Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/EIwgJdgCtKjSF1OnSZWkIAG5K2g.roa
File: EIwgJdgCtKjSF1OnSZWkIAG5K2g.roa (raw, json)
Hash identifier: bhYZ1AB7z9n2WlipWCV/D9RvakS2owMjdFRvLRjlEoc=
Subject key identifier: 10:8C:20:25:D8:02:B4:A8:D2:17:53:A7:49:95:A4:20:01:B9:2B:68
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 019824C374E7C371C0E06A993C6898C4B827
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/EIwgJdgCtKjSF1OnSZWkIAG5K2g.roa
Signing time: Sat 19 Jul 2025 22:17:25 +0000
ROA not before: Sat 19 Jul 2025 22:17:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20115
IP address blocks: 151.145.128.0/20 maxlen: 20
151.145.144.0/20 maxlen: 20
158.120.48.0/24 maxlen: 24
158.120.50.0/24 maxlen: 24
158.120.52.0/24 maxlen: 24
158.120.54.0/24 maxlen: 24
158.120.56.0/24 maxlen: 24
158.120.58.0/24 maxlen: 24
158.120.60.0/24 maxlen: 24
158.120.62.0/24 maxlen: 24
170.100.148.0/22 maxlen: 22
170.100.204.0/24 maxlen: 24
170.100.206.0/23 maxlen: 23
192.6.64.0/22 maxlen: 22
192.6.172.0/22 maxlen: 22
192.6.252.0/22 maxlen: 22
192.25.180.0/22 maxlen: 22
192.25.200.0/22 maxlen: 22
192.25.208.0/22 maxlen: 22
192.25.232.0/22 maxlen: 22
192.25.244.0/22 maxlen: 22
192.137.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:24:c3:74:e7:c3:71:c0:e0:6a:99:3c:68:98:c4:b8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jul 19 22:17:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=108c2025d802b4a8d21753a74995a42001b92b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:06:7f:21:f1:56:3c:8b:5a:85:09:cb:88:e9:
d7:aa:9b:64:68:24:af:5f:9b:cb:0f:d6:df:4f:45:
4a:cf:8e:64:d4:7d:3e:ff:ce:2c:90:82:22:5c:67:
8a:8f:2b:c5:81:d6:6e:8d:9e:65:88:d7:7a:1d:6b:
ef:6a:49:63:34:78:fb:9d:91:4f:5a:76:58:cf:4f:
7a:d5:df:77:8b:5b:11:b2:6d:5b:c3:8c:c2:c0:38:
b2:50:de:33:1d:3c:fa:62:95:de:73:cf:e7:b0:22:
00:9e:3d:6e:b8:39:89:dd:95:3d:e9:8a:61:b7:3c:
da:3d:5d:94:02:19:71:73:58:ab:b8:71:8b:97:8a:
7d:a9:5d:d6:9b:5f:59:8d:a6:1e:0f:26:d0:b0:aa:
9d:1e:f2:bd:86:dc:8d:ee:ab:2d:0f:bc:78:a6:16:
4d:f1:3a:d0:ed:08:08:34:0d:97:f0:99:c4:e0:bf:
ae:5a:d4:91:21:5a:cb:cb:04:f9:c1:ca:82:08:64:
0f:c5:63:98:ab:c2:46:29:22:3a:c5:bd:b4:8f:c2:
f6:73:bc:62:8e:b5:4e:e8:df:39:50:6b:ce:59:1e:
f1:17:56:00:c9:f0:bc:19:3e:27:74:77:08:09:af:
eb:94:e7:f9:ba:0f:d0:1b:4c:78:ef:d9:01:0a:0c:
90:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:8C:20:25:D8:02:B4:A8:D2:17:53:A7:49:95:A4:20:01:B9:2B:68
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/EIwgJdgCtKjSF1OnSZWkIAG5K2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.145.128.0/19
158.120.48.0/24
158.120.50.0/24
158.120.52.0/24
