Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/eeBJ8THWmjzQcGoaeafXUKnM3oI.roa
File: eeBJ8THWmjzQcGoaeafXUKnM3oI.roa (raw, json)
Hash identifier: sKx/pHZQstUAOq64IcMsxEnWLROmY7DGo9QHgBCkTRM=
Subject key identifier: 79:E0:49:F1:31:D6:9A:3C:D0:70:6A:1A:79:A7:D7:50:A9:CC:DE:82
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 0198BCE868247C37FC9CB648777E65873057
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/eeBJ8THWmjzQcGoaeafXUKnM3oI.roa
Signing time: Mon 18 Aug 2025 11:20:04 +0000
ROA not before: Mon 18 Aug 2025 11:20:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200532
IP address blocks: 31.14.27.0/24 maxlen: 24
89.33.41.0/24 maxlen: 24
89.35.124.0/24 maxlen: 24
89.35.125.0/24 maxlen: 24
89.46.33.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
185.111.104.0/22 maxlen: 22
185.111.104.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.113.132.0/22 maxlen: 22
185.113.132.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.116.192.0/22 maxlen: 22
185.116.192.0/24 maxlen: 24
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
185.121.80.0/22 maxlen: 22
185.121.80.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.129.48.0/24 maxlen: 24
185.129.49.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
185.249.192.0/23 maxlen: 23
185.249.192.0/24 maxlen: 24
185.249.193.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
2a06:940::/56 maxlen: 56
2a06:942::/48 maxlen: 48
2a06:942:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bc:e8:68:24:7c:37:fc:9c:b6:48:77:7e:65:87:30:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Aug 18 11:20:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79e049f131d69a3cd0706a1a79a7d750a9ccde82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:18:8c:5a:58:70:f4:90:3d:8f:78:44:89:2e:
21:41:93:53:fa:1b:c1:18:2e:7d:84:f7:e0:09:de:
0c:eb:19:95:c8:ff:0d:20:d3:16:94:c6:dc:41:2e:
95:e2:0b:93:5f:95:3d:b2:f5:0f:20:6e:c2:93:ec:
85:bf:48:79:a3:ac:6c:b7:6a:bf:82:9e:8e:9d:b6:
ce:50:17:68:25:64:f9:9d:6f:dd:7a:6a:f7:de:0b:
11:6b:73:93:4f:43:8f:d0:21:13:e8:3e:7e:a8:03:
d0:19:4a:4a:b9:27:39:bf:f8:14:a1:cb:21:02:ef:
48:b0:63:d1:ea:6c:98:bd:36:59:34:7c:2b:07:87:
51:7b:7e:07:f8:d0:4a:29:89:e6:d0:b0:0d:0d:f0:
04:e9:e4:1f:27:4f:45:96:69:61:cd:18:bd:2c:f9:
bb:6b:53:68:17:b6:0b:bb:ca:4c:5e:cd:2f:5b:06:
8b:e2:ba:41:cd:55:ee:41:26:8c:13:73:26:36:ce:
8d:fa:89:a4:06:15:03:dc:3c:e6:d7:5b:ce:38:a6:
92:ef:90:fa:7d:ec:5e:36:13:5b:35:14:b9:51:d3:
16:76:51:c0:83:50:34:7e:56:d5:da:7c:f4:94:ea:
5d:55:26:f9:1a:f4:84:9b:6f:71:69:c9:c1:ea:c7:
9d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:E0:49:F1:31:D6:9A:3C:D0:70:6A:1A:79:A7:D7:50:A9:CC:DE:82
