Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Eh-HcFrLa8D1qrrEaTz758O7yVg.roa
File: Eh-HcFrLa8D1qrrEaTz758O7yVg.roa (raw, json)
Hash identifier: wn/2ZB7Fm2IegaA/JoFq7Klwt5VUPOyxeOlPv8hz9HM=
Subject key identifier: 12:1F:87:70:5A:CB:6B:C0:F5:AA:BA:C4:69:3C:FB:E7:C3:BB:C9:58
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0196F2691184A8E1510F71628E517BBAA153
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Eh-HcFrLa8D1qrrEaTz758O7yVg.roa
Signing time: Wed 21 May 2025 10:34:54 +0000
ROA not before: Wed 21 May 2025 10:34:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213323
IP address blocks: 80.96.48.0/23 maxlen: 23
80.97.144.0/23 maxlen: 23
80.97.150.0/23 maxlen: 23
81.181.28.0/23 maxlen: 23
81.181.114.0/23 maxlen: 23
81.181.232.0/23 maxlen: 24
194.102.150.0/23 maxlen: 24
194.153.228.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:69:11:84:a8:e1:51:0f:71:62:8e:51:7b:ba:a1:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: May 21 10:34:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=121f87705acb6bc0f5aabac4693cfbe7c3bbc958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:80:2d:6a:63:7a:f3:34:d7:1e:ba:fd:72:42:
47:ba:51:54:6d:25:62:1e:60:5f:43:2a:90:07:4b:
d5:62:ce:4b:00:81:b9:3b:1f:c9:fe:11:06:81:03:
61:a8:75:d2:d8:9a:f3:89:c9:27:87:bc:46:d5:f0:
8a:2b:a8:0a:33:95:4d:eb:19:55:6a:b6:ad:46:9a:
db:4f:cd:39:0d:75:dc:28:ae:5b:33:9e:a6:7d:32:
b3:22:bb:a1:d0:2c:07:32:0f:fb:ff:46:af:a1:4c:
1e:ae:be:2e:00:54:d3:d7:dd:14:52:fc:18:f1:8d:
38:c1:2e:ea:ea:09:28:20:0e:aa:e5:6b:4d:c3:c1:
a4:54:df:1b:c9:0a:ae:ff:2e:69:09:cd:d5:0a:80:
2b:53:0a:da:55:27:45:3a:71:28:ed:ae:c0:6d:60:
80:c1:88:46:29:c9:4a:68:e8:b0:3e:30:a9:7a:90:
73:fd:5c:60:4f:09:92:49:1c:2f:ba:c4:89:93:1d:
af:95:45:7a:55:86:14:6b:69:dd:a8:60:b7:0e:d4:
6b:02:a3:05:da:01:fb:e7:0b:a2:bb:7f:14:fa:26:
04:fc:6d:d4:8b:f8:0c:7e:36:fd:87:bc:f7:1a:bc:
40:d9:76:1d:a5:84:fe:ff:42:c0:d7:1b:98:95:91:
d7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:1F:87:70:5A:CB:6B:C0:F5:AA:BA:C4:69:3C:FB:E7:C3:BB:C9:58
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/Eh-HcFrLa8D1qrrEaTz758O7yVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.48.0/23
80.97.144.0/23
80.97.150.0/23
81.181.28.0/23
81.181.114.0/23
81.181.232.0/23
194.102.150.0/23
194.153.228.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:42:88:b2:b5:36:18:4e:3c:1b:64:d5:34:d8:71:1b:b5:8d:
bc:26:18:1f:46:de:de:e0:4d:d8:4c:3c:ed:19:85:00:a2:9e:
45:42:a0:d7:07:f6:60:90:b2:19:f6:a9:0b:c6:62:2f:e0:54:
96:23:5a:e8:62:07:78:91:a8:af:27:36:ac:8e:b8:4f:a0:a1:
94:c3:5c:9c:b8:60:83:58:64:63:a5:ff:30:ee:f4:04:ed:9e:
81:9e:b6:10:1c:41:53:35:27:70:42:50:4c:55:3d:52:6e:fb:
83:51:aa:7c:0b:53:8f:a1:a0:6d:68:c1:1c:29:e2:ca:60:b8:
51:9f:90:5d:4e:7d:0c:c7:ee:72:cd:52:16:8f:13:25:59:89:
7e:3f:3a:9d:7f:1a:7a:22:0f:d3:72:e9:a0:62:60:be:b0:8a:
2b:f6:82:be:f2:54:14:9f:fc:a2:21:75:23:cd:63:e7:ec:78:
72:ac:dd:34:a5:e8:e2:e2:30:78:61:92:da:b1:23:83:fe:0f:
1d:d2:21:d6:7b:0d:15:2c:82:64:65:99:7f:ce:6a:5e:96:3c:
8e:d6:a3:3e:58:3e:b6:a3:2b:02:06:37:75:90:6f:3b:29:da:
af:07:d5:54:4a:db:75:9a:89:4c:69:ba:e1:15:bd:cd:07:30:
4e:17:28:75
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZbyaRGEqOFRD3FijlF7uqFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNTIxMTAzNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjFmODc3MDVhY2I2YmMwZjVhYWJhYzQ2OTNjZmJlN2MzYmJjOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4AtamN68zTXHrr9ckJHulFUbSVi
HmBfQyqQB0vVYs5LAIG5Ox/J/hEGgQNhqHXS2Jrzicknh7xG1fCKK6gKM5VN6xlV
aratRprbT805DXXcKK5bM56mfTKzIruh0CwHMg/7/0avoUwerr4uAFTT190UUvwY
8Y04wS7q6gkoIA6q5WtNw8GkVN8byQqu/y5pCc3VCoArUwraVSdFOnEo7a7AbWCA
wYhGKclKaOiwPjCpepBz/VxgTwmSSRwvusSJkx2vlUV6VYYUa2ndqGC3DtRrAqMF
2gH75wuiu38U+iYE/G3Ui/gMfjb9h7z3GrxA2XYdpYT+/0LA1xuYlZHXMwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBIfh3Bay2vA9aq6xGk8++fDu8lYMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvRWgtSGNGckxhOEQxcXJyRWFUejc1OE83eVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBUGAwAwQB
UGGQAwQBUGGWAwQBUbUcAwQBUbVyAwQBUbXoAwQBwmaWAwQBwpnkMA0GCSqGSIb3
DQEBCwUAA4IBAQBuQoiytTYYTjwbZNU02HEbtY28JhgfRt7e4E3YTDztGYUAop5F
QqDXB/ZgkLIZ9qkLxmIv4FSWI1roYgd4kaivJzasjrhPoKGUw1ycuGCDWGRjpf8w
7vQE7Z6BnrYQHEFTNSdwQlBMVT1SbvuDUap8C1OPoaBtaMEcKeLKYLhRn5BdTn0M
x+5yzVIWjxMlWYl+Pzqdfxp6Ig/TcumgYmC+sIor9oK+8lQUn/yiIXUjzWPn7Hhy
rN00peji4jB4YZLasSOD/g8d0iHWew0VLIJkZZl/zmpeljyO1qM+WD62oysCBjd1
kG87KdqvB9VUStt1molMabrhFb3NBzBOFyh1
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:25:48 2025 by rpki-client