Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/JEcABUIWGeGAB7DoV3FGz8zRXXA.roa
File: JEcABUIWGeGAB7DoV3FGz8zRXXA.roa (raw, json)
Hash identifier: 7sPzS1pkPk8O4WZjl6r+glhCeSX8/f48mK6NROPhc4o=
Subject key identifier: 24:47:00:05:42:16:19:E1:80:07:B0:E8:57:71:46:CF:CC:D1:5D:70
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 0199157095F6E9F069C150E1ED97370DE648
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/JEcABUIWGeGAB7DoV3FGz8zRXXA.roa
Signing time: Thu 04 Sep 2025 15:55:23 +0000
ROA not before: Thu 04 Sep 2025 15:55:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8069
IP address blocks: 145.190.0.0/23 maxlen: 23
145.190.2.0/24 maxlen: 24
145.190.7.0/24 maxlen: 24
145.190.32.0/22 maxlen: 22
145.190.36.0/24 maxlen: 24
145.190.37.0/24 maxlen: 24
145.190.38.0/23 maxlen: 23
145.190.40.0/23 maxlen: 23
145.190.42.0/24 maxlen: 24
145.190.43.0/24 maxlen: 24
145.190.44.0/22 maxlen: 22
145.190.48.0/22 maxlen: 22
145.190.52.0/23 maxlen: 23
145.190.54.0/24 maxlen: 24
145.190.55.0/24 maxlen: 24
145.190.56.0/23 maxlen: 23
145.190.58.0/24 maxlen: 24
145.190.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:15:70:95:f6:e9:f0:69:c1:50:e1:ed:97:37:0d:e6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Sep 4 15:55:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24470005421619e18007b0e8577146cfccd15d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2d:e4:37:a9:1c:99:bd:9b:e5:6e:c3:23:39:
6e:ef:ad:82:e3:ba:cc:f9:86:84:c9:30:72:7e:87:
3d:af:3c:50:5a:ea:67:8c:70:52:a5:3e:a9:ec:6a:
13:65:6f:24:a6:0b:35:40:2e:58:4a:dd:ac:7f:12:
a2:4c:cc:59:8b:29:4f:b5:f3:c4:e5:04:56:19:98:
15:06:b0:c2:95:40:8c:70:e8:62:21:01:61:bc:83:
1f:9b:40:27:73:5f:1b:01:c7:8f:7f:82:2c:37:bb:
46:b9:27:56:f0:8b:29:89:25:04:24:4e:34:ac:83:
54:da:18:86:a5:6e:7b:b4:84:0a:ef:4f:5e:be:9d:
54:d2:f7:6d:06:0c:50:54:37:ae:45:d1:ae:9b:f6:
09:9d:54:ef:40:19:fe:96:25:6c:4e:e7:78:75:3b:
0b:b4:a7:42:0d:43:1d:5f:7a:05:c9:ba:bc:96:b9:
96:69:c1:8f:f9:d6:bb:cc:99:f9:14:37:97:d6:f7:
33:c0:43:1a:e6:33:9a:32:bc:9f:b9:99:a0:27:63:
97:f9:6f:07:08:07:19:a1:bf:10:b3:ee:89:3f:da:
76:5c:60:0f:60:e0:6f:34:ff:8f:df:39:f1:b9:2c:
54:2d:e9:b0:69:63:80:09:19:d3:81:09:53:53:a7:
fc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:47:00:05:42:16:19:E1:80:07:B0:E8:57:71:46:CF:CC:D1:5D:70
