Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/ew5GxWmNdi8APxJ7DnyuV397vVY.roa
File: ew5GxWmNdi8APxJ7DnyuV397vVY.roa (raw, json)
Hash identifier: scbuflEbcOaCfZ8YsAmmUBvMpXLhScUEwCDFhgE24W8=
Subject key identifier: 7B:0E:46:C5:69:8D:76:2F:00:3F:12:7B:0E:7C:AE:57:7F:7B:BD:56
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 019DCC792D561DA2B2AC17D5402B4A278F4C
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/ew5GxWmNdi8APxJ7DnyuV397vVY.roa
Signing time: Mon 27 Apr 2026 01:06:26 +0000
ROA not before: Mon 27 Apr 2026 01:06:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 46261
IP address blocks: 45.147.63.0/24 maxlen: 24
45.153.239.0/24 maxlen: 24
77.83.44.0/23 maxlen: 23
212.81.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 19:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cc:79:2d:56:1d:a2:b2:ac:17:d5:40:2b:4a:27:8f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Apr 27 01:06:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7b0e46c5698d762f003f127b0e7cae577f7bbd56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a0:71:8e:48:41:41:01:4c:10:b8:a1:79:b0:
01:22:21:eb:17:3a:98:54:07:1c:ec:5e:fb:0e:6f:
48:a4:44:d3:ef:5f:c0:99:87:30:6c:a1:2c:75:c6:
a2:af:87:2a:33:54:6a:a6:aa:0c:a3:f3:2c:87:52:
ab:d6:57:10:34:38:16:1f:f5:bd:80:43:eb:4a:d4:
df:33:7a:1f:f8:98:44:9a:75:ab:a7:89:17:c3:bf:
1b:03:50:6c:7a:0a:b1:4a:b0:6b:1e:88:76:f4:ce:
aa:a2:99:f1:92:4c:e2:a1:27:a8:bd:38:28:d5:55:
3d:27:04:ba:48:f3:c7:34:b4:ba:d8:b0:aa:6c:b6:
29:5f:cf:63:df:dd:42:f2:6c:6e:d5:2f:7b:ce:50:
54:02:30:de:3e:75:49:7e:3a:2b:dc:b8:0e:fe:fa:
51:15:64:73:4b:35:c8:19:cd:c7:82:ff:5c:e2:f7:
71:8a:c2:62:80:fe:30:de:05:f9:22:2c:cf:f0:d6:
ab:10:32:b9:be:ed:f3:18:f4:4e:77:7c:81:86:02:
5f:90:b7:4d:c9:8e:54:0d:24:56:95:f0:4d:23:a6:
8e:88:4e:95:40:15:99:af:0e:33:15:1f:e1:65:7b:
ee:01:20:4d:68:aa:49:11:f0:f0:70:cf:a5:62:6e:
60:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:0E:46:C5:69:8D:76:2F:00:3F:12:7B:0E:7C:AE:57:7F:7B:BD:56
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/ew5GxWmNdi8APxJ7DnyuV397vVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.63.0/24
45.153.239.0/24
77.83.44.0/23
212.81.40.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:b3:c6:21:be:a3:d2:2e:67:11:5d:50:9e:5d:a3:ea:c3:20:
90:f6:de:a5:c6:b7:c8:10:cc:2e:03:77:c7:05:1b:e1:a1:a5:
fb:85:9b:25:80:73:78:5e:05:48:d1:3a:14:8c:50:a5:90:65:
af:2b:ff:60:66:ed:5e:8c:63:77:cc:ef:0d:58:5e:5b:b0:be:
34:bc:84:35:82:93:39:ba:a9:fd:b2:1d:9d:2d:29:6a:7d:b6:
18:e5:f2:4e:6f:3f:4e:af:d6:77:37:0b:33:eb:1d:7e:b7:1c:
49:23:94:92:3d:9d:83:a0:87:ee:48:dc:a3:9b:bf:5b:c5:e7:
0f:ca:e3:b1:03:2f:6a:00:8f:5e:d7:42:87:ef:53:e3:7f:54:
b1:bc:b2:62:14:d0:28:92:3e:dc:63:91:40:08:f5:17:ad:a7:
2b:b0:8b:04:50:67:80:84:0a:b8:0e:d1:ee:81:2b:a6:9d:87:
8b:41:9c:db:b3:19:b6:6a:78:75:3f:b6:e1:b4:ed:64:b8:2e:
9b:a3:7b:ea:35:7a:81:a6:e4:46:9f:25:f6:7d:32:7c:08:2d:
b6:0c:61:b9:da:84:3a:bd:2d:5f:41:21:2d:78:d0:0b:d4:f2:
03:ef:ff:d6:97:6f:cd:ac:a0:7d:50:53:07:cd:4c:c7:18:ce:
24:2f:d6:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3MeS1WHaKyrBfVQCtKJ49MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjYwNDI3MDEwNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjBlNDZjNTY5OGQ3NjJmMDAzZjEyN2IwZTdjYWU1NzdmN2JiZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKBxjkhBQQFMELihebABIiHrFzqY
VAcc7F77Dm9IpETT71/AmYcwbKEsdcair4cqM1RqpqoMo/Msh1Kr1lcQNDgWH/W9
gEPrStTfM3of+JhEmnWrp4kXw78bA1BsegqxSrBrHoh29M6qopnxkkzioSeovTgo
1VU9JwS6SPPHNLS62LCqbLYpX89j391C8mxu1S97zlBUAjDePnVJfjor3LgO/vpR
FWRzSzXIGc3Hgv9c4vdxisJigP4w3gX5IizP8NarEDK5vu3zGPROd3yBhgJfkLdN
yY5UDSRWlfBNI6aOiE6VQBWZrw4zFR/hZXvuASBNaKpJEfDwcM+lYm5glwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHsORsVpjXYvAD8Sew58rld/e71WMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvZXc1R3hXbU5kaThBUHhKN0RueXVWMzk3dlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZM/AwQA
LZnvAwQBTVMsAwQA1FEoMA0GCSqGSIb3DQEBCwUAA4IBAQDAs8YhvqPSLmcRXVCe
XaPqwyCQ9t6lxrfIEMwuA3fHBRvhoaX7hZslgHN4XgVI0ToUjFClkGWvK/9gZu1e
jGN3zO8NWF5bsL40vIQ1gpM5uqn9sh2dLSlqfbYY5fJObz9Or9Z3Nwsz6x1+txxJ
I5SSPZ2DoIfuSNyjm79bxecPyuOxAy9qAI9e10KH71Pjf1SxvLJiFNAokj7cY5FA
CPUXracrsIsEUGeAhAq4DtHugSumnYeLQZzbsxm2anh1P7bhtO1kuC6bo3vqNXqB
puRGnyX2fTJ8CC22DGG52oQ6vS1fQSEteNAL1PID7//Wl2/NrKB9UFMHzUzHGM4k
L9aW
-----END CERTIFICATE-----
Generated at Wed May 13 06:27:16 2026 by rpki-client