158.120.54.0/24
158.120.56.0/24
158.120.58.0/24
158.120.60.0/24
158.120.62.0/24
170.100.148.0/22
170.100.204.0/24
170.100.206.0/23
192.6.64.0/22
192.6.172.0/22
192.6.252.0/22
192.25.180.0/22
192.25.200.0/22
192.25.208.0/22
192.25.232.0/22
192.25.244.0/22
192.137.24.0/22
Signature Algorithm: sha256WithRSAEncryption
71:b9:74:67:48:2e:33:a9:00:64:a3:fd:85:06:18:88:c9:fd:
30:a0:91:46:28:0f:44:98:b4:46:6c:c7:97:e2:70:b8:ef:cb:
21:be:ec:d8:4f:89:42:71:2c:9e:2a:83:71:25:38:91:79:95:
2c:22:b1:da:51:89:e2:78:67:80:fb:b3:2e:bf:8d:10:6a:85:
98:2d:ea:f4:03:d1:02:b4:44:04:91:3d:b6:f2:31:b1:ea:c9:
da:6f:98:8d:f4:41:a7:fa:1a:0f:54:bf:27:00:1e:3f:de:51:
7b:77:55:67:18:39:47:fc:e5:ad:ba:19:24:ca:fb:28:ba:5a:
33:df:d7:77:09:4a:8a:0f:c6:59:2d:9c:84:34:9d:a3:72:b9:
01:bf:4c:bb:a9:1f:3b:9e:dd:fa:b3:06:43:1a:9c:5d:7b:34:
df:2d:f4:61:d1:93:19:45:c9:56:17:27:13:45:af:d3:b1:10:
bb:b5:6d:fb:fb:74:93:15:46:b7:b3:e7:d3:56:84:0d:1e:5b:
3a:c0:94:8b:b9:38:c2:3b:57:6d:2f:38:a7:bc:12:14:24:82:
d5:4e:1c:c3:1f:21:d4:9b:08:32:fe:cd:83:f1:fd:e7:4f:b5:
41:de:fd:d5:ff:a0:65:3a:05:ae:76:ac:a6:da:1d:1b:3c:5d:
b4:32:99:c0
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZgkw3Tnw3HA4GqZPGiYxLgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjUwNzE5MjIxNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDhjMjAyNWQ4MDJiNGE4ZDIxNzUzYTc0OTk1YTQyMDAxYjkyYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgZ/IfFWPItahQnLiOnXqptkaCSv
X5vLD9bfT0VKz45k1H0+/84skIIiXGeKjyvFgdZujZ5liNd6HWvvakljNHj7nZFP
WnZYz0961d93i1sRsm1bw4zCwDiyUN4zHTz6YpXec8/nsCIAnj1uuDmJ3ZU96Yph
tzzaPV2UAhlxc1iruHGLl4p9qV3Wm19ZjaYeDybQsKqdHvK9htyN7qstD7x4phZN
8TrQ7QgINA2X8JnE4L+uWtSRIVrLywT5wcqCCGQPxWOYq8JGKSI6xb20j8L2c7xi
jrVO6N85UGvOWR7xF1YAyfC8GT4ndHcICa/rlOf5ug/QG0x479kBCgyQqQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFBCMICXYArSo0hdTp0mVpCABuStoMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvRUl3Z0pkZ0N0S2pTRjFPblNaV2tJQUc1SzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEBZeR
gAMEAJ54MAMEAJ54MgMEAJ54NAMEAJ54NgMEAJ54OAMEAJ54OgMEAJ54PAMEAJ54
PgMEAqpklAMEAKpkzAMEAapkzgMEAsAGQAMEAsAGrAMEAsAG/AMEAsAZtAMEAsAZ
yAMEAsAZ0AMEAsAZ6AMEAsAZ9AMEAsCJGDANBgkqhkiG9w0BAQsFAAOCAQEAcbl0
Z0guM6kAZKP9hQYYiMn9MKCRRigPRJi0RmzHl+JwuO/LIb7s2E+JQnEsniqDcSU4
kXmVLCKx2lGJ4nhngPuzLr+NEGqFmC3q9APRArREBJE9tvIxserJ2m+YjfRBp/oa
D1S/JwAeP95Re3dVZxg5R/zlrboZJMr7KLpaM9/XdwlKig/GWS2chDSdo3K5Ab9M
u6kfO57d+rMGQxqcXXs03y30YdGTGUXJVhcnE0Wv07EQu7Vt+/t0kxVGt7Pn01aE
DR5bOsCUi7k4wjtXbS84p7wSFCSC1U4cwx8h1JsIMv7Ng/H950+1Qd791f+gZToF
rnasptodGzxdtDKZwA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:22:47 2025 by rpki-client