Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/wNylru0Jam025IFBLKzenX7fz-w.roa
File: wNylru0Jam025IFBLKzenX7fz-w.roa (raw, json)
Hash identifier: NE7ySTru/IwX6C1GcDAPcg0wTe7SbeL7r0nAguOkM2M=
Subject key identifier: C0:DC:A5:AE:ED:09:6A:6D:36:E4:81:41:2C:AC:DE:9D:7E:DF:CF:EC
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0197B7F20C276D18B15FF69948ADFBE10CD9
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/wNylru0Jam025IFBLKzenX7fz-w.roa
Signing time: Sat 28 Jun 2025 19:09:42 +0000
ROA not before: Sat 28 Jun 2025 19:09:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214419
IP address blocks: 109.94.165.0/24 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.81.0/24 maxlen: 24
2a00:7d80:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 07:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:f2:0c:27:6d:18:b1:5f:f6:99:48:ad:fb:e1:0c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jun 28 19:09:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0dca5aeed096a6d36e481412cacde9d7edfcfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:56:88:21:d1:5e:1d:c1:bd:1d:ee:10:fa:
41:53:4d:05:f3:32:56:4a:8d:cd:d3:de:d5:5a:8c:
d1:e4:9e:d5:86:df:5b:9c:85:24:49:64:b7:ef:e0:
5a:aa:ab:58:c4:09:13:c2:25:47:04:3b:35:4d:27:
44:8f:2e:8f:49:76:29:ab:21:09:56:8c:5b:68:ea:
58:45:53:68:65:ad:6e:5c:2c:e4:f9:5e:46:fd:ec:
a3:f3:5c:59:78:d9:02:f3:17:ff:86:21:c2:3e:d6:
3a:54:51:52:50:28:1f:af:d6:c0:3b:84:60:ec:fb:
c4:a9:ed:26:14:ba:08:90:77:6d:5e:42:79:bd:ac:
8d:ee:ea:12:3b:47:20:2e:07:15:90:17:b5:01:ee:
38:fe:ad:fc:e7:e2:72:07:6d:b3:88:2f:c2:84:7f:
eb:da:8a:79:50:dc:96:b8:07:f9:79:a4:2c:3d:f4:
63:a8:49:f9:ef:41:11:81:a5:8a:81:6e:17:2a:40:
1f:04:c5:ed:1b:e8:3c:fe:42:9f:82:04:d4:a4:a3:
fd:74:a2:4f:01:e9:5c:62:60:fe:04:d3:fe:13:a4:
5a:f8:87:d5:65:58:68:d8:af:70:e7:18:cb:f8:96:
0f:9f:fd:78:39:e0:89:b3:43:d4:8c:a1:1d:23:27:
c1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:DC:A5:AE:ED:09:6A:6D:36:E4:81:41:2C:AC:DE:9D:7E:DF:CF:EC
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/wNylru0Jam025IFBLKzenX7fz-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.94.165.0/24
212.16.71.0/24
212.16.81.0/24
IPv6:
2a00:7d80:11::/48
Signature Algorithm: sha256WithRSAEncryption
72:85:9e:45:98:65:ca:d7:2f:de:7a:80:ff:f5:f5:c7:5c:fe:
55:e2:45:cc:11:0c:27:18:ac:55:1f:b2:60:ad:70:c8:7e:28:
1b:e2:77:b1:aa:19:b5:43:22:55:42:5a:78:67:fe:52:ed:5b:
7b:26:8a:3c:e1:2f:cf:94:d5:e0:b0:d1:5b:3d:4e:10:d0:19:
ea:c1:c5:77:96:74:cc:10:76:da:f2:4f:da:0c:3d:25:51:33:
bd:62:9c:bd:1c:ac:b5:37:c8:92:34:26:2b:8d:93:3e:49:36:
ba:03:93:8c:3e:87:b5:d4:f9:3e:27:75:2d:fc:61:04:2f:9e:
db:7b:f6:fc:30:1d:b0:be:bc:91:aa:dc:3e:e7:bc:5f:a1:7b:
0c:4d:1f:58:8c:56:4a:34:55:ff:28:d2:34:8b:1c:c1:48:78:
80:a5:02:0b:97:33:83:ae:ac:a3:4b:2c:00:02:29:ff:e7:ec:
5a:f8:79:05:cc:78:98:ca:a1:97:5f:a0:c4:25:ba:49:03:3e:
b8:e2:9f:a5:d1:e7:0f:b0:00:1f:fb:3a:27:67:cd:f3:25:bf:
3b:da:b0:5b:29:bc:e7:0f:99:e6:32:88:1c:49:23:c5:ef:df:
4e:c3:16:bc:b1:fa:d2:02:ea:42:79:04:f7:42:e2:32:6d:ba:
26:58:9a:7a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZe38gwnbRixX/aZSK374QzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwNjI4MTkwOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGRjYTVhZWVkMDk2YTZkMzZlNDgxNDEyY2FjZGU5ZDdlZGZjZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPFWiCHRXh3BvR3uEPpBU00F8zJW
So3N097VWozR5J7Vht9bnIUkSWS37+BaqqtYxAkTwiVHBDs1TSdEjy6PSXYpqyEJ
VoxbaOpYRVNoZa1uXCzk+V5G/eyj81xZeNkC8xf/hiHCPtY6VFFSUCgfr9bAO4Rg
7PvEqe0mFLoIkHdtXkJ5vayN7uoSO0cgLgcVkBe1Ae44/q385+JyB22ziC/ChH/r
2op5UNyWuAf5eaQsPfRjqEn570ERgaWKgW4XKkAfBMXtG+g8/kKfggTUpKP9dKJP
AelcYmD+BNP+E6Ra+IfVZVho2K9w5xjL+JYPn/14OeCJs0PUjKEdIyfB7QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMDcpa7tCWptNuSBQSys3p1+38/sMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvd055bHJ1MEphbTAyNUlGQkxLemVuWDdmei13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAbV6lAwQA
1BBHAwQA1BBRMA8EAgACMAkDBwAqAH2AABEwDQYJKoZIhvcNAQELBQADggEBAHKF
nkWYZcrXL956gP/19cdc/lXiRcwRDCcYrFUfsmCtcMh+KBvid7GqGbVDIlVCWnhn
/lLtW3smijzhL8+U1eCw0Vs9ThDQGerBxXeWdMwQdtryT9oMPSVRM71inL0crLU3
yJI0JiuNkz5JNroDk4w+h7XU+T4ndS38YQQvntt79vwwHbC+vJGq3D7nvF+hewxN
H1iMVko0Vf8o0jSLHMFIeIClAguXM4OurKNLLAACKf/n7Fr4eQXMeJjKoZdfoMQl
ukkDPrjin6XR5w+wAB/7OidnzfMlvzvasFspvOcPmeYyiBxJI8Xv307DFryx+tIC
6kJ5BPdC4jJtuiZYmno=
-----END CERTIFICATE-----
Generated at Wed Jul 2 15:08:28 2025 by rpki-client