Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/Ew5F5AGBJsYmYSBOTzLn8emIPt4.roa
File: Ew5F5AGBJsYmYSBOTzLn8emIPt4.roa (raw, json)
Hash identifier: cSAJagq5Djw72JJ+fQ3PJbaQWXRjfxPvkGqzSGEtOiQ=
Subject key identifier: 13:0E:45:E4:01:81:26:C6:26:61:20:4E:4F:32:E7:F1:E9:88:3E:DE
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 0199945A51386A16418DD4254CA6BA9EBC4C
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/Ew5F5AGBJsYmYSBOTzLn8emIPt4.roa
Signing time: Mon 29 Sep 2025 07:22:51 +0000
ROA not before: Mon 29 Sep 2025 07:22:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3265
IP address blocks: 62.216.0.0/19 maxlen: 19
80.100.0.0/15 maxlen: 15
82.92.0.0/14 maxlen: 14
82.161.0.0/16 maxlen: 16
83.68.0.0/20 maxlen: 20
83.68.16.0/21 maxlen: 21
83.68.24.0/22 maxlen: 22
83.68.28.0/24 maxlen: 24
83.68.29.0/24 maxlen: 24
83.68.31.0/24 maxlen: 24
194.109.0.0/16 maxlen: 16
213.222.0.0/19 maxlen: 19
2001:888::/29 maxlen: 29
2001:888::/30 maxlen: 30
2001:888::/32 maxlen: 32
2001:980::/29 maxlen: 29
2001:980::/30 maxlen: 30
2001:980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:94:5a:51:38:6a:16:41:8d:d4:25:4c:a6:ba:9e:bc:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Sep 29 07:22:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=130e45e4018126c62661204e4f32e7f1e9883ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0c:00:df:21:72:bd:2b:e0:7b:be:5c:6a:c3:
6a:39:a2:eb:38:9c:f4:75:24:d9:12:30:66:48:8d:
d7:ab:c6:5e:74:4d:13:4a:37:dc:e4:ff:3d:ef:7d:
e8:05:03:a2:1a:39:ec:05:43:c9:45:b7:b5:8f:b3:
e5:83:f0:ec:0b:fe:26:ee:5a:43:a3:97:a6:ac:c9:
7a:4b:ab:bb:46:67:f3:3f:5d:bb:f2:04:8d:28:8f:
01:57:c2:47:8a:19:09:fd:d0:39:6f:d4:0f:f4:cb:
e0:72:d9:45:90:47:5f:16:60:78:dd:93:1b:52:a6:
7a:36:7b:7c:be:3b:f2:90:37:d8:ab:b8:46:f6:25:
c9:2b:ad:9e:2f:78:76:16:c8:bb:fa:4f:6d:e2:1c:
9b:38:91:68:6b:35:c1:08:31:0b:a5:3f:6a:2f:18:
b8:35:02:8b:8b:db:39:f4:a6:0e:17:2a:f3:67:2e:
57:03:5c:33:8c:95:e3:78:34:8b:27:4e:5d:1d:80:
7d:20:88:b1:c6:a8:3f:1f:5c:21:ff:40:ad:cc:85:
b2:f1:f5:e6:d8:16:08:07:94:8a:f9:4b:4a:77:80:
0b:2c:0b:72:58:24:45:0c:ad:d6:09:18:d5:34:ea:
1c:08:38:5d:6d:5c:13:90:ec:eb:d2:d5:6d:59:fc:
d8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:0E:45:E4:01:81:26:C6:26:61:20:4E:4F:32:E7:F1:E9:88:3E:DE
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/Ew5F5AGBJsYmYSBOTzLn8emIPt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.0.0/19
