Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/WOkyiKZXyZb_JE15v4JPZZ7_uas.roa
File: WOkyiKZXyZb_JE15v4JPZZ7_uas.roa (raw, json)
Hash identifier: uCxh+/x66loEAoXJHeu6h1m3ZKFFNdiPZwnHjwWElmQ=
Subject key identifier: 58:E9:32:88:A6:57:C9:96:FF:24:4D:79:BF:82:4F:65:9E:FF:B9:AB
Certificate issuer: /CN=8d1bef730527aae1ecf8fb3085659d6fdfeed797
Certificate serial: 0197A8FA8FA1D51866469EDB315D7A05B868
Authority key identifier: 8D:1B:EF:73:05:27:AA:E1:EC:F8:FB:30:85:65:9D:6F:DF:EE:D7:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/WOkyiKZXyZb_JE15v4JPZZ7_uas.roa
Signing time: Wed 25 Jun 2025 21:24:42 +0000
ROA not before: Wed 25 Jun 2025 21:24:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216285
IP address blocks: 194.153.116.0/24 maxlen: 24
2a14:4280::/29 maxlen: 29
2a14:4280::/32 maxlen: 32
2a14:4281::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/jRvvcwUnquHs-PswhWWdb9_u15c.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/jRvvcwUnquHs-PswhWWdb9_u15c.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a8:fa:8f:a1:d5:18:66:46:9e:db:31:5d:7a:05:b8:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1bef730527aae1ecf8fb3085659d6fdfeed797
Validity
Not Before: Jun 25 21:24:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58e93288a657c996ff244d79bf824f659effb9ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:40:d7:38:e9:d2:b0:8b:1b:fe:47:b6:52:b7:
ba:49:28:66:93:38:98:b1:33:d8:1a:5c:25:0a:42:
4d:75:72:8b:58:d0:bb:c2:8f:f8:24:6b:c4:98:72:
ea:e2:c5:96:30:bf:32:74:e5:84:88:41:e0:bb:b9:
65:24:90:d4:8a:ba:d0:07:74:fe:25:fa:8c:a1:6a:
38:96:d2:36:c7:80:16:74:8b:87:94:99:99:b3:11:
8b:87:9c:59:db:fd:c7:b1:ef:33:66:44:04:19:b4:
d9:2d:38:a4:af:f4:17:e4:82:c7:5b:9b:c9:e3:d8:
a2:14:ac:51:f7:8f:ea:cf:bd:64:f5:25:04:7e:12:
8f:74:2d:4e:f9:e5:fc:53:ab:05:7f:1e:87:43:47:
d6:df:3c:2f:b5:c1:4b:6c:05:83:8c:33:76:5d:3c:
0e:fc:09:55:b9:f6:fe:b3:9f:e9:74:a1:1a:a1:09:
ac:79:e3:b4:ab:a6:47:0d:af:d3:34:b6:c6:a1:91:
92:86:0f:18:f3:48:63:f9:69:0f:7a:81:a2:65:69:
9f:58:5f:84:8a:c8:5c:be:6a:6d:87:d6:31:40:72:
2f:92:1b:3e:9e:a2:c2:a9:00:bf:26:ed:25:44:44:
d9:e2:89:cb:58:af:63:0a:ae:a9:a7:dc:45:31:19:
d1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E9:32:88:A6:57:C9:96:FF:24:4D:79:BF:82:4F:65:9E:FF:B9:AB
X509v3 Authority Key Identifier:
keyid:8D:1B:EF:73:05:27:AA:E1:EC:F8:FB:30:85:65:9D:6F:DF:EE:D7:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRvvcwUnquHs-PswhWWdb9_u15c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/WOkyiKZXyZb_JE15v4JPZZ7_uas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b716ad-ed04-4de4-b994-4aab2d68fa5a/1/jRvvcwUnquHs-PswhWWdb9_u15c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.116.0/24
