Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/tY87YHYk1jzljqskwBqh88_jHsI.roa
File: tY87YHYk1jzljqskwBqh88_jHsI.roa (raw, json)
Hash identifier: FBXRg/+4zdN4ns//wS8kZR1MilrJbhk2IEaV/fnAsd8=
Subject key identifier: B5:8F:3B:60:76:24:D6:3C:E5:8E:AB:24:C0:1A:A1:F3:CF:E3:1E:C2
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01988D2E1671309471D0205E5A2AF720412E
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/tY87YHYk1jzljqskwBqh88_jHsI.roa
Signing time: Sat 09 Aug 2025 04:54:24 +0000
ROA not before: Sat 09 Aug 2025 04:54:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211056
IP address blocks: 94.184.23.0/24 maxlen: 24
94.184.24.0/24 maxlen: 24
94.184.25.0/24 maxlen: 24
94.184.26.0/24 maxlen: 24
94.184.27.0/24 maxlen: 24
94.184.28.0/24 maxlen: 24
94.184.29.0/24 maxlen: 24
94.184.30.0/24 maxlen: 24
94.184.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.mft
rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8d:2e:16:71:30:94:71:d0:20:5e:5a:2a:f7:20:41:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Aug 9 04:54:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b58f3b607624d63ce58eab24c01aa1f3cfe31ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c9:19:2e:6f:dd:d2:2f:fc:e9:24:87:22:9b:
ce:b8:c9:02:e3:ce:eb:b3:11:99:b5:00:a0:9e:17:
7b:53:94:75:bd:89:13:9e:c5:a4:54:ee:23:58:2d:
51:fc:cc:2b:d9:05:86:9f:63:28:47:65:b4:34:32:
2a:a6:66:a4:c3:d3:5b:a0:e9:d7:0c:42:14:33:b2:
13:df:7a:bf:43:50:d4:6c:8f:1a:95:ee:a0:fd:b3:
5c:0f:41:48:13:f1:e8:ad:f7:6e:58:b8:46:e7:d5:
bc:02:ae:99:43:d9:07:39:25:fe:3c:41:81:7f:c8:
cc:6a:2a:ee:bf:38:d2:57:d7:67:49:b8:6a:2f:d6:
63:69:35:69:2d:45:81:db:f3:23:ae:2f:69:a9:e1:
cf:62:ea:e3:9a:6e:fa:7e:db:7c:e0:7b:ed:b0:aa:
89:59:14:06:02:c5:e0:29:ee:f8:5f:22:6e:a8:00:
0f:c2:7b:2c:e2:be:f4:57:7a:60:49:f5:ab:d5:73:
79:6a:e0:0e:ab:65:0e:e1:e3:46:39:9c:30:f0:27:
aa:ff:fe:76:00:58:35:28:fd:78:e4:41:05:f9:bd:
69:0f:ca:02:fe:12:89:0d:62:16:4b:68:b1:8b:8b:
64:32:83:6f:2d:62:3e:08:ad:24:4b:05:ab:a4:9a:
3e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8F:3B:60:76:24:D6:3C:E5:8E:AB:24:C0:1A:A1:F3:CF:E3:1E:C2
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/tY87YHYk1jzljqskwBqh88_jHsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.23.0-94.184.31.255
Signature Algorithm: sha256WithRSAEncryption
07:1d:2f:de:7c:73:af:14:4a:a0:e0:6f:9b:e1:32:33:cb:ad:
bb:6a:5f:53:6b:60:0e:e8:0e:13:b8:b7:9d:73:c6:ca:97:0b:
a0:b9:cb:b1:b2:e3:68:52:69:91:10:5b:c3:bb:08:85:f4:10:
f5:c8:1b:73:c2:48:5d:7e:0a:34:6f:82:17:9f:58:4c:2e:42:
c3:24:cc:92:80:8d:9d:a5:1e:0b:63:cf:58:3b:9d:02:a6:88:
5a:eb:46:3e:df:52:20:f9:e1:db:53:c3:01:db:58:1e:19:41:
03:16:f2:2f:3e:bb:43:82:6a:df:2a:cb:2c:55:62:58:98:3a:
fc:dd:e3:6e:6d:04:24:8f:84:bb:52:1c:cd:dd:96:24:06:78:
b5:bf:e1:a2:bd:0a:5c:f4:63:d2:a8:b5:66:76:60:55:d5:23:
c1:2a:20:5f:c2:54:aa:1f:d7:bd:92:42:72:0c:63:66:7f:21:
7d:28:13:15:fa:5c:27:59:b3:10:ba:06:c7:5f:d9:71:25:5d:
ef:f6:49:93:e8:18:0c:55:f5:25:61:25:44:a7:2f:44:20:4d:
ca:9c:08:5a:d2:a3:c4:c7:8e:3c:f4:0a:67:07:db:77:d8:9e:
92:7c:2e:2c:af:47:6a:f8:b5:0d:40:b4:ed:7b:1a:d5:44:3c:
9b:84:ee:2f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZiNLhZxMJRx0CBeWir3IEEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjUwODA5MDQ1NDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNThmM2I2MDc2MjRkNjNjZTU4ZWFiMjRjMDFhYTFmM2NmZTMxZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2skZLm/d0i/86SSHIpvOuMkC487r
sxGZtQCgnhd7U5R1vYkTnsWkVO4jWC1R/Mwr2QWGn2MoR2W0NDIqpmakw9NboOnX
DEIUM7IT33q/Q1DUbI8ale6g/bNcD0FIE/HorfduWLhG59W8Aq6ZQ9kHOSX+PEGB
f8jMairuvzjSV9dnSbhqL9ZjaTVpLUWB2/Mjri9pqeHPYurjmm76ftt84HvtsKqJ
WRQGAsXgKe74XyJuqAAPwnss4r70V3pgSfWr1XN5auAOq2UO4eNGOZww8Ceq//52
AFg1KP145EEF+b1pD8oC/hKJDWIWS2ixi4tkMoNvLWI+CK0kSwWrpJo+ZwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLWPO2B2JNY85Y6rJMAaofPP4x7CMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvdFk4N1lIWWsxanpsanFza3dCcWg4OF9qSHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABeuBcD
BAVeuAAwDQYJKoZIhvcNAQELBQADggEBAAcdL958c68USqDgb5vhMjPLrbtqX1Nr
YA7oDhO4t51zxsqXC6C5y7Gy42hSaZEQW8O7CIX0EPXIG3PCSF1+CjRvghefWEwu
QsMkzJKAjZ2lHgtjz1g7nQKmiFrrRj7fUiD54dtTwwHbWB4ZQQMW8i8+u0OCat8q
yyxVYliYOvzd425tBCSPhLtSHM3dliQGeLW/4aK9Clz0Y9KotWZ2YFXVI8EqIF/C
VKof172SQnIMY2Z/IX0oExX6XCdZsxC6Bsdf2XElXe/2SZPoGAxV9SVhJUSnL0Qg
TcqcCFrSo8THjjz0CmcH23fYnpJ8LiyvR2r4tQ1AtO17GtVEPJuE7i8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:07:37 2025 by rpki-client