Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/PWeS-NKTh0dPX7EQagJN_UUuvpA.roa
File: PWeS-NKTh0dPX7EQagJN_UUuvpA.roa (raw, json)
Hash identifier: B0E7vLVtVMLANL6NGMEZXBlTrX+gpHtSfadbpxHmK4Q=
Subject key identifier: 3D:67:92:F8:D2:93:87:47:4F:5F:B1:10:6A:02:4D:FD:45:2E:BE:90
Certificate issuer: /CN=1bdbc41144448065313ef0b82e1ccf7ae6ea5720
Certificate serial: 019A48E19193BA399D05CACD85239E7ADA09
Authority key identifier: 1B:DB:C4:11:44:44:80:65:31:3E:F0:B8:2E:1C:CF:7A:E6:EA:57:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9vEEUREgGUxPvC4LhzPeubqVyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/PWeS-NKTh0dPX7EQagJN_UUuvpA.roa
Signing time: Mon 03 Nov 2025 08:42:13 +0000
ROA not before: Mon 03 Nov 2025 08:42:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13101
IP address blocks: 80.66.192.0/22 maxlen: 22
113.30.180.0/22 maxlen: 22
113.30.220.0/22 maxlen: 22
185.152.144.0/22 maxlen: 22
185.181.128.0/22 maxlen: 22
207.22.56.0/21 maxlen: 21
217.26.232.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/G9vEEUREgGUxPvC4LhzPeubqVyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/G9vEEUREgGUxPvC4LhzPeubqVyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/G9vEEUREgGUxPvC4LhzPeubqVyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:e1:91:93:ba:39:9d:05:ca:cd:85:23:9e:7a:da:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bdbc41144448065313ef0b82e1ccf7ae6ea5720
Validity
Not Before: Nov 3 08:42:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d6792f8d29387474f5fb1106a024dfd452ebe90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ef:5c:d9:61:88:4b:7d:b3:30:fa:00:9e:74:
41:c4:e6:74:a4:b0:59:5f:f7:66:62:d6:ed:87:83:
ee:66:67:e5:39:f2:4a:9a:b3:67:0f:2b:87:9a:b1:
aa:62:a6:b2:56:dd:22:7f:c5:bd:3b:5c:85:43:63:
0d:53:18:06:7e:c7:b0:f5:ed:4a:47:6b:44:cd:90:
3e:90:4d:53:b5:fc:c7:77:d6:d5:91:71:2f:5f:7a:
72:34:fd:6d:76:dc:ea:4c:2c:a9:98:22:c8:57:b9:
4c:8a:e6:d5:ad:ed:c6:10:60:1d:3c:47:43:b3:a4:
48:28:c2:e8:5b:a4:d0:1c:77:85:76:94:c1:e0:4c:
e5:d3:52:3b:11:20:0e:e5:57:95:08:17:a2:fa:f0:
fe:ae:85:a5:96:93:72:d9:ab:50:6e:4b:20:53:ab:
5b:57:a4:8e:6d:d4:7b:e0:4c:2c:d0:1d:39:b9:f0:
83:e4:76:6c:b3:8a:3b:73:58:5e:58:ff:84:2f:80:
b6:67:44:86:2f:e2:22:25:27:c4:3e:fb:dd:8c:c6:
bb:27:03:e5:ba:14:1e:0e:2f:fc:6d:f0:d8:65:d6:
a0:05:56:9e:49:80:5f:13:a8:8f:fc:f9:4d:9c:87:
7e:43:24:e5:90:59:38:2b:55:03:d3:69:0d:cd:9e:
64:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:67:92:F8:D2:93:87:47:4F:5F:B1:10:6A:02:4D:FD:45:2E:BE:90
X509v3 Authority Key Identifier:
keyid:1B:DB:C4:11:44:44:80:65:31:3E:F0:B8:2E:1C:CF:7A:E6:EA:57:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9vEEUREgGUxPvC4LhzPeubqVyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/PWeS-NKTh0dPX7EQagJN_UUuvpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/G9vEEUREgGUxPvC4LhzPeubqVyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.192.0/22
