Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wlnL9rbGb73LQ0GvWs3qm4Fv6cw.roa
File: wlnL9rbGb73LQ0GvWs3qm4Fv6cw.roa (raw, json)
Hash identifier: sje1lMWXATWR/NjN96+M/auSZYJlrhtgayWQW0C29R8=
Subject key identifier: C2:59:CB:F6:B6:C6:6F:BD:CB:43:41:AF:5A:CD:EA:9B:81:6F:E9:CC
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0196803E058D700D74CFDB8E23E4E9DCABF5
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wlnL9rbGb73LQ0GvWs3qm4Fv6cw.roa
Signing time: Tue 29 Apr 2025 06:31:10 +0000
ROA not before: Tue 29 Apr 2025 06:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.174.0/24 maxlen: 24
62.72.187.0/24 maxlen: 24
62.72.191.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
176.57.51.0/24 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 07:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:3e:05:8d:70:0d:74:cf:db:8e:23:e4:e9:dc:ab:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Apr 29 06:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c259cbf6b6c66fbdcb4341af5acdea9b816fe9cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:32:d6:7c:84:95:81:f1:9f:59:24:27:14:e2:
3c:57:3d:57:36:85:df:21:9b:56:b7:7c:a9:e8:15:
11:0e:eb:53:e8:9b:cb:e9:fc:b7:a7:fc:0c:aa:3f:
99:13:f6:11:34:8a:74:a6:e8:e8:fb:7b:bc:5d:8e:
51:bd:31:fa:d3:89:91:80:2c:46:26:07:b7:41:2a:
89:70:07:d5:31:ce:ad:da:27:78:70:82:88:94:9e:
86:e8:73:19:e3:77:57:ee:ae:1a:2d:c1:3d:7e:9f:
59:15:4d:0b:83:69:64:dc:96:11:e7:2f:64:60:4e:
1c:d4:bb:d8:2e:d0:14:cd:eb:7e:50:81:3c:e6:76:
eb:c5:9b:a5:f4:b0:e5:50:09:d3:d5:94:a1:46:aa:
94:9d:1c:ee:c4:ce:14:9b:85:5b:83:0f:2e:e6:c1:
3a:a2:d5:d9:cb:5a:c5:c1:21:5e:29:fe:6e:74:b8:
f8:68:72:5e:95:ed:55:7b:9d:35:f7:aa:5f:ec:9a:
61:e1:22:85:61:4b:15:1f:d4:36:d0:e8:77:62:6e:
b0:3e:b8:33:17:6b:54:b8:8c:95:3a:16:20:01:70:
73:98:9c:f6:ed:86:b8:43:77:49:cd:ca:fb:98:22:
21:ec:af:9b:0f:32:53:12:eb:78:0e:55:8d:b4:e0:
1f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:59:CB:F6:B6:C6:6F:BD:CB:43:41:AF:5A:CD:EA:9B:81:6F:E9:CC
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/wlnL9rbGb73LQ0GvWs3qm4Fv6cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.174.0/24
62.72.187.0/24
62.72.191.0/24
81.21.2.0-81.21.7.255
176.57.51.0/24
176.57.56.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
09:4d:27:03:59:fc:e7:b6:5c:af:9f:0a:b0:a9:78:6d:b1:f1:
17:d6:5d:a1:f4:81:01:a3:6d:e8:7a:5a:d5:5a:c0:1d:2c:27:
32:4c:2a:6c:e1:56:6e:a5:8e:85:39:ad:4b:b1:61:2e:63:96:
1b:07:11:39:db:c5:d5:b8:d3:72:98:cc:2f:9a:91:e2:49:03:
f3:9a:e8:c0:2d:3f:14:bb:90:ce:75:c5:75:21:44:1a:bc:11:
a0:ef:5b:e4:4d:32:ca:80:50:98:c3:c4:2f:c9:84:04:cd:87:
78:3b:86:af:e3:d7:05:df:c1:d1:c8:4d:3a:c2:80:6a:17:7e:
52:60:16:54:c9:da:4f:13:0b:ba:66:ed:5f:cd:05:cc:68:75:
20:41:db:a0:7e:ac:47:d1:51:43:be:5b:18:90:d6:64:bc:17:
5d:ae:30:b1:ff:52:32:d8:e6:f9:27:1e:a9:18:29:dc:55:a2:
5c:4b:71:cd:f4:31:b7:58:70:fc:57:3f:3e:d4:cb:04:ca:9e:
56:4c:d3:25:50:4d:e2:9a:8f:10:9d:e5:c2:01:9b:70:da:38:
71:bc:75:dd:7a:8b:e7:c0:fa:19:be:60:a3:b5:23:c3:ae:d4:
bb:cd:66:18:9a:e5:39:0d:69:96:59:f5:9e:92:e2:1a:cd:0c:
fb:82:06:6c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZaAPgWNcA10z9uOI+Tp3Kv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwNDI5MDYzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjU5Y2JmNmI2YzY2ZmJkY2I0MzQxYWY1YWNkZWE5YjgxNmZlOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTLWfISVgfGfWSQnFOI8Vz1XNoXf
IZtWt3yp6BURDutT6JvL6fy3p/wMqj+ZE/YRNIp0pujo+3u8XY5RvTH604mRgCxG
Jge3QSqJcAfVMc6t2id4cIKIlJ6G6HMZ43dX7q4aLcE9fp9ZFU0Lg2lk3JYR5y9k
YE4c1LvYLtAUzet+UIE85nbrxZul9LDlUAnT1ZShRqqUnRzuxM4Um4Vbgw8u5sE6
otXZy1rFwSFeKf5udLj4aHJele1Ve50196pf7Jph4SKFYUsVH9Q20Oh3Ym6wPrgz
F2tUuIyVOhYgAXBzmJz27Ya4Q3dJzcr7mCIh7K+bDzJTEut4DlWNtOAfOwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFMJZy/a2xm+9y0NBr1rN6puBb+nMMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvd2xuTDlyYkdiNzNMUTBHdldzM3FtNEZ2NmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAE+SKID
BAM+SKADBAA+SK4DBAA+SLsDBAA+SL8wDAMEAVEVAgMEA1EVAAMEALA5MwMEALA5
OAMEALA5PzANBgkqhkiG9w0BAQsFAAOCAQEACU0nA1n857Zcr58KsKl4bbHxF9Zd
ofSBAaNt6Hpa1VrAHSwnMkwqbOFWbqWOhTmtS7FhLmOWGwcROdvF1bjTcpjML5qR
4kkD85rowC0/FLuQznXFdSFEGrwRoO9b5E0yyoBQmMPEL8mEBM2HeDuGr+PXBd/B
0chNOsKAahd+UmAWVMnaTxMLumbtX80FzGh1IEHboH6sR9FRQ75bGJDWZLwXXa4w
sf9SMtjm+SceqRgp3FWiXEtxzfQxt1hw/Fc/PtTLBMqeVkzTJVBN4pqPEJ3lwgGb
cNo4cbx13XqL58D6Gb5go7Ujw67Uu81mGJrlOQ1plln1npLiGs0M+4IGbA==
-----END CERTIFICATE-----
Generated at Wed May 14 15:27:13 2025 by rpki-client