Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Whud6EXW8Ij7woDF4rxVqwrjMn8.roa
File: Whud6EXW8Ij7woDF4rxVqwrjMn8.roa (raw, json)
Hash identifier: iWFxnOQlS0I23+Za/Ck33I86kKRns0q+3mmBdrj/6hQ=
Subject key identifier: 5A:1B:9D:E8:45:D6:F0:88:FB:C2:80:C5:E2:BC:55:AB:0A:E3:32:7F
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 0197C0055027938564A03B1CF57B7832C0E1
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Whud6EXW8Ij7woDF4rxVqwrjMn8.roa
Signing time: Mon 30 Jun 2025 08:47:42 +0000
ROA not before: Mon 30 Jun 2025 08:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200780
IP address blocks: 5.42.200.0/24 maxlen: 24
45.9.104.0/22 maxlen: 24
45.85.132.0/22 maxlen: 24
45.155.228.0/22 maxlen: 24
45.156.188.0/22 maxlen: 24
46.19.104.0/21 maxlen: 24
77.236.98.0/23 maxlen: 24
88.218.32.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
91.227.36.0/22 maxlen: 24
91.234.104.0/22 maxlen: 24
93.177.69.0/24 maxlen: 24
93.177.70.0/23 maxlen: 24
95.178.108.0/22 maxlen: 24
185.40.102.0/23 maxlen: 24
185.73.204.0/22 maxlen: 24
185.73.204.0/24 maxlen: 24
185.144.24.0/22 maxlen: 24
194.11.255.0/24 maxlen: 24
194.13.1.0/24 maxlen: 24
194.13.64.0/24 maxlen: 24
194.13.67.0/24 maxlen: 24
194.88.112.0/22 maxlen: 22
194.106.208.0/23 maxlen: 24
195.35.96.0/24 maxlen: 24
195.133.148.0/22 maxlen: 24
2a05:46c0::/29 maxlen: 29
2a10:780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:05:50:27:93:85:64:a0:3b:1c:f5:7b:78:32:c0:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jun 30 08:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a1b9de845d6f088fbc280c5e2bc55ab0ae3327f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:94:93:3c:2d:1b:e5:85:50:f6:77:a6:93:
a5:7b:2f:8f:ec:74:c5:2f:d4:fc:0c:0a:c0:77:8a:
30:48:f9:7b:e4:e6:b5:24:eb:1f:d7:94:09:64:0e:
c5:73:f8:67:83:f0:0d:75:80:e3:a0:8b:ff:84:05:
33:5f:a3:d6:4f:7f:b5:f8:63:9d:10:4a:3d:97:eb:
6c:12:28:32:e7:09:72:4f:97:cf:c2:a3:ff:35:58:
78:1e:21:6f:03:d5:ea:77:a4:80:85:b5:9e:b9:a8:
a6:90:a0:d8:23:ce:c5:e6:d7:de:b5:87:d9:64:d5:
e5:2e:45:00:1e:1b:f6:68:5b:9c:0f:8b:3d:d8:9e:
bb:d3:29:6a:da:6d:a3:a6:0a:ac:0a:95:1e:5f:f1:
99:13:07:70:fb:a5:a2:e1:ed:2d:aa:73:19:46:c0:
f6:69:d9:9e:bc:d1:27:c8:05:ac:48:7f:bb:7b:ba:
56:31:24:e0:9b:7a:69:5a:bf:57:4a:39:8b:aa:ae:
a8:09:38:6e:e1:62:eb:9b:96:f8:03:e7:6f:88:60:
03:67:61:56:90:5f:59:b0:09:a8:62:f9:65:7e:b1:
fc:28:27:15:98:2e:9a:5f:72:40:31:c8:dd:ca:95:
8a:de:1c:cc:53:6e:2d:98:1b:5c:ef:61:47:3c:58:
be:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1B:9D:E8:45:D6:F0:88:FB:C2:80:C5:E2:BC:55:AB:0A:E3:32:7F
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Whud6EXW8Ij7woDF4rxVqwrjMn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.200.0/24
45.9.104.0/22
45.85.132.0/22
45.155.228.0/22
45.156.188.0/22
