Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/EanRZ9gMDK33R7GhHNXcDGanaxQ.roa
File: EanRZ9gMDK33R7GhHNXcDGanaxQ.roa (raw, json)
Hash identifier: Kpcx953SIYsGpWl9Kj/y5GsHiQrpw2CFYNjXqQt5xb0=
Subject key identifier: 11:A9:D1:67:D8:0C:0C:AD:F7:47:B1:A1:1C:D5:DC:0C:66:A7:6B:14
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 0199EBA0F7DF838793F5B05175434F227FA7
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/EanRZ9gMDK33R7GhHNXcDGanaxQ.roa
Signing time: Thu 16 Oct 2025 06:06:58 +0000
ROA not before: Thu 16 Oct 2025 06:06:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397368
IP address blocks: 74.122.26.0/24 maxlen: 24
74.122.27.0/24 maxlen: 24
103.124.182.0/23 maxlen: 23
103.250.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 18:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:eb:a0:f7:df:83:87:93:f5:b0:51:75:43:4f:22:7f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Oct 16 06:06:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11a9d167d80c0cadf747b1a11cd5dc0c66a76b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:05:af:12:e7:d6:3f:d7:f4:72:b3:ad:5d:84:
0e:55:9b:d7:3a:f9:21:96:4c:34:7c:c6:d6:f6:21:
ab:22:55:65:43:05:e9:5a:cc:8f:3d:d9:7e:55:88:
0d:cd:80:df:20:1d:d7:15:90:0f:34:18:74:26:4c:
7a:30:4f:f1:dd:f4:87:7b:77:9b:48:06:74:07:11:
d0:e3:e6:f7:04:f8:a0:c1:50:71:2b:13:dc:1a:62:
d1:1d:03:df:05:6c:49:29:27:62:64:a8:c9:dd:8a:
b2:e5:dd:ae:5e:d7:3f:e1:37:85:0a:39:4e:98:01:
cb:4c:39:4d:05:32:ce:06:12:58:1c:8e:d7:c3:97:
b9:82:56:09:1d:c2:a2:13:3c:87:32:ae:0c:03:19:
a2:15:6a:4a:97:2c:75:d8:e8:88:33:58:ee:ed:86:
1e:6d:13:36:f1:ab:0a:ea:35:54:bb:48:d4:c0:d1:
a9:fc:1d:6d:dd:43:79:4a:46:c4:bd:ce:79:9f:99:
ad:61:bd:fb:cc:7d:55:d2:6d:62:39:40:6e:ad:90:
d7:3c:49:2e:83:c9:38:1f:0e:38:eb:76:95:5a:5a:
e1:47:bb:a2:b5:1a:32:da:cb:45:8d:42:f1:d9:f1:
9a:17:de:04:1d:c9:2b:a0:50:7a:b3:0c:26:99:32:
ba:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:A9:D1:67:D8:0C:0C:AD:F7:47:B1:A1:1C:D5:DC:0C:66:A7:6B:14
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/EanRZ9gMDK33R7GhHNXcDGanaxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.122.26.0/23
103.124.182.0/23
103.250.172.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:fc:fd:de:70:5f:13:75:bb:d8:83:65:5e:2b:af:83:f3:06:
7a:0b:5c:f6:1f:cc:19:78:36:b1:38:3c:50:23:2a:8d:21:a6:
62:10:15:f5:3e:59:43:63:e3:5d:49:33:2c:37:d6:d8:93:3c:
7d:e8:49:11:c9:cf:d8:2a:67:4e:a3:06:23:05:36:fb:6f:b6:
74:29:e4:0f:a9:3d:51:31:2b:c5:7d:99:d4:fa:45:0c:21:18:
12:40:50:52:e5:e5:1c:bd:74:4b:41:b6:25:43:94:bb:08:35:
32:da:ff:a9:0f:c8:87:95:08:b0:bc:43:53:c4:3f:b4:ef:69:
e6:7f:d1:be:a0:28:32:7a:45:82:8f:b2:81:7d:0f:3d:5d:cc:
f7:25:f8:20:9c:a5:58:ab:f9:9b:87:b3:4d:b2:f8:5c:eb:c0:
73:40:a1:c9:1d:13:75:f6:16:84:e1:0b:5b:91:47:38:68:b2:
a1:33:69:52:0c:4d:67:1b:b8:59:ce:d0:57:41:16:4e:24:c7:
10:59:d6:f2:af:05:26:cc:a6:8f:ff:8a:62:76:e3:ca:b5:4e:
cd:52:4a:ae:33:8c:57:e7:8b:88:a6:51:1c:f6:00:23:1b:55:
8f:f6:64:c6:a8:e6:8e:79:0a:bf:32:21:99:67:3e:3f:b4:58:
fa:e5:17:4e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnroPffg4eT9bBRdUNPIn+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjUxMDE2MDYwNjU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWE5ZDE2N2Q4MGMwY2FkZjc0N2IxYTExY2Q1ZGMwYzY2YTc2YjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AWvEufWP9f0crOtXYQOVZvXOvkh
lkw0fMbW9iGrIlVlQwXpWsyPPdl+VYgNzYDfIB3XFZAPNBh0Jkx6ME/x3fSHe3eb
SAZ0BxHQ4+b3BPigwVBxKxPcGmLRHQPfBWxJKSdiZKjJ3Yqy5d2uXtc/4TeFCjlO
mAHLTDlNBTLOBhJYHI7Xw5e5glYJHcKiEzyHMq4MAxmiFWpKlyx12OiIM1ju7YYe
bRM28asK6jVUu0jUwNGp/B1t3UN5SkbEvc55n5mtYb37zH1V0m1iOUBurZDXPEku
g8k4Hw4463aVWlrhR7uitRoy2stFjULx2fGaF94EHckroFB6swwmmTK6eQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBGp0WfYDAyt90exoRzV3Axmp2sUMB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvRWFuUlo5Z01ESzMzUjdHaEhOWGNER2FuYXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBSnoaAwQB
Z3y2AwQCZ/qsMA0GCSqGSIb3DQEBCwUAA4IBAQAd/P3ecF8TdbvYg2VeK6+D8wZ6
C1z2H8wZeDaxODxQIyqNIaZiEBX1PllDY+NdSTMsN9bYkzx96EkRyc/YKmdOowYj
BTb7b7Z0KeQPqT1RMSvFfZnU+kUMIRgSQFBS5eUcvXRLQbYlQ5S7CDUy2v+pD8iH
lQiwvENTxD+072nmf9G+oCgyekWCj7KBfQ89Xcz3JfggnKVYq/mbh7NNsvhc68Bz
QKHJHRN19haE4QtbkUc4aLKhM2lSDE1nG7hZztBXQRZOJMcQWdbyrwUmzKaP/4pi
duPKtU7NUkquM4xX54uIplEc9gAjG1WP9mTGqOaOeQq/MiGZZz4/tFj65RdO
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:18:03 2025 by rpki-client