Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ecewlHrw996QASM_mk7YfHAiKlo.roa
File: ecewlHrw996QASM_mk7YfHAiKlo.roa (raw, json)
Hash identifier: LW+1hfURgTHaFsClAEpqXt3n+/3mIS9dqUUZBpQJWzc=
Subject key identifier: 79:C7:B0:94:7A:F0:F7:DE:90:01:23:3F:9A:4E:D8:7C:70:22:2A:5A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019E0346E3DB434B36493841731BDB61AE98
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ecewlHrw996QASM_mk7YfHAiKlo.roa
Signing time: Thu 07 May 2026 16:30:37 +0000
ROA not before: Thu 07 May 2026 16:30:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202736
IP address blocks: 163.5.8.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:03:46:e3:db:43:4b:36:49:38:41:73:1b:db:61:ae:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 7 16:30:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=79c7b0947af0f7de9001233f9a4ed87c70222a5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:52:26:24:52:a2:24:2f:38:58:26:e6:8b:67:
65:e6:1f:66:6e:49:80:39:76:d9:a4:3d:c1:d8:68:
02:61:db:9f:24:61:bf:71:91:18:0d:bf:ca:59:a0:
70:d0:56:1b:51:e3:c4:7b:f7:ec:41:70:92:e6:53:
9b:cf:af:bc:08:a2:f8:eb:ae:71:11:40:19:a3:2e:
45:fc:28:6e:e4:84:61:f4:6b:ac:13:62:7c:07:22:
ca:ef:9d:ff:99:6c:d4:30:30:5f:5c:59:6a:e5:51:
d2:8a:94:7f:2a:99:a1:70:b9:7f:ec:0f:2d:11:04:
cc:96:f8:74:9f:0d:f2:17:5c:0b:1e:69:02:27:35:
03:8f:ae:2e:20:3a:5d:8b:b7:ec:9d:38:71:ba:ef:
91:ac:69:94:32:e7:21:f6:1a:79:bf:3f:86:90:87:
31:87:7a:52:36:88:84:fe:fe:1d:5b:58:0e:d9:62:
51:9a:f2:bc:d4:4f:1d:81:e2:95:f3:72:6c:6e:a1:
63:2a:2f:63:80:f6:06:18:c6:67:86:34:17:9a:ac:
c6:ae:24:88:da:7c:70:62:6e:9a:bc:7a:74:8a:96:
ce:60:b5:7f:16:1d:38:76:5c:05:be:8c:c8:f0:f4:
e0:05:d3:fd:8f:40:38:bf:cb:61:aa:54:34:58:85:
00:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C7:B0:94:7A:F0:F7:DE:90:01:23:3F:9A:4E:D8:7C:70:22:2A:5A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ecewlHrw996QASM_mk7YfHAiKlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.8.0/24
163.5.13.0/24
163.5.106.0/24
163.5.109.0/24
163.5.127.0/24
Signature Algorithm: sha256WithRSAEncryption
08:28:e6:c3:de:ae:59:a8:4d:f4:4a:94:9d:36:8a:51:4a:9d:
35:2c:db:79:c8:a1:17:17:11:ab:10:c0:13:11:5e:ed:b4:63:
23:f8:6c:cd:5b:0f:61:03:67:a5:17:d6:d6:9e:34:8a:a5:d4:
9d:91:06:02:c9:51:f8:bb:a6:cf:a8:c4:e1:77:94:c1:77:f8:
24:02:db:71:57:86:6f:6e:98:c2:d2:79:21:d4:4b:75:e3:fb:
bb:23:b6:f7:74:8e:aa:c5:09:4c:c3:3d:81:c0:f0:65:60:46:
ab:3c:44:af:25:8a:54:36:60:98:3f:9c:96:e3:01:68:46:70:
6b:30:a4:44:2e:b7:bc:d0:82:5f:4a:db:e4:42:ef:b3:09:57:
30:27:f8:ea:0a:c8:5e:3e:af:8a:09:f4:82:ef:d1:aa:ff:86:
73:01:01:55:71:75:0f:2e:c9:42:b1:cd:1a:a2:c0:8c:f8:ab:
5e:49:7a:df:56:7e:c1:42:90:09:55:83:2d:bf:41:5c:41:93:
b9:18:9c:93:0b:b7:54:82:0c:b2:ac:4a:d4:6e:2d:fc:a4:94:
51:f2:76:26:47:8d:c7:14:64:5c:71:5a:7c:4e:76:0f:f8:96:
64:2a:02:a9:4b:8b:b2:7c:86:67:46:61:69:19:cc:37:00:0a:
01:4c:4e:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ4DRuPbQ0s2SThBcxvbYa6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNTA3MTYzMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWM3YjA5NDdhZjBmN2RlOTAwMTIzM2Y5YTRlZDg3YzcwMjIyYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFImJFKiJC84WCbmi2dl5h9mbkmA
OXbZpD3B2GgCYdufJGG/cZEYDb/KWaBw0FYbUePEe/fsQXCS5lObz6+8CKL4665x
EUAZoy5F/Chu5IRh9GusE2J8ByLK753/mWzUMDBfXFlq5VHSipR/KpmhcLl/7A8t
EQTMlvh0nw3yF1wLHmkCJzUDj64uIDpdi7fsnThxuu+RrGmUMuch9hp5vz+GkIcx
h3pSNoiE/v4dW1gO2WJRmvK81E8dgeKV83JsbqFjKi9jgPYGGMZnhjQXmqzGriSI
2nxwYm6avHp0ipbOYLV/Fh04dlwFvozI8PTgBdP9j0A4v8thqlQ0WIUACwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHnHsJR68PfekAEjP5pO2HxwIipaMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZWNld2xIcnc5OTZRQVNNX21rN1lmSEFpS2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUIAwQA
owUNAwQAowVqAwQAowVtAwQAowV/MA0GCSqGSIb3DQEBCwUAA4IBAQAIKObD3q5Z
qE30SpSdNopRSp01LNt5yKEXFxGrEMATEV7ttGMj+GzNWw9hA2elF9bWnjSKpdSd
kQYCyVH4u6bPqMThd5TBd/gkAttxV4ZvbpjC0nkh1Et14/u7I7b3dI6qxQlMwz2B
wPBlYEarPESvJYpUNmCYP5yW4wFoRnBrMKRELre80IJfStvkQu+zCVcwJ/jqCshe
Pq+KCfSC79Gq/4ZzAQFVcXUPLslCsc0aosCM+KteSXrfVn7BQpAJVYMtv0FcQZO5
GJyTC7dUggyyrErUbi38pJRR8nYmR43HFGRccVp8TnYP+JZkKgKpS4uyfIZnRmFp
Gcw3AAoBTE5b
-----END CERTIFICATE-----
Generated at Tue May 12 22:16:52 2026 by rpki-client