
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/EoBJcQ13nwZQ8ax-IlPSxkFCeMM.roa
File: EoBJcQ13nwZQ8ax-IlPSxkFCeMM.roa (raw, json)
Hash identifier: rMigo0zSOtmbHHMuZxfoXOVUzYWo84YshECpqSkC6O4=
Subject key identifier: 12:80:49:71:0D:77:9F:06:50:F1:AC:7E:22:53:D2:C6:41:42:78:C3
Certificate issuer: /CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Certificate serial: 0199EE78CFD1FE17B21A789D4AC2AF6F12CB
Authority key identifier: 58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/EoBJcQ13nwZQ8ax-IlPSxkFCeMM.roa
Signing time: Thu 16 Oct 2025 19:21:58 +0000
ROA not before: Thu 16 Oct 2025 19:21:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208041
IP address blocks: 85.155.248.0/22 maxlen: 22
185.222.4.0/22 maxlen: 22
185.222.4.0/24 maxlen: 24
185.222.5.0/24 maxlen: 24
185.222.6.0/24 maxlen: 24
185.222.7.0/24 maxlen: 24
193.160.10.0/23 maxlen: 23
193.160.14.0/23 maxlen: 23
2a0c:8440::/48 maxlen: 48
2a0f:d180::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.mft
rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ee:78:cf:d1:fe:17:b2:1a:78:9d:4a:c2:af:6f:12:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Validity
Not Before: Oct 16 19:21:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=128049710d779f0650f1ac7e2253d2c6414278c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:94:b9:1c:e5:d2:dc:f8:74:4d:74:8b:fe:88:
22:f4:87:31:89:fc:b2:e6:9f:a6:27:d6:87:0a:b5:
5a:e0:cd:b5:ac:c3:ae:2d:10:50:f3:b6:da:19:f9:
9e:eb:5d:b1:64:eb:83:74:17:ce:aa:d9:25:59:35:
47:e0:96:34:87:06:fc:b8:14:0a:53:4e:ac:94:49:
ba:1a:cc:bf:f7:19:e6:9a:11:fe:b4:f8:8e:36:41:
ad:d0:4e:6a:81:d5:42:b7:51:cd:b8:d6:d9:33:fb:
f8:5e:ee:f4:77:8f:4b:2f:82:06:37:69:20:4a:71:
ca:d1:2c:6a:4d:8b:0d:1a:48:96:84:24:21:3b:7a:
38:da:3b:f6:54:d2:5f:1b:3a:e5:cf:79:8c:70:bc:
8f:67:56:dc:83:71:08:13:11:3b:42:45:b6:09:78:
da:50:23:3c:4e:1f:35:3e:26:37:5e:39:40:a9:f4:
7e:d3:43:10:a8:ef:87:f0:4f:7c:1d:2c:70:0d:d1:
18:6f:ae:1a:ed:a0:e0:86:cf:17:31:2a:42:c1:3e:
aa:13:d8:27:1f:81:19:44:b7:bb:8f:a4:43:9e:00:
ba:fd:39:15:95:08:0e:10:c0:ae:49:4d:88:3b:d1:
a9:f5:85:1f:79:d7:86:75:d6:c6:5d:5a:fa:d0:88:
bb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:80:49:71:0D:77:9F:06:50:F1:AC:7E:22:53:D2:C6:41:42:78:C3
X509v3 Authority Key Identifier:
keyid:58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/EoBJcQ13nwZQ8ax-IlPSxkFCeMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.155.248.0/22
185.222.4.0/22
193.160.10.0/23
193.160.14.0/23
