
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/17ca5f-4327-4a88-b976-b64ffce06580/1/ERZth0xX85HWn67GzDSpThEJK6U.roa
File: ERZth0xX85HWn67GzDSpThEJK6U.roa (raw, json)
Hash identifier: 7waXqANAdY315AAe2QRMY1aCHLszX3hvr0AdWM3OyXs=
Subject key identifier: 11:16:6D:87:4C:57:F3:91:D6:9F:AE:C6:CC:34:A9:4E:11:09:2B:A5
Certificate issuer: /CN=ead20a22e948fb9644129ad3019f08d4f4981fcf
Certificate serial: 01998135AE2C2D7635C5E1B1FB6404B49395
Authority key identifier: EA:D2:0A:22:E9:48:FB:96:44:12:9A:D3:01:9F:08:D4:F4:98:1F:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6tIKIulI-5ZEEprTAZ8I1PSYH88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/17ca5f-4327-4a88-b976-b64ffce06580/1/ERZth0xX85HWn67GzDSpThEJK6U.roa
Signing time: Thu 25 Sep 2025 14:10:02 +0000
ROA not before: Thu 25 Sep 2025 14:10:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39923
IP address blocks: 45.153.152.0/22 maxlen: 22
45.153.152.0/23 maxlen: 23
45.153.152.0/24 maxlen: 24
45.153.153.0/24 maxlen: 24
45.153.154.0/23 maxlen: 23
45.153.154.0/24 maxlen: 24
45.153.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/17ca5f-4327-4a88-b976-b64ffce06580/1/6tIKIulI-5ZEEprTAZ8I1PSYH88.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/17ca5f-4327-4a88-b976-b64ffce06580/1/6tIKIulI-5ZEEprTAZ8I1PSYH88.mft
rsync://rpki.ripe.net/repository/DEFAULT/6tIKIulI-5ZEEprTAZ8I1PSYH88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:81:35:ae:2c:2d:76:35:c5:e1:b1:fb:64:04:b4:93:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ead20a22e948fb9644129ad3019f08d4f4981fcf
Validity
Not Before: Sep 25 14:10:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11166d874c57f391d69faec6cc34a94e11092ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:79:0f:b4:77:51:7e:d1:dc:b4:50:9a:85:77:
5b:1d:04:eb:2f:0e:5d:6e:9f:25:d7:44:27:ab:82:
8e:eb:64:eb:b7:fd:66:1d:14:3a:82:75:f7:3e:01:
42:5c:df:55:07:2b:f1:bd:8f:25:6c:7f:d5:1b:aa:
9d:1d:31:ef:ca:46:67:09:51:78:a5:33:9f:a5:39:
80:30:de:8a:a4:1e:44:33:44:57:54:76:47:e5:60:
98:de:23:2e:d7:70:87:46:54:1d:24:ef:5a:f7:99:
f9:c6:40:fa:32:77:b3:22:53:41:a8:f0:61:e5:cf:
b6:97:cc:a4:fa:e2:c0:6d:dd:96:da:4e:e6:d9:b8:
f3:17:26:a6:65:03:e5:e0:46:2d:db:e4:e7:6c:9e:
79:e2:9a:eb:94:7e:66:75:e6:7f:2d:51:dc:24:45:
a4:5d:7e:e8:64:61:5d:36:9a:3e:0d:83:5c:f1:77:
93:36:b2:76:d8:bf:29:59:ba:10:ef:08:b5:00:92:
91:59:1b:a4:96:cb:1f:3e:40:22:7e:a3:0b:c9:53:
16:6b:5d:17:ab:7d:d6:28:48:9d:6e:04:2f:f2:76:
98:27:b0:02:0d:52:6e:96:d3:9e:57:a1:74:56:cc:
ed:71:e7:41:f1:95:8c:7b:ad:98:78:b0:3d:f4:2b:
ac:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:16:6D:87:4C:57:F3:91:D6:9F:AE:C6:CC:34:A9:4E:11:09:2B:A5
X509v3 Authority Key Identifier:
