Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/EWQPW5NUrq2Wg62U4dICX_45jNk.roa
File: EWQPW5NUrq2Wg62U4dICX_45jNk.roa (raw, json)
Hash identifier: mvA9/bWyHIguatGH7FYb/08b++FLX3Fy7Am2jYMPYwA=
Subject key identifier: 11:64:0F:5B:93:54:AE:AD:96:83:AD:94:E1:D2:02:5F:FE:39:8C:D9
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01973FCD7124C6533645EA2A05C751D8C0DB
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/EWQPW5NUrq2Wg62U4dICX_45jNk.roa
Signing time: Thu 05 Jun 2025 11:15:17 +0000
ROA not before: Thu 05 Jun 2025 11:15:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 931
IP address blocks: 5.226.52.0/22 maxlen: 24
45.139.6.0/23 maxlen: 24
178.173.236.0/22 maxlen: 24
178.173.242.0/23 maxlen: 24
178.173.244.0/22 maxlen: 24
188.253.28.0/22 maxlen: 24
188.253.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Jun 2025 13:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:cd:71:24:c6:53:36:45:ea:2a:05:c7:51:d8:c0:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 5 11:15:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11640f5b9354aead9683ad94e1d2025ffe398cd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d6:d6:84:2e:0f:d2:81:00:c6:dd:ff:8d:81:
f1:af:11:46:81:26:37:51:e1:5b:93:83:da:6c:df:
57:9e:63:43:3e:e2:9a:dd:a5:df:46:3d:1b:9e:72:
b8:bd:c2:51:01:8c:ac:32:ef:f3:1b:24:bd:4e:70:
55:ac:e3:33:33:1b:95:c1:83:55:22:b5:f0:ab:82:
61:14:7d:e0:4a:09:f3:47:59:ae:06:e9:e9:07:ff:
1e:95:e3:02:af:b2:d2:5c:72:f2:cc:fc:9b:ad:c2:
1c:a0:0f:8b:96:2c:fc:5c:9c:1d:df:0e:73:31:af:
8c:e4:0c:5b:c2:2f:81:20:10:2c:b6:c2:c5:98:d5:
79:09:77:76:ea:de:32:5c:4e:b0:ae:d3:f3:cd:30:
88:82:c8:96:d5:57:83:e1:bf:3d:8a:ee:e5:38:bf:
cf:e7:63:e7:b8:00:31:e9:0d:b5:a5:ea:e9:9a:e9:
0f:ff:8c:9b:0e:b2:00:a0:2e:ba:1d:fa:1f:37:24:
ed:02:ff:3a:ba:e2:31:62:64:31:68:9f:e4:97:98:
de:5d:aa:59:77:e4:da:9b:0e:21:66:b3:3d:8b:84:
3d:5f:ee:67:69:d8:0a:d3:f7:aa:6d:48:79:1d:ad:
1c:ca:db:aa:e0:d8:01:19:f8:ba:3c:d0:b8:fb:6d:
4c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:64:0F:5B:93:54:AE:AD:96:83:AD:94:E1:D2:02:5F:FE:39:8C:D9
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/EWQPW5NUrq2Wg62U4dICX_45jNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.52.0/22
45.139.6.0/23
178.173.236.0/22
178.173.242.0-178.173.247.255
188.253.28.0/22
188.253.104.0/21
Signature Algorithm: sha256WithRSAEncryption
df:ae:9a:30:2a:59:a4:2d:5f:52:63:2d:de:e0:03:14:5e:6d:
83:3a:c0:e8:5f:23:ea:56:f1:e7:19:22:ec:00:8b:e1:31:06:
55:36:36:d0:7d:61:95:4c:12:aa:a8:a4:ae:85:c1:34:22:f2:
d2:d2:11:9a:d2:39:7f:47:75:78:b6:b4:8b:01:61:33:fe:83:
9d:1d:e7:bb:88:2d:64:ba:53:e2:b7:5d:02:e3:88:a0:ec:3f:
55:5f:10:d9:c3:6c:42:60:07:2a:f5:ac:99:d1:93:b4:ce:e5:
81:9f:8e:eb:21:4f:b8:c5:72:fe:52:17:2a:f4:4a:e4:66:88:
7b:17:e9:b0:fb:e9:e4:36:6e:e2:2c:e3:c8:ec:20:97:53:a9:
17:fe:e6:2a:22:57:bc:7c:5d:db:20:36:c0:72:23:0b:fc:92:
61:5e:ef:72:79:54:9b:c5:73:e9:66:39:c5:3e:0a:83:b9:51:
02:7d:85:d9:17:b4:67:9d:84:23:51:71:7d:d0:eb:c2:92:39:
31:13:f5:95:3c:9d:ab:41:85:af:fa:4c:4a:5e:7f:c7:31:7c:
22:28:72:4b:27:ab:9e:21:93:dd:e6:22:8c:64:55:2e:3f:cf:
c1:a4:a4:f3:e3:66:2d:40:cd:90:d4:a6:37:e5:26:4b:2c:62:
02:7c:cb:f4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZc/zXEkxlM2ReoqBcdR2MDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNjA1MTExNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY0MGY1YjkzNTRhZWFkOTY4M2FkOTRlMWQyMDI1ZmZlMzk4Y2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9bWhC4P0oEAxt3/jYHxrxFGgSY3
UeFbk4PabN9XnmNDPuKa3aXfRj0bnnK4vcJRAYysMu/zGyS9TnBVrOMzMxuVwYNV
IrXwq4JhFH3gSgnzR1muBunpB/8eleMCr7LSXHLyzPybrcIcoA+Lliz8XJwd3w5z
Ma+M5Axbwi+BIBAstsLFmNV5CXd26t4yXE6wrtPzzTCIgsiW1VeD4b89iu7lOL/P
52PnuAAx6Q21perpmukP/4ybDrIAoC66HfofNyTtAv86uuIxYmQxaJ/kl5jeXapZ
d+Tamw4hZrM9i4Q9X+5nadgK0/eqbUh5Ha0cytuq4NgBGfi6PNC4+21MbQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBFkD1uTVK6tloOtlOHSAl/+OYzZMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvRVdRUFc1TlVycTJXZzYyVTRkSUNYXzQ1ak5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBeI0AwQB
LYsGAwQCsq3sMAwDBAGyrfIDBAOyrfADBAK8/RwDBAO8/WgwDQYJKoZIhvcNAQEL
BQADggEBAN+umjAqWaQtX1JjLd7gAxRebYM6wOhfI+pW8ecZIuwAi+ExBlU2NtB9
YZVMEqqopK6FwTQi8tLSEZrSOX9HdXi2tIsBYTP+g50d57uILWS6U+K3XQLjiKDs
P1VfENnDbEJgByr1rJnRk7TO5YGfjushT7jFcv5SFyr0SuRmiHsX6bD76eQ2buIs
48jsIJdTqRf+5ioiV7x8XdsgNsByIwv8kmFe73J5VJvFc+lmOcU+CoO5UQJ9hdkX
tGedhCNRcX3Q68KSOTET9ZU8natBha/6TEpef8cxfCIocksnq54hk93mIoxkVS4/
z8GkpPPjZi1AzZDUpjflJkssYgJ8y/Q=
-----END CERTIFICATE-----
Generated at Fri Jun 20 19:39:51 2025 by rpki-client