Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/eQwhkUJDD3fHnBNUmTCO1wm_-Mo.roa
File: eQwhkUJDD3fHnBNUmTCO1wm_-Mo.roa (raw, json)
Hash identifier: BapbGy+3qttaGIgQRgRll0fuWWSygKB9RzxksoJwcro=
Subject key identifier: 79:0C:21:91:42:43:0F:77:C7:9C:13:54:99:30:8E:D7:09:BF:F8:CA
Certificate issuer: /CN=b1267a51acb66f2991bea5243fe388068971a1f1
Certificate serial: 0199803CCEF2755164C3F82EDBF02656057B
Authority key identifier: B1:26:7A:51:AC:B6:6F:29:91:BE:A5:24:3F:E3:88:06:89:71:A1:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/eQwhkUJDD3fHnBNUmTCO1wm_-Mo.roa
Signing time: Thu 25 Sep 2025 09:38:12 +0000
ROA not before: Thu 25 Sep 2025 09:38:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28709
IP address blocks: 128.140.170.0/24 maxlen: 24
178.237.21.0/24 maxlen: 24
178.237.22.0/24 maxlen: 24
178.237.24.0/24 maxlen: 24
178.237.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:80:3c:ce:f2:75:51:64:c3:f8:2e:db:f0:26:56:05:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1267a51acb66f2991bea5243fe388068971a1f1
Validity
Not Before: Sep 25 09:38:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=790c219142430f77c79c135499308ed709bff8ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f5:46:a2:a0:4f:22:83:11:d9:27:2b:e2:22:
eb:d3:51:3e:9e:62:60:2d:e7:77:d9:af:0b:19:62:
f4:74:7a:5a:d2:da:a6:7b:b3:cb:28:c9:98:08:53:
2c:48:76:90:94:e7:e6:fa:e6:b1:be:a0:84:cb:d2:
bd:3b:f1:d5:f5:61:7d:ca:54:fc:df:5b:dd:77:73:
8a:38:8c:f9:9d:c0:85:f4:b2:73:1f:ca:98:b9:3b:
07:e4:92:a1:88:46:50:1d:7f:b9:92:f2:c3:3c:ad:
cd:85:a8:4c:a8:ed:b6:20:4c:2a:65:3d:c0:61:fc:
2f:cf:be:dd:00:4d:46:56:c4:e8:d7:ec:80:97:73:
05:cb:0e:08:52:df:1d:c6:4b:7c:b7:f5:15:a0:50:
3d:e7:e9:67:27:e0:db:c3:cd:6d:35:26:eb:7b:37:
47:d1:20:78:d7:66:44:43:e3:c7:06:f1:e9:9e:60:
14:ee:d2:26:14:38:e0:2d:04:5f:d2:d0:00:12:24:
44:12:07:fc:13:c3:47:9a:11:28:35:57:e7:ed:a7:
2c:14:f3:1c:be:70:ac:97:e9:e2:b9:60:82:6b:ba:
bd:e1:60:5e:4b:9f:20:3c:09:f2:e2:b9:e3:59:03:
bc:f7:37:b7:cd:6b:3a:76:f6:36:99:2f:65:de:b0:
6a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:0C:21:91:42:43:0F:77:C7:9C:13:54:99:30:8E:D7:09:BF:F8:CA
X509v3 Authority Key Identifier:
keyid:B1:26:7A:51:AC:B6:6F:29:91:BE:A5:24:3F:E3:88:06:89:71:A1:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/eQwhkUJDD3fHnBNUmTCO1wm_-Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.140.170.0/24
178.237.21.0-178.237.22.255
178.237.24.0/24
178.237.28.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:b2:1e:bf:6f:51:ce:a2:7f:b3:e6:d9:53:c7:de:8c:c2:78:
