Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/WIegxRMjR-9moxZhOQ3nJPWKLY8.roa
File: WIegxRMjR-9moxZhOQ3nJPWKLY8.roa (raw, json)
Hash identifier: TtEhJVh7NtkRT5o/iuF9tFI5ap6kWm0LLfHrrY0AXxs=
Subject key identifier: 58:87:A0:C5:13:23:47:EF:66:A3:16:61:39:0D:E7:24:F5:8A:2D:8F
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 01965DFFD95D1F82FC6EDE9550C24AA7CBD8
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/WIegxRMjR-9moxZhOQ3nJPWKLY8.roa
Signing time: Tue 22 Apr 2025 14:56:10 +0000
ROA not before: Tue 22 Apr 2025 14:56:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215245
IP address blocks: 31.22.72.0/24 maxlen: 24
31.22.73.0/24 maxlen: 24
31.22.74.0/24 maxlen: 24
31.22.75.0/24 maxlen: 24
31.22.76.0/24 maxlen: 24
31.22.77.0/24 maxlen: 24
31.22.78.0/24 maxlen: 24
31.22.79.0/24 maxlen: 24
46.247.108.0/24 maxlen: 24
46.247.109.0/24 maxlen: 24
62.169.152.0/24 maxlen: 24
86.54.5.0/24 maxlen: 24
194.46.60.0/24 maxlen: 24
194.117.225.0/24 maxlen: 24
2a14:6780:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:ff:d9:5d:1f:82:fc:6e:de:95:50:c2:4a:a7:cb:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Apr 22 14:56:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5887a0c5132347ef66a31661390de724f58a2d8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:36:b5:8e:84:61:19:d2:03:fd:11:70:d2:a9:
c0:8f:16:dd:bb:3b:4d:3b:d5:7a:1b:73:c0:be:53:
53:83:e8:df:60:3d:bf:9d:bc:b7:d8:7c:62:2d:05:
5c:fd:8b:d7:d6:1a:fc:0b:11:cd:64:bf:a6:fb:a8:
e2:cb:f3:8b:f3:98:3d:10:c2:22:52:27:87:21:cc:
90:de:a8:70:c6:9f:27:6d:38:62:a9:0d:ff:ec:8f:
2d:d1:4b:90:35:ea:bb:b2:02:05:a5:2f:94:b8:b1:
89:bd:33:ea:d4:12:44:1f:87:8a:ae:39:71:b3:5c:
7c:22:47:13:d0:00:72:8b:9a:d4:9e:86:25:57:8f:
79:73:5d:cd:35:5a:b0:f6:c9:a4:24:7b:4e:55:43:
10:5b:4e:d5:ab:a5:ee:62:bc:08:3a:9a:94:bb:6a:
28:32:06:82:c6:4d:d2:f4:91:2a:4b:99:ad:37:7a:
85:c3:ab:97:42:26:eb:9f:b3:e5:78:b7:ec:2f:ea:
c3:e2:2e:70:29:1f:3e:69:46:d0:6d:01:b7:1f:f9:
aa:f0:a6:1c:c3:b4:30:31:e3:bd:83:58:4f:a3:bb:
fb:b6:ae:51:ac:f8:80:57:62:d7:d4:28:5f:4b:a0:
a3:81:30:1b:8f:b1:9a:e1:cb:c0:d9:52:9c:ad:ad:
6f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:87:A0:C5:13:23:47:EF:66:A3:16:61:39:0D:E7:24:F5:8A:2D:8F
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/WIegxRMjR-9moxZhOQ3nJPWKLY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.72.0/21