46.19.104.0/21
77.236.98.0/23
88.218.32.0/23
89.40.220.0/23
91.227.36.0/22
91.234.104.0/22
93.177.69.0-93.177.71.255
95.178.108.0/22
185.40.102.0/23
185.73.204.0/22
185.144.24.0/22
194.11.255.0/24
194.13.1.0/24
194.13.64.0/24
194.13.67.0/24
194.88.112.0/22
194.106.208.0/23
195.35.96.0/24
195.133.148.0/22
IPv6:
2a05:46c0::/29
2a10:780::/32
Signature Algorithm: sha256WithRSAEncryption
01:0d:51:e0:ce:b2:dd:eb:ec:59:a5:64:16:23:0d:f6:44:04:
e7:76:35:f7:5d:96:c0:70:6b:6a:6d:a8:01:fe:81:f0:41:0b:
f3:46:4d:8c:c5:9e:20:7e:94:4c:b9:fd:f8:a5:f1:bb:97:e7:
27:a7:cd:8a:6e:2e:f8:6d:d1:1d:8c:96:1a:22:0f:21:7e:69:
73:42:5d:76:b5:73:d8:70:8b:c7:25:92:82:7c:69:69:f3:40:
fe:ff:50:cc:2c:e0:cf:8d:b5:3c:fb:9b:a8:86:87:4d:a9:aa:
aa:bb:d7:84:f0:a7:66:9b:9e:05:33:08:72:e3:ab:d9:0f:8a:
7b:1b:c3:37:31:fa:52:d1:aa:d2:24:cf:fb:2b:4a:e4:a6:37:
ca:38:5f:70:61:65:33:da:09:e9:e4:c0:df:58:3b:0c:29:4d:
ab:73:a7:1a:a9:d0:1e:29:b0:ff:b1:4c:0c:92:25:bc:6c:45:
8e:47:79:78:47:af:ce:83:4f:9e:36:69:01:48:5b:c3:7a:30:
0f:fd:86:76:36:43:c0:71:1f:76:d8:a5:85:b7:c3:47:08:9d:
96:a2:6b:72:c7:71:a7:4e:d8:3e:79:f6:48:d9:34:7b:f8:93:
f2:24:00:23:2f:bb:27:03:e8:f8:5f:82:5e:e4:0f:b0:ce:f2:
3c:97:b7:8e
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZfABVAnk4VkoDsc9Xt4MsDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjUwNjMwMDg0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFiOWRlODQ1ZDZmMDg4ZmJjMjgwYzVlMmJjNTVhYjBhZTMzMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVuUkzwtG+WFUPZ3ppOley+P7HTF
L9T8DArAd4owSPl75Oa1JOsf15QJZA7Fc/hng/ANdYDjoIv/hAUzX6PWT3+1+GOd
EEo9l+tsEigy5wlyT5fPwqP/NVh4HiFvA9Xqd6SAhbWeuaimkKDYI87F5tfetYfZ
ZNXlLkUAHhv2aFucD4s92J670ylq2m2jpgqsCpUeX/GZEwdw+6Wi4e0tqnMZRsD2
admevNEnyAWsSH+7e7pWMSTgm3ppWr9XSjmLqq6oCThu4WLrm5b4A+dviGADZ2FW
kF9ZsAmoYvllfrH8KCcVmC6aX3JAMcjdypWK3hzMU24tmBtc72FHPFi+hwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFFobnehF1vCI+8KAxeK8VasK4zJ/MB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvV2h1ZDZFWFc4SWo3d29ERjRyeFZxd3JqTW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBnwQCAAEwgZgDBAAF
KsgDBAItCWgDBAItVYQDBAItm+QDBAItnLwDBAMuE2gDBAFN7GIDBAFY2iADBAFZ
KNwDBAJb4yQDBAJb6mgwDAMEAF2xRQMEA12xQAMEAl+ybAMEAbkoZgMEArlJzAME
ArmQGAMEAMIL/wMEAMINAQMEAMINQAMEAMINQwMEAsJYcAMEAcJq0AMEAMMjYAME
AsOFlDAUBAIAAjAOAwUDKgVGwAMFACoQB4AwDQYJKoZIhvcNAQELBQADggEBAAEN
UeDOst3r7FmlZBYjDfZEBOd2NfddlsBwa2ptqAH+gfBBC/NGTYzFniB+lEy5/fil
8buX5yenzYpuLvht0R2MlhoiDyF+aXNCXXa1c9hwi8clkoJ8aWnzQP7/UMws4M+N
tTz7m6iGh02pqqq714Twp2abngUzCHLjq9kPinsbwzcx+lLRqtIkz/srSuSmN8o4
X3BhZTPaCenkwN9YOwwpTatzpxqp0B4psP+xTAySJbxsRY5HeXhHr86DT542aQFI
W8N6MA/9hnY2Q8BxH3bYpYW3w0cInZaia3LHcadO2D559kjZNHv4k/IkACMvuycD
6Phfgl7kD7DO8jyXt44=
-----END CERTIFICATE-----
Generated at Tue Jul 1 12:20:00 2025 by rpki-client