7d:7f:12:8d:52:bb:f1:18:9a:4f:cd:d5:9a:3d:9d:1c:a8:cd:
a4:59:eb:ab:02:f0:c5:6a:d7:84:85:af:eb:1d:a1:af:dc:96:
42:be:57:b1:90:63:f1:e8:fc:74:6b:f0:f6:c0:b7:a0:13:83:
78:a5:f2:f7:0a:44:4d:a2:b3:40:ef:42:d3:12:31:c5:91:e9:
21:07:1d:f5:88:7a:15:d6:35:f4:10:98:44:4d:91:3f:dd:ec:
31:fe:05:ad:bf:b9:7b:92:fa:c5:e9:43:fa:0c:5a:0c:29:89:
c1:06:1d:79:58:5a:23:21:85:f5:f0:ed:c6:a5:65:e1:17:79:
23:a5:d8:dc:a9:3c:5b:b6:8f:18:55:05:37:62:86:26:a5:18:
f6:e9:9d:74:5e:10:fc:20:bc:2c:f7:cc:3b:15:e3:28:e1:43:
de:55:4a:49:ef:78:0a:e1:9a:11:ec:74:93:0a:73:4e:a9:d3:
de:af:44:2b:6a:04:3f:f6:fd:b3:fd:38:6b:64:57:74:0e:2c:
8e:26:17:41:77:4c:39:83:d3:64:3d:c1:c5:cb:cd:b0:5a:91:
c5:7b:55:86:52:cb:ea:b0:35:97:60:93:ef:f6:d8:a3:36:d9:
28:80:31:15
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZmAPM7ydVFkw/gu2/AmVgV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMjY3YTUxYWNiNjZmMjk5MWJlYTUyNDNmZTM4ODA2ODk3
MWExZjEwHhcNMjUwOTI1MDkzODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTBjMjE5MTQyNDMwZjc3Yzc5YzEzNTQ5OTMwOGVkNzA5YmZmOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/VGoqBPIoMR2Scr4iLr01E+nmJg
Led32a8LGWL0dHpa0tqme7PLKMmYCFMsSHaQlOfm+uaxvqCEy9K9O/HV9WF9ylT8
31vdd3OKOIz5ncCF9LJzH8qYuTsH5JKhiEZQHX+5kvLDPK3NhahMqO22IEwqZT3A
Yfwvz77dAE1GVsTo1+yAl3MFyw4IUt8dxkt8t/UVoFA95+lnJ+Dbw81tNSbrezdH
0SB412ZEQ+PHBvHpnmAU7tImFDjgLQRf0tAAEiREEgf8E8NHmhEoNVfn7acsFPMc
vnCsl+niuWCCa7q94WBeS58gPAny4rnjWQO89ze3zWs6dvY2mS9l3rBqmwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHkMIZFCQw93x5wTVJkwjtcJv/jKMB8GA1UdIwQY
MBaAFLEmelGstm8pkb6lJD/jiAaJcaHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1NaNlVheTJieW1SdnFVa1AtT0lCb2x4b2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9kNzRjYTItM2RlNi00YjY5LWEwMDAt
OTRkMWI4OWY4Y2IyLzEvZVF3aGtVSkREM2ZIbkJOVW1UQ08xd21fLU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9kNzRjYTItM2RlNi00YjY5LWEwMDAtOTRkMWI4OWY4Y2Iy
LzEvc1NaNlVheTJieW1SdnFVa1AtT0lCb2x4b2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAgIyqMAwD
BACy7RUDBACy7RYDBACy7RgDBACy7RwwDQYJKoZIhvcNAQELBQADggEBAKiyHr9v
Uc6if7Pm2VPH3ozCeH1/Eo1Su/EYmk/N1Zo9nRyozaRZ66sC8MVq14SFr+sdoa/c
lkK+V7GQY/Ho/HRr8PbAt6ATg3il8vcKRE2is0DvQtMSMcWR6SEHHfWIehXWNfQQ
mERNkT/d7DH+Ba2/uXuS+sXpQ/oMWgwpicEGHXlYWiMhhfXw7calZeEXeSOl2Nyp
PFu2jxhVBTdihialGPbpnXReEPwgvCz3zDsV4yjhQ95VSknveArhmhHsdJMKc06p
096vRCtqBD/2/bP9OGtkV3QOLI4mF0F3TDmD02Q9wcXLzbBakcV7VYZSy+qwNZdg
k+/22KM22SiAMRU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:01:13 2025 by rpki-client