IPv6:
2a14:4280::/29
Signature Algorithm: sha256WithRSAEncryption
18:70:49:2e:07:75:e6:ec:16:34:4e:b1:0a:a9:66:da:79:55:
4c:6c:af:6a:1d:90:03:99:57:6a:bf:a7:23:55:c9:a7:2d:31:
13:a5:1a:67:25:60:f8:5e:ca:8d:82:e2:d6:4b:2f:a5:12:32:
12:b5:4a:33:be:09:fd:fb:7b:9d:8c:f9:5c:c4:2d:56:9e:24:
eb:c9:7a:b6:43:4d:fc:22:a6:ac:3a:bd:0a:36:3c:d8:4a:53:
72:78:7f:5b:2a:00:92:12:42:fa:03:f8:ef:0e:ec:fc:53:50:
88:7f:73:7d:54:68:4d:0e:d0:fc:ce:f9:00:5d:63:c1:83:80:
6c:53:fb:6d:3d:7d:0e:71:ab:f5:22:d5:c1:14:17:24:37:0d:
43:3b:3c:44:fa:53:48:ca:ff:cb:79:c8:ae:f6:7c:d0:a6:9b:
a8:9d:da:ba:17:9c:49:d3:85:32:2d:c0:ca:98:6d:b2:59:f8:
6a:d9:d0:cc:9e:cc:53:3d:fa:1d:bc:8d:b4:8f:f4:70:33:36:
55:33:c1:db:a6:19:d8:24:ee:c1:94:24:66:20:10:33:fc:dc:
75:92:e4:a2:5b:4f:a1:fe:e3:fd:d5:20:d2:dc:f1:85:ff:84:
12:de:89:96:d2:ec:74:c5:68:24:69:6e:5b:f9:91:c9:df:9c:
b9:6a:51:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZeo+o+h1RhmRp7bMV16BbhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWJlZjczMDUyN2FhZTFlY2Y4ZmIzMDg1NjU5ZDZmZGZl
ZWQ3OTcwHhcNMjUwNjI1MjEyNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGU5MzI4OGE2NTdjOTk2ZmYyNDRkNzliZjgyNGY2NTllZmZiOWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUDXOOnSsIsb/ke2Ure6SShmkziY
sTPYGlwlCkJNdXKLWNC7wo/4JGvEmHLq4sWWML8ydOWEiEHgu7llJJDUirrQB3T+
JfqMoWo4ltI2x4AWdIuHlJmZsxGLh5xZ2/3Hse8zZkQEGbTZLTikr/QX5ILHW5vJ
49iiFKxR94/qz71k9SUEfhKPdC1O+eX8U6sFfx6HQ0fW3zwvtcFLbAWDjDN2XTwO
/AlVufb+s5/pdKEaoQmseeO0q6ZHDa/TNLbGoZGShg8Y80hj+WkPeoGiZWmfWF+E
ishcvmpth9YxQHIvkhs+nqLCqQC/Ju0lRETZ4onLWK9jCq6pp9xFMRnRWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFjpMoimV8mW/yRNeb+CT2We/7mrMB8GA1UdIwQY
MBaAFI0b73MFJ6rh7Pj7MIVlnW/f7teXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJ2dmN3VW5xdUhzLVBzd2hXV2RiOV91MTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNzE2YWQtZWQwNC00ZGU0LWI5OTQt
NGFhYjJkNjhmYTVhLzEvV09reWlLWlh5WmJfSkUxNXY0SlBaWjdfdWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNzE2YWQtZWQwNC00ZGU0LWI5OTQtNGFhYjJkNjhmYTVh
LzEvalJ2dmN3VW5xdUhzLVBzd2hXV2RiOV91MTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwpl0MA0E
AgACMAcDBQMqFEKAMA0GCSqGSIb3DQEBCwUAA4IBAQAYcEkuB3Xm7BY0TrEKqWba
eVVMbK9qHZADmVdqv6cjVcmnLTETpRpnJWD4XsqNguLWSy+lEjIStUozvgn9+3ud
jPlcxC1WniTryXq2Q038IqasOr0KNjzYSlNyeH9bKgCSEkL6A/jvDuz8U1CIf3N9
VGhNDtD8zvkAXWPBg4BsU/ttPX0Ocav1ItXBFBckNw1DOzxE+lNIyv/Leciu9nzQ
ppuondq6F5xJ04UyLcDKmG2yWfhq2dDMnsxTPfodvI20j/RwMzZVM8HbphnYJO7B
lCRmIBAz/Nx1kuSiW0+h/uP91SDS3PGF/4QS3omW0ux0xWgkaW5b+ZHJ35y5alEw
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:55:25 2025 by rpki-client