keyid:EA:D2:0A:22:E9:48:FB:96:44:12:9A:D3:01:9F:08:D4:F4:98:1F:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6tIKIulI-5ZEEprTAZ8I1PSYH88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/17ca5f-4327-4a88-b976-b64ffce06580/1/ERZth0xX85HWn67GzDSpThEJK6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/17ca5f-4327-4a88-b976-b64ffce06580/1/6tIKIulI-5ZEEprTAZ8I1PSYH88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.152.0/22
Signature Algorithm: sha256WithRSAEncryption
13:c8:39:38:11:c0:ea:e3:0e:3e:99:e0:b5:fe:f0:17:63:d8:
ba:36:68:be:88:e5:6a:cb:7a:48:80:59:58:75:71:a4:d9:30:
04:f0:e1:27:21:4c:50:09:51:c8:60:83:5c:79:d1:13:45:74:
05:9c:f3:dd:10:8e:af:a8:29:fb:0c:e1:c9:fc:43:5f:15:3c:
ea:e1:e2:0d:f7:6c:37:50:c3:26:f5:7c:02:df:a8:50:f2:a9:
61:38:75:38:c1:6c:66:1a:65:44:6b:81:d6:e2:6e:79:f9:7c:
7c:e6:3f:1b:b3:26:46:f3:a3:5f:19:32:73:a8:04:a0:db:4e:
6b:25:cb:61:fd:40:88:91:f2:cd:3f:e5:66:4e:18:f9:6f:1b:
79:e4:3d:c7:0c:3c:5c:58:20:8b:31:22:8c:de:20:f9:23:24:
d7:5c:01:a5:c5:b1:0c:d1:43:ef:c2:43:c6:ab:1d:b1:9f:bc:
ec:73:33:fb:1a:c7:70:e4:d4:be:dc:e1:0d:38:c9:16:65:18:
b9:69:77:14:4d:59:c4:0e:12:7c:c2:bb:50:fc:53:9f:ce:5f:
d8:0c:ac:b1:ae:20:45:25:09:05:ac:ba:4d:a3:de:cd:de:93:
85:b7:65:eb:40:e4:68:55:66:b4:8f:9f:86:8a:90:95:42:79:
3b:41:58:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmBNa4sLXY1xeGx+2QEtJOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZDIwYTIyZTk0OGZiOTY0NDEyOWFkMzAxOWYwOGQ0ZjQ5
ODFmY2YwHhcNMjUwOTI1MTQxMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTE2NmQ4NzRjNTdmMzkxZDY5ZmFlYzZjYzM0YTk0ZTExMDkyYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXkPtHdRftHctFCahXdbHQTrLw5d
bp8l10Qnq4KO62Trt/1mHRQ6gnX3PgFCXN9VByvxvY8lbH/VG6qdHTHvykZnCVF4
pTOfpTmAMN6KpB5EM0RXVHZH5WCY3iMu13CHRlQdJO9a95n5xkD6MnezIlNBqPBh
5c+2l8yk+uLAbd2W2k7m2bjzFyamZQPl4EYt2+TnbJ554prrlH5mdeZ/LVHcJEWk
XX7oZGFdNpo+DYNc8XeTNrJ22L8pWboQ7wi1AJKRWRuklssfPkAifqMLyVMWa10X
q33WKEidbgQv8naYJ7ACDVJultOeV6F0VsztcedB8ZWMe62YeLA99CusrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEWbYdMV/OR1p+uxsw0qU4RCSulMB8GA1UdIwQY
MBaAFOrSCiLpSPuWRBKa0wGfCNT0mB/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnRJS0l1bEktNVpFRXByVEFaOEkxUFNZSDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xN2NhNWYtNDMyNy00YTg4LWI5NzYt
YjY0ZmZjZTA2NTgwLzEvRVJadGgweFg4NUhXbjY3R3pEU3BUaEVKSzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xN2NhNWYtNDMyNy00YTg4LWI5NzYtYjY0ZmZjZTA2NTgw
LzEvNnRJS0l1bEktNVpFRXByVEFaOEkxUFNZSDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZmYMA0G
CSqGSIb3DQEBCwUAA4IBAQATyDk4EcDq4w4+meC1/vAXY9i6Nmi+iOVqy3pIgFlY
dXGk2TAE8OEnIUxQCVHIYINcedETRXQFnPPdEI6vqCn7DOHJ/ENfFTzq4eIN92w3
UMMm9XwC36hQ8qlhOHU4wWxmGmVEa4HW4m55+Xx85j8bsyZG86NfGTJzqASg205r
Jcth/UCIkfLNP+VmThj5bxt55D3HDDxcWCCLMSKM3iD5IyTXXAGlxbEM0UPvwkPG
qx2xn7zsczP7Gsdw5NS+3OENOMkWZRi5aXcUTVnEDhJ8wrtQ/FOfzl/YDKyxriBF
JQkFrLpNo97N3pOFt2XrQORoVWa0j5+GipCVQnk7QVhC
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:52 2025 by rpki-client