Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/EpH1IjWJDrLMVmGg40hn2eeijFk.roa
File: EpH1IjWJDrLMVmGg40hn2eeijFk.roa (raw, json)
Hash identifier: K+D9CmssN1EPeJWydhHAbIICB19ne88Fx+6+pwN8EYM=
Subject key identifier: 12:91:F5:22:35:89:0E:B2:CC:56:61:A0:E3:48:67:D9:E7:A2:8C:59
Certificate issuer: /CN=6fa86d1c1676a59a46acf37336192e985cff0e5b
Certificate serial: 01980A4D34DEB376CFF1E65ED6CD9F1DE2C5
Authority key identifier: 6F:A8:6D:1C:16:76:A5:9A:46:AC:F3:73:36:19:2E:98:5C:FF:0E:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/EpH1IjWJDrLMVmGg40hn2eeijFk.roa
Signing time: Mon 14 Jul 2025 18:58:08 +0000
ROA not before: Mon 14 Jul 2025 18:58:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200187
IP address blocks: 45.14.173.0/24 maxlen: 24
80.94.82.0/24 maxlen: 24
185.35.144.0/22 maxlen: 22
2a04:4fe0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.mft
rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 03:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0a:4d:34:de:b3:76:cf:f1:e6:5e:d6:cd:9f:1d:e2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa86d1c1676a59a46acf37336192e985cff0e5b
Validity
Not Before: Jul 14 18:58:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1291f52235890eb2cc5661a0e34867d9e7a28c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b6:71:46:ed:4e:2d:ee:1a:0c:da:d2:68:24:
94:a4:c5:6b:1d:39:1e:63:b9:2c:52:65:fd:3f:ce:
26:31:13:43:2a:57:a8:d4:9d:5d:0d:9d:cf:5f:10:
61:cc:72:55:78:56:91:34:66:8d:e8:9c:d6:40:18:
42:9b:ed:86:4d:4e:e4:b7:ae:1f:78:51:7d:85:21:
31:ab:9c:03:a8:9d:37:87:a4:60:93:6a:76:ae:a4:
d7:6c:6d:45:96:50:bf:c4:6c:9e:8b:32:3c:98:35:
bc:12:43:52:2f:41:53:9b:78:aa:16:7d:3c:d0:a8:
15:63:ca:76:1b:b7:27:2b:b6:20:44:68:0f:0e:8e:
76:74:98:2d:da:b4:b2:d9:62:80:fe:45:3a:b8:73:
d6:07:04:eb:fd:9a:65:9f:9d:16:0a:96:5a:de:65:
20:37:6c:7e:4f:9b:7a:6c:f0:04:b9:4a:38:87:82:
e6:c5:38:cf:8c:6a:0e:1d:28:55:ea:74:9c:a0:ee:
2b:54:b6:19:08:df:a0:4e:e2:d3:c0:29:ee:97:26:
2f:a8:e7:91:3d:54:27:15:54:40:1b:b4:e7:45:a0:
da:d8:29:6f:71:96:49:99:91:f2:c6:d2:f8:f6:d0:
d2:a2:3b:29:02:cf:ae:0b:09:7f:6a:b5:bb:f3:ab:
6e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:91:F5:22:35:89:0E:B2:CC:56:61:A0:E3:48:67:D9:E7:A2:8C:59
X509v3 Authority Key Identifier:
keyid:6F:A8:6D:1C:16:76:A5:9A:46:AC:F3:73:36:19:2E:98:5C:FF:0E:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/EpH1IjWJDrLMVmGg40hn2eeijFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.173.0/24
80.94.82.0/24
185.35.144.0/22
IPv6:
2a04:4fe0::/30
Signature Algorithm: sha256WithRSAEncryption
