Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/K3iEvVMv5L7A8rAEeU5HVBi7LhE.roa
File: K3iEvVMv5L7A8rAEeU5HVBi7LhE.roa (raw, json)
Hash identifier: EkwL2Kur19TmNA6m2yAps4NwnDYDcypMzzrfUdVMCj8=
Subject key identifier: 2B:78:84:BD:53:2F:E4:BE:C0:F2:B0:04:79:4E:47:54:18:BB:2E:11
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 0198D1E1727F370FD4847AFD7AF896C10AFA
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/K3iEvVMv5L7A8rAEeU5HVBi7LhE.roa
Signing time: Fri 22 Aug 2025 13:04:29 +0000
ROA not before: Fri 22 Aug 2025 13:04:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208972
IP address blocks: 178.210.160.0/24 maxlen: 24
178.210.161.0/24 maxlen: 24
178.210.162.0/24 maxlen: 24
178.210.163.0/24 maxlen: 24
178.210.164.0/24 maxlen: 24
178.210.165.0/24 maxlen: 24
178.210.166.0/24 maxlen: 24
178.210.168.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.mft
rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:e1:72:7f:37:0f:d4:84:7a:fd:7a:f8:96:c1:0a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Aug 22 13:04:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b7884bd532fe4bec0f2b004794e475418bb2e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:28:79:b2:8e:c2:2b:6c:a3:97:8c:6f:70:07:
05:1c:3f:34:bf:ba:5b:c2:9c:02:01:1f:b0:cb:c3:
fa:d5:3f:1d:7c:f1:fe:88:32:72:1c:1f:4e:70:d4:
b0:ca:64:9a:27:59:2b:ed:72:d3:72:2a:df:46:fc:
00:26:96:d0:ad:4a:13:ba:5e:2f:fc:8e:99:7e:4a:
e5:fb:8c:43:e6:fd:c0:0a:69:c8:78:4b:d2:e5:96:
f8:4f:2e:af:9d:e1:d6:9e:4a:27:95:7b:19:5b:3c:
18:0a:53:f1:ba:29:6a:d8:4e:34:3c:61:94:b3:0c:
3f:b7:4f:3a:5c:35:c1:19:b8:08:29:3e:ff:b6:61:
e9:bb:f1:9a:c0:bb:4b:0f:54:de:82:2c:80:7d:3c:
0c:9f:4e:d7:07:35:2f:b6:b4:4f:e7:e0:68:db:19:
a7:1a:34:e8:d5:aa:76:80:d2:59:7d:fe:fa:5b:7c:
c5:39:da:c1:f2:87:b5:e7:73:1c:0e:d7:c0:f8:97:
f9:6d:4c:0f:b5:1d:3e:09:8c:98:b5:ca:68:90:2e:
1c:37:09:98:f4:61:73:a6:a1:a6:c1:45:23:76:1e:
b7:e8:d7:01:4e:e9:4f:a5:8f:83:f8:44:a9:ec:7c:
c7:61:fb:81:d8:ca:ca:e3:f5:8a:fd:8b:3b:1a:80:
2a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:78:84:BD:53:2F:E4:BE:C0:F2:B0:04:79:4E:47:54:18:BB:2E:11
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/K3iEvVMv5L7A8rAEeU5HVBi7LhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.160.0-178.210.166.255
178.210.168.0/24
178.210.170.0-178.210.178.255
Signature Algorithm: sha256WithRSAEncryption
0f:6d:02:89:97:7d:6f:5e:c1:11:63:d6:67:fa:df:34:53:0a:
62:5b:ea:d0:12:5c:71:3f:fb:60:11:1f:90:cf:7d:b9:16:58:
28:fa:cd:95:53:85:28:28:a1:b9:30:7f:52:ff:70:b7:20:6a:
e9:62:81:5d:ce:bb:42:52:10:2c:2d:23:6a:95:9d:f1:a5:68:
c1:47:6b:f3:03:e4:c3:64:2f:ee:69:e8:5f:39:a8:ef:1c:8a:
43:b1:48:fc:70:55:83:f3:a6:f3:01:e2:d8:37:4b:1e:09:63:
34:81:fe:7e:b2:25:ec:3b:46:5f:74:cd:2c:d7:e2:ea:07:c4:
ba:4a:dc:2e:c8:ea:7f:c6:46:1b:b4:37:86:59:97:06:03:49:
80:f2:b7:e0:11:c3:74:72:ff:42:6e:c4:ec:18:0c:6f:72:6b:
3c:92:8c:63:89:f2:ac:ba:66:58:bd:1f:82:9e:a0:46:11:c5:
e9:51:e0:8b:a2:32:6b:ae:ec:55:e9:77:31:8a:0e:53:7a:2c:
0f:4a:4d:b7:cb:4a:c8:d4:cb:c6:07:7e:2d:5f:c4:31:dc:1c:
79:52:a4:5c:95:47:bf:fc:a1:d1:d6:84:46:e1:f3:05:ea:c3:
d7:1d:22:e9:31:fc:00:3b:10:54:09:af:ee:8a:74:32:f2:3b:
51:bf:b2:35
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZjR4XJ/Nw/UhHr9eviWwQr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjUwODIyMTMwNDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjc4ODRiZDUzMmZlNGJlYzBmMmIwMDQ3OTRlNDc1NDE4YmIyZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCh5so7CK2yjl4xvcAcFHD80v7pb
wpwCAR+wy8P61T8dfPH+iDJyHB9OcNSwymSaJ1kr7XLTcirfRvwAJpbQrUoTul4v
/I6Zfkrl+4xD5v3ACmnIeEvS5Zb4Ty6vneHWnkonlXsZWzwYClPxuilq2E40PGGU
sww/t086XDXBGbgIKT7/tmHpu/GawLtLD1TegiyAfTwMn07XBzUvtrRP5+Bo2xmn
GjTo1ap2gNJZff76W3zFOdrB8oe153McDtfA+Jf5bUwPtR0+CYyYtcpokC4cNwmY
9GFzpqGmwUUjdh636NcBTulPpY+D+ESp7HzHYfuB2MrK4/WK/Ys7GoAq8wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCt4hL1TL+S+wPKwBHlOR1QYuy4RMB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvSzNpRXZWTXY1TDdBOHJBRWVVNUhWQmk3TGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAWy0qAD
BACy0qYDBACy0qgwDAMEAbLSqgMEALLSsjANBgkqhkiG9w0BAQsFAAOCAQEAD20C
iZd9b17BEWPWZ/rfNFMKYlvq0BJccT/7YBEfkM99uRZYKPrNlVOFKCihuTB/Uv9w
tyBq6WKBXc67QlIQLC0japWd8aVowUdr8wPkw2Qv7mnoXzmo7xyKQ7FI/HBVg/Om
8wHi2DdLHgljNIH+frIl7DtGX3TNLNfi6gfEukrcLsjqf8ZGG7Q3hlmXBgNJgPK3
4BHDdHL/Qm7E7BgMb3JrPJKMY4nyrLpmWL0fgp6gRhHF6VHgi6Iya67sVel3MYoO
U3osD0pNt8tKyNTLxgd+LV/EMdwceVKkXJVHv/yh0daERuHzBerD1x0i6TH8ADsQ
VAmv7op0MvI7Ub+yNQ==
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:27:19 2025 by rpki-client