPE+hCok2dgM2nYyxBQw=
Subject key identifier: EC:4D:86:A9:E0:D2:70:0B:04:7D:E4:7F:8D:F8:5C:BC:51:CD:87:67
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 0197F499C91666021E88E4937608DCA0F23E
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/7E2GqeDScAsEfeR_jfhcvFHNh2c.roa
Signing time: Thu 10 Jul 2025 13:50:08 +0000
ROA not before: Thu 10 Jul 2025 13:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203217
IP address blocks: 93.180.216.0/21 maxlen: 21
93.180.216.0/22 maxlen: 22
93.180.216.0/23 maxlen: 23
93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
93.180.218.0/23 maxlen: 23
93.180.218.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
93.180.220.0/22 maxlen: 22
93.180.220.0/23 maxlen: 23
93.180.220.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/23 maxlen: 23
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
138.124.156.0/22 maxlen: 22
138.124.156.0/23 maxlen: 23
138.124.156.0/24 maxlen: 24
138.124.157.0/24 maxlen: 24
138.124.158.0/23 maxlen: 23
138.124.158.0/24 maxlen: 24
138.124.159.0/24 maxlen: 24
144.86.228.0/22 maxlen: 22
144.86.228.0/23 maxlen: 23
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/23 maxlen: 23
144.86.230.0/24 maxlen: 24
144.86.231.0/24 maxlen: 24
185.20.196.0/22 maxlen: 22
185.20.196.0/23 maxlen: 23
185.20.196.0/24 maxlen: 24
185.20.197.0/24 maxlen: 24
185.20.198.0/23 maxlen: 23
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
185.138.120.0/22 maxlen: 22
185.138.120.0/23 maxlen: 23
185.138.120.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.122.0/23 maxlen: 23
185.138.122.0/24 maxlen: 24
185.138.123.0/24 maxlen: 24
185.254.12.0/22 maxlen: 22
185.254.12.0/23 maxlen: 23
185.254.13.0/24 maxlen: 24
185.254.14.0/23 maxlen: 23
185.254.14.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
195.133.220.0/22 maxlen: 22
195.133.220.0/23 maxlen: 23
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/23 maxlen: 23
195.133.222.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
199.74.188.0/22 maxlen: 22
199.74.188.0/23 maxlen: 23
199.74.188.0/24 maxlen: 24
199.74.189.0/24 maxlen: 24
199.74.190.0/23 maxlen: 23
199.74.190.0/24 maxlen: 24
199.74.191.0/24 maxlen: 24
2a0b:1880::/29 maxlen: 29
2a0b:1880::/48 maxlen: 48
2a0b:1880:1::/48 maxlen: 48
2a0b:1880:2::/48 maxlen: 48
2a0b:1880:3::/48 maxlen: 48
2a0b:1880:4::/48 maxlen: 48
2a0b:1880:5::/48 maxlen: 48
2a0b:1880:6::/48 maxlen: 48
2a0b:1880:7::/48 maxlen: 48
2a0b:1880:8::/48 maxlen: 48
2a0b:1880:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 01:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:99:c9:16:66:02:1e:88:e4:93:76:08:dc:a0:f2:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Jul 10 13:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec4d86a9e0d2700b047de47f8df85cbc51cd8767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e1:2f:84:9a:f0:20:82:60:01:26:6d:3f:5b:
f2:df:50:00:a7:82:3e:0a:79:ff:be:77:5e:80:4e:
b7:25:e7:05:10:ee:cc:b1:61:c3:8e:8d:8c:3c:b1:
a1:d8:dc:97:5b:6c:af:2a:a0:48:a8:62:b0:ae:79:
dd:2f:42:9c:66:58:89:eb:b4:4c:39:0d:b6:79:f3:
54:b3:4f:f8:84:b1:c2:c8:b3:8a:79:56:1e:e0:22:
