Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/wCW2eVYs2Nv8NNhMuU_FKHQ4Qlo.roa
File: wCW2eVYs2Nv8NNhMuU_FKHQ4Qlo.roa (raw, json)
Hash identifier: uEFCsZgXuRGQkrbfrJ0QyCdz9fvlXRvTCckNfClSUU0=
Subject key identifier: C0:25:B6:79:56:2C:D8:DB:FC:34:D8:4C:B9:4F:C5:28:74:38:42:5A
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0197A7C6E9CD1A733631EE54EEEE9E32DB37
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/wCW2eVYs2Nv8NNhMuU_FKHQ4Qlo.roa
Signing time: Wed 25 Jun 2025 15:48:40 +0000
ROA not before: Wed 25 Jun 2025 15:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 31.170.55.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a7:c6:e9:cd:1a:73:36:31:ee:54:ee:ee:9e:32:db:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jun 25 15:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c025b679562cd8dbfc34d84cb94fc5287438425a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:21:a0:b2:74:f9:52:9e:f2:4d:91:48:17:4d:
ba:cd:61:6d:41:f3:93:a2:ff:bf:1a:6e:77:4d:00:
02:97:52:9a:97:d0:43:fa:1c:51:e8:f5:a1:9f:4d:
a4:f0:ea:56:bd:9a:92:78:75:82:bc:ee:dd:7d:55:
dc:2d:43:54:54:4d:70:54:6a:a5:14:d2:c4:9b:96:
30:55:11:1c:c8:34:f2:5a:cf:c9:5a:6d:fb:e8:a9:
ae:e4:ee:da:b6:11:d7:da:f1:d8:29:0d:d9:af:78:
6f:97:1f:35:e6:b3:0b:84:b7:8a:f6:10:9b:82:1a:
e0:70:91:cc:2b:57:d6:98:91:51:80:90:ca:14:1d:
95:11:65:25:4f:1f:67:4d:1f:1b:16:11:8d:79:3c:
4d:9e:dd:f0:c1:05:2a:6d:c2:6d:e0:81:f5:a8:5c:
d7:d4:ec:f2:8d:01:2b:52:dd:f9:e8:4b:7e:50:7d:
19:36:67:ec:e7:4d:b6:9e:d2:05:45:ef:e3:5c:2d:
17:3c:bc:96:32:49:be:65:04:15:c6:2d:88:57:19:
4f:85:90:9b:d6:e8:38:bb:fc:68:26:97:65:65:e9:
d3:04:de:f7:fd:7c:73:d9:4a:e5:d4:d1:12:f6:a6:
dc:2b:b0:f7:92:d2:de:53:00:63:e8:df:94:ec:ec:
3a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:25:B6:79:56:2C:D8:DB:FC:34:D8:4C:B9:4F:C5:28:74:38:42:5A
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/wCW2eVYs2Nv8NNhMuU_FKHQ4Qlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
94.74.173.0/24
176.46.134.0/24
176.46.147.0/24
Signature Algorithm: sha256WithRSAEncryption
72:1a:7e:05:00:7b:dd:46:83:cc:44:bc:04:47:43:ae:32:0a:
c7:d0:5e:ea:bc:18:53:c0:e2:56:08:2e:18:05:11:60:b8:93:
48:d4:01:1a:be:36:1c:f3:18:e3:8c:b9:28:2c:98:1b:f3:a3:
81:25:ae:58:02:e9:0e:d9:c8:d5:69:66:eb:1b:52:59:1d:a8:
cb:69:89:30:44:00:97:5e:57:4e:07:9e:2a:e9:7d:b8:9a:f8:
98:1a:fe:ad:11:6f:7a:5d:6c:42:55:d5:55:9d:1c:24:83:75:
f8:08:bf:00:f7:ca:12:5c:4b:d4:33:99:11:ea:e8:c8:01:a7:
9e:d3:e3:2e:a4:df:40:b1:f4:cc:d9:8e:bb:db:24:12:c1:70:
40:19:f4:b9:83:c3:05:e0:2c:65:a3:37:33:95:e3:18:ab:3b:
4d:80:f6:10:b2:8c:63:e9:a7:c7:cb:97:22:b9:11:89:92:36:
ed:b6:51:fa:10:f6:22:2f:06:62:eb:50:02:b3:06:b8:4c:90:
97:3c:00:33:f7:86:7c:f4:59:ba:38:97:81:75:da:dc:62:41:
37:95:f5:17:18:67:6b:00:a4:67:a8:84:96:c2:e2:ce:e3:c5:
2a:ce:ce:23:15:6b:0c:e7:31:ee:a2:12:0a:a2:3f:70:ce:ec:
ca:5a:92:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZenxunNGnM2Me5U7u6eMts3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNjI1MTU0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDI1YjY3OTU2MmNkOGRiZmMzNGQ4NGNiOTRmYzUyODc0Mzg0MjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSGgsnT5Up7yTZFIF026zWFtQfOT
ov+/Gm53TQACl1Kal9BD+hxR6PWhn02k8OpWvZqSeHWCvO7dfVXcLUNUVE1wVGql
FNLEm5YwVREcyDTyWs/JWm376Kmu5O7athHX2vHYKQ3Zr3hvlx815rMLhLeK9hCb
ghrgcJHMK1fWmJFRgJDKFB2VEWUlTx9nTR8bFhGNeTxNnt3wwQUqbcJt4IH1qFzX
1OzyjQErUt356Et+UH0ZNmfs5022ntIFRe/jXC0XPLyWMkm+ZQQVxi2IVxlPhZCb
1ug4u/xoJpdlZenTBN73/Xxz2Url1NES9qbcK7D3ktLeUwBj6N+U7Ow60QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMAltnlWLNjb/DTYTLlPxSh0OEJaMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvd0NXMmVWWXMyTnY4Tk5oTXVVX0ZLSFE0UWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH6o3AwQA
XkqtAwQAsC6GAwQAsC6TMA0GCSqGSIb3DQEBCwUAA4IBAQByGn4FAHvdRoPMRLwE
R0OuMgrH0F7qvBhTwOJWCC4YBRFguJNI1AEavjYc8xjjjLkoLJgb86OBJa5YAukO
2cjVaWbrG1JZHajLaYkwRACXXldOB54q6X24mviYGv6tEW96XWxCVdVVnRwkg3X4
CL8A98oSXEvUM5kR6ujIAaee0+MupN9AsfTM2Y672yQSwXBAGfS5g8MF4Cxlozcz
leMYqztNgPYQsoxj6afHy5ciuRGJkjbttlH6EPYiLwZi61ACswa4TJCXPAAz94Z8
9Fm6OJeBddrcYkE3lfUXGGdrAKRnqISWwuLO48Uqzs4jFWsM5zHuohIKoj9wzuzK
WpLY
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:24:57 2025 by rpki-client