Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/W2y7ILyVjCj4EaeyqbQeC_Dcd1M.roa
File: W2y7ILyVjCj4EaeyqbQeC_Dcd1M.roa (raw, json)
Hash identifier: Zefjs5+cQyH8QCnVGn+TztucGEd7H6R6h5c8uGrlYWM=
Subject key identifier: 5B:6C:BB:20:BC:95:8C:28:F8:11:A7:B2:A9:B4:1E:0B:F0:DC:77:53
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 01979CAF5DC3E2F50BF558F1AE859A4FD1C0
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/W2y7ILyVjCj4EaeyqbQeC_Dcd1M.roa
Signing time: Mon 23 Jun 2025 12:07:07 +0000
ROA not before: Mon 23 Jun 2025 12:07:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57152
IP address blocks: 104.247.170.0/24 maxlen: 24
104.247.171.0/24 maxlen: 24
104.247.172.0/24 maxlen: 24
104.247.174.0/24 maxlen: 24
104.247.175.0/24 maxlen: 24
104.247.176.0/24 maxlen: 24
104.247.177.0/24 maxlen: 24
104.247.178.0/24 maxlen: 24
104.247.179.0/24 maxlen: 24
104.247.180.0/24 maxlen: 24
104.247.181.0/24 maxlen: 24
104.247.182.0/24 maxlen: 24
104.247.184.0/24 maxlen: 24
104.247.185.0/24 maxlen: 24
104.247.186.0/24 maxlen: 24
104.247.187.0/24 maxlen: 24
104.247.190.0/24 maxlen: 24
104.247.191.0/24 maxlen: 24
185.73.128.0/22 maxlen: 24
185.137.215.0/24 maxlen: 24
2a03:a5a0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 18:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:af:5d:c3:e2:f5:0b:f5:58:f1:ae:85:9a:4f:d1:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: Jun 23 12:07:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b6cbb20bc958c28f811a7b2a9b41e0bf0dc7753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:44:b4:ff:19:de:4e:6c:98:29:26:b0:79:
5e:9c:e5:de:7e:20:b0:af:85:ee:ef:24:ac:48:8d:
85:9c:1f:c6:84:60:82:a7:e2:ea:ef:67:b0:a8:f9:
5c:1e:32:52:84:4e:7b:b2:e5:0d:bc:a0:2f:ad:a8:
35:3d:2f:8b:6b:e9:2a:a7:e1:63:75:e5:ad:b7:8c:
c1:06:81:c7:92:00:19:a9:d5:4d:b6:b1:6e:f3:b7:
9c:97:3d:47:8c:f2:1d:2e:db:cc:b1:78:79:62:c4:
77:38:72:43:85:5f:88:71:34:a2:9b:e7:76:1a:ed:
9c:04:72:63:6b:03:2b:3d:70:db:1b:a4:ed:38:c1:
47:0e:89:c3:cc:8e:d7:40:68:3c:c2:8f:64:37:6a:
65:7d:e9:46:e7:a4:ec:97:76:4c:18:6d:fb:7f:6f:
31:9b:68:22:e1:8d:1c:73:d4:1b:48:26:b5:af:17:
dd:73:ad:a8:f6:2a:7e:82:96:e6:b3:b9:60:85:a5:
55:ce:42:c3:f9:c6:60:dd:f2:fe:99:e8:c0:0f:01:
53:0d:77:2f:f6:95:c0:6d:1b:ff:20:a1:9a:f1:84:
32:4e:f9:16:90:d7:eb:2e:15:12:40:00:14:76:31:
f4:84:5f:7d:55:82:b1:45:78:42:81:17:ff:7a:d9:
34:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:6C:BB:20:BC:95:8C:28:F8:11:A7:B2:A9:B4:1E:0B:F0:DC:77:53
