Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/eGHMp6XiUZXSvWaQdrxkZKMhkiw.roa
File: eGHMp6XiUZXSvWaQdrxkZKMhkiw.roa (raw, json)
Hash identifier: w65T1Q47xszh2JQk5p3/bfyIzCGf7RqoYh4hz/srZNQ=
Subject key identifier: 78:61:CC:A7:A5:E2:51:95:D2:BD:66:90:76:BC:64:64:A3:21:92:2C
Certificate issuer: /CN=a088b0547f09fe9224050d70a523da5bedbe0738
Certificate serial: 0199D4AAF684D6FC4C45565BF43110CA1972
Authority key identifier: A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/eGHMp6XiUZXSvWaQdrxkZKMhkiw.roa
Signing time: Sat 11 Oct 2025 19:06:38 +0000
ROA not before: Sat 11 Oct 2025 19:06:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215413
IP address blocks: 37.230.138.0/24 maxlen: 24
45.143.196.0/24 maxlen: 24
45.143.197.0/24 maxlen: 24
45.143.198.0/24 maxlen: 24
45.143.199.0/24 maxlen: 24
81.16.176.0/24 maxlen: 24
81.16.177.0/24 maxlen: 24
91.208.92.0/24 maxlen: 24
185.83.152.0/24 maxlen: 24
185.83.153.0/24 maxlen: 24
185.83.154.0/24 maxlen: 24
185.83.155.0/24 maxlen: 24
185.206.148.0/24 maxlen: 24
185.206.149.0/24 maxlen: 24
185.206.150.0/24 maxlen: 24
185.206.151.0/24 maxlen: 24
188.64.33.0/24 maxlen: 24
194.164.96.0/24 maxlen: 24
194.213.3.0/24 maxlen: 24
213.170.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d4:aa:f6:84:d6:fc:4c:45:56:5b:f4:31:10:ca:19:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a088b0547f09fe9224050d70a523da5bedbe0738
Validity
Not Before: Oct 11 19:06:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7861cca7a5e25195d2bd669076bc6464a321922c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ee:62:77:5e:aa:13:fb:f2:10:94:f3:3b:a4:
e4:19:ea:30:e8:a2:4c:46:57:97:82:8e:a5:45:1e:
ff:24:7f:a5:1a:1f:c7:47:b7:03:09:fa:9a:e7:c1:
76:4a:29:79:23:58:3e:07:ce:3d:6d:a3:d8:e6:59:
22:3b:ce:32:ca:58:ae:f6:89:40:c9:fa:e5:32:3c:
e7:fc:93:5c:6d:3b:d5:98:3e:8e:28:94:d9:57:ad:
76:c9:c7:4a:24:3a:e1:b5:20:e6:f4:ab:8e:8c:f9:
2a:30:93:e5:bf:c8:d9:73:86:1f:c6:5e:3e:74:3d:
6f:ca:ac:e1:9a:1e:03:98:70:80:18:71:9d:0c:43:
19:38:fd:78:e8:4a:e1:52:b2:3d:ba:48:ca:19:ea:
b8:77:c2:a9:4b:af:4e:74:9a:8d:d5:99:0d:b7:bb:
87:e5:03:44:f3:86:12:1f:5a:5f:57:f9:37:d3:37:
38:37:c2:05:6f:76:c4:93:28:76:31:b0:d3:94:61:
00:93:87:72:36:93:49:d1:4e:6e:94:73:8f:88:87:
71:c2:4e:95:59:86:a6:d7:64:ee:95:9c:de:14:e8:
9d:07:a2:18:dd:c7:76:9a:07:f2:c2:8c:be:70:ee:
b9:aa:5b:bc:a4:5d:47:bc:34:01:fe:ae:e7:b8:a6:
96:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:61:CC:A7:A5:E2:51:95:D2:BD:66:90:76:BC:64:64:A3:21:92:2C
X509v3 Authority Key Identifier:
keyid:A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/eGHMp6XiUZXSvWaQdrxkZKMhkiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.138.0/24
