Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/wZYr5pA49UEOjk728OoUqLp-LgE.roa
File: wZYr5pA49UEOjk728OoUqLp-LgE.roa (raw, json)
Hash identifier: x0qHAy3trHy7B4i8jS/LA3sJJ8rnNp07je101ERYGWI=
Subject key identifier: C1:96:2B:E6:90:38:F5:41:0E:8E:4E:F6:F0:EA:14:A8:BA:7E:2E:01
Certificate issuer: /CN=64c2493e4c2eea930b1ec2c8363d2d1ffae6e17e
Certificate serial: 019773E7C2CA0EB01E9EDF1A47B46D6EEB7D
Authority key identifier: 64:C2:49:3E:4C:2E:EA:93:0B:1E:C2:C8:36:3D:2D:1F:FA:E6:E1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZMJJPkwu6pMLHsLINj0tH_rm4X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/wZYr5pA49UEOjk728OoUqLp-LgE.roa
Signing time: Sun 15 Jun 2025 14:04:17 +0000
ROA not before: Sun 15 Jun 2025 14:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205922
IP address blocks: 31.130.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/ZMJJPkwu6pMLHsLINj0tH_rm4X4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/ZMJJPkwu6pMLHsLINj0tH_rm4X4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZMJJPkwu6pMLHsLINj0tH_rm4X4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:73:e7:c2:ca:0e:b0:1e:9e:df:1a:47:b4:6d:6e:eb:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64c2493e4c2eea930b1ec2c8363d2d1ffae6e17e
Validity
Not Before: Jun 15 14:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1962be69038f5410e8e4ef6f0ea14a8ba7e2e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b7:97:9f:9a:94:b5:3e:1b:4b:3b:32:05:f5:
2c:b2:4e:86:16:38:ad:e7:6f:09:86:9d:dd:50:b6:
7d:70:0e:ef:93:6d:ce:a1:70:41:82:d8:49:1c:1e:
a3:dc:bd:e6:b6:00:1e:ef:db:a7:18:1d:b1:c5:56:
68:fc:b5:b2:0f:89:fa:62:85:72:ab:dd:60:cc:eb:
51:1b:66:ad:8f:b8:d9:33:78:a2:42:70:d3:8a:9c:
40:cc:8d:95:82:cd:9e:60:50:7b:20:07:7c:73:ae:
2e:40:2d:df:f2:58:2e:fc:14:cb:c3:ff:8d:ba:69:
a0:e4:5a:7d:cf:1b:43:75:bf:29:50:9a:de:4f:e9:
f2:0b:c4:5c:10:18:1b:63:c1:64:52:49:fd:1b:46:
b0:0b:62:a1:20:cc:76:87:ec:24:ef:a5:b9:25:a6:
c0:0e:18:71:38:ce:a9:07:b9:6b:49:87:6b:4c:d7:
25:30:5a:74:c6:e0:0b:06:ed:31:4a:c2:12:13:66:
bd:5c:cc:f4:56:c9:16:e4:96:7a:26:b0:b2:59:b6:
47:15:40:83:7d:54:05:51:e0:ea:d7:d3:5c:a9:4a:
0e:56:45:50:df:56:13:6e:be:0a:b7:b4:8c:75:27:
36:a2:65:2e:18:4e:c6:f0:f3:23:6c:9f:29:a8:c2:
ca:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:96:2B:E6:90:38:F5:41:0E:8E:4E:F6:F0:EA:14:A8:BA:7E:2E:01
X509v3 Authority Key Identifier:
keyid:64:C2:49:3E:4C:2E:EA:93:0B:1E:C2:C8:36:3D:2D:1F:FA:E6:E1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZMJJPkwu6pMLHsLINj0tH_rm4X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/wZYr5pA49UEOjk728OoUqLp-LgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/ZMJJPkwu6pMLHsLINj0tH_rm4X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.112.0/21
