Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/eehHZCCtBF4ofvtvmkP_R--u6i0.roa
File: eehHZCCtBF4ofvtvmkP_R--u6i0.roa (raw, json)
Hash identifier: Qv+/+I4mInj8ZQpbVci07W/0Cj+7zt+KBmz4hdMjJLU=
Subject key identifier: 79:E8:47:64:20:AD:04:5E:28:7E:FB:6F:9A:43:FF:47:EF:AE:EA:2D
Certificate issuer: /CN=9854bd8a863a31895cc6cb922f3008b3f08aadae
Certificate serial: 0199A1656D118EE33B917BCA7197B45B4A17
Authority key identifier: 98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/eehHZCCtBF4ofvtvmkP_R--u6i0.roa
Signing time: Wed 01 Oct 2025 20:10:02 +0000
ROA not before: Wed 01 Oct 2025 20:10:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212774
IP address blocks: 161.108.210.0/24 maxlen: 24
193.46.58.0/24 maxlen: 24
193.46.59.0/24 maxlen: 24
2001:678:10c8::/48 maxlen: 48
2001:67c:478::/48 maxlen: 48
2001:67c:960::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a1:65:6d:11:8e:e3:3b:91:7b:ca:71:97:b4:5b:4a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9854bd8a863a31895cc6cb922f3008b3f08aadae
Validity
Not Before: Oct 1 20:10:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79e8476420ad045e287efb6f9a43ff47efaeea2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f5:64:4f:0a:27:35:8f:03:41:6e:84:e1:12:
6d:23:d8:d9:aa:05:de:1c:e3:70:77:e2:4e:e7:a2:
10:3f:cb:b2:a7:f6:02:23:28:44:d6:e4:85:19:13:
33:3a:a2:15:e4:9b:a7:58:61:19:83:67:e8:c1:02:
83:c5:f3:b3:ba:b3:28:56:d8:ee:c0:9e:d8:66:94:
b6:cd:a2:a7:aa:85:c7:14:0b:a3:2b:5d:f4:3c:3f:
c1:a7:0a:1b:d9:0d:e4:ed:f0:5a:f3:41:5a:87:97:
de:ff:ff:1b:5d:93:86:ed:53:87:55:45:d8:01:0d:
78:15:3a:2f:ac:17:84:8a:36:1f:10:47:3b:9b:3a:
ca:68:76:69:c1:b4:cd:eb:0d:2d:1d:df:7d:bb:85:
9e:3d:17:98:ae:9f:13:f4:96:00:6f:96:42:28:0a:
85:c5:64:12:18:ee:8f:ee:14:32:c2:b2:96:79:47:
68:3a:53:a6:ca:90:8e:41:e2:1a:aa:73:ab:94:a3:
41:c3:77:80:5f:cf:60:78:ac:86:2b:43:60:9d:15:
c4:70:ff:52:41:27:59:4d:05:34:f6:d6:ed:24:c0:
e2:bb:25:76:8c:56:3d:84:0a:d2:4f:55:c6:aa:b5:
42:1b:fc:52:5b:41:44:6d:89:2e:85:44:12:ab:87:
59:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E8:47:64:20:AD:04:5E:28:7E:FB:6F:9A:43:FF:47:EF:AE:EA:2D
X509v3 Authority Key Identifier:
keyid:98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/eehHZCCtBF4ofvtvmkP_R--u6i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.108.210.0/24
193.46.58.0/23
IPv6:
2001:678:10c8::/48
2001:67c:478::/48
2001:67c:960::/48
Signature Algorithm: sha256WithRSAEncryption
cd:4a:92:85:30:79:21:ef:45:d6:09:1d:bc:cf:ee:2c:e0:36:
c6:a7:f5:7e:cf:7b:b2:29:3d:92:70:28:60:5f:11:69:28:b3:
13:41:0e:94:aa:e2:90:b8:dc:92:90:50:30:8a:8d:b6:f1:c0:
9d:cb:ee:fd:3b:6c:56:83:25:5e:d1:27:cc:23:f8:58:ca:36:
f2:ea:70:97:a7:4f:d8:d0:4f:2b:33:a1:41:ef:65:75:1f:ca:
33:a9:4e:d8:39:bf:ae:32:bb:5d:70:6b:4c:76:e7:b9:96:8c:
ce:e2:0b:9b:16:10:30:30:95:87:5c:03:d9:d4:73:4c:2e:82:
81:a6:96:a0:fe:fa:57:5f:0e:b9:17:e0:87:ac:36:60:7d:33:
ff:b0:e2:35:54:6a:10:cc:4d:61:4a:0b:92:96:29:25:1b:8b:
7a:e7:84:f2:4d:ba:20:df:14:5e:e9:96:54:2c:fd:df:80:9a:
d9:2e:f1:45:78:a3:d2:73:46:1b:36:3c:cb:da:0d:5e:0f:e6:
b7:31:21:18:7c:a8:21:ed:d7:3f:f1:04:9e:3f:50:0d:69:0b:
28:60:28:1b:fb:ca:c9:25:a4:ab:77:53:e4:81:e7:9a:c3:53:
39:35:92:ee:53:e2:29:ea:1b:fa:36:ac:95:fb:b5:6e:e3:df:
74:e6:65:12
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZmhZW0RjuM7kXvKcZe0W0oXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NTRiZDhhODYzYTMxODk1Y2M2Y2I5MjJmMzAwOGIzZjA4
YWFkYWUwHhcNMjUxMDAxMjAxMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWU4NDc2NDIwYWQwNDVlMjg3ZWZiNmY5YTQzZmY0N2VmYWVlYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvVkTwonNY8DQW6E4RJtI9jZqgXe
HONwd+JO56IQP8uyp/YCIyhE1uSFGRMzOqIV5JunWGEZg2fowQKDxfOzurMoVtju
wJ7YZpS2zaKnqoXHFAujK130PD/Bpwob2Q3k7fBa80Fah5fe//8bXZOG7VOHVUXY
AQ14FTovrBeEijYfEEc7mzrKaHZpwbTN6w0tHd99u4WePReYrp8T9JYAb5ZCKAqF
xWQSGO6P7hQywrKWeUdoOlOmypCOQeIaqnOrlKNBw3eAX89geKyGK0NgnRXEcP9S
QSdZTQU09tbtJMDiuyV2jFY9hArST1XGqrVCG/xSW0FEbYkuhUQSq4dZCQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHnoR2QgrQReKH77b5pD/0fvruotMB8GA1UdIwQY
MBaAFJhUvYqGOjGJXMbLki8wCLPwiq2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZTOWlvWTZNWWxjeHN1U0x6QUlzX0NLcmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yZWQxMGMtMDRiMC00ODY2LTliODIt
YzUyMmI3NGRkY2ZkLzEvZWVoSFpDQ3RCRjRvZnZ0dm1rUF9SLS11NmkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yZWQxMGMtMDRiMC00ODY2LTliODItYzUyMmI3NGRkY2Zk
LzEvbUZTOWlvWTZNWWxjeHN1U0x6QUlzX0NLcmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQAoWzSAwQB
wS46MCEEAgACMBsDBwAgAQZ4EMgDBwAgAQZ8BHgDBwAgAQZ8CWAwDQYJKoZIhvcN
AQELBQADggEBAM1KkoUweSHvRdYJHbzP7izgNsan9X7Pe7IpPZJwKGBfEWkosxNB
DpSq4pC43JKQUDCKjbbxwJ3L7v07bFaDJV7RJ8wj+FjKNvLqcJenT9jQTyszoUHv
ZXUfyjOpTtg5v64yu11wa0x257mWjM7iC5sWEDAwlYdcA9nUc0wugoGmlqD++ldf
DrkX4IesNmB9M/+w4jVUahDMTWFKC5KWKSUbi3rnhPJNuiDfFF7pllQs/d+Amtku
8UV4o9JzRhs2PMvaDV4P5rcxIRh8qCHt1z/xBJ4/UA1pCyhgKBv7ysklpKt3U+SB
55rDUzk1ku5T4inqG/o2rJX7tW7j33TmZRI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:25:37 2025 by rpki-client