Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/WY-V6yxbC5_M8Ja5RwJAvgARrG0.roa
File: WY-V6yxbC5_M8Ja5RwJAvgARrG0.roa (raw, json)
Hash identifier: qOSUhIhTk8Jt/7qqozGcNnZVz/2Ntrilp3dcShvZWAw=
Subject key identifier: 59:8F:95:EB:2C:5B:0B:9F:CC:F0:96:B9:47:02:40:BE:00:11:AC:6D
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01979C7B1DB4FF36048C72F043FC29E3B79E
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/WY-V6yxbC5_M8Ja5RwJAvgARrG0.roa
Signing time: Mon 23 Jun 2025 11:10:03 +0000
ROA not before: Mon 23 Jun 2025 11:10:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63902
IP address blocks: 87.229.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:7b:1d:b4:ff:36:04:8c:72:f0:43:fc:29:e3:b7:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 23 11:10:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=598f95eb2c5b0b9fccf096b9470240be0011ac6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fc:77:22:bd:6e:8e:fd:57:d6:81:76:a7:0c:
c8:b3:86:21:91:32:1c:10:cc:93:5f:d8:fd:41:27:
7f:16:bc:db:16:b0:2f:1a:bd:f3:fc:55:36:f8:88:
7e:b6:bd:66:07:50:c0:93:20:64:9c:70:94:f7:10:
86:20:ec:5a:3b:2b:a1:02:c6:ce:71:39:f8:02:22:
4a:64:ae:b3:8a:74:7b:97:18:90:18:5b:c3:df:7b:
f7:6e:e1:8f:24:58:12:c7:72:a7:ca:23:e5:64:05:
48:f8:08:03:b7:f5:c3:5e:ed:a6:3f:29:4a:9a:02:
fe:f9:24:86:1e:b0:15:64:cb:12:5f:2e:ff:0e:18:
38:e6:a7:e5:51:87:47:8c:94:4d:80:25:06:30:48:
dd:29:65:bb:d7:cc:c2:96:09:bf:a0:81:af:0e:80:
90:d6:ed:2a:49:32:97:b6:da:76:51:e3:ae:d8:6a:
f2:2e:e3:cf:89:90:57:6a:9d:5f:2e:55:1c:be:5e:
42:54:25:b6:76:04:aa:8f:3e:ce:16:0d:a9:0d:c7:
77:83:a8:b9:06:07:0a:bd:f4:48:80:d9:c1:87:bf:
cf:b8:e0:91:30:0e:8c:e3:39:69:ff:c2:03:5c:7f:
a4:cb:ad:22:d0:96:5b:7b:d7:16:c7:f1:2e:b9:29:
58:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:8F:95:EB:2C:5B:0B:9F:CC:F0:96:B9:47:02:40:BE:00:11:AC:6D
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/WY-V6yxbC5_M8Ja5RwJAvgARrG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.31.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:75:4b:d0:9e:8d:11:67:cb:c4:e0:ba:b0:33:f7:94:7b:94:
5b:d1:2a:18:2a:ac:51:30:12:42:05:9b:f8:8d:c4:12:4a:82:
df:42:8b:63:ec:d8:b8:2d:92:7e:70:8d:17:a1:f2:61:04:81:
5d:e5:49:22:74:69:26:01:38:a5:c1:b7:7b:94:f2:ba:05:99:
1f:67:8f:05:8c:35:a4:ef:37:c6:9c:9c:c3:0f:02:c1:cf:27:
67:22:38:7b:48:89:fc:38:35:74:8f:69:d8:69:f1:36:c0:86:
8d:84:8d:e6:46:1b:9f:0a:77:81:50:37:51:a9:b3:95:c8:13:
43:f1:21:28:3c:27:9e:ba:06:5c:e3:d0:7c:9a:c2:6c:14:8e:
de:6a:4f:a0:c2:0c:78:db:62:a5:bc:96:4c:8c:2d:e2:02:41:
79:55:87:f2:6a:8e:77:9b:35:ca:dc:31:2e:e0:3b:a7:8a:10:
8a:d4:de:f9:5b:93:a8:21:76:65:68:8a:d2:c0:c9:8e:55:8b:
ca:45:65:00:3c:4c:14:b1:ee:cd:6b:86:38:b4:7c:6d:ed:6d:
85:0c:02:49:a7:80:be:26:20:29:d7:f7:77:ef:02:16:6f:d0:
a4:00:81:2d:d7:00:7f:54:e6:5e:f7:08:be:26:7b:73:a4:22:
f7:a6:23:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZecex20/zYEjHLwQ/wp47eeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNjIzMTExMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OThmOTVlYjJjNWIwYjlmY2NmMDk2Yjk0NzAyNDBiZTAwMTFhYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPx3Ir1ujv1X1oF2pwzIs4YhkTIc
EMyTX9j9QSd/FrzbFrAvGr3z/FU2+Ih+tr1mB1DAkyBknHCU9xCGIOxaOyuhAsbO
cTn4AiJKZK6zinR7lxiQGFvD33v3buGPJFgSx3KnyiPlZAVI+AgDt/XDXu2mPylK
mgL++SSGHrAVZMsSXy7/Dhg45qflUYdHjJRNgCUGMEjdKWW718zClgm/oIGvDoCQ
1u0qSTKXttp2UeOu2GryLuPPiZBXap1fLlUcvl5CVCW2dgSqjz7OFg2pDcd3g6i5
BgcKvfRIgNnBh7/PuOCRMA6M4zlp/8IDXH+ky60i0JZbe9cWx/EuuSlYiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFmPlessWwufzPCWuUcCQL4AEaxtMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvV1ktVjZ5eGJDNV9NOEphNVJ3SkF2Z0FSckcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+UfMA0G
CSqGSIb3DQEBCwUAA4IBAQBMdUvQno0RZ8vE4LqwM/eUe5Rb0SoYKqxRMBJCBZv4
jcQSSoLfQotj7Ni4LZJ+cI0XofJhBIFd5UkidGkmATilwbd7lPK6BZkfZ48FjDWk
7zfGnJzDDwLBzydnIjh7SIn8ODV0j2nYafE2wIaNhI3mRhufCneBUDdRqbOVyBND
8SEoPCeeugZc49B8msJsFI7eak+gwgx422KlvJZMjC3iAkF5VYfyao53mzXK3DEu
4DunihCK1N75W5OoIXZlaIrSwMmOVYvKRWUAPEwUse7Na4Y4tHxt7W2FDAJJp4C+
JiAp1/d37wIWb9CkAIEt1wB/VOZe9wi+JntzpCL3piPN
-----END CERTIFICATE-----
Generated at Tue Jul 1 06:59:00 2025 by rpki-client