57:89:69:d7:ea:55:b9:6e:17:6e:e8:80:bc:12:53:4f:42:eb:
75:47:cd:48:27:29:77:22:3f:34:bd:ae:6c:58:59:b4:83:1e:
ae:19:22:cf:ec:ef:be:dc:b5:a8:b6:d8:08:e8:ba:2a:9e:38:
51:53:5b:23:35:cd:c7:1a:7b:58:ab:e0:82:a0:4e:34:7e:15:
34:65:08:de:f2:8d:f7:48:55:ce:7b:d9:f6:ac:9c:4b:01:42:
41:a5:9b:63:d5:ab:76:ae:e2:4a:99:51:18:d0:45:cd:40:27:
41:92:01:a9:30:05:5d:c8:8e:a4:79:81:93:42:a3:39:41:67:
1a:52:08:83:af:99:94:42:c0:24:81:7a:79:9b:85:bd:d1:a3:
07:31:09:96:de:80:f8:01:7c:25:c2:7f:c7:34:76:34:1a:08:
d1:0d:e0:97:6f:fd:f1:99:a9:8b:4f:71:d5:b9:c2:3d:36:c7:
dc:38:28:0a:63:be:bd:43:4b:5d:06:dc:6a:36:8f:e4:51:0d:
b6:fd:ff:c7:d4:fd:a5:1b:de:ba:97:8e:3d:16:09:e1:a0:30:
7e:f8:4b:50:30:17:e9:71:4c:df:b3:e8:d9:95:c0:8f:65:88:
a5:0d:d8:31:d9:06:ad:18:02:96:a2:bc:d5:94:72:05:3d:60:
68:19:4d:ca
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZgKTTTes3bP8eZe1s2fHeLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTg2ZDFjMTY3NmE1OWE0NmFjZjM3MzM2MTkyZTk4NWNm
ZjBlNWIwHhcNMjUwNzE0MTg1ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjkxZjUyMjM1ODkwZWIyY2M1NjYxYTBlMzQ4NjdkOWU3YTI4YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLZxRu1OLe4aDNrSaCSUpMVrHTke
Y7ksUmX9P84mMRNDKleo1J1dDZ3PXxBhzHJVeFaRNGaN6JzWQBhCm+2GTU7kt64f
eFF9hSExq5wDqJ03h6Rgk2p2rqTXbG1FllC/xGyeizI8mDW8EkNSL0FTm3iqFn08
0KgVY8p2G7cnK7YgRGgPDo52dJgt2rSy2WKA/kU6uHPWBwTr/Zpln50WCpZa3mUg
N2x+T5t6bPAEuUo4h4LmxTjPjGoOHShV6nScoO4rVLYZCN+gTuLTwCnulyYvqOeR
PVQnFVRAG7TnRaDa2ClvcZZJmZHyxtL49tDSojspAs+uCwl/arW786turwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBKR9SI1iQ6yzFZhoONIZ9nnooxZMB8GA1UdIwQY
MBaAFG+obRwWdqWaRqzzczYZLphc/w5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZodEhCWjJwWnBHclBOek5oa3VtRnpfRGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZmUzNzMtZTViYy00MDEwLThhZDYt
NmFhYjJiMWI5MjJjLzEvRXBIMUlqV0pEckxNVm1HZzQwaG4yZWVpakZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZmUzNzMtZTViYy00MDEwLThhZDYtNmFhYjJiMWI5MjJj
LzEvYjZodEhCWjJwWnBHclBOek5oa3VtRnpfRGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALQ6tAwQA
UF5SAwQCuSOQMA0EAgACMAcDBQIqBE/gMA0GCSqGSIb3DQEBCwUAA4IBAQBXiWnX
6lW5bhdu6IC8ElNPQut1R81IJyl3Ij80va5sWFm0gx6uGSLP7O++3LWottgI6Loq
njhRU1sjNc3HGntYq+CCoE40fhU0ZQje8o33SFXOe9n2rJxLAUJBpZtj1at2ruJK
mVEY0EXNQCdBkgGpMAVdyI6keYGTQqM5QWcaUgiDr5mUQsAkgXp5m4W90aMHMQmW
3oD4AXwlwn/HNHY0GgjRDeCXb/3xmamLT3HVucI9NsfcOCgKY769Q0tdBtxqNo/k
UQ22/f/H1P2lG966l449FgnhoDB++EtQMBfpcUzfs+jZlcCPZYilDdgx2QatGAKW
orzVlHIFPWBoGU3K
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:18:49 2025 by rpki-client