113.30.180.0/22
113.30.220.0/22
185.152.144.0/22
185.181.128.0/22
207.22.56.0/21
217.26.232.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:1a:66:08:ab:a1:c4:16:09:2e:48:ec:a2:6b:68:bf:64:65:
b4:c9:c0:2b:79:2e:96:9e:81:a5:87:f7:33:bb:32:bf:e6:20:
3d:d3:0a:69:dd:bc:4a:e1:18:de:bf:fb:c7:14:b2:22:8d:61:
8e:fe:b3:e9:92:5d:7c:14:9d:d2:0a:31:67:fb:7d:77:e3:91:
49:61:b2:b8:00:34:23:5b:f5:b3:9e:0c:d1:a8:3d:b7:99:e8:
37:4c:9b:73:17:a0:ef:b8:9b:ce:b3:b4:fd:4d:5a:0f:d1:b1:
40:99:43:3b:d2:c1:d2:94:9d:ea:6e:98:46:93:f2:8f:7d:be:
b5:65:83:42:07:aa:8e:02:fb:e7:1d:a3:2d:08:ed:45:63:ac:
40:48:a5:f7:6c:73:5e:ee:7c:6b:bf:7e:d3:ba:a9:06:23:f2:
8e:e5:86:62:07:c1:c4:98:f5:fb:8b:bf:fd:a8:54:1a:a1:39:
0c:83:34:60:3c:76:c8:15:d1:55:5c:43:ea:e1:db:61:9a:94:
43:33:a4:3c:ee:d1:75:73:59:84:fb:3d:47:b5:1d:80:94:f5:
96:96:50:a2:69:69:5d:5c:98:19:d4:f1:2b:df:03:8d:80:12:
2c:43:8c:85:8c:44:e2:b6:b4:c7:d6:88:87:6c:e6:b7:44:e1:
de:41:47:ab
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZpI4ZGTujmdBcrNhSOeetoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZGJjNDExNDQ0NDgwNjUzMTNlZjBiODJlMWNjZjdhZTZl
YTU3MjAwHhcNMjUxMTAzMDg0MjEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDY3OTJmOGQyOTM4NzQ3NGY1ZmIxMTA2YTAyNGRmZDQ1MmViZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO9c2WGIS32zMPoAnnRBxOZ0pLBZ
X/dmYtbth4PuZmflOfJKmrNnDyuHmrGqYqayVt0if8W9O1yFQ2MNUxgGfsew9e1K
R2tEzZA+kE1TtfzHd9bVkXEvX3pyNP1tdtzqTCypmCLIV7lMiubVre3GEGAdPEdD
s6RIKMLoW6TQHHeFdpTB4Ezl01I7ESAO5VeVCBei+vD+roWllpNy2atQbksgU6tb
V6SObdR74Ews0B05ufCD5HZss4o7c1heWP+EL4C2Z0SGL+IiJSfEPvvdjMa7JwPl
uhQeDi/8bfDYZdagBVaeSYBfE6iP/PlNnId+QyTlkFk4K1UD02kNzZ5k5wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFD1nkvjSk4dHT1+xEGoCTf1FLr6QMB8GA1UdIwQY
MBaAFBvbxBFERIBlMT7wuC4cz3rm6lcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzl2RUVVUkVnR1V4UHZDNExoelBldWJxVnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80YTI5M2ItNGM0MS00MjhjLTkyODct
YmQ5OGIzZTkwZTQzLzEvUFdlUy1OS1RoMGRQWDdFUWFnSk5fVVV1dnBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80YTI5M2ItNGM0MS00MjhjLTkyODctYmQ5OGIzZTkwZTQz
LzEvRzl2RUVVUkVnR1V4UHZDNExoelBldWJxVnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCUELAAwQC
cR60AwQCcR7cAwQCuZiQAwQCubWAAwQDzxY4AwQD2RroMA0GCSqGSIb3DQEBCwUA
A4IBAQBOGmYIq6HEFgkuSOyia2i/ZGW0ycAreS6WnoGlh/czuzK/5iA90wpp3bxK
4Rjev/vHFLIijWGO/rPpkl18FJ3SCjFn+31345FJYbK4ADQjW/WzngzRqD23meg3
TJtzF6DvuJvOs7T9TVoP0bFAmUM70sHSlJ3qbphGk/KPfb61ZYNCB6qOAvvnHaMt
CO1FY6xASKX3bHNe7nxrv37TuqkGI/KO5YZiB8HEmPX7i7/9qFQaoTkMgzRgPHbI
FdFVXEPq4dthmpRDM6Q87tF1c1mE+z1HtR2AlPWWllCiaWldXJgZ1PEr3wONgBIs
Q4yFjETitrTH1oiHbOa3ROHeQUer
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:11:23 2025 by rpki-client