80.100.0.0/15
82.92.0.0/14
82.161.0.0/16
83.68.0.0-83.68.29.255
83.68.31.0/24
194.109.0.0/16
213.222.0.0/19
IPv6:
2001:888::/29
2001:980::/29
Signature Algorithm: sha256WithRSAEncryption
4b:b9:6c:da:18:81:c0:74:9d:b4:1a:a1:19:41:71:55:6f:71:
9a:39:1f:fc:91:2a:23:2a:a6:e7:66:59:63:b3:9b:f4:80:8f:
0a:5e:cf:5a:bf:98:52:09:91:0c:8d:44:ff:54:67:6f:92:3a:
3d:11:4a:ac:06:0a:3d:ad:17:41:79:db:25:f1:c8:8f:ba:9b:
b8:8c:e3:ba:c0:0e:9b:d4:69:6c:cf:b0:de:0d:23:50:e0:23:
ac:bd:31:5c:d7:3d:31:30:e7:89:e7:3b:2f:1d:5d:9a:19:6e:
6d:5b:e8:80:42:d4:cf:ac:22:4f:23:d9:e1:33:b9:5a:a3:48:
31:ae:4f:f7:48:5b:30:be:3f:a7:c8:ad:02:81:9e:9c:37:2c:
76:f5:68:4a:22:b5:87:3b:4c:00:ef:97:8f:28:2d:64:24:67:
e7:69:bd:17:ee:36:c9:d1:dc:df:47:a1:d6:4a:9d:ff:24:16:
b4:a9:5f:00:39:51:63:18:4f:90:32:47:8a:0b:34:e7:ce:b6:
6a:0a:83:9a:96:15:03:4a:5e:c4:b1:eb:ca:e3:95:34:d8:7d:
34:38:63:89:ff:0d:d4:fd:01:ec:b8:fd:6c:35:f5:5e:2b:f1:
b5:12:bb:7a:09:df:c0:e7:b7:3a:79:32:9b:92:83:e5:3a:7b:
3e:a4:61:47
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZmUWlE4ahZBjdQlTKa6nrxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjUwOTI5MDcyMjUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzBlNDVlNDAxODEyNmM2MjY2MTIwNGU0ZjMyZTdmMWU5ODgzZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QwA3yFyvSvge75casNqOaLrOJz0
dSTZEjBmSI3Xq8ZedE0TSjfc5P89733oBQOiGjnsBUPJRbe1j7Plg/DsC/4m7lpD
o5emrMl6S6u7RmfzP1278gSNKI8BV8JHihkJ/dA5b9QP9MvgctlFkEdfFmB43ZMb
UqZ6Nnt8vjvykDfYq7hG9iXJK62eL3h2Fsi7+k9t4hybOJFoazXBCDELpT9qLxi4
NQKLi9s59KYOFyrzZy5XA1wzjJXjeDSLJ05dHYB9IIixxqg/H1wh/0CtzIWy8fXm
2BYIB5SK+UtKd4ALLAtyWCRFDK3WCRjVNOocCDhdbVwTkOzr0tVtWfzY0wIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFBMOReQBgSbGJmEgTk8y5/HpiD7eMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvRXc1RjVBR0JKc1ltWVNCT1R6TG44ZW1JUHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA5BAIAATAzAwQFPtgAAwMB
UGQDAwJSXAMDAFKhMAsDAwJTRAMEAVNEHAMEAFNEHwMDAMJtAwQF1d4AMBQEAgAC
MA4DBQMgAQiIAwUDIAEJgDANBgkqhkiG9w0BAQsFAAOCAQEAS7ls2hiBwHSdtBqh
GUFxVW9xmjkf/JEqIyqm52ZZY7Ob9ICPCl7PWr+YUgmRDI1E/1Rnb5I6PRFKrAYK
Pa0XQXnbJfHIj7qbuIzjusAOm9RpbM+w3g0jUOAjrL0xXNc9MTDniec7Lx1dmhlu
bVvogELUz6wiTyPZ4TO5WqNIMa5P90hbML4/p8itAoGenDcsdvVoSiK1hztMAO+X
jygtZCRn52m9F+42ydHc30eh1kqd/yQWtKlfADlRYxhPkDJHigs05862agqDmpYV
A0pexLHryuOVNNh9NDhjif8N1P0B7Lj9bDX1XivxtRK7egnfwOe3Onkym5KD5Tp7
PqRhRw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:22:42 2025 by rpki-client