Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/6eTh4HjpwhP0yy4gl6mlpnwuhNo.roa
File: 6eTh4HjpwhP0yy4gl6mlpnwuhNo.roa (raw, json)
Hash identifier: X74Sl2aaVeXnMe6YeKSUm/NLH9L0iQzrWyncVKk85OU=
Subject key identifier: E9:E4:E1:E0:78:E9:C2:13:F4:CB:2E:20:97:A9:A5:A6:7C:2E:84:DA
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0198A7BA0BF52A687E6C7179AC622DEA4361
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/6eTh4HjpwhP0yy4gl6mlpnwuhNo.roa
Signing time: Thu 14 Aug 2025 08:37:24 +0000
ROA not before: Thu 14 Aug 2025 08:37:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.138.12.0/22 maxlen: 22
193.135.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 Aug 2025 23:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a7:ba:0b:f5:2a:68:7e:6c:71:79:ac:62:2d:ea:43:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Aug 14 08:37:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9e4e1e078e9c213f4cb2e2097a9a5a67c2e84da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5e:86:b0:c3:c3:5d:06:4a:fd:8e:28:75:f8:
77:0d:21:77:93:93:c0:28:6b:91:e5:c9:78:57:05:
54:af:9f:6d:2c:bc:2d:02:69:4f:53:8a:1c:90:a0:
b5:80:2c:af:87:a0:58:a3:ff:30:5b:81:6f:3f:6e:
b6:44:f4:64:12:6e:3f:78:e4:1a:e0:b4:e4:4f:ec:
d9:f7:c0:61:d6:e1:19:99:c0:9d:6b:05:4c:cc:6b:
a7:8e:1c:b6:4d:c9:ab:23:e8:4d:d7:56:96:30:70:
73:c4:db:7d:7b:46:f4:61:39:6e:37:b0:a1:2a:8e:
08:9b:79:07:d1:8d:b8:ad:cf:a8:e5:66:7c:49:b8:
a4:36:a3:8b:8b:40:2d:70:92:28:70:33:13:e6:39:
e4:9b:82:05:60:07:aa:d3:ae:7c:f9:82:05:a2:ac:
e5:c4:cb:ee:b2:ca:d5:6c:70:69:c7:58:e3:57:35:
b9:9a:0c:ef:c7:ae:a3:cb:53:c4:08:f5:0b:d5:03:
fe:1e:c1:fb:cd:aa:14:3e:df:dd:c5:e5:f1:75:10:
95:da:1e:39:1b:be:74:83:da:7e:45:2a:18:cd:ac:
42:bb:79:be:4a:cb:3d:d8:d9:74:55:cc:61:82:1b:
b3:99:b5:a1:32:5d:dd:20:f7:43:1d:db:61:de:05:
8b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E4:E1:E0:78:E9:C2:13:F4:CB:2E:20:97:A9:A5:A6:7C:2E:84:DA
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/6eTh4HjpwhP0yy4gl6mlpnwuhNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
193.135.151.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:43:dd:98:be:e3:24:e4:28:8a:f1:e4:fd:e5:58:db:c9:a2:
80:bd:7d:b0:95:60:d0:8e:b0:6a:1d:d1:c4:cf:b7:c5:e7:4a:
c2:51:0e:08:b1:1f:38:08:2c:2f:3e:72:d7:92:23:fa:66:e0:
c2:2a:5f:23:50:4a:62:54:da:bb:ba:8d:66:9f:4a:47:8d:b0:
de:3f:e0:ad:c4:81:7a:30:ae:10:d6:31:69:a4:36:e0:72:3c:
1f:a2:67:19:81:58:61:0a:c7:5c:23:14:aa:5a:1c:1b:54:3b:
7e:5c:6f:5f:a7:ef:67:09:19:88:ed:c2:20:d8:17:c6:7f:90:
4f:6e:ac:e2:85:d3:88:5e:ee:10:14:ec:77:9e:b3:d5:be:7b:
4c:59:be:15:fb:c4:70:09:44:2d:97:71:38:7a:91:13:6c:6f:
bb:20:6d:5f:fa:7a:f3:3a:d6:eb:ce:42:a4:56:ef:40:38:d5:
12:5b:c8:d6:f7:b9:e8:d6:24:14:1a:04:a4:f2:77:84:d1:05:
79:ac:00:8b:47:31:31:b6:97:d0:d4:d4:23:38:6a:a4:dc:8a:
b0:11:87:c1:1e:2a:2b:e0:5c:48:e6:90:fe:fe:58:e6:58:cf:
2a:a0:47:a0:66:34:32:d3:04:7a:8b:65:c3:e9:41:e5:72:b7:
5c:c7:80:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZinugv1Kmh+bHF5rGIt6kNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwODE0MDgzNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWU0ZTFlMDc4ZTljMjEzZjRjYjJlMjA5N2E5YTVhNjdjMmU4NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF6GsMPDXQZK/Y4odfh3DSF3k5PA
KGuR5cl4VwVUr59tLLwtAmlPU4ockKC1gCyvh6BYo/8wW4FvP262RPRkEm4/eOQa
4LTkT+zZ98Bh1uEZmcCdawVMzGunjhy2TcmrI+hN11aWMHBzxNt9e0b0YTluN7Ch
Ko4Im3kH0Y24rc+o5WZ8SbikNqOLi0AtcJIocDMT5jnkm4IFYAeq0658+YIFoqzl
xMvussrVbHBpx1jjVzW5mgzvx66jy1PECPUL1QP+HsH7zaoUPt/dxeXxdRCV2h45
G750g9p+RSoYzaxCu3m+Sss92Nl0VcxhghuzmbWhMl3dIPdDHdth3gWLIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOnk4eB46cIT9MsuIJeppaZ8LoTaMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvNmVUaDRIanB3aFAweXk0Z2w2bWxwbnd1aE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYoMAwQA
wYeXMA0GCSqGSIb3DQEBCwUAA4IBAQCKQ92YvuMk5CiK8eT95VjbyaKAvX2wlWDQ
jrBqHdHEz7fF50rCUQ4IsR84CCwvPnLXkiP6ZuDCKl8jUEpiVNq7uo1mn0pHjbDe
P+CtxIF6MK4Q1jFppDbgcjwfomcZgVhhCsdcIxSqWhwbVDt+XG9fp+9nCRmI7cIg
2BfGf5BPbqzihdOIXu4QFOx3nrPVvntMWb4V+8RwCUQtl3E4epETbG+7IG1f+nrz
OtbrzkKkVu9AONUSW8jW97no1iQUGgSk8neE0QV5rACLRzExtpfQ1NQjOGqk3Iqw
EYfBHior4FxI5pD+/ljmWM8qoEegZjQy0wR6i2XD6UHlcrdcx4DA
-----END CERTIFICATE-----
Generated at Wed Aug 20 08:33:50 2025 by rpki-client