Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/EUXa9q5xtqzn4TSNfTmHnokkF1o.roa
File: EUXa9q5xtqzn4TSNfTmHnokkF1o.roa (raw, json)
Hash identifier: ADBuDOAgvTiWwaaapmGOXdArliGnR/m+Z6wK3OiJpWM=
Subject key identifier: 11:45:DA:F6:AE:71:B6:AC:E7:E1:34:8D:7D:39:87:9E:89:24:17:5A
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 0198EB40B93AA2183B1F06C64D6695ED30CB
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/EUXa9q5xtqzn4TSNfTmHnokkF1o.roa
Signing time: Wed 27 Aug 2025 11:19:04 +0000
ROA not before: Wed 27 Aug 2025 11:19:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3292
IP address blocks: 2.104.0.0/14 maxlen: 14
2.108.0.0/15 maxlen: 15
2.111.0.0/16 maxlen: 16
62.135.128.0/17 maxlen: 17
62.242.0.0/15 maxlen: 15
80.62.0.0/15 maxlen: 15
80.160.0.0/13 maxlen: 13
80.196.0.0/14 maxlen: 14
81.31.80.0/20 maxlen: 20
83.88.0.0/13 maxlen: 13
85.129.0.0/17 maxlen: 17
87.48.0.0/13 maxlen: 13
87.56.32.0/19 maxlen: 19
87.56.128.0/17 maxlen: 17
87.57.0.0/16 maxlen: 16
87.58.0.0/18 maxlen: 18
87.58.128.0/17 maxlen: 17
87.59.0.0/16 maxlen: 16
87.60.0.0/14 maxlen: 14
93.160.0.0/13 maxlen: 13
93.178.128.0/18 maxlen: 18
94.189.0.0/17 maxlen: 17
95.166.64.0/18 maxlen: 18
95.166.128.0/17 maxlen: 17
128.76.0.0/18 maxlen: 18
128.76.128.0/17 maxlen: 17
128.77.128.0/17 maxlen: 17
131.164.0.0/16 maxlen: 16
176.20.0.0/17 maxlen: 17
176.20.224.0/19 maxlen: 19
176.21.0.0/16 maxlen: 16
176.22.0.0/16 maxlen: 16
176.23.0.0/17 maxlen: 17
176.23.160.0/19 maxlen: 19
176.23.192.0/18 maxlen: 18
188.176.0.0/13 maxlen: 13
192.66.25.0/24 maxlen: 24
192.66.33.0/24 maxlen: 24
192.66.36.0/24 maxlen: 24
192.66.38.0/24 maxlen: 24
192.66.175.0/24 maxlen: 24
192.66.180.0/24 maxlen: 24
192.66.181.0/24 maxlen: 24
193.3.130.0/23 maxlen: 23
193.3.140.0/24 maxlen: 24
193.3.141.0/24 maxlen: 24
193.3.142.0/24 maxlen: 24
193.3.224.0/22 maxlen: 22
193.39.139.0/24 maxlen: 24
193.88.0.0/15 maxlen: 15
193.162.32.0/23 maxlen: 23
193.162.98.0/23 maxlen: 23
193.162.145.0/24 maxlen: 24
193.162.146.0/24 maxlen: 24
193.162.152.0/21 maxlen: 21
193.163.10.0/24 maxlen: 24
193.163.24.0/22 maxlen: 22
193.163.158.0/23 maxlen: 23
193.163.160.0/21 maxlen: 21
194.182.128.0/20 maxlen: 20
194.182.144.0/21 maxlen: 21
194.182.232.0/21 maxlen: 21
194.182.240.0/20 maxlen: 20
194.192.0.0/16 maxlen: 16
194.239.0.0/16 maxlen: 16
194.247.188.0/23 maxlen: 23
195.41.0.0/16 maxlen: 16
195.95.181.0/24 maxlen: 24
195.97.128.0/18 maxlen: 18
195.184.32.0/19 maxlen: 19
195.215.0.0/16 maxlen: 16
195.249.0.0/16 maxlen: 16
212.130.0.0/16 maxlen: 16
