Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1-EAHQTfr203DMymdAQnvoS5eeqc.roa
File: 1-EAHQTfr203DMymdAQnvoS5eeqc.roa (raw, json)
Hash identifier: IQ5D4F02TZ+jC83CiPK4TYTOUTMWlqXF6tGKdzbxYYE=
Subject key identifier: F8:40:07:41:37:EB:DB:4D:C3:33:29:9D:01:09:EF:A1:2E:5E:7A:A7
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0198A38D33246536C350D2D3AAAB7EEE8FB0
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1-EAHQTfr203DMymdAQnvoS5eeqc.roa
Signing time: Wed 13 Aug 2025 13:09:56 +0000
ROA not before: Wed 13 Aug 2025 13:09:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 37.49.145.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
109.203.160.0/24 maxlen: 24
109.203.176.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:8d:33:24:65:36:c3:50:d2:d3:aa:ab:7e:ee:8f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Aug 13 13:09:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f840074137ebdb4dc333299d0109efa12e5e7aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:50:d1:e3:28:cd:66:31:a1:f8:3d:40:c4:1f:
8e:fd:76:06:f8:76:05:35:bb:3d:2b:9c:43:69:1f:
6a:25:4b:a0:5a:ae:27:bb:ec:9c:6c:0a:6b:07:ce:
87:81:f5:52:d8:91:1c:5f:5c:c0:d1:be:89:cd:75:
48:9b:20:05:03:9e:8d:e7:62:00:0b:96:15:09:6e:
5e:30:77:d9:dd:f8:12:1a:ae:3a:81:7d:ef:16:34:
86:79:f0:ba:29:b0:bc:8a:1c:55:d7:05:8e:69:4d:
f3:9a:54:ca:77:6a:79:b1:31:a4:b2:61:76:b9:21:
0c:67:26:ff:a9:67:08:b1:6e:81:cd:fc:e8:8d:6f:
62:01:4b:06:b9:cb:e8:11:eb:9f:d7:92:1b:82:45:
d7:9e:35:cc:c4:f7:51:7e:45:25:e8:9f:42:23:c3:
3e:65:55:a8:77:e1:2c:79:bf:1e:5f:a0:5d:d3:a5:
7c:9c:a5:b0:d5:ef:7f:12:92:8f:14:12:5b:27:9c:
69:87:f1:48:d8:b3:68:f0:6d:fe:fd:ea:48:13:d6:
9c:04:93:55:82:5b:49:d6:66:01:3e:37:16:4c:e0:
55:b4:b2:5e:6d:e1:e8:bf:e0:91:a9:ec:fe:5c:00:
fc:cc:35:0d:35:bb:e8:dd:22:f9:ba:8a:30:aa:bb:
a5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:40:07:41:37:EB:DB:4D:C3:33:29:9D:01:09:EF:A1:2E:5E:7A:A7
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1-EAHQTfr203DMymdAQnvoS5eeqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.145.0/24
37.49.151.0/24
94.74.147.0/24
109.203.160.0/24
109.203.176.0/21
Signature Algorithm: sha256WithRSAEncryption
90:d0:de:09:ea:ed:c1:8c:18:6f:71:17:63:4a:d0:da:ad:8e:
c0:70:c4:fa:87:23:79:d1:b3:68:17:b6:a0:a5:5a:d7:57:66:
1b:2c:8c:01:a0:a1:9e:ad:5a:78:98:b5:2d:79:b6:7c:a1:c7:
b3:9a:01:76:40:a6:d8:51:4d:f0:26:fc:bc:50:c9:50:a9:0b:
e1:4f:68:da:85:c8:64:9f:ff:49:d7:4e:f4:03:08:aa:11:e2:
ea:d8:e7:12:91:f8:62:7c:b8:9a:10:90:c4:35:9a:9d:48:f2:
80:e7:b8:d9:ac:84:58:63:ed:85:3a:da:87:0f:02:90:d5:71:
90:c3:fb:fb:9c:da:eb:fa:86:ae:a8:3e:05:54:db:f6:03:19:
f5:7b:43:6f:31:1f:4d:3f:6c:f6:eb:f1:42:8f:ef:42:00:dc:
55:49:97:28:27:c2:4a:a5:15:56:cb:1e:3d:e4:b3:4e:ba:ba:
9a:d3:31:f4:6f:e8:dd:74:eb:f3:bb:1b:95:84:ef:82:b7:40:
ff:ec:f8:80:bc:8a:be:9d:f1:b6:e3:2f:dc:60:2f:6f:a4:3e:
6a:73:0c:df:8c:88:cc:a2:a3:0b:33:79:40:d5:d9:49:ab:a7:
eb:ed:2e:8c:35:c6:69:cb:88:00:8a:86:92:a4:64:ee:49:33:
22:a3:2e:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZijjTMkZTbDUNLTqqt+7o+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwODEzMTMwOTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODQwMDc0MTM3ZWJkYjRkYzMzMzI5OWQwMTA5ZWZhMTJlNWU3YWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41DR4yjNZjGh+D1AxB+O/XYG+HYF
Nbs9K5xDaR9qJUugWq4nu+ycbAprB86HgfVS2JEcX1zA0b6JzXVImyAFA56N52IA
C5YVCW5eMHfZ3fgSGq46gX3vFjSGefC6KbC8ihxV1wWOaU3zmlTKd2p5sTGksmF2
uSEMZyb/qWcIsW6BzfzojW9iAUsGucvoEeuf15IbgkXXnjXMxPdRfkUl6J9CI8M+
ZVWod+Eseb8eX6Bd06V8nKWw1e9/EpKPFBJbJ5xph/FI2LNo8G3+/epIE9acBJNV
gltJ1mYBPjcWTOBVtLJebeHov+CRqez+XAD8zDUNNbvo3SL5uoowqrullwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhAB0E369tNwzMpnQEJ76EuXnqnMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvMS1FQUhRVGZyMjAzRE15bWRBUW52b1M1ZWVxYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjgvNTJlYmFlLWUwMDYtNDc3OC1hYzNjLTQ5NmY4ZWJiMmQ2
MS8xLzFnUjE2LWZ3ZlhRVlBMSE1vempCYllBZlJmYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEACUxkQME
ACUxlwMEAF5KkwMEAG3LoAMEA23LsDANBgkqhkiG9w0BAQsFAAOCAQEAkNDeCert
wYwYb3EXY0rQ2q2OwHDE+ocjedGzaBe2oKVa11dmGyyMAaChnq1aeJi1LXm2fKHH
s5oBdkCm2FFN8Cb8vFDJUKkL4U9o2oXIZJ//SddO9AMIqhHi6tjnEpH4Yny4mhCQ
xDWanUjygOe42ayEWGPthTrahw8CkNVxkMP7+5za6/qGrqg+BVTb9gMZ9XtDbzEf
TT9s9uvxQo/vQgDcVUmXKCfCSqUVVssePeSzTrq6mtMx9G/o3XTr87sblYTvgrdA
/+z4gLyKvp3xtuMv3GAvb6Q+anMM34yIzKKjCzN5QNXZSaun6+0ujDXGacuIAIqG
kqRk7kkzIqMucg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:31:28 2025 by rpki-client