Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/ewV_M8lDQoZKgKPULG838lFdD4g.roa
File: ewV_M8lDQoZKgKPULG838lFdD4g.roa (raw, json)
Hash identifier: AoDyjOGQTlSAuEGiklYPrJz/FAToWxuUeHOAZ3nmQP4=
Subject key identifier: 7B:05:7F:33:C9:43:42:86:4A:80:A3:D4:2C:6F:37:F2:51:5D:0F:88
Certificate issuer: /CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Certificate serial: 01990F23B22E57889DD5AB90B9B9AF8D88AA
Authority key identifier: 59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/ewV_M8lDQoZKgKPULG838lFdD4g.roa
Signing time: Wed 03 Sep 2025 10:33:41 +0000
ROA not before: Wed 03 Sep 2025 10:33:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214143
IP address blocks: 212.11.1.0/24 maxlen: 24
212.11.2.0/24 maxlen: 24
212.11.3.0/24 maxlen: 24
212.11.4.0/24 maxlen: 24
212.11.5.0/24 maxlen: 24
212.11.7.0/24 maxlen: 24
212.11.11.0/24 maxlen: 24
212.11.12.0/24 maxlen: 24
212.11.14.0/24 maxlen: 24
212.11.15.0/24 maxlen: 24
212.11.45.0/24 maxlen: 24
212.11.46.0/24 maxlen: 24
212.11.47.0/24 maxlen: 24
212.11.50.0/24 maxlen: 24
212.11.51.0/24 maxlen: 24
212.11.53.0/24 maxlen: 24
212.11.54.0/24 maxlen: 24
212.11.57.0/24 maxlen: 24
212.11.58.0/24 maxlen: 24
212.11.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.mft
rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0f:23:b2:2e:57:88:9d:d5:ab:90:b9:b9:af:8d:88:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Validity
Not Before: Sep 3 10:33:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b057f33c94342864a80a3d42c6f37f2515d0f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b1:aa:1b:27:9a:d9:1a:33:11:0c:0e:41:51:
f2:7f:bb:a4:2f:c1:73:c0:bd:f8:f6:2b:69:21:13:
2e:19:94:ad:32:50:ab:4e:25:26:76:68:d8:44:bb:
86:2f:85:2c:3c:16:3c:2a:e3:c0:c4:e9:e8:76:18:
06:30:b3:6a:67:27:28:d3:99:65:64:72:33:46:d6:
dc:32:44:51:59:5d:f5:29:74:81:34:82:a5:83:79:
8d:74:d5:87:76:7b:06:1a:e6:de:21:e1:b3:51:7c:
15:f4:35:68:7a:4e:5b:a1:c4:ea:c3:19:16:8d:fe:
a5:1c:93:be:32:ea:c7:4a:26:73:fd:1a:74:41:26:
18:f8:8b:9d:0d:b1:b6:68:53:55:a0:89:1a:d3:79:
04:49:8d:8c:a8:df:f4:0d:a7:28:ae:db:ea:50:cc:
f5:52:68:e4:e9:71:24:ca:b9:9a:b0:61:39:eb:21:
36:be:23:3b:3a:19:2f:8b:38:17:7a:24:9e:24:fd:
4d:ef:e1:e0:7a:f0:bd:20:dd:9a:12:f5:1b:fe:c9:
d6:4e:a6:a7:9a:a8:c6:26:b8:93:b0:47:31:20:e0:
cd:a0:14:b9:16:fe:39:f6:20:ca:90:4e:3a:f0:7c:
a0:37:81:e2:68:6f:1c:8e:42:8a:06:3c:45:ae:7d:
c7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:05:7F:33:C9:43:42:86:4A:80:A3:D4:2C:6F:37:F2:51:5D:0F:88
X509v3 Authority Key Identifier:
keyid:59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/ewV_M8lDQoZKgKPULG838lFdD4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.11.1.0-212.11.5.255
