
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/WUcwdVxjGm9MT5dj0KuN5kY8fc0.roa
File: WUcwdVxjGm9MT5dj0KuN5kY8fc0.roa (raw, json)
Hash identifier: Va0HPLXWY6KmecVQh7TSAW6BzjPwycNZWbVEYlVLjHk=
Subject key identifier: 59:47:30:75:5C:63:1A:6F:4C:4F:97:63:D0:AB:8D:E6:46:3C:7D:CD
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 01979EF93BCA41BA7B09C237DEA925D17B80
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/WUcwdVxjGm9MT5dj0KuN5kY8fc0.roa
Signing time: Mon 23 Jun 2025 22:47:03 +0000
ROA not before: Mon 23 Jun 2025 22:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54600
IP address blocks: 116.204.164.0/23 maxlen: 24
222.167.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 19:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9e:f9:3b:ca:41:ba:7b:09:c2:37:de:a9:25:d1:7b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Jun 23 22:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=594730755c631a6f4c4f9763d0ab8de6463c7dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fd:f9:45:49:c6:10:94:64:28:e8:c3:75:70:
b8:f4:90:ca:7d:25:44:77:69:f0:77:72:30:a6:b3:
f1:ff:d5:ec:ca:04:12:b5:c1:eb:a7:4b:7c:27:fd:
4c:56:88:81:f7:5b:89:03:41:8c:9b:69:2b:5c:16:
57:0b:68:01:c4:a0:c9:c7:69:4d:a2:a8:dc:c4:d0:
c9:54:ed:2c:94:29:f7:29:19:52:14:79:a1:fa:86:
90:cb:5d:16:97:30:fd:81:da:ca:86:63:db:39:c2:
92:1b:92:4e:2c:4b:0b:fe:f8:55:ba:bc:d0:21:3d:
98:4c:20:c1:c3:3b:eb:77:83:58:fa:18:b3:67:87:
2e:bb:75:61:cf:59:4f:97:2c:69:36:7d:90:41:8a:
0c:d0:f3:3d:e7:ed:86:db:1f:b4:29:2f:2e:7e:64:
25:6d:f3:f7:ab:78:ea:40:87:b0:4a:6c:e9:14:5a:
7a:06:b7:2c:67:43:19:ee:2a:fd:bc:17:b3:59:5f:
d2:65:29:26:2f:6b:5a:64:f2:00:0b:c2:1e:81:05:
f7:51:93:2d:a0:b6:35:c4:b2:f6:f6:01:24:d2:14:
60:f2:fa:83:6a:ba:b8:f0:56:e9:b1:a0:66:d0:62:
58:85:9e:cc:be:b4:f4:0f:bd:fc:4d:56:d9:5d:a8:
19:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:47:30:75:5C:63:1A:6F:4C:4F:97:63:D0:AB:8D:E6:46:3C:7D:CD
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/WUcwdVxjGm9MT5dj0KuN5kY8fc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.204.164.0/23
222.167.224.0/19
Signature Algorithm: sha256WithRSAEncryption
a1:b5:fb:f1:7f:ec:da:7f:4c:e3:0c:78:b3:5c:31:a2:35:50:
55:b6:96:e6:5b:54:f1:d4:de:de:78:00:64:0a:7f:3c:7b:1d:
c7:c7:ac:30:3a:b1:17:43:85:c3:b8:90:83:9e:8d:2e:e0:fe:
c7:3f:be:57:ec:98:46:6e:d9:0b:cc:f0:7c:4a:ec:25:dc:c8:
c8:7d:66:54:37:02:60:fe:c8:36:37:24:f7:d4:91:f0:ea:82:
ed:83:a8:1a:24:9d:4d:0d:67:73:4e:8c:cc:5b:49:3d:a7:16:
b1:af:72:a5:39:c0:3d:01:74:c9:d6:f6:09:a5:eb:20:f8:e1:
ac:5e:f0:db:c9:d4:a4:d3:9d:16:07:94:1f:ee:01:b4:ed:0f:
8a:29:5c:eb:9b:7d:29:96:26:2a:07:ff:50:0f:7d:20:a1:65:
ff:7f:4f:07:d5:44:a4:2c:ea:33:19:4b:94:2f:7f:6f:b4:cc:
c6:4c:75:a8:25:53:a8:78:42:f9:e4:71:d7:2a:fb:21:81:5f:
71:37:0e:f4:b7:d6:1f:08:b0:92:a0:7d:69:09:d6:70:04:62:
00:b3:1d:27:19:0f:d5:e1:5c:20:27:9e:07:be:cb:82:de:c9:
f3:42:98:a6:7d:41:d3:11:89:86:b9:03:c8:3f:f3:4c:c4:82:
21:a6:d1:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZee+TvKQbp7CcI33qkl0XuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjUwNjIzMjI0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTQ3MzA3NTVjNjMxYTZmNGM0Zjk3NjNkMGFiOGRlNjQ2M2M3ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtP35RUnGEJRkKOjDdXC49JDKfSVE
d2nwd3IwprPx/9XsygQStcHrp0t8J/1MVoiB91uJA0GMm2krXBZXC2gBxKDJx2lN
oqjcxNDJVO0slCn3KRlSFHmh+oaQy10WlzD9gdrKhmPbOcKSG5JOLEsL/vhVurzQ
IT2YTCDBwzvrd4NY+hizZ4cuu3Vhz1lPlyxpNn2QQYoM0PM95+2G2x+0KS8ufmQl
bfP3q3jqQIewSmzpFFp6BrcsZ0MZ7ir9vBezWV/SZSkmL2taZPIAC8IegQX3UZMt
oLY1xLL29gEk0hRg8vqDarq48FbpsaBm0GJYhZ7MvrT0D738TVbZXagZxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFlHMHVcYxpvTE+XY9CrjeZGPH3NMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvV1Vjd2RWeGpHbTlNVDVkajBLdU41a1k4ZmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBdMykAwQF
3qfgMA0GCSqGSIb3DQEBCwUAA4IBAQChtfvxf+zaf0zjDHizXDGiNVBVtpbmW1Tx
1N7eeABkCn88ex3Hx6wwOrEXQ4XDuJCDno0u4P7HP75X7JhGbtkLzPB8Suwl3MjI
fWZUNwJg/sg2NyT31JHw6oLtg6gaJJ1NDWdzTozMW0k9pxaxr3KlOcA9AXTJ1vYJ
pesg+OGsXvDbydSk050WB5Qf7gG07Q+KKVzrm30pliYqB/9QD30goWX/f08H1USk
LOozGUuUL39vtMzGTHWoJVOoeEL55HHXKvshgV9xNw70t9YfCLCSoH1pCdZwBGIA
sx0nGQ/V4VwgJ54HvsuC3snzQpimfUHTEYmGuQPIP/NMxIIhptGk
-----END CERTIFICATE-----
Generated at Thu Jul 3 02:44:03 2025 by rpki-client