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/W2y7ILyVjCj4EaeyqbQeC_Dcd1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.170.0-104.247.172.255
104.247.174.0-104.247.182.255
104.247.184.0/22
104.247.190.0/23
185.73.128.0/22
185.137.215.0/24
IPv6:
2a03:a5a0::/32
Signature Algorithm: sha256WithRSAEncryption
35:6d:a0:29:f6:4c:e4:b5:c9:fd:da:3b:f3:cd:d2:b3:b2:42:
55:9e:b1:06:9b:d8:78:87:b7:b4:03:5d:05:90:a4:45:9b:bd:
3f:e9:1e:19:92:1d:f9:7a:97:65:3a:8c:89:4e:9e:aa:cb:63:
f9:d5:0f:68:79:d4:0e:ae:34:86:c5:15:99:1d:cc:86:2b:b5:
f1:d8:86:66:67:e7:33:d7:ea:b2:3a:a2:46:3f:1f:41:ee:76:
66:9c:c8:94:a8:c4:a0:b0:63:65:33:7e:5f:0a:80:4a:6a:d2:
34:a5:9a:4e:4e:2d:c5:52:62:f6:bc:71:a0:e4:8a:dc:29:ba:
ef:41:8e:e0:2a:fb:c3:be:0c:85:15:ee:95:0e:38:42:ee:26:
14:80:b1:44:0e:0e:9a:5c:c9:c3:3e:b3:b6:b0:83:d0:9e:4a:
15:13:97:a4:86:ba:56:96:ad:89:9d:bf:6f:15:8f:16:9a:53:
6b:be:f4:b1:dc:5e:6f:a6:b0:23:22:ff:8e:7c:9b:27:f2:5d:
99:f1:6c:60:dc:1b:96:2f:fa:3b:48:2d:0e:ea:7d:48:9d:e3:
cc:d3:26:bd:dc:c9:81:46:bb:67:3d:96:aa:81:c1:e8:02:88:
cc:84:33:b5:3f:f1:4f:14:6c:37:97:94:eb:3f:36:54:c4:80:
3b:f3:00:ba
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZecr13D4vUL9VjxroWaT9HAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjUwNjIzMTIwNzA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjZjYmIyMGJjOTU4YzI4ZjgxMWE3YjJhOWI0MWUwYmYwZGM3NzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytpEtP8Z3k5smCkmsHlenOXefiCw
r4Xu7ySsSI2FnB/GhGCCp+Lq72ewqPlcHjJShE57suUNvKAvrag1PS+La+kqp+Fj
deWtt4zBBoHHkgAZqdVNtrFu87eclz1HjPIdLtvMsXh5YsR3OHJDhV+IcTSim+d2
Gu2cBHJjawMrPXDbG6TtOMFHDonDzI7XQGg8wo9kN2plfelG56Tsl3ZMGG37f28x
m2gi4Y0cc9QbSCa1rxfdc62o9ip+gpbms7lghaVVzkLD+cZg3fL+mejADwFTDXcv
9pXAbRv/IKGa8YQyTvkWkNfrLhUSQAAUdjH0hF99VYKxRXhCgRf/etk0uQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFFtsuyC8lYwo+BGnsqm0Hgvw3HdTMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvVzJ5N0lMeVZqQ2o0RWFleXFiUWVDX0RjZDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0MAwDBAFo96oD
BABo96wwDAMEAWj3rgMEAGj3tgMEAmj3uAMEAWj3vgMEArlJgAMEALmJ1zANBAIA
AjAHAwUAKgOloDANBgkqhkiG9w0BAQsFAAOCAQEANW2gKfZM5LXJ/do7883Ss7JC
VZ6xBpvYeIe3tANdBZCkRZu9P+keGZId+XqXZTqMiU6eqstj+dUPaHnUDq40hsUV
mR3Mhiu18diGZmfnM9fqsjqiRj8fQe52ZpzIlKjEoLBjZTN+XwqASmrSNKWaTk4t
xVJi9rxxoOSK3Cm670GO4Cr7w74MhRXulQ44Qu4mFICxRA4OmlzJwz6ztrCD0J5K
FROXpIa6VpatiZ2/bxWPFppTa770sdxeb6awIyL/jnybJ/JdmfFsYNwbli/6O0gt
Dup9SJ3jzNMmvdzJgUa7Zz2WqoHB6AKIzIQztT/xTxRsN5eU6z82VMSAO/MAug==
-----END CERTIFICATE-----
Generated at Sun Jun 29 01:25:43 2025 by rpki-client