212.11.7.0/24
212.11.11.0-212.11.12.255
212.11.14.0/23
212.11.45.0-212.11.47.255
212.11.50.0/23
212.11.53.0-212.11.54.255
212.11.57.0-212.11.59.255
Signature Algorithm: sha256WithRSAEncryption
52:95:f0:fd:c0:dd:82:c0:4e:f2:a5:cf:82:a9:6f:1c:e4:8e:
e5:9e:20:4a:97:dd:b9:35:78:e4:61:b5:27:01:77:6a:fd:b7:
40:83:8a:fa:9e:0d:b1:be:7c:d5:b7:3d:7e:68:d9:b8:78:c9:
07:f2:b1:f9:73:b6:5c:fa:65:87:da:58:f7:8d:31:11:fc:fb:
28:8f:64:c3:a5:a3:6c:25:78:60:b9:d0:37:fa:03:4b:4c:cc:
2a:24:c6:24:f6:6d:f0:1c:27:1a:85:5c:e3:e7:b5:5b:5b:97:
0e:bf:48:55:56:e5:05:ce:de:33:b6:01:51:a8:6a:78:c0:ab:
df:8a:c1:4a:55:3c:97:25:45:f4:cd:95:dc:89:d7:5b:4c:76:
f9:42:55:74:b0:30:90:6d:db:87:4c:0b:bb:87:bf:a0:76:62:
56:06:23:46:73:49:17:50:13:82:44:e7:c6:6a:3a:e2:e3:61:
28:cd:75:c1:46:9a:a8:47:67:54:1a:91:29:25:fa:21:84:e4:
38:9b:b8:1b:cf:18:95:09:0b:03:d8:9a:97:e6:d8:46:f9:57:
f8:7f:e7:f9:d3:76:34:63:57:02:eb:eb:1d:4d:90:2a:57:83:
a7:72:dc:ca:71:c9:1e:6a:2f:5f:33:36:0e:db:d1:11:85:75:
3d:5f:05:78
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZkPI7IuV4id1auQubmvjYiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRiNjE4M2U0NTk3NDhjODllZTU0MzFiOGYzMWRlNjky
YWUzYjcwHhcNMjUwOTAzMTAzMzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjA1N2YzM2M5NDM0Mjg2NGE4MGEzZDQyYzZmMzdmMjUxNWQwZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LGqGyea2RozEQwOQVHyf7ukL8Fz
wL349itpIRMuGZStMlCrTiUmdmjYRLuGL4UsPBY8KuPAxOnodhgGMLNqZyco05ll
ZHIzRtbcMkRRWV31KXSBNIKlg3mNdNWHdnsGGubeIeGzUXwV9DVoek5bocTqwxkW
jf6lHJO+MurHSiZz/Rp0QSYY+IudDbG2aFNVoIka03kESY2MqN/0DacortvqUMz1
Umjk6XEkyrmasGE56yE2viM7OhkvizgXeiSeJP1N7+HgevC9IN2aEvUb/snWTqan
mqjGJriTsEcxIODNoBS5Fv459iDKkE468HygN4HiaG8cjkKKBjxFrn3HSQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFHsFfzPJQ0KGSoCj1CxvN/JRXQ+IMB8GA1UdIwQY
MBaAFFlUthg+RZdIyJ7lQxuPMd5pKuO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMt
ZDJhZGVlZDc1NWQ4LzEvZXdWX004bERRb1pLZ0tQVUxHODM4bEZkRDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMtZDJhZGVlZDc1NWQ4
LzEvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBADUCwED
BAHUCwQDBADUCwcwDAMEANQLCwMEANQLDAMEAdQLDjAMAwQA1AstAwQE1AsgAwQB
1AsyMAwDBADUCzUDBADUCzYwDAMEANQLOQMEAtQLODANBgkqhkiG9w0BAQsFAAOC
AQEAUpXw/cDdgsBO8qXPgqlvHOSO5Z4gSpfduTV45GG1JwF3av23QIOK+p4Nsb58
1bc9fmjZuHjJB/Kx+XO2XPplh9pY940xEfz7KI9kw6WjbCV4YLnQN/oDS0zMKiTG
JPZt8BwnGoVc4+e1W1uXDr9IVVblBc7eM7YBUahqeMCr34rBSlU8lyVF9M2V3InX
W0x2+UJVdLAwkG3bh0wLu4e/oHZiVgYjRnNJF1ATgkTnxmo64uNhKM11wUaaqEdn
VBqRKSX6IYTkOJu4G88YlQkLA9ial+bYRvlX+H/n+dN2NGNXAuvrHU2QKleDp3Lc
ynHJHmovXzM2DtvREYV1PV8FeA==
-----END CERTIFICATE-----
Generated at Sat Sep 6 13:45:47 2025 by rpki-client