Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/EwAcqhB_KqioxX4T5RMbJLgOfXg.roa
File: EwAcqhB_KqioxX4T5RMbJLgOfXg.roa (raw, json)
Hash identifier: p8nDM1OjIXwVrnzJN82LI3pBBXjiuhXpRk0zzlpWKMM=
Subject key identifier: 13:00:1C:AA:10:7F:2A:A8:A8:C5:7E:13:E5:13:1B:24:B8:0E:7D:78
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0197F3D31E162096C4C3B832C6272DA735D5
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/EwAcqhB_KqioxX4T5RMbJLgOfXg.roa
Signing time: Thu 10 Jul 2025 10:13:08 +0000
ROA not before: Thu 10 Jul 2025 10:13:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213535
IP address blocks: 45.13.226.0/24 maxlen: 24
45.67.136.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.92.218.0/24 maxlen: 24
45.92.219.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 11:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:d3:1e:16:20:96:c4:c3:b8:32:c6:27:2d:a7:35:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jul 10 10:13:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13001caa107f2aa8a8c57e13e5131b24b80e7d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:31:0d:ea:8b:19:ac:3a:88:5c:27:3b:db:55:
65:1f:4e:ad:55:60:9a:95:2c:cb:f8:89:f2:91:9f:
96:f9:c2:ee:cf:b6:bb:56:3e:af:ce:d3:05:58:46:
62:f1:9e:6d:f5:c6:59:38:92:b9:d4:b8:4a:81:3f:
e2:a8:66:a0:f4:5c:20:d6:86:37:ee:89:aa:d8:58:
14:6b:f6:7d:ff:8f:41:2c:4a:0e:9d:12:7b:87:c5:
bb:a8:13:9c:30:33:4f:ac:98:b6:f0:c7:73:8f:0e:
12:a2:83:18:05:82:01:5a:2c:94:92:14:d0:b2:5c:
81:a0:fb:f3:90:9e:e8:f9:f1:92:c8:df:e7:9e:ad:
31:e8:7d:b7:be:b2:89:6b:58:e1:05:64:c8:73:dc:
d2:49:1f:f8:ae:02:df:7f:86:d8:6d:ed:b9:d9:c1:
12:a9:10:d9:c2:07:82:90:f2:65:23:29:14:c0:2a:
58:21:fc:94:34:93:ba:34:bc:7b:56:cf:6a:df:94:
40:b1:0a:0d:54:26:54:4b:d0:51:11:95:bd:3a:e4:
66:47:e9:d3:80:31:89:64:60:1a:89:c1:71:ea:a9:
5e:24:dc:90:36:d6:e8:9b:4a:72:52:c6:75:79:39:
af:9f:ab:03:b5:77:da:3d:8b:2a:84:ea:4f:fa:ce:
b2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:00:1C:AA:10:7F:2A:A8:A8:C5:7E:13:E5:13:1B:24:B8:0E:7D:78
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/EwAcqhB_KqioxX4T5RMbJLgOfXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.226.0/24
45.67.136.0/24
45.67.139.0/24
45.92.218.0/23
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
20:18:e2:86:c3:11:bc:be:71:fc:52:f4:45:9d:f3:f9:8f:b5:
fe:1d:87:e2:bd:cc:a5:cd:79:78:1d:2c:e1:3c:ad:74:a2:a9:
92:d9:4e:02:2e:00:dd:f8:65:c4:ab:f0:3f:89:8b:6e:1c:34:
64:e1:fd:4e:81:b2:59:47:be:74:9d:83:cd:7b:19:72:77:f8:
ad:78:ec:70:5f:52:b4:85:1a:e1:f8:24:79:71:30:74:97:0a:
52:a3:f0:10:a7:7d:9a:f6:e5:50:01:91:ce:ee:d8:d0:3a:d5:
d2:6e:fb:a5:59:c9:38:f2:55:64:35:4e:3e:f8:5e:74:c8:c0:
aa:18:c2:c8:c6:5d:5d:2c:42:8c:74:4a:fa:37:e6:fe:e3:c3:
94:1e:bf:e8:3b:ca:ac:3d:28:3b:13:02:1f:1a:aa:54:3e:39:
f4:3a:6e:c4:8c:51:88:e4:51:2f:8e:e9:9a:36:14:22:73:a7:
3b:bb:dc:11:d8:2d:dc:b8:ae:60:b7:6a:ad:9d:03:4c:bf:81:
aa:82:7f:2d:df:6e:16:ce:24:77:1e:02:a9:fd:3e:6e:6f:f8:
1f:f0:a5:47:b8:49:38:71:1e:e5:a1:ab:ec:8d:a3:14:42:2a:
97:27:d1:3e:e2:c8:51:73:98:8d:16:7c:a1:c5:7f:a4:67:d7:
43:44:78:b2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZfz0x4WIJbEw7gyxictpzXVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNzEwMTAxMzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzAwMWNhYTEwN2YyYWE4YThjNTdlMTNlNTEzMWIyNGI4MGU3ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDEN6osZrDqIXCc721VlH06tVWCa
lSzL+InykZ+W+cLuz7a7Vj6vztMFWEZi8Z5t9cZZOJK51LhKgT/iqGag9Fwg1oY3
7omq2FgUa/Z9/49BLEoOnRJ7h8W7qBOcMDNPrJi28Mdzjw4SooMYBYIBWiyUkhTQ
slyBoPvzkJ7o+fGSyN/nnq0x6H23vrKJa1jhBWTIc9zSSR/4rgLff4bYbe252cES
qRDZwgeCkPJlIykUwCpYIfyUNJO6NLx7Vs9q35RAsQoNVCZUS9BREZW9OuRmR+nT
gDGJZGAaicFx6qleJNyQNtbom0pyUsZ1eTmvn6sDtXfaPYsqhOpP+s6ydwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBMAHKoQfyqoqMV+E+UTGyS4Dn14MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvRXdBY3FoQl9LcWlveFg0VDVSTWJKTGdPZlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ3iAwQA
LUOIAwQALUOLAwQBLVzaAwQAuXUAMA0GCSqGSIb3DQEBCwUAA4IBAQAgGOKGwxG8
vnH8UvRFnfP5j7X+HYfivcylzXl4HSzhPK10oqmS2U4CLgDd+GXEq/A/iYtuHDRk
4f1OgbJZR750nYPNexlyd/iteOxwX1K0hRrh+CR5cTB0lwpSo/AQp32a9uVQAZHO
7tjQOtXSbvulWck48lVkNU4++F50yMCqGMLIxl1dLEKMdEr6N+b+48OUHr/oO8qs
PSg7EwIfGqpUPjn0Om7EjFGI5FEvjumaNhQic6c7u9wR2C3cuK5gt2qtnQNMv4Gq
gn8t324WziR3HgKp/T5ub/gf8KVHuEk4cR7loavsjaMUQiqXJ9E+4shRc5iNFnyh
xX+kZ9dDRHiy
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:26:02 2025 by rpki-client