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/eeBJ8THWmjzQcGoaeafXUKnM3oI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.27.0/24
89.33.41.0/24
89.35.124.0/23
89.46.33.0/24
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
185.249.192.0/23
188.241.216.0/23
IPv6:
2a06:940::/56
2a06:942::/48
2a06:942:2::/48
Signature Algorithm: sha256WithRSAEncryption
38:1b:ea:e5:3e:40:8a:a2:54:43:55:12:ad:fd:00:b5:3d:f4:
87:be:44:75:4c:13:9b:90:40:e2:99:03:98:64:7b:c5:9d:a8:
9b:24:12:8e:99:1e:64:81:6a:aa:c1:a4:14:eb:7c:73:58:e9:
e6:8a:fb:a6:66:e3:4d:34:70:c5:eb:ec:05:b0:a0:c7:b4:0c:
80:79:83:1d:31:1d:de:b3:e6:65:ed:88:74:66:0c:94:51:8a:
ca:9f:9d:89:0a:5f:f5:4c:59:67:f0:45:b3:e0:13:de:c2:76:
79:bf:cf:0e:f2:a8:7a:f4:49:aa:f1:10:1d:df:ec:d7:17:55:
03:27:c2:f3:53:16:db:64:01:ba:44:9d:60:c6:7f:93:8d:a6:
71:d0:20:0b:f4:e8:a1:8b:bf:5b:f7:7f:83:1a:34:9b:61:7c:
05:d6:37:06:34:2e:f5:53:9b:16:59:19:e8:79:49:14:f9:38:
92:ef:54:2b:a0:c9:39:f3:ee:76:21:9d:ba:3d:45:6b:2c:53:
b9:9e:26:24:8a:b7:eb:e3:00:a9:72:27:ff:c2:cd:0b:b3:59:
cf:76:54:65:5c:fc:82:5a:1a:6d:7f:cb:73:ff:03:d6:eb:ae:
8b:a3:7c:e0:13:8f:07:88:89:15:b8:e7:c7:08:92:05:bd:ab:
41:9f:46:0e
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZi86GgkfDf8nLZId35lhzBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjUwODE4MTEyMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWUwNDlmMTMxZDY5YTNjZDA3MDZhMWE3OWE3ZDc1MGE5Y2NkZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RiMWlhw9JA9j3hEiS4hQZNT+hvB
GC59hPfgCd4M6xmVyP8NINMWlMbcQS6V4guTX5U9svUPIG7Ck+yFv0h5o6xst2q/
gp6OnbbOUBdoJWT5nW/demr33gsRa3OTT0OP0CET6D5+qAPQGUpKuSc5v/gUocsh
Au9IsGPR6myYvTZZNHwrB4dRe34H+NBKKYnm0LANDfAE6eQfJ09FlmlhzRi9LPm7
a1NoF7YLu8pMXs0vWwaL4rpBzVXuQSaME3MmNs6N+omkBhUD3Dzm11vOOKaS75D6
fexeNhNbNRS5UdMWdlHAg1A0flbV2nz0lOpdVSb5GvSEm29xacnB6sedkwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFHngSfEx1po80HBqGnmn11CpzN6CMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvZWVCSjhUSFdtanpRY0dvYWVhZlhVS25NM29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBaBAIAATBUAwQAHw4b
AwQAWSEpAwQBWSN8AwQAWS4hAwQCuWIEAwQCuWRAAwQCuW9oAwQCuXGEAwQCuXTA
AwQCuXlQAwQCuX1YAwQCuYEwAwQBufnAAwQBvPHYMCIEAgACMBwDCAAqBglAAAAA
AwcAKgYJQgAAAwcAKgYJQgACMA0GCSqGSIb3DQEBCwUAA4IBAQA4G+rlPkCKolRD
VRKt/QC1PfSHvkR1TBObkEDimQOYZHvFnaibJBKOmR5kgWqqwaQU63xzWOnmivum
ZuNNNHDF6+wFsKDHtAyAeYMdMR3es+Zl7Yh0ZgyUUYrKn52JCl/1TFln8EWz4BPe
wnZ5v88O8qh69Emq8RAd3+zXF1UDJ8LzUxbbZAG6RJ1gxn+TjaZx0CAL9Oihi79b
93+DGjSbYXwF1jcGNC71U5sWWRnoeUkU+TiS71QroMk58+52IZ26PUVrLFO5niYk
irfr4wCpcif/ws0Ls1nPdlRlXPyCWhptf8tz/wPW666Lo3zgE48HiIkVuOfHCJIF
vatBn0YO
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:41:58 2025 by rpki-client