46.247.108.0/23
62.169.152.0/24
86.54.5.0/24
194.46.60.0/24
194.117.225.0/24
IPv6:
2a14:6780:4::/48
Signature Algorithm: sha256WithRSAEncryption
32:57:42:b8:c8:91:44:d9:7e:2d:0a:a2:ec:71:c4:13:b2:4d:
ed:30:6a:74:99:3d:b1:82:a4:41:ca:1a:41:02:19:50:e0:f3:
26:3c:f8:26:14:6a:25:b7:45:72:71:a4:de:9f:98:61:c9:f6:
08:b8:9d:48:20:de:1c:6f:94:22:67:ab:40:c3:10:f8:1b:a0:
9c:72:73:e5:b1:67:f1:e6:1d:a7:ec:aa:51:fc:41:7d:c6:0c:
86:56:2e:c7:f7:da:8d:f8:5d:a1:d0:ce:aa:b5:5b:54:67:10:
21:41:c0:8b:f0:de:ef:6a:43:e4:5e:d8:45:7c:f1:d1:62:46:
8b:26:45:c6:da:4c:52:82:90:83:c1:76:dc:7a:10:ab:6e:66:
06:63:cc:34:6d:9a:be:4c:a6:5a:91:67:ec:52:ff:ec:02:09:
a9:5f:a5:b0:82:85:89:1e:a7:c9:e4:02:97:4a:01:d9:0d:02:
3c:78:45:0c:80:d6:88:d6:5b:b6:e3:d3:14:4f:fc:6a:e7:ab:
3e:ab:7a:4d:0a:08:f6:e4:d6:8a:43:d3:b3:5f:45:9c:9a:32:
24:e2:64:3e:a8:f3:5f:d7:ae:d4:fa:76:0f:1e:fe:27:8f:f3:
15:6b:b1:5d:67:05:07:1b:71:8e:1a:57:f0:fa:a6:3d:59:10:
f9:7d:ba:e8
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZZd/9ldH4L8bt6VUMJKp8vYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNDIyMTQ1NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODg3YTBjNTEzMjM0N2VmNjZhMzE2NjEzOTBkZTcyNGY1OGEyZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDa1joRhGdID/RFw0qnAjxbduztN
O9V6G3PAvlNTg+jfYD2/nby32HxiLQVc/YvX1hr8CxHNZL+m+6jiy/OL85g9EMIi
UieHIcyQ3qhwxp8nbThiqQ3/7I8t0UuQNeq7sgIFpS+UuLGJvTPq1BJEH4eKrjlx
s1x8IkcT0AByi5rUnoYlV495c13NNVqw9smkJHtOVUMQW07Vq6XuYrwIOpqUu2oo
MgaCxk3S9JEqS5mtN3qFw6uXQibrn7PleLfsL+rD4i5wKR8+aUbQbQG3H/mq8KYc
w7QwMeO9g1hPo7v7tq5RrPiAV2LX1ChfS6CjgTAbj7Ga4cvA2VKcra1vNwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFFiHoMUTI0fvZqMWYTkN5yT1ii2PMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvV0llZ3hSTWpSLTltb3haaE9RM25KUFdLTFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQDHxZIAwQB
LvdsAwQAPqmYAwQAVjYFAwQAwi48AwQAwnXhMA8EAgACMAkDBwAqFGeAAAQwDQYJ
KoZIhvcNAQELBQADggEBADJXQrjIkUTZfi0KouxxxBOyTe0wanSZPbGCpEHKGkEC
GVDg8yY8+CYUaiW3RXJxpN6fmGHJ9gi4nUgg3hxvlCJnq0DDEPgboJxyc+WxZ/Hm
HafsqlH8QX3GDIZWLsf32o34XaHQzqq1W1RnECFBwIvw3u9qQ+Re2EV88dFiRosm
RcbaTFKCkIPBdtx6EKtuZgZjzDRtmr5MplqRZ+xS/+wCCalfpbCChYkep8nkApdK
AdkNAjx4RQyA1ojWW7bj0xRP/Grnqz6rek0KCPbk1opD07NfRZyaMiTiZD6o81/X
rtT6dg8e/ieP8xVrsV1nBQcbcY4aV/D6pj1ZEPl9uug=
-----END CERTIFICATE-----
Generated at Sat May 10 20:05:19 2025 by rpki-client