Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/EWEWUPauJkxsam6gpnjBuCTEy_g.roa
File: EWEWUPauJkxsam6gpnjBuCTEy_g.roa (raw, json)
Hash identifier: fDAdOSkn8meCSfiL9EbYBqAzxWUOkWB94PuduXhsMz8=
Subject key identifier: 11:61:16:50:F6:AE:26:4C:6C:6A:6E:A0:A6:78:C1:B8:24:C4:CB:F8
Certificate issuer: /CN=de87d35bdcab123affc1a91d1736867969709a23
Certificate serial: 019D9668242827D38EA754A261AB7BB09110
Authority key identifier: DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/EWEWUPauJkxsam6gpnjBuCTEy_g.roa
Signing time: Thu 16 Apr 2026 13:08:20 +0000
ROA not before: Thu 16 Apr 2026 13:08:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28712
IP address blocks: 217.14.16.0/23 maxlen: 23
217.14.16.0/24 maxlen: 24
217.14.17.0/24 maxlen: 24
217.14.18.0/24 maxlen: 24
217.14.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:68:24:28:27:d3:8e:a7:54:a2:61:ab:7b:b0:91:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de87d35bdcab123affc1a91d1736867969709a23
Validity
Not Before: Apr 16 13:08:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=11611650f6ae264c6c6a6ea0a678c1b824c4cbf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e7:e7:0d:c5:1c:f0:37:2c:a6:b0:d3:01:e5:
d2:b9:65:c5:6c:0f:97:d9:d8:a4:f2:bd:bf:70:5e:
11:25:3a:c6:96:5f:11:ab:e9:5a:96:ce:89:89:c1:
9f:4e:8b:76:e3:c4:db:c3:68:23:92:a4:f8:9c:b1:
d2:39:e6:df:a9:d4:18:80:ca:81:de:6f:d3:ed:b9:
98:a1:6b:7f:eb:af:d2:36:3a:92:ef:7e:a1:ac:bb:
5f:c4:67:87:da:96:5e:2f:4b:16:07:ca:f1:16:45:
50:9f:3a:7f:f7:c0:74:45:1a:b5:4d:23:c1:20:f6:
57:da:ce:9c:4c:54:64:d7:3b:4d:22:6a:36:69:f1:
04:4d:33:4e:2d:37:dd:3b:6e:cf:3d:70:88:ce:39:
8e:ce:b0:0c:0c:73:e4:28:31:ff:35:05:d3:fe:5a:
56:45:b8:ba:b8:a4:ae:d4:d2:5b:f7:81:86:54:b6:
ca:58:3f:6d:3e:6d:f5:27:6b:20:3e:ea:7b:3b:5d:
b0:9e:95:e3:0b:c7:37:1c:ee:b6:8c:b5:f7:26:35:
68:ff:00:de:bc:3c:8c:34:90:a4:78:05:07:94:0c:
90:41:7f:b2:73:b1:44:b7:6b:6b:0b:5f:7f:e0:92:
1f:05:a5:1d:6f:9b:0a:40:a6:01:66:ad:cb:12:05:
a5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:61:16:50:F6:AE:26:4C:6C:6A:6E:A0:A6:78:C1:B8:24:C4:CB:F8
X509v3 Authority Key Identifier:
keyid:DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/EWEWUPauJkxsam6gpnjBuCTEy_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.14.16.0-217.14.18.255
217.14.20.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:b6:e9:e3:00:aa:fc:6c:e9:a1:ca:c3:4c:85:57:4c:cf:05:
f8:da:1a:6a:8e:a6:44:a2:d3:3e:3f:0f:c6:84:d6:ba:fc:cb:
ea:d4:d0:e7:d9:05:61:73:70:b1:a3:eb:22:0e:29:05:53:79:
ae:1f:b5:af:d0:eb:ad:fd:e8:46:a7:38:0c:0a:60:d7:5c:e5:
a4:73:fa:1b:3d:15:5e:ae:00:5f:b9:6d:8c:d7:c8:26:79:17:
e1:9a:cc:74:4d:72:25:e3:ed:98:91:da:78:65:8e:6b:a2:dc:
44:29:c4:3d:e4:4a:c9:3b:a5:07:6c:bd:94:a2:dc:5f:4a:d6:
7f:2a:13:82:8c:8f:90:e1:c4:9e:49:d2:df:80:d8:a0:fd:af:
89:8e:f4:6b:35:27:54:bb:f1:2a:bd:2f:32:af:91:27:4b:43:
d5:62:3b:33:59:ce:ec:77:2e:85:59:a0:e2:48:f8:62:73:57:
06:7e:2c:09:c4:eb:65:2f:e1:57:ae:00:0e:36:ac:fb:e7:0e:
f2:d4:08:46:ad:55:c0:d8:04:db:24:61:a8:78:08:1f:e4:87:
03:36:93:b0:33:98:c5:39:e7:0d:c0:66:90:1e:c2:ba:ee:c4:
ed:08:cd:74:cd:24:c2:c8:2b:54:df:b5:bb:28:8c:2c:e6:00:
cf:8b:d9:c9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ2WaCQoJ9OOp1SiYat7sJEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODdkMzViZGNhYjEyM2FmZmMxYTkxZDE3MzY4Njc5Njk3
MDlhMjMwHhcNMjYwNDE2MTMwODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTYxMTY1MGY2YWUyNjRjNmM2YTZlYTBhNjc4YzFiODI0YzRjYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApefnDcUc8DcsprDTAeXSuWXFbA+X
2dik8r2/cF4RJTrGll8Rq+lals6JicGfTot248Tbw2gjkqT4nLHSOebfqdQYgMqB
3m/T7bmYoWt/66/SNjqS736hrLtfxGeH2pZeL0sWB8rxFkVQnzp/98B0RRq1TSPB
IPZX2s6cTFRk1ztNImo2afEETTNOLTfdO27PPXCIzjmOzrAMDHPkKDH/NQXT/lpW
Rbi6uKSu1NJb94GGVLbKWD9tPm31J2sgPup7O12wnpXjC8c3HO62jLX3JjVo/wDe
vDyMNJCkeAUHlAyQQX+yc7FEt2trC19/4JIfBaUdb5sKQKYBZq3LEgWlPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBFhFlD2riZMbGpuoKZ4wbgkxMv4MB8GA1UdIwQY
MBaAFN6H01vcqxI6/8GpHRc2hnlpcJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQt
YzIyMzkwZThkOWE2LzEvRVdFV1VQYXVKa3hzYW02Z3BuakJ1Q1RFeV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQtYzIyMzkwZThkOWE2
LzEvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBATZDhAD
BADZDhIDBADZDhQwDQYJKoZIhvcNAQELBQADggEBAJq26eMAqvxs6aHKw0yFV0zP
BfjaGmqOpkSi0z4/D8aE1rr8y+rU0OfZBWFzcLGj6yIOKQVTea4fta/Q66396Ean
OAwKYNdc5aRz+hs9FV6uAF+5bYzXyCZ5F+GazHRNciXj7ZiR2nhljmui3EQpxD3k
Ssk7pQdsvZSi3F9K1n8qE4KMj5DhxJ5J0t+A2KD9r4mO9Gs1J1S78Sq9LzKvkSdL
Q9ViOzNZzux3LoVZoOJI+GJzVwZ+LAnE62Uv4VeuAA42rPvnDvLUCEatVcDYBNsk
Yah4CB/khwM2k7AzmMU55w3AZpAewrruxO0IzXTNJMLIK1TftbsojCzmAM+L2ck=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:21:45 2026 by rpki-client