2001:6c8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 14:10:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:40:b9:3a:a2:18:3b:1f:06:c6:4d:66:95:ed:30:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Aug 27 11:19:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1145daf6ae71b6ace7e1348d7d39879e8924175a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:14:3f:dc:5e:1d:42:69:6e:ba:07:19:08:b4:
81:23:ef:0e:4f:54:b0:9b:b8:bc:7a:1a:e4:4b:79:
6c:fb:de:ca:b6:a7:32:93:b6:e7:e5:19:23:0c:0e:
11:46:a1:5b:1c:8f:64:17:07:cb:5c:8c:e5:69:be:
b5:f7:4b:e3:f8:b4:c6:42:83:29:c9:7f:78:ec:6f:
e3:25:20:7b:9b:ed:38:51:35:84:4a:23:10:50:ea:
26:46:75:2a:0c:f7:b6:46:ee:21:d8:cc:ef:51:ef:
7a:2d:15:78:93:d7:3f:ac:6f:6f:ff:a7:94:fd:c3:
df:72:af:03:01:b6:95:0e:cd:cd:8e:18:ae:39:e4:
a0:7f:c8:d8:7d:94:85:27:fb:99:58:c7:e9:31:49:
f3:a0:ca:9b:fa:8d:83:91:7f:e2:23:95:70:a3:19:
35:f6:10:b2:3d:ff:4a:86:bb:73:08:1e:13:53:1b:
b0:bf:4f:8a:d9:bd:67:f4:d1:93:9b:44:ae:ce:42:
1b:00:2a:42:ec:0a:ff:99:e9:bc:4d:83:fd:96:b4:
f7:c3:08:31:a9:18:df:26:34:88:df:7b:d7:d6:c9:
b5:e3:fb:73:a7:fc:ed:dc:49:e0:01:2e:5b:1a:26:
21:1f:b3:f3:95:2c:44:9c:03:70:55:da:19:b3:8f:
31:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:45:DA:F6:AE:71:B6:AC:E7:E1:34:8D:7D:39:87:9E:89:24:17:5A
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/EUXa9q5xtqzn4TSNfTmHnokkF1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.104.0.0-2.109.255.255
2.111.0.0/16
62.135.128.0/17
62.242.0.0/15
80.62.0.0/15
80.160.0.0/13
80.196.0.0/14
81.31.80.0/20
83.88.0.0/13
85.129.0.0/17
87.48.0.0/13
87.56.32.0/19
87.56.128.0-87.58.63.255
87.58.128.0-87.63.255.255
93.160.0.0/13
93.178.128.0/18
94.189.0.0/17
95.166.64.0-95.166.255.255
128.76.0.0/18
128.76.128.0/17
128.77.128.0/17
131.164.0.0/16
176.20.0.0/17
176.20.224.0-176.23.127.255
176.23.160.0-176.23.255.255
188.176.0.0/13
192.66.25.0/24
192.66.33.0/24
192.66.36.0/24
192.66.38.0/24
192.66.175.0/24
192.66.180.0/23
193.3.130.0/23
193.3.140.0-193.3.142.255
193.3.224.0/22
193.39.139.0/24
193.88.0.0/15
193.162.32.0/23
193.162.98.0/23
193.162.145.0-193.162.146.255
193.162.152.0/21
193.163.10.0/24
193.163.24.0/22
193.163.158.0-193.163.167.255
194.182.128.0-194.182.151.255
194.182.232.0-194.182.255.255
194.192.0.0/16
194.239.0.0/16
194.247.188.0/23
195.41.0.0/16
195.95.181.0/24
195.97.128.0/18
195.184.32.0/19
195.215.0.0/16
195.249.0.0/16
212.130.0.0/16
IPv6:
2001:6c8::/29
Signature Algorithm: sha256WithRSAEncryption
57:d5:a3:6d:30:c8:58:37:26:69:c0:13:3b:9a:90:11:1f:0f:
5c:c3:7f:fc:03:0d:dd:1b:60:85:4c:28:c8:1c:4b:6b:eb:04:
fb:3e:21:d8:6d:4d:af:7f:fd:0e:d2:13:18:8e:88:3d:7a:ea:
0c:4d:1f:cb:b0:39:4d:ad:9d:ae:02:dc:9e:fe:fa:72:e7:05:
54:d9:db:08:89:58:47:4c:b1:ea:ac:32:42:e1:80:4e:62:88:
1c:6a:50:b6:5a:fd:74:a5:6b:66:d3:ec:81:43:38:cf:b7:e9:
04:a1:64:23:af:12:86:7a:3a:a0:fc:03:0c:56:67:ed:5a:a2:
28:9c:57:c9:94:bd:b4:70:fa:15:b5:bf:95:fc:b2:f7:6b:59:
23:3b:a6:b7:f1:3d:78:0e:2d:23:4c:27:57:a3:76:2f:97:58:
c1:54:cb:7c:28:7c:9b:07:ef:9d:bf:c9:c7:f9:3e:29:78:1b:
91:5d:dd:55:23:6b:03:49:e6:52:bd:06:89:6c:19:ad:ae:b8:
bb:9b:13:46:b2:8e:fc:54:5e:1b:d3:88:09:06:73:f3:12:0d:
b4:45:75:28:24:55:b9:ea:3f:02:07:4c:b5:04:9b:54:8b:de:
8a:a1:2f:c2:e9:26:07:88:fb:8c:90:3a:a9:84:05:b5:55:7f:
f1:d2:23:5e
-----BEGIN CERTIFICATE-----
MIIGoTCCBYmgAwIBAgISAZjrQLk6ohg7HwbGTWaV7TDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGIyNGM3NmFkODdhNmMxZmVkZmZhZjA4ZDliMTdiNDUy
NDk5OTEwHhcNMjUwODI3MTExOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTQ1ZGFmNmFlNzFiNmFjZTdlMTM0OGQ3ZDM5ODc5ZTg5MjQxNzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBQ/3F4dQmluugcZCLSBI+8OT1Sw
m7i8ehrkS3ls+97Ktqcyk7bn5RkjDA4RRqFbHI9kFwfLXIzlab6190vj+LTGQoMp
yX947G/jJSB7m+04UTWESiMQUOomRnUqDPe2Ru4h2MzvUe96LRV4k9c/rG9v/6eU
/cPfcq8DAbaVDs3NjhiuOeSgf8jYfZSFJ/uZWMfpMUnzoMqb+o2DkX/iI5Vwoxk1
9hCyPf9KhrtzCB4TUxuwv0+K2b1n9NGTm0SuzkIbACpC7Ar/mem8TYP9lrT3wwgx
qRjfJjSI33vX1sm14/tzp/zt3EngAS5bGiYhH7PzlSxEnANwVdoZs48xRQIDAQAB
o4IDrTCCA6kwHQYDVR0OBBYEFBFF2vaucbas5+E0jX05h56JJBdaMB8GA1UdIwQY
MBaAFC6LJMdq2HpsH+3/rwjZsXtFJJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAt
OTExOTBhMDJkYjcwLzEvRVVYYTlxNXh0cXpuNFRTTmZUbUhub2trRjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAtOTExOTBhMDJkYjcw
LzEvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBwQYIKwYBBQUHAQcBAf8EggGwMIIBrDCCAZkEAgABMIIB
kTAKAwMDAmgDAwECbAMDAAJvAwQHPoeAAwMBPvIDAwFQPgMDA1CgAwMCUMQDBARR
H1ADAwNTWAMEB1WBAAMDA1cwAwQFVzggMAwDBAdXOIADBAZXOgAwCwMEB1c6gAMD
BlcAAwMDXaADBAZdsoADBAdevQAwCwMEBl+mQAMDAF+mAwQGgEwAAwQHgEyAAwQH
gE2AAwMAg6QDBAewFAAwDAMEBbAU4AMEB7AXADALAwQFsBegAwMDsBADAwO8sAME
AMBCGQMEAMBCIQMEAMBCJAMEAMBCJgMEAMBCrwMEAcBCtAMEAcEDgjAMAwQCwQOM
AwQAwQOOAwQCwQPgAwQAwSeLAwMBwVgDBAHBoiADBAHBomIwDAMEAMGikQMEAMGi
kgMEA8GimAMEAMGjCgMEAsGjGDAMAwQBwaOeAwQDwaOgMAwDBAfCtoADBAPCtpAw
CwMEA8K26AMDAMK2AwMAwsADAwDC7wMEAcL3vAMDAMMpAwQAw1+1AwQGw2GAAwQF
w7ggAwMAw9cDAwDD+QMDANSCMA0EAgACMAcDBQMgAQbIMA0GCSqGSIb3DQEBCwUA
A4IBAQBX1aNtMMhYNyZpwBM7mpARHw9cw3/8Aw3dG2CFTCjIHEtr6wT7PiHYbU2v
f/0O0hMYjog9euoMTR/LsDlNrZ2uAtye/vpy5wVU2dsIiVhHTLHqrDJC4YBOYogc
alC2Wv10pWtm0+yBQzjPt+kEoWQjrxKGejqg/AMMVmftWqIonFfJlL20cPoVtb+V
/LL3a1kjO6a38T14Di0jTCdXo3Yvl1jBVMt8KHybB++dv8nH+T4peBuRXd1VI2sD
SeZSvQaJbBmtrri7mxNGso78VF4b04gJBnPzEg20RXUoJFW56j8CB0y1BJtUi96K
oS/C6SYHiPuMkDqphAW1VX/x0iNe
-----END CERTIFICATE-----
Generated at Mon Sep 8 22:41:36 2025 by rpki-client