Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/986fe9-87cc-4d29-886e-d0ac1e048f67/1/EH144RlS9tYegrfhZ25_cqW-gBI.roa
File: EH144RlS9tYegrfhZ25_cqW-gBI.roa (raw, json)
Hash identifier: Ttw1qNIRRS2B0AROxbo5XeY9lM7BFHJCMEp5DgGhToo=
Subject key identifier: 10:7D:78:E1:19:52:F6:D6:1E:82:B7:E1:67:6E:7F:72:A5:BE:80:12
Certificate issuer: /CN=ec24a826202091ac8319f0f06eb796fd82422b0f
Certificate serial: 019906C8069E379043CC57B0CDE41E35F060
Authority key identifier: EC:24:A8:26:20:20:91:AC:83:19:F0:F0:6E:B7:96:FD:82:42:2B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7CSoJiAgkayDGfDwbreW_YJCKw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/986fe9-87cc-4d29-886e-d0ac1e048f67/1/EH144RlS9tYegrfhZ25_cqW-gBI.roa
Signing time: Mon 01 Sep 2025 19:36:36 +0000
ROA not before: Mon 01 Sep 2025 19:36:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61337
IP address blocks: 45.153.132.0/23 maxlen: 23
45.153.134.0/24 maxlen: 24
85.199.212.0/22 maxlen: 22
91.230.243.0/24 maxlen: 24
194.55.0.0/24 maxlen: 24
194.55.40.0/24 maxlen: 24
194.55.43.0/24 maxlen: 24
194.60.198.0/23 maxlen: 23
195.66.148.0/23 maxlen: 23
2001:67c:504::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/986fe9-87cc-4d29-886e-d0ac1e048f67/1/7CSoJiAgkayDGfDwbreW_YJCKw8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/986fe9-87cc-4d29-886e-d0ac1e048f67/1/7CSoJiAgkayDGfDwbreW_YJCKw8.mft
rsync://rpki.ripe.net/repository/DEFAULT/7CSoJiAgkayDGfDwbreW_YJCKw8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:06:c8:06:9e:37:90:43:cc:57:b0:cd:e4:1e:35:f0:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec24a826202091ac8319f0f06eb796fd82422b0f
Validity
Not Before: Sep 1 19:36:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=107d78e11952f6d61e82b7e1676e7f72a5be8012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:33:b0:75:62:bc:2b:41:d2:ed:5c:cf:4c:f9:
5a:e2:79:2a:4a:82:a3:10:9d:5d:c4:c3:d3:91:51:
1e:e3:5b:f5:77:fb:47:cc:90:67:d3:47:ea:01:49:
d7:32:55:3e:df:0b:f9:26:9d:ab:b3:72:9f:97:e0:
3f:f1:0d:0b:64:0d:49:3d:38:d5:82:91:d6:ce:62:
83:bf:81:69:62:d0:46:86:0a:ab:5b:19:be:a2:79:
08:d7:1e:55:a7:7b:84:b2:ca:b4:d6:26:61:e1:34:
0c:e5:5e:cf:63:62:54:c2:26:1d:91:38:66:64:c1:
d0:f8:d6:3e:21:07:3b:39:8a:2c:be:5a:14:08:c0:
b2:c8:87:88:a9:c7:9d:2f:44:f6:c5:5c:dc:33:77:
01:91:25:f9:eb:31:18:ac:0b:8b:7a:6a:d6:2f:42:
bf:3e:b2:f4:76:65:99:29:e8:18:bd:a3:e2:1e:a7:
ab:32:7f:49:84:d5:4e:5b:00:9c:27:6f:0c:e8:59:
db:86:60:98:53:ee:a8:e0:b0:89:7b:cd:f4:44:9d:
e9:3d:af:68:44:70:96:11:b2:c2:75:20:f2:e2:e1:
9e:fb:b0:37:81:c5:e3:a1:94:09:0a:01:2d:1e:e6:
84:21:cd:26:68:cb:2a:19:b3:f2:40:dc:40:73:23:
b7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:7D:78:E1:19:52:F6:D6:1E:82:B7:E1:67:6E:7F:72:A5:BE:80:12
X509v3 Authority Key Identifier:
keyid:EC:24:A8:26:20:20:91:AC:83:19:F0:F0:6E:B7:96:FD:82:42:2B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7CSoJiAgkayDGfDwbreW_YJCKw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/986fe9-87cc-4d29-886e-d0ac1e048f67/1/EH144RlS9tYegrfhZ25_cqW-gBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/986fe9-87cc-4d29-886e-d0ac1e048f67/1/7CSoJiAgkayDGfDwbreW_YJCKw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.132.0-45.153.134.255
