Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/EITg7csqrpeo1pWcmy2hcqbXflU.roa
File: EITg7csqrpeo1pWcmy2hcqbXflU.roa (raw, json)
Hash identifier: pLn3UHOxp1ZQsuVQtFPMgV4G2hJKf/PNaA8sX+IS7d0=
Subject key identifier: 10:84:E0:ED:CB:2A:AE:97:A8:D6:95:9C:9B:2D:A1:72:A6:D7:7E:55
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 0199A539F40653185527AB953281A1BDCC2C
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/EITg7csqrpeo1pWcmy2hcqbXflU.roa
Signing time: Thu 02 Oct 2025 14:01:02 +0000
ROA not before: Thu 02 Oct 2025 14:01:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 146.247.104.0/24 maxlen: 24
146.247.107.0/24 maxlen: 24
146.247.111.0/24 maxlen: 24
146.247.115.0/24 maxlen: 24
146.247.116.0/24 maxlen: 24
146.247.118.0/23 maxlen: 23
146.247.118.0/24 maxlen: 24
146.247.119.0/24 maxlen: 24
146.247.120.0/24 maxlen: 24
146.247.122.0/24 maxlen: 24
146.247.126.0/24 maxlen: 24
146.247.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.mft
rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a5:39:f4:06:53:18:55:27:ab:95:32:81:a1:bd:cc:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Oct 2 14:01:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1084e0edcb2aae97a8d6959c9b2da172a6d77e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a9:29:ae:90:45:f9:d2:3f:9d:7c:30:7d:f5:
67:20:40:d3:0c:74:0c:1a:27:47:52:8c:87:b9:b3:
7e:c7:13:5f:6a:a5:5a:cc:ac:7e:6c:0f:e2:9d:ef:
49:b4:38:c2:7e:fe:80:fd:52:a0:63:61:54:98:0e:
1e:1a:a9:98:e7:36:3d:05:a5:ab:c0:59:86:c9:37:
db:b9:f6:f6:3c:5b:b1:c5:29:6d:53:f3:e3:88:ab:
e0:31:0e:08:a2:c0:e9:0e:7e:92:69:71:1d:bb:ef:
d8:4a:3d:55:55:f3:f2:83:99:65:df:c1:cc:fd:06:
95:cc:28:74:d3:a3:23:89:58:78:ff:d7:7e:63:9e:
63:3b:40:82:4d:d0:89:13:94:c2:22:fc:dc:6b:16:
e4:88:65:11:2b:f3:a8:8a:87:43:52:33:4c:f5:0b:
69:04:13:98:ab:06:fe:82:9f:b3:82:20:d7:55:44:
5e:3d:16:c6:cc:cd:65:b0:8a:77:0f:73:d4:f4:20:
cc:81:81:a2:b7:62:1e:f3:51:be:00:0e:05:60:82:
e7:eb:92:15:9d:ed:96:14:d3:65:6f:c6:aa:fc:40:
a9:70:2b:44:23:a0:08:1f:86:cc:0d:50:8b:03:f6:
ed:a8:7b:fd:dd:f6:40:99:15:b4:59:97:bc:03:2b:
ff:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:84:E0:ED:CB:2A:AE:97:A8:D6:95:9C:9B:2D:A1:72:A6:D7:7E:55
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/EITg7csqrpeo1pWcmy2hcqbXflU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.104.0/24
146.247.107.0/24
146.247.111.0/24
146.247.115.0-146.247.116.255
146.247.118.0-146.247.120.255
146.247.122.0/24
146.247.126.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:ee:7b:4b:f9:47:80:f0:cd:6e:7f:70:16:60:2b:94:45:8b:
85:18:b2:f5:e3:16:00:3a:6b:3d:70:e1:72:44:0a:f0:c6:f1:
3c:0e:3b:27:35:a4:4f:c3:f9:36:03:d3:eb:78:7e:1c:f1:97:
c2:7a:88:d0:98:d3:1a:3c:e8:a0:23:12:01:31:44:68:6b:27:
31:96:b9:c0:6b:3c:6a:1e:17:44:62:ed:96:3a:a1:2a:0d:23:
99:f7:50:98:a6:69:30:18:73:9f:72:e5:58:ef:71:28:13:4c:
60:95:8a:76:f0:b6:ec:ed:27:bb:06:96:22:e5:94:2b:11:cf:
cb:45:b2:d6:66:99:b8:02:c8:b9:e1:e9:69:c3:f5:b1:22:5d:
71:90:98:1a:dd:f8:7d:42:1b:14:8c:c4:6d:fb:a3:58:49:60:
ed:4a:f1:95:ce:aa:d5:94:07:8a:79:3f:ea:4b:ea:a7:dc:8c:
5e:2d:31:05:62:8f:60:ed:4a:a5:a4:2c:e1:3e:f0:a2:de:37:
ef:c1:4c:c3:1e:61:16:06:dc:88:cb:34:2b:69:29:58:17:af:
e4:3b:b4:c5:c8:f0:8b:37:41:63:f9:c9:82:c7:39:91:dd:64:
ad:fe:86:f1:29:d7:b1:cf:97:58:b6:8a:ff:c1:c8:c6:f7:a9:
42:d7:7f:d7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZmlOfQGUxhVJ6uVMoGhvcwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjUxMDAyMTQwMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDg0ZTBlZGNiMmFhZTk3YThkNjk1OWM5YjJkYTE3MmE2ZDc3ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqkprpBF+dI/nXwwffVnIEDTDHQM
GidHUoyHubN+xxNfaqVazKx+bA/ine9JtDjCfv6A/VKgY2FUmA4eGqmY5zY9BaWr
wFmGyTfbufb2PFuxxSltU/PjiKvgMQ4IosDpDn6SaXEdu+/YSj1VVfPyg5ll38HM
/QaVzCh006MjiVh4/9d+Y55jO0CCTdCJE5TCIvzcaxbkiGURK/OoiodDUjNM9Qtp
BBOYqwb+gp+zgiDXVURePRbGzM1lsIp3D3PU9CDMgYGit2Ie81G+AA4FYILn65IV
ne2WFNNlb8aq/ECpcCtEI6AIH4bMDVCLA/btqHv93fZAmRW0WZe8Ayv/yQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFBCE4O3LKq6XqNaVnJstoXKm135VMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvRUlUZzdjc3FycGVvMXBXY215MmhjcWJYZmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAkvdoAwQA
kvdrAwQAkvdvMAwDBACS93MDBACS93QwDAMEAZL3dgMEAJL3eAMEAJL3egMEAZL3
fjANBgkqhkiG9w0BAQsFAAOCAQEAD+57S/lHgPDNbn9wFmArlEWLhRiy9eMWADpr
PXDhckQK8MbxPA47JzWkT8P5NgPT63h+HPGXwnqI0JjTGjzooCMSATFEaGsnMZa5
wGs8ah4XRGLtljqhKg0jmfdQmKZpMBhzn3LlWO9xKBNMYJWKdvC27O0nuwaWIuWU
KxHPy0Wy1maZuALIueHpacP1sSJdcZCYGt34fUIbFIzEbfujWElg7Urxlc6q1ZQH
ink/6kvqp9yMXi0xBWKPYO1KpaQs4T7wot4378FMwx5hFgbciMs0K2kpWBev5Du0
xcjwizdBY/nJgsc5kd1krf6G8SnXsc+XWLaK/8HIxvepQtd/1w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:16 2025 by rpki-client