Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/W430Ui1UXQ7RABZnwSKy29vShdY.roa
File: W430Ui1UXQ7RABZnwSKy29vShdY.roa (raw, json)
Hash identifier: +4VlsCd7wKYkqzPPZYOuuES1Ou2/8oSAmx6WikA3M3E=
Subject key identifier: 5B:8D:F4:52:2D:54:5D:0E:D1:00:16:67:C1:22:B2:DB:DB:D2:85:D6
Certificate issuer: /CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Certificate serial: 0198BD89DA962EBB259B2DD27947DB2C6336
Authority key identifier: 87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/W430Ui1UXQ7RABZnwSKy29vShdY.roa
Signing time: Mon 18 Aug 2025 14:16:24 +0000
ROA not before: Mon 18 Aug 2025 14:16:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210275
IP address blocks: 83.229.65.0/24 maxlen: 24
152.114.228.0/22 maxlen: 24
176.105.148.0/22 maxlen: 24
185.35.78.0/23 maxlen: 24
185.169.32.0/22 maxlen: 24
2a13:2400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bd:89:da:96:2e:bb:25:9b:2d:d2:79:47:db:2c:63:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Validity
Not Before: Aug 18 14:16:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b8df4522d545d0ed1001667c122b2dbdbd285d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3f:38:b6:5c:d0:16:9b:73:2e:43:43:2b:18:
8d:c4:d5:c0:d6:72:3f:ec:63:e6:85:ac:12:88:b2:
ef:9b:37:27:59:6c:e2:1b:23:dc:7f:48:9f:26:7e:
02:13:f2:dd:aa:95:40:b6:e7:64:41:f2:01:be:cc:
04:58:4e:e6:05:d8:c8:9a:9d:a5:43:7f:8a:b7:a8:
14:d2:54:40:f8:d5:a7:4c:35:ae:23:b3:83:92:7f:
52:11:00:cf:36:e3:33:4d:e2:60:60:2d:08:c1:b5:
fa:89:d3:dd:b7:e9:7b:80:c0:73:ed:a0:b9:99:99:
c2:9e:d6:b7:ad:c1:cf:b5:d2:6f:41:77:07:64:e8:
4f:ff:b6:d5:e9:bd:e4:1c:5e:86:56:46:18:df:dd:
89:dd:6c:ac:0c:a7:72:c3:78:68:12:87:3e:90:6c:
28:1f:1f:72:7d:a9:2e:56:73:27:1d:12:ad:e1:7b:
52:42:6b:bf:fc:0d:ae:5d:0c:06:5b:57:70:15:d9:
05:f6:01:b3:21:7c:da:db:e9:6c:e0:c2:ea:e9:ff:
57:77:72:0a:0d:0e:ae:78:89:0a:42:b3:b7:d2:64:
47:19:88:24:b0:dc:49:d3:d1:23:73:3b:bb:96:cc:
f1:d5:de:f4:bf:12:4f:14:a4:09:40:9c:53:91:6b:
71:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:8D:F4:52:2D:54:5D:0E:D1:00:16:67:C1:22:B2:DB:DB:D2:85:D6
X509v3 Authority Key Identifier:
keyid:87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/W430Ui1UXQ7RABZnwSKy29vShdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.65.0/24
152.114.228.0/22
176.105.148.0/22
185.35.78.0/23
185.169.32.0/22
IPv6:
2a13:2400::/29
Signature Algorithm: sha256WithRSAEncryption