bc:ce:3a:b5:53:df:28:97:bb:55:e6:7b:94:9f:49:
0d:f9:0a:af:11:32:f1:d9:81:2c:29:df:80:64:0a:
0c:cf:fa:4e:fc:b1:dc:8c:35:b6:fa:cb:2f:eb:7f:
b0:00:ab:c9:3a:2d:1e:0f:17:2b:7e:3c:1b:2a:a2:
9d:8e:a3:4e:28:bd:73:8b:81:0b:3a:86:b9:30:7f:
f5:ec:d4:ef:2d:24:7e:91:45:75:7f:9e:5c:f9:a6:
46:dc:57:39:89:6b:a6:d9:16:d3:36:f6:7f:d0:b2:
58:33:de:a1:2d:e9:b3:18:26:e0:ea:b7:93:3f:ac:
85:bb:81:02:47:c6:2d:58:67:6d:47:5c:c0:ad:66:
c7:6a:b2:7a:4f:6a:3e:cb:f6:30:41:5c:ff:1f:ea:
53:dd:74:b3:e7:1d:a1:8a:44:ff:9d:a6:97:cb:ce:
01:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4D:86:A9:E0:D2:70:0B:04:7D:E4:7F:8D:F8:5C:BC:51:CD:87:67
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/7E2GqeDScAsEfeR_jfhcvFHNh2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
138.124.156.0/22
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.12.0/22
195.133.220.0/22
199.74.188.0/22
IPv6:
2a0b:1880::/29
Signature Algorithm: sha256WithRSAEncryption
29:4f:d0:0a:29:b7:50:b3:35:79:58:0f:a3:37:eb:b5:56:7a:
4b:c5:3b:cf:f2:56:48:d4:c4:31:68:8e:cd:a5:e8:f8:bd:62:
e2:b3:8c:03:c7:54:c3:a8:95:19:61:24:19:b2:48:c3:ce:2c:
75:9d:01:05:c7:ef:1e:f5:ad:16:f9:4b:8f:f2:49:e5:2a:b2:
28:6f:86:58:d8:0c:67:37:f3:48:a9:28:d0:64:4e:d3:8a:b6:
7a:14:62:30:37:1e:d2:3b:94:1e:24:e7:78:7c:9f:52:e1:1a:
68:7a:bd:8f:b8:ee:88:de:65:cb:22:29:85:ed:1a:7c:77:c5:
5b:9e:f0:82:e1:2e:d4:83:0b:a4:45:4e:a6:53:0d:a0:8b:2e:
01:2d:aa:bf:43:a4:02:4c:0e:ea:cb:06:a5:7b:58:b8:f9:c6:
80:95:b4:ce:f5:15:c2:4e:c6:b8:c7:90:c5:c9:39:97:39:7b:
c2:89:c2:b5:28:e6:a3:bf:b6:43:5c:a6:db:e7:e9:54:9e:2e:
9a:09:ae:1a:20:13:33:db:8e:8f:6a:65:4d:4e:65:ee:52:b9:
10:f8:8b:e7:96:e8:f7:13:bf:6e:c1:61:8b:ad:1a:d3:de:18:
89:7b:db:76:3f:57:16:c3:13:55:c5:8c:63:17:89:9b:e7:ea:
ed:d7:3e:4d
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZf0mckWZgIeiOSTdgjcoPI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjUwNzEwMTM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzRkODZhOWUwZDI3MDBiMDQ3ZGU0N2Y4ZGY4NWNiYzUxY2Q4NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuEvhJrwIIJgASZtP1vy31AAp4I+
Cnn/vndegE63JecFEO7MsWHDjo2MPLGh2NyXW2yvKqBIqGKwrnndL0KcZliJ67RM
OQ22efNUs0/4hLHCyLOKeVYe4CK8zjq1U98ol7tV5nuUn0kN+QqvETLx2YEsKd+A
ZAoMz/pO/LHcjDW2+ssv63+wAKvJOi0eDxcrfjwbKqKdjqNOKL1zi4ELOoa5MH/1
7NTvLSR+kUV1f55c+aZG3Fc5iWum2RbTNvZ/0LJYM96hLemzGCbg6reTP6yFu4EC
R8YtWGdtR1zArWbHarJ6T2o+y/YwQVz/H+pT3XSz5x2hikT/naaXy84BEQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOxNhqng0nALBH3kf434XLxRzYdnMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvN0UyR3FlRFNjQXNFZmVSX2pmaGN2RkhOaDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDXbTYAwQC
inycAwQCkFbkAwQCuRTEAwQCuYp4AwQCuf4MAwQCw4XcAwQCx0q8MA0EAgACMAcD
BQMqCxiAMA0GCSqGSIb3DQEBCwUAA4IBAQApT9AKKbdQszV5WA+jN+u1VnpLxTvP
8lZI1MQxaI7Npej4vWLis4wDx1TDqJUZYSQZskjDzix1nQEFx+8e9a0W+UuP8knl
KrIob4ZY2AxnN/NIqSjQZE7TirZ6FGIwNx7SO5QeJOd4fJ9S4Rpoer2PuO6I3mXL
IimF7Rp8d8VbnvCC4S7UgwukRU6mUw2giy4BLaq/Q6QCTA7qywale1i4+caAlbTO
9RXCTsa4x5DFyTmXOXvCicK1KOajv7ZDXKbb5+lUni6aCa4aIBMz246PamVNTmXu
UrkQ+Ivnluj3E79uwWGLrRrT3hiJe9t2P1cWwxNVxYxjF4mb5+rt1z5N
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:25:04 2025 by rpki-client