45.143.196.0/22
81.16.176.0/23
91.208.92.0/24
185.83.152.0/22
185.206.148.0/22
188.64.33.0/24
194.164.96.0/24
194.213.3.0/24
213.170.135.0/24
Signature Algorithm: sha256WithRSAEncryption
15:c9:d1:0c:a1:da:9a:dd:f2:87:be:b1:59:9f:27:e2:5d:f7:
50:5e:19:6a:19:09:7b:c4:3b:0f:d9:fa:4f:e8:b8:74:3d:1e:
55:0e:04:15:d7:ce:23:b8:77:b8:c1:f2:c7:bd:b3:ff:e2:63:
2d:b5:a3:3b:d7:c0:89:8f:b1:23:90:62:63:db:22:f4:e5:f5:
48:d4:98:88:b5:40:d3:97:93:52:11:f9:0f:34:7f:01:ba:44:
1d:37:ae:b6:b9:a8:89:43:1c:e1:ba:a8:48:39:4a:eb:92:e9:
9c:a8:03:6c:d5:3a:5e:c9:70:58:66:ed:ca:2e:92:17:bb:1a:
6e:4e:26:33:22:a5:12:52:26:2d:6c:fd:0b:49:92:73:cd:9b:
41:bd:63:09:c0:a5:39:22:c8:28:b7:38:9e:1e:6f:9b:cd:2e:
91:43:b9:6d:66:78:8f:e0:23:d8:fa:0e:fa:d2:86:ea:a9:77:
1a:7b:64:df:17:0a:31:b8:7b:d0:b5:a0:ba:47:9b:b3:41:73:
9c:f0:d1:07:19:1c:4c:ee:14:cd:2c:7a:5e:82:b7:9e:08:55:
33:67:bd:60:3f:f8:59:22:52:6b:8b:07:51:73:88:43:5e:e3:
f7:4b:1a:bf:5d:31:09:d6:2b:f2:68:44:b7:0e:ca:ee:5a:87:
b4:42:36:69
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZnUqvaE1vxMRVZb9DEQyhlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwODhiMDU0N2YwOWZlOTIyNDA1MGQ3MGE1MjNkYTViZWRi
ZTA3MzgwHhcNMjUxMDExMTkwNjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODYxY2NhN2E1ZTI1MTk1ZDJiZDY2OTA3NmJjNjQ2NGEzMjE5MjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu5id16qE/vyEJTzO6TkGeow6KJM
RleXgo6lRR7/JH+lGh/HR7cDCfqa58F2Sil5I1g+B849baPY5lkiO84yyliu9olA
yfrlMjzn/JNcbTvVmD6OKJTZV612ycdKJDrhtSDm9KuOjPkqMJPlv8jZc4Yfxl4+
dD1vyqzhmh4DmHCAGHGdDEMZOP146ErhUrI9ukjKGeq4d8KpS69OdJqN1ZkNt7uH
5QNE84YSH1pfV/k30zc4N8IFb3bEkyh2MbDTlGEAk4dyNpNJ0U5ulHOPiIdxwk6V
WYam12TulZzeFOidB6IY3cd2mgfywoy+cO65qlu8pF1HvDQB/q7nuKaWMQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHhhzKel4lGV0r1mkHa8ZGSjIZIsMB8GA1UdIwQY
MBaAFKCIsFR/Cf6SJAUNcKUj2lvtvgc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMt
ZGY4MmZhODk3MzI2LzEvZUdITXA2WGlVWlhTdldhUWRyeGtaS01oa2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMtZGY4MmZhODk3MzI2
LzEvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAJeaKAwQC
LY/EAwQBURCwAwQAW9BcAwQCuVOYAwQCuc6UAwQAvEAhAwQAwqRgAwQAwtUDAwQA
1aqHMA0GCSqGSIb3DQEBCwUAA4IBAQAVydEModqa3fKHvrFZnyfiXfdQXhlqGQl7
xDsP2fpP6Lh0PR5VDgQV184juHe4wfLHvbP/4mMttaM718CJj7EjkGJj2yL05fVI
1JiItUDTl5NSEfkPNH8BukQdN662uaiJQxzhuqhIOUrrkumcqANs1TpeyXBYZu3K
LpIXuxpuTiYzIqUSUiYtbP0LSZJzzZtBvWMJwKU5IsgotzieHm+bzS6RQ7ltZniP
4CPY+g760obqqXcae2TfFwoxuHvQtaC6R5uzQXOc8NEHGRxM7hTNLHpegreeCFUz
Z71gP/hZIlJriwdRc4hDXuP3Sxq/XTEJ1ivyaES3DsruWoe0QjZp
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:49:29 2025 by rpki-client