25:6a:92:4a:5b:c1:d5:2a:4c:7c:20:67:ab:89:ab:2a:36:d0:
69:2c:cd:b7:7b:58:eb:5e:87:b9:26:85:0c:f7:74:f2:6e:a5:
9d:f4:e8:0e:32:f9:c1:14:99:d9:7a:a6:7b:ae:3e:6b:8e:80:
a1:12:bf:14:8e:12:10:af:75:e3:e4:06:3c:70:b9:2f:98:9f:
79:c7:33:6a:3f:92:dd:cf:be:73:f0:c0:98:47:34:b7:51:f7:
be:a5:33:76:f0:e6:8a:e7:5e:e7:ad:be:5b:21:51:0d:35:26:
14:57:3d:c7:a8:f6:55:fb:4b:b2:5f:15:ef:e7:7a:dd:12:ad:
2a:42:09:52:6c:dd:be:23:21:93:43:f0:d4:88:82:0d:69:c9:
c9:c8:e2:27:f6:c0:ab:fb:ce:ed:f7:a7:0e:d2:11:ce:88:d8:
d8:b7:81:24:9e:e6:70:29:00:db:ae:d8:e3:9c:0a:50:da:c4:
20:3e:f1:d7:72:35:ae:c3:73:1a:da:8d:74:a3:9d:09:ae:73:
89:c9:8b:ac:9b:53:a7:d2:fa:5a:c4:4a:4e:2f:20:d4:24:93:
6d:36:7c:8c:c5:9b:26:68:5e:f5:05:f6:fc:79:96:45:6e:e1:
83:cc:49:64:02:8e:0c:7e:2a:7f:a7:37:33:c8:30:f8:20:24:
5b:f2:9a:f8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZi9idqWLrslmy3SeUfbLGM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZTk2NWU3ODgzMWE4OGJhOGZhNDE5NDMyYTlkN2JhYzlk
YjM4YTMwHhcNMjUwODE4MTQxNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjhkZjQ1MjJkNTQ1ZDBlZDEwMDE2NjdjMTIyYjJkYmRiZDI4NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj84tlzQFptzLkNDKxiNxNXA1nI/
7GPmhawSiLLvmzcnWWziGyPcf0ifJn4CE/LdqpVAtudkQfIBvswEWE7mBdjImp2l
Q3+Kt6gU0lRA+NWnTDWuI7ODkn9SEQDPNuMzTeJgYC0IwbX6idPdt+l7gMBz7aC5
mZnCnta3rcHPtdJvQXcHZOhP/7bV6b3kHF6GVkYY392J3WysDKdyw3hoEoc+kGwo
Hx9yfakuVnMnHRKt4XtSQmu//A2uXQwGW1dwFdkF9gGzIXza2+ls4MLq6f9Xd3IK
DQ6ueIkKQrO30mRHGYgksNxJ09Ejczu7lszx1d70vxJPFKQJQJxTkWtx1wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFuN9FItVF0O0QAWZ8Eistvb0oXWMB8GA1UdIwQY
MBaAFIfpZeeIMaiLqPpBlDKp17rJ2zijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQt
Y2VlM2I0OTI5MDJlLzEvVzQzMFVpMVVYUTdSQUJabndTS3kyOXZTaGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQtY2VlM2I0OTI5MDJl
LzEvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAU+VBAwQC
mHLkAwQCsGmUAwQBuSNOAwQCuakgMA0EAgACMAcDBQMqEyQAMA0GCSqGSIb3DQEB
CwUAA4IBAQAlapJKW8HVKkx8IGeriasqNtBpLM23e1jrXoe5JoUM93TybqWd9OgO
MvnBFJnZeqZ7rj5rjoChEr8UjhIQr3Xj5AY8cLkvmJ95xzNqP5Ldz75z8MCYRzS3
Ufe+pTN28OaK517nrb5bIVENNSYUVz3HqPZV+0uyXxXv53rdEq0qQglSbN2+IyGT
Q/DUiIINacnJyOIn9sCr+87t96cO0hHOiNjYt4EknuZwKQDbrtjjnApQ2sQgPvHX
cjWuw3Ma2o10o50JrnOJyYusm1On0vpaxEpOLyDUJJNtNnyMxZsmaF71Bfb8eZZF
buGDzElkAo4Mfip/pzczyDD4ICRb8pr4
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:51:55 2025 by rpki-client