Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/wTmzFHFSK1gf4dh6ZvGl5eGn-p0.roa
File: wTmzFHFSK1gf4dh6ZvGl5eGn-p0.roa (raw, json)
Hash identifier: BaE+1BuEGra5wSI3sxoEgP7aHpwfOMZ8zVo4fs47yl4=
Subject key identifier: C1:39:B3:14:71:52:2B:58:1F:E1:D8:7A:66:F1:A5:E5:E1:A7:FA:9D
Certificate issuer: /CN=bea649ef6030fc80848fdfe21d4321ac8011fd10
Certificate serial: 0198AB1DA8D9EAA7FE5E5227AE8F3C1F70A3
Authority key identifier: BE:A6:49:EF:60:30:FC:80:84:8F:DF:E2:1D:43:21:AC:80:11:FD:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/wTmzFHFSK1gf4dh6ZvGl5eGn-p0.roa
Signing time: Fri 15 Aug 2025 00:25:04 +0000
ROA not before: Fri 15 Aug 2025 00:25:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209090
IP address blocks: 45.91.124.0/24 maxlen: 24
2a0e:f43:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 20:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ab:1d:a8:d9:ea:a7:fe:5e:52:27:ae:8f:3c:1f:70:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bea649ef6030fc80848fdfe21d4321ac8011fd10
Validity
Not Before: Aug 15 00:25:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c139b31471522b581fe1d87a66f1a5e5e1a7fa9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0a:6d:a3:3e:b4:40:52:14:dc:29:26:ef:8e:
ce:0e:34:79:64:38:81:91:a2:3d:9b:53:9f:70:1f:
c4:ef:c1:a5:a0:71:a1:c6:d1:40:8b:27:20:9c:84:
3c:fb:aa:31:33:ac:e8:1c:0d:b8:b4:df:cf:ec:8b:
fd:0f:ef:b6:9a:50:c1:fa:8d:91:45:44:ac:5f:45:
1b:36:c9:11:d2:66:9f:31:92:17:0e:19:71:61:27:
9b:85:7c:90:21:39:90:05:fe:37:49:da:12:bf:ca:
35:c1:d5:93:53:be:c7:e8:a0:5b:39:44:f4:b8:f9:
7d:f1:5b:de:0f:8b:ed:33:c0:aa:0d:93:0f:ea:be:
f2:91:7f:1b:60:c5:e9:9a:ab:c7:ca:8f:ac:59:73:
33:0e:bb:7c:ed:92:7a:ef:b7:d2:f3:fa:ca:f5:c0:
be:64:61:8d:99:5c:47:6d:fa:9a:07:b1:04:f1:f5:
7d:49:96:06:03:54:e9:8f:f9:91:76:44:9b:b7:33:
0f:87:e8:5e:57:5b:be:c0:bd:0b:42:89:d8:48:9a:
ab:f7:57:79:cb:9b:c8:07:67:d4:ab:0b:d2:a0:f7:
52:d9:8b:ed:4d:a2:9b:b3:98:08:bb:27:be:a2:31:
7f:f7:23:69:2a:b5:91:60:ab:3d:89:a4:48:b7:da:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:39:B3:14:71:52:2B:58:1F:E1:D8:7A:66:F1:A5:E5:E1:A7:FA:9D
X509v3 Authority Key Identifier:
keyid:BE:A6:49:EF:60:30:FC:80:84:8F:DF:E2:1D:43:21:AC:80:11:FD:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/wTmzFHFSK1gf4dh6ZvGl5eGn-p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.124.0/24
IPv6:
2a0e:f43:1::/48
Signature Algorithm: sha256WithRSAEncryption
c2:7f:16:df:bd:80:6b:9b:59:f2:8e:71:59:07:a2:8c:a8:bd:
01:8e:1e:f7:e8:e1:41:fd:13:b2:79:75:16:27:5f:91:0e:70:
3c:90:a1:67:d6:d6:e2:05:99:51:db:6c:d9:b4:39:eb:f2:ff:
0d:d3:e3:16:0e:33:20:27:e7:bb:75:63:ec:d4:f8:4e:da:54:
b9:42:9a:bb:d4:74:d6:ac:92:e5:fe:0d:03:4e:0c:b4:bb:00:
70:3c:2e:6b:ec:c3:c8:3c:53:ea:cb:3b:44:7e:8d:e2:d8:9a:
4d:64:7e:c4:87:7d:fa:f3:5c:ce:b1:3e:de:48:04:aa:81:2f:
3a:6b:6d:7d:ed:23:a6:db:b5:3c:cc:58:2c:37:74:8d:32:ca:
70:e1:73:8d:4b:95:8d:4f:03:bf:e6:c3:e1:76:7a:b3:2d:60:
7e:76:1b:05:d6:a7:d1:7d:82:3c:f8:c9:49:65:f1:ec:a8:44:
0e:8a:13:1e:67:e3:03:cc:88:45:f1:eb:0e:f7:af:eb:30:fb:
c4:29:8d:9f:c1:d8:a6:2d:fc:78:9c:73:1f:8b:ed:0c:db:36:
2c:b1:e1:54:91:54:55:69:1a:b4:0e:cb:95:7c:2b:88:08:4f:
6e:04:34:c5:17:14:66:f7:00:17:d9:27:af:b1:fc:4f:4f:d6:
06:7d:55:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZirHajZ6qf+XlInro88H3CjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYTY0OWVmNjAzMGZjODA4NDhmZGZlMjFkNDMyMWFjODAx
MWZkMTAwHhcNMjUwODE1MDAyNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTM5YjMxNDcxNTIyYjU4MWZlMWQ4N2E2NmYxYTVlNWUxYTdmYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAptoz60QFIU3Ckm747ODjR5ZDiB
kaI9m1OfcB/E78GloHGhxtFAiycgnIQ8+6oxM6zoHA24tN/P7Iv9D++2mlDB+o2R
RUSsX0UbNskR0mafMZIXDhlxYSebhXyQITmQBf43SdoSv8o1wdWTU77H6KBbOUT0
uPl98VveD4vtM8CqDZMP6r7ykX8bYMXpmqvHyo+sWXMzDrt87ZJ677fS8/rK9cC+
ZGGNmVxHbfqaB7EE8fV9SZYGA1Tpj/mRdkSbtzMPh+heV1u+wL0LQonYSJqr91d5
y5vIB2fUqwvSoPdS2YvtTaKbs5gIuye+ojF/9yNpKrWRYKs9iaRIt9pb4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFME5sxRxUitYH+HYembxpeXhp/qdMB8GA1UdIwQY
MBaAFL6mSe9gMPyAhI/f4h1DIayAEf0QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnFaSjcyQXdfSUNFajlfaUhVTWhySUFSX1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xOTQ1NWItZDJjZi00ZTVmLWJmNTgt
MjFkZjU1YmE5ZWJmLzEvd1RtekZIRlNLMWdmNGRoNlp2R2w1ZUduLXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xOTQ1NWItZDJjZi00ZTVmLWJmNTgtMjFkZjU1YmE5ZWJm
LzEvdnFaSjcyQXdfSUNFajlfaUhVTWhySUFSX1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALVt8MA8E
AgACMAkDBwAqDg9DAAEwDQYJKoZIhvcNAQELBQADggEBAMJ/Ft+9gGubWfKOcVkH
ooyovQGOHvfo4UH9E7J5dRYnX5EOcDyQoWfW1uIFmVHbbNm0Oevy/w3T4xYOMyAn
57t1Y+zU+E7aVLlCmrvUdNaskuX+DQNODLS7AHA8Lmvsw8g8U+rLO0R+jeLYmk1k
fsSHffrzXM6xPt5IBKqBLzprbX3tI6bbtTzMWCw3dI0yynDhc41LlY1PA7/mw+F2
erMtYH52GwXWp9F9gjz4yUll8eyoRA6KEx5n4wPMiEXx6w73r+sw+8QpjZ/B2KYt
/Hiccx+L7QzbNiyx4VSRVFVpGrQOy5V8K4gIT24ENMUXFGb3ABfZJ6+x/E9P1gZ9
Ve0=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:21:31 2025 by rpki-client