Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/WUha7UrsdgndZN2i8LKGRI6xHz0.roa
File: WUha7UrsdgndZN2i8LKGRI6xHz0.roa (raw, json)
Hash identifier: kPsS0TLTx3ZvH9JmthAMYgEGSgO6LHxlTkfSHRuTvZc=
Subject key identifier: 59:48:5A:ED:4A:EC:76:09:DD:64:DD:A2:F0:B2:86:44:8E:B1:1F:3D
Certificate issuer: /CN=56d641486bdc98d4a7de0928a42d7d68e6015f30
Certificate serial: 0197AC0C15A3290EF42609865CAD64F26D6B
Authority key identifier: 56:D6:41:48:6B:DC:98:D4:A7:DE:09:28:A4:2D:7D:68:E6:01:5F:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtZBSGvcmNSn3gkopC19aOYBXzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/WUha7UrsdgndZN2i8LKGRI6xHz0.roa
Signing time: Thu 26 Jun 2025 11:42:42 +0000
ROA not before: Thu 26 Jun 2025 11:42:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48282
IP address blocks: 89.110.88.0/24 maxlen: 24
89.110.89.0/24 maxlen: 24
89.110.90.0/24 maxlen: 24
89.110.91.0/24 maxlen: 24
89.110.92.0/24 maxlen: 24
89.110.93.0/24 maxlen: 24
89.110.94.0/24 maxlen: 24
89.110.95.0/24 maxlen: 24
89.110.96.0/24 maxlen: 24
89.110.97.0/24 maxlen: 24
89.110.98.0/24 maxlen: 24
89.110.99.0/24 maxlen: 24
2a0d:8480::/48 maxlen: 48
2a0d:8480:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/VtZBSGvcmNSn3gkopC19aOYBXzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/VtZBSGvcmNSn3gkopC19aOYBXzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/VtZBSGvcmNSn3gkopC19aOYBXzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:0c:15:a3:29:0e:f4:26:09:86:5c:ad:64:f2:6d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d641486bdc98d4a7de0928a42d7d68e6015f30
Validity
Not Before: Jun 26 11:42:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59485aed4aec7609dd64dda2f0b286448eb11f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:96:d2:e3:60:d2:fc:88:2b:1d:eb:cb:87:d6:
d4:24:30:c8:8a:04:28:dd:6c:42:21:3d:33:4d:0e:
76:05:b8:cd:22:59:a7:82:b3:35:c5:33:9d:94:69:
a0:62:7d:e8:d3:c6:f8:28:22:73:c9:8b:22:31:d6:
9e:29:f2:91:a5:3a:03:ca:f4:30:b8:b4:eb:5d:62:
31:2d:d8:cb:e3:8f:c8:6a:2e:1f:0a:c3:1a:8b:21:
06:96:c1:01:3c:42:c9:a6:97:90:85:b5:82:ae:9b:
30:63:b8:dd:99:56:e9:1d:ef:ec:88:0e:1a:1d:20:
de:36:75:ef:19:14:36:e0:bc:db:ca:1f:6b:47:c8:
0c:c2:27:b5:1b:89:06:05:fe:ec:73:0c:65:0c:13:
91:60:fd:31:78:58:2a:87:0a:35:df:35:c6:7c:26:
72:3c:ac:21:d4:4d:2e:1c:6e:7b:52:10:e9:3b:6f:
c8:8c:2b:ef:5c:9b:f3:59:32:d5:17:b7:df:e1:2a:
18:0a:a7:55:6a:67:60:4a:36:4c:bc:b1:84:13:fa:
be:50:3a:43:31:f6:c4:4e:ee:b4:94:07:11:0a:c7:
48:ee:ea:d3:87:f0:d8:17:13:0f:24:17:09:ee:42:
95:6e:1a:31:45:f3:65:f1:1a:9f:ff:7c:32:15:2c:
5f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:48:5A:ED:4A:EC:76:09:DD:64:DD:A2:F0:B2:86:44:8E:B1:1F:3D
X509v3 Authority Key Identifier:
keyid:56:D6:41:48:6B:DC:98:D4:A7:DE:09:28:A4:2D:7D:68:E6:01:5F:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtZBSGvcmNSn3gkopC19aOYBXzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/WUha7UrsdgndZN2i8LKGRI6xHz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/VtZBSGvcmNSn3gkopC19aOYBXzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.110.88.0-89.110.99.255
IPv6:
2a0d:8480::/48
2a0d:8480:2::/48
Signature Algorithm: sha256WithRSAEncryption
7a:95:d2:5d:7f:d4:77:1b:2c:71:2d:b1:db:3b:cd:74:9e:03:
52:36:f7:03:e8:71:81:a6:b7:c4:44:4f:b9:bb:65:c4:62:1d:
d0:d1:00:69:4a:0d:13:d1:1e:ec:eb:3a:8e:05:5c:6f:39:d7:
ea:95:1d:14:3d:aa:96:f4:30:fb:32:64:e0:2e:e6:3d:30:98:
86:ca:20:11:29:3a:bb:ca:b0:19:25:8a:c6:5a:5d:25:8f:1b:
91:26:71:13:aa:dc:52:bb:d4:45:1b:46:ed:e1:f7:8a:6e:52:
6d:a8:7d:ff:98:74:31:68:c9:4d:5c:d7:9e:14:3f:46:7c:b0:
66:64:40:7f:75:10:8f:c2:60:90:7a:94:63:9c:ca:5d:c4:a2:
a2:2e:bc:96:bb:be:59:2b:63:5c:c9:6d:0b:47:b4:84:f9:15:
b3:8d:97:b9:e8:83:00:30:46:81:de:b0:ae:7b:67:af:6c:0a:
92:10:35:49:fe:ae:c9:53:d1:ae:7c:b1:44:1f:ed:7a:1d:3f:
1a:a4:e8:dd:76:d6:01:62:e4:0b:9e:8c:de:68:d3:1a:95:a9:
9f:5f:ed:64:71:a6:b7:a8:82:7a:f5:ae:28:90:a8:d6:63:b9:
85:05:c2:4a:cb:bf:86:a6:1d:f9:9e:7f:49:1b:9f:54:85:e3:
65:76:fd:3e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZesDBWjKQ70JgmGXK1k8m1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDY0MTQ4NmJkYzk4ZDRhN2RlMDkyOGE0MmQ3ZDY4ZTYw
MTVmMzAwHhcNMjUwNjI2MTE0MjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTQ4NWFlZDRhZWM3NjA5ZGQ2NGRkYTJmMGIyODY0NDhlYjExZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZbS42DS/IgrHevLh9bUJDDIigQo
3WxCIT0zTQ52BbjNIlmngrM1xTOdlGmgYn3o08b4KCJzyYsiMdaeKfKRpToDyvQw
uLTrXWIxLdjL44/Iai4fCsMaiyEGlsEBPELJppeQhbWCrpswY7jdmVbpHe/siA4a
HSDeNnXvGRQ24Lzbyh9rR8gMwie1G4kGBf7scwxlDBORYP0xeFgqhwo13zXGfCZy
PKwh1E0uHG57UhDpO2/IjCvvXJvzWTLVF7ff4SoYCqdVamdgSjZMvLGEE/q+UDpD
MfbETu60lAcRCsdI7urTh/DYFxMPJBcJ7kKVbhoxRfNl8Rqf/3wyFSxf0QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFlIWu1K7HYJ3WTdovCyhkSOsR89MB8GA1UdIwQY
MBaAFFbWQUhr3JjUp94JKKQtfWjmAV8wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnRaQlNHdmNtTlNuM2drb3BDMTlhT1lCWHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iNjUxMjYtMzFjYi00YWU2LWJlY2Et
ZTNlMDRiZDRmMjQyLzEvV1VoYTdVcnNkZ25kWk4yaThMS0dSSTZ4SHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iNjUxMjYtMzFjYi00YWU2LWJlY2EtZTNlMDRiZDRmMjQy
LzEvVnRaQlNHdmNtTlNuM2drb3BDMTlhT1lCWHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBANZblgD
BAJZbmAwGAQCAAIwEgMHACoNhIAAAAMHACoNhIAAAjANBgkqhkiG9w0BAQsFAAOC
AQEAepXSXX/UdxsscS2x2zvNdJ4DUjb3A+hxgaa3xERPubtlxGId0NEAaUoNE9Ee
7Os6jgVcbznX6pUdFD2qlvQw+zJk4C7mPTCYhsogESk6u8qwGSWKxlpdJY8bkSZx
E6rcUrvURRtG7eH3im5Sbah9/5h0MWjJTVzXnhQ/RnywZmRAf3UQj8JgkHqUY5zK
XcSioi68lru+WStjXMltC0e0hPkVs42XueiDADBGgd6wrntnr2wKkhA1Sf6uyVPR
rnyxRB/teh0/GqTo3XbWAWLkC56M3mjTGpWpn1/tZHGmt6iCevWuKJCo1mO5hQXC
Ssu/hqYd+Z5/SRufVIXjZXb9Pg==
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:21:42 2025 by rpki-client