Signature Algorithm: sha256WithRSAEncryption
46:4c:8b:54:a4:35:6d:3f:e4:e7:e8:0a:09:cc:31:6a:74:ea:
42:4b:da:93:1d:8d:06:a5:a9:9e:3f:d8:fc:18:7f:83:c7:a0:
f2:16:ec:4c:57:c0:95:72:0a:e0:81:5b:80:36:c1:89:39:a8:
7e:57:63:55:5f:c4:41:ee:5f:b6:33:b8:bc:3d:bd:eb:fe:c2:
9f:b3:6f:4f:58:e4:d9:0e:7a:8c:9a:60:74:bf:c9:05:2d:c4:
a5:27:9c:98:78:12:fd:f5:5b:dd:91:50:b6:b6:7b:c7:45:e2:
67:d9:59:e4:2a:e6:52:e4:38:1f:ed:ef:30:9e:62:f4:3f:8c:
02:ec:e5:30:7f:cb:d7:fd:e2:35:eb:00:64:ab:50:e8:e6:dc:
08:44:27:86:62:6d:86:d5:e0:cc:39:12:ca:78:3f:d6:12:d0:
1a:f0:19:25:25:78:0c:e0:ab:1c:ea:ae:4c:2c:8a:2c:79:59:
a1:16:3a:85:48:04:e9:89:d4:61:5f:0b:c0:cf:b3:56:b0:43:
79:ee:60:0f:34:d2:cf:f5:b0:d0:a2:23:62:43:8c:81:82:50:
5d:bf:c2:66:0b:c8:f3:b6:81:ad:d8:46:49:48:52:c7:ba:f0:
6d:b9:4f:7b:64:7b:ca:47:16:19:c7:43:e0:9b:1a:fe:9c:c0:
cc:2c:e3:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdz58LKDrAent8aR7Rtbut9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YzI0OTNlNGMyZWVhOTMwYjFlYzJjODM2M2QyZDFmZmFl
NmUxN2UwHhcNMjUwNjE1MTQwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTk2MmJlNjkwMzhmNTQxMGU4ZTRlZjZmMGVhMTRhOGJhN2UyZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLeXn5qUtT4bSzsyBfUssk6GFjit
528Jhp3dULZ9cA7vk23OoXBBgthJHB6j3L3mtgAe79unGB2xxVZo/LWyD4n6YoVy
q91gzOtRG2atj7jZM3iiQnDTipxAzI2Vgs2eYFB7IAd8c64uQC3f8lgu/BTLw/+N
ummg5Fp9zxtDdb8pUJreT+nyC8RcEBgbY8FkUkn9G0awC2KhIMx2h+wk76W5JabA
DhhxOM6pB7lrSYdrTNclMFp0xuALBu0xSsISE2a9XMz0VskW5JZ6JrCyWbZHFUCD
fVQFUeDq19NcqUoOVkVQ31YTbr4Kt7SMdSc2omUuGE7G8PMjbJ8pqMLK2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGWK+aQOPVBDo5O9vDqFKi6fi4BMB8GA1UdIwQY
MBaAFGTCST5MLuqTCx7CyDY9LR/65uF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk1KSlBrd3U2cE1MSHNMSU5qMHRIX3JtNFg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80M2NhZjctOGZjNi00MTIzLThhOTMt
NjUyZTBmNWU1YmU4LzEvd1pZcjVwQTQ5VUVPams3MjhPb1VxTHAtTGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80M2NhZjctOGZjNi00MTIzLThhOTMtNjUyZTBmNWU1YmU4
LzEvWk1KSlBrd3U2cE1MSHNMSU5qMHRIX3JtNFg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH4JwMA0G
CSqGSIb3DQEBCwUAA4IBAQBGTItUpDVtP+Tn6AoJzDFqdOpCS9qTHY0GpameP9j8
GH+Dx6DyFuxMV8CVcgrggVuANsGJOah+V2NVX8RB7l+2M7i8Pb3r/sKfs29PWOTZ
DnqMmmB0v8kFLcSlJ5yYeBL99VvdkVC2tnvHReJn2VnkKuZS5Dgf7e8wnmL0P4wC
7OUwf8vX/eI16wBkq1Do5twIRCeGYm2G1eDMORLKeD/WEtAa8BklJXgM4Ksc6q5M
LIoseVmhFjqFSATpidRhXwvAz7NWsEN57mAPNNLP9bDQoiNiQ4yBglBdv8JmC8jz
toGt2EZJSFLHuvBtuU97ZHvKRxYZx0Pgmxr+nMDMLOOa
-----END CERTIFICATE-----
Generated at Tue Jul 1 21:18:42 2025 by rpki-client