IPv6:
2a0c:8440::/48
2a0f:d180::/29
Signature Algorithm: sha256WithRSAEncryption
53:2b:cf:23:cc:0b:3a:af:51:00:34:bf:3d:b6:c9:c4:bd:69:
50:19:75:83:1c:20:f7:c8:26:76:91:ce:bf:5b:98:89:be:99:
b3:63:ea:94:f3:cb:9d:c4:72:14:d8:f5:89:41:2e:6e:3b:8d:
9a:ad:02:37:ff:ac:cb:84:ab:5e:e4:fb:ae:de:1b:56:c8:d4:
e0:69:7a:5e:5f:5a:d7:26:b0:9a:91:3d:ae:0c:73:1a:53:67:
2f:83:fe:82:15:60:a6:37:26:e7:51:6f:75:74:16:4a:8e:84:
20:9c:89:80:d8:09:26:63:ec:55:db:b9:e1:a0:aa:03:12:76:
ce:db:77:29:bb:96:89:e1:0e:15:e0:4c:78:af:4e:bd:16:af:
e5:93:d6:9d:72:b7:17:3b:7a:d6:16:d1:64:44:d1:87:70:d1:
ec:28:ae:06:cd:14:eb:85:2b:9e:7d:08:1b:91:2b:16:8a:87:
22:f0:38:ef:bd:18:60:94:60:28:3a:ff:55:f8:cf:2d:83:1b:
ad:6a:2a:f7:c8:94:9f:53:5c:eb:3a:c1:14:2e:f6:e1:f5:04:
c2:da:3a:64:06:9f:a7:29:49:19:9f:fa:2b:4b:b1:6c:6a:72:
6d:d1:b1:98:70:96:82:74:e0:2d:1e:50:c6:b1:35:50:ac:b5:
c2:e9:24:cd
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZnueM/R/heyGnidSsKvbxLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MWVjYzFhNzRjZjkyYWI2MTljNWY3MTAxMjM5MzdjZTUw
ZDljNDMwHhcNMjUxMDE2MTkyMTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjgwNDk3MTBkNzc5ZjA2NTBmMWFjN2UyMjUzZDJjNjQxNDI3OGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pS5HOXS3Ph0TXSL/ogi9Icxifyy
5p+mJ9aHCrVa4M21rMOuLRBQ87baGfme612xZOuDdBfOqtklWTVH4JY0hwb8uBQK
U06slEm6Gsy/9xnmmhH+tPiONkGt0E5qgdVCt1HNuNbZM/v4Xu70d49LL4IGN2kg
SnHK0SxqTYsNGkiWhCQhO3o42jv2VNJfGzrlz3mMcLyPZ1bcg3EIExE7QkW2CXja
UCM8Th81PiY3XjlAqfR+00MQqO+H8E98HSxwDdEYb64a7aDghs8XMSpCwT6qE9gn
H4EZRLe7j6RDngC6/TkVlQgOEMCuSU2IO9Gp9YUfedeGddbGXVr60Ii7SQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBKASXENd58GUPGsfiJT0sZBQnjDMB8GA1UdIwQY
MBaAFFgezBp0z5KrYZxfcQEjk3zlDZxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYt
ZGE4OGI2YmRiMzE2LzEvRW9CSmNRMTNud1pROGF4LUlsUFN4a0ZDZU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYtZGE4OGI2YmRiMzE2
LzEvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQCVZv4AwQC
ud4EAwQBwaAKAwQBwaAOMBYEAgACMBADBwAqDIRAAAADBQMqD9GAMA0GCSqGSIb3
DQEBCwUAA4IBAQBTK88jzAs6r1EANL89tsnEvWlQGXWDHCD3yCZ2kc6/W5iJvpmz
Y+qU88udxHIU2PWJQS5uO42arQI3/6zLhKte5Puu3htWyNTgaXpeX1rXJrCakT2u
DHMaU2cvg/6CFWCmNybnUW91dBZKjoQgnImA2AkmY+xV27nhoKoDEnbO23cpu5aJ
4Q4V4Ex4r069Fq/lk9adcrcXO3rWFtFkRNGHcNHsKK4GzRTrhSuefQgbkSsWioci
8DjvvRhglGAoOv9V+M8tgxutair3yJSfU1zrOsEULvbh9QTC2jpkBp+nKUkZn/or
S7FsanJt0bGYcJaCdOAtHlDGsTVQrLXC6STN
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:58 2025 by rpki-client