Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/wVyHdkJVhmRGMxJPVX4wfBhruSE.roa
File: wVyHdkJVhmRGMxJPVX4wfBhruSE.roa (raw, json)
Hash identifier: 9ZOfWoFrLfdn+mdr2Gtgim07acMv0zDx9WBwWt754aM=
Subject key identifier: C1:5C:87:76:42:55:86:64:46:33:12:4F:55:7E:30:7C:18:6B:B9:21
Certificate issuer: /CN=043d2c8da83f5c3c94ae940a0efd2a7714ff90e2
Certificate serial: 0198CCF71F894CD4B88429D8AC5110B7382A
Authority key identifier: 04:3D:2C:8D:A8:3F:5C:3C:94:AE:94:0A:0E:FD:2A:77:14:FF:90:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/wVyHdkJVhmRGMxJPVX4wfBhruSE.roa
Signing time: Thu 21 Aug 2025 14:10:04 +0000
ROA not before: Thu 21 Aug 2025 14:10:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48988
IP address blocks: 108.174.78.0/24 maxlen: 24
213.148.0.0/20 maxlen: 24
213.148.24.0/22 maxlen: 24
2a13:8280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cc:f7:1f:89:4c:d4:b8:84:29:d8:ac:51:10:b7:38:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=043d2c8da83f5c3c94ae940a0efd2a7714ff90e2
Validity
Not Before: Aug 21 14:10:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c15c8776425586644633124f557e307c186bb921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8b:d2:ba:b4:41:49:d3:fb:1f:9e:a0:3b:e1:
37:e7:f1:99:b3:70:20:ef:1f:8d:bc:7b:ff:80:db:
3d:3f:9e:16:43:57:0f:4c:13:7e:12:5e:45:f5:b2:
00:04:6c:55:a9:3d:cf:51:59:91:63:5b:ef:68:3b:
15:8f:28:94:f9:03:e3:bd:99:f3:8e:2b:9f:94:c4:
65:84:f0:51:90:9d:3a:00:92:c9:ec:f8:8c:0d:cb:
4c:8d:fe:07:ad:8c:0b:b3:7b:9d:4e:d0:29:c2:0c:
b7:50:44:d6:d2:37:f2:b7:53:33:75:cb:e8:97:4f:
9d:19:8d:b2:27:b1:31:f0:03:4e:46:51:28:cb:b7:
89:b9:45:95:11:16:bd:3d:94:b9:bb:56:57:6b:ff:
c7:ad:cd:35:22:e9:cb:c1:9b:b7:ae:a9:06:31:b7:
a6:6d:41:f6:12:14:3d:24:ea:90:ec:42:c0:ed:40:
90:79:bd:44:44:97:f3:82:42:fc:b6:57:28:88:2f:
e7:97:26:89:ed:a0:95:a2:1b:0b:de:dd:2b:af:b9:
63:7e:22:08:ba:b0:af:82:d0:a8:c0:a9:58:97:08:
e4:be:cf:36:5f:63:7e:cb:68:bd:05:4a:55:95:7b:
47:0f:c6:de:20:43:b1:0e:b2:ac:5e:ad:5a:3c:5f:
bf:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:5C:87:76:42:55:86:64:46:33:12:4F:55:7E:30:7C:18:6B:B9:21
X509v3 Authority Key Identifier:
keyid:04:3D:2C:8D:A8:3F:5C:3C:94:AE:94:0A:0E:FD:2A:77:14:FF:90:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BD0sjag_XDyUrpQKDv0qdxT_kOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/wVyHdkJVhmRGMxJPVX4wfBhruSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ec4c25-e552-4d0c-95ee-3bbc661b4cc5/1/BD0sjag_XDyUrpQKDv0qdxT_kOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
108.174.78.0/24
213.148.0.0/20
213.148.24.0/22
IPv6:
2a13:8280::/32
Signature Algorithm: sha256WithRSAEncryption
63:b0:c5:5c:e6:ee:82:9a:f2:51:0e:8c:aa:53:d7:95:80:d6:
d6:f0:98:ef:2a:e6:d9:7f:00:77:2b:da:52:a6:f7:b7:25:ba:
26:28:60:08:ad:c6:ca:ba:ce:df:18:74:7f:45:55:6b:d3:bd:
08:0f:bd:bc:ce:bd:10:99:e3:0f:2d:60:c5:2d:27:8e:52:17:
77:81:30:48:fa:79:b9:8b:4e:cb:61:63:52:97:da:87:14:de:
55:06:4b:31:0f:c6:fb:64:b9:f4:1b:55:f6:14:6f:39:db:12:
eb:04:0a:cd:03:73:50:18:ff:39:b6:0a:ab:30:25:e7:91:b5:
20:27:54:31:3f:47:88:7a:2e:16:c2:43:1c:39:41:c0:cc:c9:
1f:b5:66:78:d4:43:ad:04:e1:54:8f:a8:73:36:58:71:d9:b6:
0c:4e:85:49:4d:d5:27:31:c9:71:a6:32:42:69:c8:16:f8:cf:
ca:53:ab:67:f8:22:a7:ac:ef:b1:2f:c8:36:4f:57:f6:b4:ff:
00:91:ce:d2:76:3f:16:69:9c:28:ad:33:40:0c:cd:50:fb:26:
03:e8:07:6b:26:14:55:be:66:73:42:fb:45:04:f3:b5:87:81:
17:02:d0:67:c0:a8:3c:40:d1:75:c3:44:7d:dc:8d:7d:24:52:
5e:44:ba:f2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZjM9x+JTNS4hCnYrFEQtzgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0M2QyYzhkYTgzZjVjM2M5NGFlOTQwYTBlZmQyYTc3MTRm
ZjkwZTIwHhcNMjUwODIxMTQxMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTVjODc3NjQyNTU4NjY0NDYzMzEyNGY1NTdlMzA3YzE4NmJiOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ovSurRBSdP7H56gO+E35/GZs3Ag
7x+NvHv/gNs9P54WQ1cPTBN+El5F9bIABGxVqT3PUVmRY1vvaDsVjyiU+QPjvZnz
jiuflMRlhPBRkJ06AJLJ7PiMDctMjf4HrYwLs3udTtApwgy3UETW0jfyt1Mzdcvo
l0+dGY2yJ7Ex8ANORlEoy7eJuUWVERa9PZS5u1ZXa//Hrc01IunLwZu3rqkGMbem
bUH2EhQ9JOqQ7ELA7UCQeb1ERJfzgkL8tlcoiC/nlyaJ7aCVohsL3t0rr7ljfiII
urCvgtCowKlYlwjkvs82X2N+y2i9BUpVlXtHD8beIEOxDrKsXq1aPF+/dQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMFch3ZCVYZkRjMST1V+MHwYa7khMB8GA1UdIwQY
MBaAFAQ9LI2oP1w8lK6UCg79KncU/5DiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkQwc2phZ19YRHlVcnBRS0R2MHFkeFRfa09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lYzRjMjUtZTU1Mi00ZDBjLTk1ZWUt
M2JiYzY2MWI0Y2M1LzEvd1Z5SGRrSlZobVJHTXhKUFZYNHdmQmhydVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lYzRjMjUtZTU1Mi00ZDBjLTk1ZWUtM2JiYzY2MWI0Y2M1
LzEvQkQwc2phZ19YRHlVcnBRS0R2MHFkeFRfa09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAbK5OAwQE
1ZQAAwQC1ZQYMA0EAgACMAcDBQAqE4KAMA0GCSqGSIb3DQEBCwUAA4IBAQBjsMVc
5u6CmvJRDoyqU9eVgNbW8JjvKubZfwB3K9pSpve3JbomKGAIrcbKus7fGHR/RVVr
070ID728zr0QmeMPLWDFLSeOUhd3gTBI+nm5i07LYWNSl9qHFN5VBksxD8b7ZLn0
G1X2FG852xLrBArNA3NQGP85tgqrMCXnkbUgJ1QxP0eIei4WwkMcOUHAzMkftWZ4
1EOtBOFUj6hzNlhx2bYMToVJTdUnMclxpjJCacgW+M/KU6tn+CKnrO+xL8g2T1f2
tP8Akc7Sdj8WaZworTNADM1Q+yYD6AdrJhRVvmZzQvtFBPO1h4EXAtBnwKg8QNF1
w0R93I19JFJeRLry
-----END CERTIFICATE-----
Generated at Sun Aug 24 01:30:23 2025 by rpki-client