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/JEcABUIWGeGAB7DoV3FGz8zRXXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.190.0.0-145.190.2.255
145.190.7.0/24
145.190.32.0-145.190.59.255
Signature Algorithm: sha256WithRSAEncryption
2a:06:38:82:b9:45:74:7e:2b:5a:c8:dd:79:8a:f6:ec:e9:6a:
86:3f:3b:f7:2a:b3:57:67:be:3c:8e:72:2c:bb:96:b6:5f:32:
7d:d4:b4:e0:1f:7b:4b:3b:ea:c7:cc:a0:61:91:3a:2c:5b:c3:
f1:ea:c3:6c:53:25:51:de:c3:bb:e2:f9:23:98:44:eb:d5:cd:
7b:25:a7:2f:7a:19:a9:f6:56:74:6f:76:fa:45:6c:bf:31:6c:
58:c0:6d:08:d1:11:6b:a3:fb:9f:04:bd:32:c2:e1:70:f3:12:
64:23:c5:69:d1:70:de:bc:9b:89:1b:3b:3e:e0:b5:2e:8e:51:
83:2e:c8:ed:f2:8d:c7:4e:87:bc:d7:c8:53:59:c3:74:c8:97:
6b:c0:96:f1:41:67:d3:ef:f2:0e:7b:67:10:26:dc:c3:1c:d8:
53:f7:55:e3:9a:d8:22:e8:4f:5f:a3:8c:d4:8f:ce:23:6e:d8:
c4:51:ff:35:12:cc:23:7f:38:53:9f:9e:8f:9d:26:05:f4:5f:
78:86:c1:53:c0:1d:92:30:86:63:dc:26:7b:31:fe:2b:c6:64:
ae:03:c1:59:49:18:d3:6a:95:c7:ef:07:53:5d:1a:60:c5:5b:
0b:8b:c2:78:92:b7:e8:da:61:1d:9d:3c:1f:db:02:5c:9e:02:
2a:21:68:10
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZkVcJX26fBpwVDh7Zc3DeZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjUwOTA0MTU1NTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQ3MDAwNTQyMTYxOWUxODAwN2IwZTg1NzcxNDZjZmNjZDE1ZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui3kN6kcmb2b5W7DIzlu762C47rM
+YaEyTByfoc9rzxQWupnjHBSpT6p7GoTZW8kpgs1QC5YSt2sfxKiTMxZiylPtfPE
5QRWGZgVBrDClUCMcOhiIQFhvIMfm0Anc18bAcePf4IsN7tGuSdW8IspiSUEJE40
rINU2hiGpW57tIQK709evp1U0vdtBgxQVDeuRdGum/YJnVTvQBn+liVsTud4dTsL
tKdCDUMdX3oFybq8lrmWacGP+da7zJn5FDeX1vczwEMa5jOaMryfuZmgJ2OX+W8H
CAcZob8Qs+6JP9p2XGAPYOBvNP+P3znxuSxULemwaWOACRnTgQlTU6f85QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCRHAAVCFhnhgAew6FdxRs/M0V1wMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvSkVjQUJVSVdHZUdBQjdEb1YzRkd6OHpSWFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhMAsDAwGRvgME
AJG+AgMEAJG+BzAMAwQFkb4gAwQCkb44MA0GCSqGSIb3DQEBCwUAA4IBAQAqBjiC
uUV0fitayN15ivbs6WqGPzv3KrNXZ748jnIsu5a2XzJ91LTgH3tLO+rHzKBhkTos
W8Px6sNsUyVR3sO74vkjmETr1c17Jacvehmp9lZ0b3b6RWy/MWxYwG0I0RFro/uf
BL0ywuFw8xJkI8Vp0XDevJuJGzs+4LUujlGDLsjt8o3HToe818hTWcN0yJdrwJbx
QWfT7/IOe2cQJtzDHNhT91Xjmtgi6E9fo4zUj84jbtjEUf81EswjfzhTn56PnSYF
9F94hsFTwB2SMIZj3CZ7Mf4rxmSuA8FZSRjTapXH7wdTXRpgxVsLi8J4krfo2mEd
nTwf2wJcngIqIWgQ
-----END CERTIFICATE-----
Generated at Tue Sep 9 11:51:50 2025 by rpki-client