85.199.212.0/22
91.230.243.0/24
194.55.0.0/24
194.55.40.0/24
194.55.43.0/24
194.60.198.0/23
195.66.148.0/23
IPv6:
2001:67c:504::/48
Signature Algorithm: sha256WithRSAEncryption
3e:da:fe:eb:3a:0a:3d:91:54:8d:d0:0c:84:b8:84:99:ac:9c:
23:12:ef:a7:08:63:48:13:63:0e:6e:63:64:e8:99:09:54:c6:
c8:0b:d1:42:f5:15:55:5a:98:74:81:1a:86:99:a9:f8:cb:89:
88:cb:80:1d:00:2a:b5:63:ea:fe:ed:29:b0:f1:ca:d9:82:a7:
5a:cf:62:bc:86:0f:78:bd:fc:35:8d:f5:00:f9:5a:31:ca:14:
26:08:e3:9b:18:a7:18:47:73:4c:ba:38:72:07:b0:0a:72:a7:
de:c1:0f:5a:25:f4:f3:cc:b3:75:e9:46:de:c4:1f:05:5d:5b:
b4:00:f7:48:6d:e1:33:25:1a:33:af:fd:cd:ac:f5:49:0e:02:
cb:ca:49:21:81:6a:82:2c:02:5d:f9:f1:01:c1:6d:28:05:a9:
8e:5a:4a:37:ab:44:27:bb:eb:8c:5a:0c:37:4e:f1:d8:1c:cf:
36:64:6f:30:07:7f:cf:b5:9c:bf:e6:8d:0c:48:68:b4:00:cb:
82:0c:02:67:9a:71:c7:1f:e2:2c:92:c9:8b:cc:cf:39:dc:4e:
eb:65:9d:29:2c:88:41:48:7a:11:12:5b:fa:0c:36:a1:89:a0:
8f:76:ce:ea:88:61:41:96:fd:7f:7a:30:a7:d2:2f:f0:d0:23:
d8:7c:25:b2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZkGyAaeN5BDzFewzeQeNfBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMjRhODI2MjAyMDkxYWM4MzE5ZjBmMDZlYjc5NmZkODI0
MjJiMGYwHhcNMjUwOTAxMTkzNjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDdkNzhlMTE5NTJmNmQ2MWU4MmI3ZTE2NzZlN2Y3MmE1YmU4MDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DOwdWK8K0HS7VzPTPla4nkqSoKj
EJ1dxMPTkVEe41v1d/tHzJBn00fqAUnXMlU+3wv5Jp2rs3Kfl+A/8Q0LZA1JPTjV
gpHWzmKDv4FpYtBGhgqrWxm+onkI1x5Vp3uEssq01iZh4TQM5V7PY2JUwiYdkThm
ZMHQ+NY+IQc7OYosvloUCMCyyIeIqcedL0T2xVzcM3cBkSX56zEYrAuLemrWL0K/
PrL0dmWZKegYvaPiHqerMn9JhNVOWwCcJ28M6FnbhmCYU+6o4LCJe830RJ3pPa9o
RHCWEbLCdSDy4uGe+7A3gcXjoZQJCgEtHuaEIc0maMsqGbPyQNxAcyO3pwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFBB9eOEZUvbWHoK34Wduf3KlvoASMB8GA1UdIwQY
MBaAFOwkqCYgIJGsgxnw8G63lv2CQisPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0NTb0ppQWdrYXlER2ZEd2JyZVdfWUpDS3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS85ODZmZTktODdjYy00ZDI5LTg4NmUt
ZDBhYzFlMDQ4ZjY3LzEvRUgxNDRSbFM5dFllZ3JmaFoyNV9jcVctZ0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS85ODZmZTktODdjYy00ZDI5LTg4NmUtZDBhYzFlMDQ4ZjY3
LzEvN0NTb0ppQWdrYXlER2ZEd2JyZVdfWUpDS3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA+BAIAATA4MAwDBAItmYQD
BAAtmYYDBAJVx9QDBABb5vMDBADCNwADBADCNygDBADCNysDBAHCPMYDBAHDQpQw
DwQCAAIwCQMHACABBnwFBDANBgkqhkiG9w0BAQsFAAOCAQEAPtr+6zoKPZFUjdAM
hLiEmaycIxLvpwhjSBNjDm5jZOiZCVTGyAvRQvUVVVqYdIEahpmp+MuJiMuAHQAq
tWPq/u0psPHK2YKnWs9ivIYPeL38NY31APlaMcoUJgjjmxinGEdzTLo4cgewCnKn
3sEPWiX088yzdelG3sQfBV1btAD3SG3hMyUaM6/9zaz1SQ4Cy8pJIYFqgiwCXfnx
AcFtKAWpjlpKN6tEJ7vrjFoMN07x2BzPNmRvMAd/z7Wcv+aNDEhotADLggwCZ5px
xx/iLJLJi8zPOdxO62WdKSyIQUh6ERJb+gw2oYmgj3bO6ohhQZb9f3owp9Iv8NAj
2Hwlsg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 06:23:13 2025 by rpki-client