Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ewMk8U-CtYsjt6E6j_tG33Bkeds.roa
File: ewMk8U-CtYsjt6E6j_tG33Bkeds.roa (raw, json)
Hash identifier: ilAg19RjRWMFfvWl4ecpGWCs1APQudEqMJ6oIH0eDTA=
Subject key identifier: 7B:03:24:F1:4F:82:B5:8B:23:B7:A1:3A:8F:FB:46:DF:70:64:79:DB
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 019CF07C63A2057D58E2D200F2E9BE54B136
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ewMk8U-CtYsjt6E6j_tG33Bkeds.roa
Signing time: Sun 15 Mar 2026 07:53:29 +0000
ROA not before: Sun 15 Mar 2026 07:53:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12389
IP address blocks: 130.49.182.0/24 maxlen: 24
130.49.183.0/24 maxlen: 24
130.49.184.0/24 maxlen: 24
2a04:c106::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f0:7c:63:a2:05:7d:58:e2:d2:00:f2:e9:be:54:b1:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Mar 15 07:53:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7b0324f14f82b58b23b7a13a8ffb46df706479db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:50:8a:78:f9:87:64:86:be:7b:c5:3f:f3:c1:
88:02:0a:85:be:51:7f:b1:2e:00:98:0d:64:58:97:
16:8e:a3:04:7d:11:f5:e3:7a:14:ff:5b:50:0d:11:
5b:60:6b:cb:d0:cb:c2:94:4d:94:0b:33:2d:49:cb:
fc:02:c0:c8:09:25:53:8e:80:d0:02:95:74:b9:a3:
58:c3:86:35:4a:26:00:d9:0e:bf:7a:76:fd:ed:66:
ee:ad:05:c9:26:0d:69:05:9a:81:d5:1a:6c:fe:a2:
26:d1:0c:8f:72:a9:77:ae:f5:32:2d:5f:11:94:65:
d5:8f:9b:ab:9b:b4:63:a8:83:e4:d2:ea:f5:23:e8:
04:8e:4a:82:b0:49:ef:86:81:87:c8:d7:3b:81:cc:
d5:b8:e8:54:ad:2a:c9:2b:31:74:c3:1d:c5:9e:2d:
c6:01:5e:24:7a:46:30:16:cd:3f:56:6d:36:e1:c4:
aa:60:6f:d8:e8:7d:5e:35:9b:fb:18:3e:e6:98:77:
5f:a3:d9:4d:19:c5:df:81:67:9d:17:c4:df:fd:ad:
a4:6d:7d:3c:1c:9f:2d:d4:3a:b5:97:52:f6:3c:59:
24:08:c1:12:95:93:d1:b3:54:51:d5:b2:8a:9b:6b:
ec:46:a0:1c:68:80:66:24:cd:e4:9e:06:0b:72:81:
ea:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:03:24:F1:4F:82:B5:8B:23:B7:A1:3A:8F:FB:46:DF:70:64:79:DB
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ewMk8U-CtYsjt6E6j_tG33Bkeds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.49.182.0-130.49.184.255
IPv6:
2a04:c106::/32
Signature Algorithm: sha256WithRSAEncryption
50:7d:b0:ac:dc:7c:5b:16:83:e1:a0:d8:27:49:88:b0:63:6e:
3f:c8:24:57:21:88:9a:c1:ae:8a:a8:4d:95:73:d5:87:aa:5b:
04:c4:8e:bb:7a:6c:cc:fa:d1:59:38:4a:77:53:8e:5d:4d:2c:
0e:72:c7:72:30:68:24:61:d3:f0:b8:4b:2e:2c:67:e1:0d:30:
4a:e8:82:c7:fd:db:1e:31:8a:62:d2:dd:f3:7d:1c:6f:fc:3c:
02:16:c5:ed:a1:1d:ce:ad:09:b0:5a:29:eb:03:dc:aa:35:d4:
a5:f3:7d:69:0b:00:a2:ad:2d:72:be:36:79:7f:d1:96:a8:e8:
23:43:f5:26:e7:04:26:df:fe:70:c1:37:9b:88:9d:a7:5a:d1:
87:b8:04:e5:c1:95:73:e1:ba:a4:93:7e:f3:1d:7d:97:1f:90:
74:3b:61:89:1a:69:c1:be:7c:7d:98:70:88:88:9c:40:58:19:
84:53:02:5a:38:81:a4:a1:55:d1:20:5a:ae:93:87:f7:40:a7:
d9:8a:ce:28:fa:c8:c2:6c:5d:08:c1:1a:e3:72:8c:cb:4b:12:
a1:6a:01:48:53:9a:1d:e3:ee:82:5c:61:ee:10:50:b1:dc:53:
46:64:4b:ef:ed:01:bd:23:38:28:9e:44:38:25:cf:56:bb:0a:
d5:28:56:2b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZzwfGOiBX1Y4tIA8um+VLE2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjYwMzE1MDc1MzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjAzMjRmMTRmODJiNThiMjNiN2ExM2E4ZmZiNDZkZjcwNjQ3OWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFCKePmHZIa+e8U/88GIAgqFvlF/
sS4AmA1kWJcWjqMEfRH143oU/1tQDRFbYGvL0MvClE2UCzMtScv8AsDICSVTjoDQ
ApV0uaNYw4Y1SiYA2Q6/enb97WburQXJJg1pBZqB1Rps/qIm0QyPcql3rvUyLV8R
lGXVj5urm7RjqIPk0ur1I+gEjkqCsEnvhoGHyNc7gczVuOhUrSrJKzF0wx3Fni3G
AV4kekYwFs0/Vm024cSqYG/Y6H1eNZv7GD7mmHdfo9lNGcXfgWedF8Tf/a2kbX08
HJ8t1Dq1l1L2PFkkCMESlZPRs1RR1bKKm2vsRqAcaIBmJM3kngYLcoHq1QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHsDJPFPgrWLI7ehOo/7Rt9wZHnbMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvZXdNazhVLUN0WXNqdDZFNmpfdEczM0JrZWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAGCMbYD
BACCMbgwDQQCAAIwBwMFACoEwQYwDQYJKoZIhvcNAQELBQADggEBAFB9sKzcfFsW
g+Gg2CdJiLBjbj/IJFchiJrBroqoTZVz1YeqWwTEjrt6bMz60Vk4SndTjl1NLA5y
x3IwaCRh0/C4Sy4sZ+ENMErogsf92x4ximLS3fN9HG/8PAIWxe2hHc6tCbBaKesD
3Ko11KXzfWkLAKKtLXK+Nnl/0Zao6CND9SbnBCbf/nDBN5uInada0Ye4BOXBlXPh
uqSTfvMdfZcfkHQ7YYkaacG+fH2YcIiInEBYGYRTAlo4gaShVdEgWq6Th/dAp9mK
zij6yMJsXQjBGuNyjMtLEqFqAUhTmh3j7oJcYe4QULHcU0ZkS+/tAb0jOCieRDgl
z1a7CtUoVis=
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:36:22 2026 by rpki-client