Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/EiLZXNFLeYaMBuVG79qI9-lFpJ0.roa
File: EiLZXNFLeYaMBuVG79qI9-lFpJ0.roa (raw, json)
Hash identifier: pWVGRhAAESPBnV3t2uHYBiBVbQwsb0r95XhCGXUNPKk=
Subject key identifier: 12:22:D9:5C:D1:4B:79:86:8C:06:E5:46:EF:DA:88:F7:E9:45:A4:9D
Certificate issuer: /CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Certificate serial: 019950FCE690D1599506F8DF3BA1FB2B1C21
Authority key identifier: 09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/EiLZXNFLeYaMBuVG79qI9-lFpJ0.roa
Signing time: Tue 16 Sep 2025 05:26:15 +0000
ROA not before: Tue 16 Sep 2025 05:26:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198218
IP address blocks: 82.205.160.0/21 maxlen: 21
82.205.168.0/21 maxlen: 21
82.205.176.0/21 maxlen: 21
82.205.184.0/24 maxlen: 24
164.40.160.0/21 maxlen: 21
2a03:d080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:50:fc:e6:90:d1:59:95:06:f8:df:3b:a1:fb:2b:1c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Validity
Not Before: Sep 16 05:26:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1222d95cd14b79868c06e546efda88f7e945a49d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:75:e0:3f:0f:46:5a:30:48:65:5a:79:7b:6d:
1a:3c:9b:cf:6b:f1:65:9d:ee:14:c6:1b:22:9d:0f:
8a:d6:1c:9e:ee:88:c0:d7:62:b9:76:5c:8c:dd:1f:
cd:88:83:68:0f:02:83:d2:8a:06:f8:b9:dd:11:7f:
bf:eb:db:ca:d5:c6:f1:cf:4a:b6:c1:1a:a8:73:c8:
0e:85:fb:d2:07:9a:55:16:7b:4a:2b:c1:b2:60:4c:
7c:c7:fc:54:1e:82:d1:b3:7c:0f:cf:47:08:63:37:
ee:cc:3f:6c:ba:77:bd:7f:2c:48:56:1e:08:ca:bb:
9a:44:7d:44:8d:34:8d:50:1c:3c:16:34:a7:97:04:
e7:7b:fb:70:c4:2d:34:35:62:c1:a5:58:00:57:8f:
92:96:56:d8:94:c9:6c:d2:cc:7a:27:f0:cc:ae:48:
19:44:71:a2:c8:b5:7e:c8:93:19:13:81:08:67:3a:
29:1a:2e:66:aa:5b:5f:27:43:57:a1:f9:1a:fc:be:
6b:58:94:6f:f3:69:73:d3:97:67:5b:cd:59:22:fa:
fc:66:85:e9:a2:64:0b:32:6c:14:bd:43:cb:81:38:
09:46:97:95:b9:f0:de:16:d3:d1:d9:76:4b:1d:cd:
af:5c:58:7f:71:66:a5:11:eb:ad:08:46:f0:62:80:
57:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:22:D9:5C:D1:4B:79:86:8C:06:E5:46:EF:DA:88:F7:E9:45:A4:9D
X509v3 Authority Key Identifier:
keyid:09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/EiLZXNFLeYaMBuVG79qI9-lFpJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.205.160.0-82.205.184.255
164.40.160.0/21
IPv6:
2a03:d080::/32
Signature Algorithm: sha256WithRSAEncryption
c0:1f:4f:70:1d:24:7f:f8:89:f1:37:8d:49:ee:25:0a:69:a1:
ab:80:41:cf:94:27:88:ce:29:72:03:ca:93:76:dc:03:0f:1b:
a2:d3:53:00:90:96:ca:42:69:25:f9:c4:8d:0c:1a:8d:a2:28:
db:71:6a:20:d6:3b:ab:e1:e6:6a:61:57:d6:f7:15:1b:e7:0b:
65:08:0b:3a:c4:40:75:7b:eb:f0:1c:81:51:5e:9e:03:5e:93:
e5:e2:d8:88:97:b9:45:97:ec:c5:3f:5e:7d:6b:a6:83:20:2d:
42:a0:34:7d:69:a0:41:8b:f8:63:22:12:1c:63:4e:4a:fd:9d:
ca:18:d2:7f:fc:29:25:8a:84:b2:36:d3:c3:45:72:f8:1a:f6:
94:25:ec:e6:bc:9e:63:53:9d:86:eb:55:b8:83:1a:44:07:34:
a2:57:81:3d:59:89:ef:c9:82:f9:13:a2:0f:20:4e:23:59:07:
ab:ce:2a:38:4e:18:55:94:e0:cf:42:05:8c:74:a8:58:f3:76:
7f:28:b0:b5:60:d8:8d:a9:a2:7a:b7:b9:37:fb:61:4b:29:72:
fa:ff:84:65:e0:c0:8a:0c:06:9b:b7:27:53:75:e7:03:ad:4c:
33:6f:ed:c0:62:14:58:19:59:d8:a4:c9:63:f8:a6:ec:93:99:
13:71:f1:aa
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZlQ/OaQ0VmVBvjfO6H7KxwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjBkY2NlYjc0ZjExODVhY2Q5N2FlZWFhYzI1ZGRhNWU5
YjA5MzYwHhcNMjUwOTE2MDUyNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjIyZDk1Y2QxNGI3OTg2OGMwNmU1NDZlZmRhODhmN2U5NDVhNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXXgPw9GWjBIZVp5e20aPJvPa/Fl
ne4UxhsinQ+K1hye7ojA12K5dlyM3R/NiINoDwKD0ooG+LndEX+/69vK1cbxz0q2
wRqoc8gOhfvSB5pVFntKK8GyYEx8x/xUHoLRs3wPz0cIYzfuzD9sune9fyxIVh4I
yruaRH1EjTSNUBw8FjSnlwTne/twxC00NWLBpVgAV4+SllbYlMls0sx6J/DMrkgZ
RHGiyLV+yJMZE4EIZzopGi5mqltfJ0NXofka/L5rWJRv82lz05dnW81ZIvr8ZoXp
omQLMmwUvUPLgTgJRpeVufDeFtPR2XZLHc2vXFh/cWalEeutCEbwYoBXOwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBIi2VzRS3mGjAblRu/aiPfpRaSdMB8GA1UdIwQY
MBaAFAnw3M63TxGFrNl67qrCXdpemwk2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgt
OTk2MTg5ZjljZTE0LzEvRWlMWlhORkxlWWFNQnVWRzc5cUk5LWxGcEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgtOTk2MTg5ZjljZTE0
LzEvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAVSzaAD
BABSzbgDBAOkKKAwDQQCAAIwBwMFACoD0IAwDQYJKoZIhvcNAQELBQADggEBAMAf
T3AdJH/4ifE3jUnuJQppoauAQc+UJ4jOKXIDypN23AMPG6LTUwCQlspCaSX5xI0M
Go2iKNtxaiDWO6vh5mphV9b3FRvnC2UICzrEQHV76/AcgVFengNek+Xi2IiXuUWX
7MU/Xn1rpoMgLUKgNH1poEGL+GMiEhxjTkr9ncoY0n/8KSWKhLI208NFcvga9pQl
7Oa8nmNTnYbrVbiDGkQHNKJXgT1Zie/JgvkTog8gTiNZB6vOKjhOGFWU4M9CBYx0
qFjzdn8osLVg2I2ponq3uTf7YUspcvr/hGXgwIoMBpu3J1N15wOtTDNv7cBiFFgZ
WdikyWP4puyTmRNx8ao=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:46 2025 by rpki-client