Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/wPo7xJ66CFd_mhgw0SF3bAS25Aw.roa
File: wPo7xJ66CFd_mhgw0SF3bAS25Aw.roa (raw, json)
Hash identifier: bk8jHsNK4RwETsCkuy+UEJf07NqgjUBEWkINzx/UrXY=
Subject key identifier: C0:FA:3B:C4:9E:BA:08:57:7F:9A:18:30:D1:21:77:6C:04:B6:E4:0C
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01976319B263884C4102EAAB4FFA08464569
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/wPo7xJ66CFd_mhgw0SF3bAS25Aw.roa
Signing time: Thu 12 Jun 2025 07:45:17 +0000
ROA not before: Thu 12 Jun 2025 07:45:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8315
IP address blocks: 145.131.0.0/20 maxlen: 24
145.131.5.0/24 maxlen: 24
145.131.16.0/20 maxlen: 24
145.131.29.0/24 maxlen: 24
145.131.32.0/20 maxlen: 24
145.131.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:19:b2:63:88:4c:41:02:ea:ab:4f:fa:08:46:45:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jun 12 07:45:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0fa3bc49eba08577f9a1830d121776c04b6e40c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f4:55:8c:62:07:a4:4a:2d:a0:76:4b:6c:fb:
6b:72:f1:f1:b0:dd:04:c9:fb:ab:fb:1c:a4:bf:41:
27:3f:58:7a:e6:c2:67:5d:88:8e:2c:06:ad:fb:57:
7e:d7:3b:c9:db:65:c1:71:6e:4b:2b:6e:79:af:cb:
0e:ac:b9:44:77:a6:24:06:0d:b1:39:72:e8:2e:33:
9f:11:73:77:5d:2d:66:fe:7a:eb:96:53:60:d8:e0:
66:31:4c:24:0c:77:c9:f4:f2:e3:2d:be:30:70:94:
73:10:1f:bc:d1:43:69:a2:29:d6:e1:f4:6d:f0:0b:
c5:8b:f5:0b:46:dd:a5:a1:df:2f:90:a6:c0:b3:33:
dc:2c:02:63:f1:3a:8e:df:8e:40:be:86:89:e8:89:
67:62:7a:3b:77:c3:35:58:0b:1c:00:4c:6f:de:05:
83:fd:7e:3c:c2:65:b2:0d:d2:5a:90:f8:1f:ec:d1:
1b:9e:a1:5a:e4:a6:97:24:08:66:59:35:00:f7:bc:
be:e1:1e:40:38:72:1e:7d:91:9a:d2:68:52:16:91:
07:87:2b:6f:fa:08:43:80:04:a3:a6:8d:86:7b:a6:
c2:f2:8c:6c:6b:22:37:82:d1:52:15:51:ac:f2:d2:
34:5a:06:2f:8b:8c:81:4c:22:62:94:86:82:38:3a:
0e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:FA:3B:C4:9E:BA:08:57:7F:9A:18:30:D1:21:77:6C:04:B6:E4:0C
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/wPo7xJ66CFd_mhgw0SF3bAS25Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.131.0.0-145.131.47.255
Signature Algorithm: sha256WithRSAEncryption
19:41:3d:bf:1c:56:81:92:f7:0a:5e:8f:42:35:60:55:4b:4d:
dd:eb:3f:a4:7c:b7:21:a1:f1:9b:bd:77:ea:ed:4f:fd:e4:0e:
46:14:b5:cf:7f:b7:77:04:f7:ba:a7:6c:06:11:5b:dc:5d:ae:
ec:8b:92:2e:c3:86:13:aa:f5:b0:8a:d9:db:aa:b1:ab:ef:ee:
e6:73:a6:2b:ef:bd:68:3a:fc:eb:3e:2b:1f:05:b1:79:5d:ff:
00:98:22:5e:f4:d5:b4:25:6e:0d:77:a2:d6:b2:64:c7:88:55:
65:81:ed:a8:17:23:16:a1:30:9b:41:9a:dd:b4:76:e4:01:f7:
1f:43:db:c7:e5:f3:32:38:6e:11:c3:48:ce:4c:1d:e8:a6:b5:
81:20:8f:0f:68:09:78:66:0f:e0:00:f7:8d:e9:db:8a:68:07:
71:55:e9:9b:dd:2a:50:f6:39:74:35:92:68:46:76:3e:db:b1:
ae:b9:23:0b:6b:fc:22:c8:e4:d9:03:c8:ea:68:da:c6:19:38:
2b:d9:6c:d7:e0:e6:70:14:13:6c:e6:d0:ae:55:f0:bf:6c:2d:
b7:b6:a1:ac:f3:f3:40:79:1a:0b:06:df:d2:71:d0:ab:09:55:
e3:64:11:ca:9f:df:13:8f:85:73:53:59:62:02:e7:af:f6:20:
6f:40:3e:cd
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZdjGbJjiExBAuqrT/oIRkVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwNjEyMDc0NTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGZhM2JjNDllYmEwODU3N2Y5YTE4MzBkMTIxNzc2YzA0YjZlNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfRVjGIHpEotoHZLbPtrcvHxsN0E
yfur+xykv0EnP1h65sJnXYiOLAat+1d+1zvJ22XBcW5LK255r8sOrLlEd6YkBg2x
OXLoLjOfEXN3XS1m/nrrllNg2OBmMUwkDHfJ9PLjLb4wcJRzEB+80UNpoinW4fRt
8AvFi/ULRt2lod8vkKbAszPcLAJj8TqO345AvoaJ6IlnYno7d8M1WAscAExv3gWD
/X48wmWyDdJakPgf7NEbnqFa5KaXJAhmWTUA97y+4R5AOHIefZGa0mhSFpEHhytv
+ghDgASjpo2Ge6bC8oxsayI3gtFSFVGs8tI0WgYvi4yBTCJilIaCODoOFQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFMD6O8SeughXf5oYMNEhd2wEtuQMMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvd1BvN3hKNjZDRmRfbWhndzBTRjNiQVMyNUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwCRgwME
BJGDIDANBgkqhkiG9w0BAQsFAAOCAQEAGUE9vxxWgZL3Cl6PQjVgVUtN3es/pHy3
IaHxm7136u1P/eQORhS1z3+3dwT3uqdsBhFb3F2u7IuSLsOGE6r1sIrZ26qxq+/u
5nOmK++9aDr86z4rHwWxeV3/AJgiXvTVtCVuDXei1rJkx4hVZYHtqBcjFqEwm0Ga
3bR25AH3H0Pbx+XzMjhuEcNIzkwd6Ka1gSCPD2gJeGYP4AD3jenbimgHcVXpm90q
UPY5dDWSaEZ2PtuxrrkjC2v8Isjk2QPI6mjaxhk4K9ls1+DmcBQTbObQrlXwv2wt
t7ahrPPzQHkaCwbf0nHQqwlV42QRyp/fE4+Fc1NZYgLnr/Ygb0A+zQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:10:27 2025 by rpki-client