Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/whMyZnTeeWmIZ40EAtQYERDXPcw.roa
File: whMyZnTeeWmIZ40EAtQYERDXPcw.roa (raw, json)
Hash identifier: Pcqdqq7cUSpJc4C3MIQ85eINdsCgh8UDrdKsvWlA+nI=
Subject key identifier: C2:13:32:66:74:DE:79:69:88:67:8D:04:02:D4:18:11:10:D7:3D:CC
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01987E35B8E85DEC73CE12E805567CB741CB
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/whMyZnTeeWmIZ40EAtQYERDXPcw.roa
Signing time: Wed 06 Aug 2025 07:08:26 +0000
ROA not before: Wed 06 Aug 2025 07:08:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 194.238.44.0/22 maxlen: 24
194.238.72.0/22 maxlen: 24
194.238.80.0/22 maxlen: 24
194.238.84.0/22 maxlen: 24
194.238.88.0/22 maxlen: 24
194.238.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:35:b8:e8:5d:ec:73:ce:12:e8:05:56:7c:b7:41:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Aug 6 07:08:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c213326674de796988678d0402d4181110d73dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1f:71:79:cb:1a:86:b1:e4:57:04:e9:ca:6a:
d4:d5:ea:af:e7:81:c5:7a:3c:0e:ec:09:b2:8e:7f:
89:c1:fe:46:26:c7:62:ba:2f:67:33:1a:31:fa:18:
31:9e:f3:a5:39:3b:6a:ba:8d:7c:85:7f:02:b5:01:
b8:3f:cb:3f:af:72:75:f4:12:85:5b:96:ee:a8:6a:
f2:8a:3c:11:d1:8a:1a:da:70:bb:4c:93:ce:26:a9:
6d:10:25:47:ee:75:8b:0a:14:d6:73:2b:df:e3:9b:
7c:81:5d:b1:d9:1c:23:94:35:c1:66:ac:63:7e:16:
e3:ae:e9:69:d6:66:6f:19:5a:a5:a5:29:6d:3e:8a:
5d:a2:a7:d3:4c:f4:e9:69:c0:33:5c:1a:2e:f0:c2:
7f:53:e9:4b:4c:ca:a2:bb:cb:08:9d:4c:7a:53:58:
f7:bd:17:94:ee:79:96:05:65:a6:8d:26:6f:c1:73:
b1:9a:ea:13:f6:ca:9a:43:83:24:28:03:9f:ff:cc:
a3:f8:cb:a7:97:37:da:f0:7e:a5:ce:51:b9:91:92:
5e:ae:17:99:06:9b:43:55:cb:76:64:84:e5:17:de:
5f:91:7f:74:a7:f2:78:f8:6a:e3:73:0c:d2:3f:31:
21:64:95:09:69:f1:21:05:0d:79:b0:b6:76:d9:1c:
35:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:13:32:66:74:DE:79:69:88:67:8D:04:02:D4:18:11:10:D7:3D:CC
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/whMyZnTeeWmIZ40EAtQYERDXPcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.44.0/22
194.238.72.0/22
194.238.80.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:51:fd:a1:39:c9:de:b1:bd:50:bf:8f:20:f3:82:9d:0c:6c:
45:14:cb:5a:c9:7d:c5:32:98:26:41:79:8f:92:53:d9:72:8e:
98:e3:04:06:c3:37:a7:c9:53:66:19:03:29:ed:af:62:42:ae:
b0:23:7f:55:4e:eb:09:98:28:6a:4b:81:5c:b3:39:d0:7d:86:
f3:6f:a6:61:93:85:7d:31:b7:f8:4b:0c:9a:81:f7:e7:5a:b7:
98:41:c9:e8:55:13:89:79:b0:aa:03:35:a1:39:7f:72:c3:24:
e5:fd:44:d4:09:30:b2:93:cb:9f:f7:3c:ae:f3:09:33:32:67:
dc:7a:ad:af:fa:3a:a0:19:aa:57:a1:ca:27:e1:ce:aa:79:32:
f9:9d:41:6e:7d:05:cf:bf:45:f1:33:b1:8b:01:4b:dc:b7:39:
c8:56:d8:20:d3:9f:6c:de:03:44:b5:45:36:0e:2a:b9:39:25:
b9:06:82:ba:15:7b:21:e6:9c:c9:d9:c3:70:fe:d8:f0:f7:8d:
7c:18:f0:bb:dc:74:35:34:a1:40:2c:77:55:4d:96:9e:b6:49:
62:54:d4:79:c2:9b:1d:66:0e:9b:a8:33:40:02:6c:38:75:30:
ef:99:8b:37:e9:a4:93:d1:01:b1:6b:d1:e2:82:cb:a1:eb:20:
74:28:71:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZh+NbjoXexzzhLoBVZ8t0HLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwODA2MDcwODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjEzMzI2Njc0ZGU3OTY5ODg2NzhkMDQwMmQ0MTgxMTEwZDczZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5R9xecsahrHkVwTpymrU1eqv54HF
ejwO7Amyjn+Jwf5GJsdiui9nMxox+hgxnvOlOTtquo18hX8CtQG4P8s/r3J19BKF
W5buqGryijwR0Yoa2nC7TJPOJqltECVH7nWLChTWcyvf45t8gV2x2RwjlDXBZqxj
fhbjrulp1mZvGVqlpSltPopdoqfTTPTpacAzXBou8MJ/U+lLTMqiu8sInUx6U1j3
vReU7nmWBWWmjSZvwXOxmuoT9sqaQ4MkKAOf/8yj+Munlzfa8H6lzlG5kZJerheZ
BptDVct2ZITlF95fkX90p/J4+GrjcwzSPzEhZJUJafEhBQ15sLZ22Rw12wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMITMmZ03nlpiGeNBALUGBEQ1z3MMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvd2hNeVpuVGVlV21JWjQwRUF0UVlFUkRYUGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCwu4sAwQC
wu5IAwQEwu5QMA0GCSqGSIb3DQEBCwUAA4IBAQBtUf2hOcnesb1Qv48g84KdDGxF
FMtayX3FMpgmQXmPklPZco6Y4wQGwzenyVNmGQMp7a9iQq6wI39VTusJmChqS4Fc
sznQfYbzb6Zhk4V9Mbf4SwyagffnWreYQcnoVROJebCqAzWhOX9ywyTl/UTUCTCy
k8uf9zyu8wkzMmfceq2v+jqgGapXocon4c6qeTL5nUFufQXPv0XxM7GLAUvctznI
Vtgg059s3gNEtUU2Diq5OSW5BoK6FXsh5pzJ2cNw/tjw9418GPC73HQ1NKFALHdV
TZaetkliVNR5wpsdZg6bqDNAAmw4dTDvmYs36aST0QGxa9Higsuh6yB0KHEN
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:39:37 2025 by rpki-client