Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/WaXz4152g4IyQn4i20cBLQdwuZo.roa
File: WaXz4152g4IyQn4i20cBLQdwuZo.roa (raw, json)
Hash identifier: xagis6Fv1RDlJ+L3zEzohifQQ7RIK51J2Y0ZqHPvmh4=
Subject key identifier: 59:A5:F3:E3:5E:76:83:82:32:42:7E:22:DB:47:01:2D:07:70:B9:9A
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01969FACB6BD3F50300DA012D4B8F4852871
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/WaXz4152g4IyQn4i20cBLQdwuZo.roa
Signing time: Mon 05 May 2025 09:00:18 +0000
ROA not before: Mon 05 May 2025 09:00:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56619
IP address blocks: 79.98.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:ac:b6:bd:3f:50:30:0d:a0:12:d4:b8:f4:85:28:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: May 5 09:00:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59a5f3e35e76838232427e22db47012d0770b99a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1f:95:e4:d8:3d:8f:f0:9a:92:a6:62:58:cd:
5d:8e:83:e6:09:91:8e:e3:9f:7b:f3:e9:97:16:c3:
d8:a3:15:77:35:7c:61:10:80:73:b2:69:be:2b:63:
41:e2:57:a6:07:20:7a:32:25:83:93:20:13:88:53:
2c:30:4f:f7:8e:fb:30:cc:f4:db:06:6a:b0:b5:38:
e6:0e:db:99:67:cb:10:8e:06:fc:a0:33:af:43:e5:
a6:5b:cb:e8:c3:aa:a6:58:88:2c:87:87:95:49:9a:
a1:02:ea:de:d6:b2:7f:10:45:2d:1e:dc:e4:d8:95:
d0:30:42:fe:72:26:48:a4:4a:ef:af:64:75:43:aa:
25:5a:6a:d4:70:d1:61:80:fd:43:c2:d5:bf:e0:da:
75:06:55:ef:39:ef:0b:90:e0:b2:2c:85:f9:3b:1b:
2e:e6:3f:cd:e5:7c:dc:14:ae:0a:37:66:cf:d3:ff:
20:95:81:c0:e4:e9:6d:fb:ab:01:84:45:40:7b:58:
94:bc:63:fc:51:9a:aa:63:55:e0:87:94:8b:34:4f:
63:05:39:13:c1:71:b6:84:58:40:8e:ae:ca:3e:40:
c0:13:e9:cb:15:b7:86:ef:5f:a6:0c:b9:b7:bf:07:
79:32:b7:22:13:aa:83:f9:ff:4f:fc:eb:5d:99:12:
89:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:A5:F3:E3:5E:76:83:82:32:42:7E:22:DB:47:01:2D:07:70:B9:9A
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/WaXz4152g4IyQn4i20cBLQdwuZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.248.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:f5:58:ef:2e:5a:0d:da:73:14:e4:4f:74:4e:d7:91:2a:a4:
62:46:52:23:29:42:02:b4:98:c0:a4:11:21:0d:5d:48:31:2f:
87:06:cf:17:05:2a:3e:c8:92:61:16:74:2c:a8:61:54:32:28:
4c:5b:01:3a:46:5f:92:33:0e:9c:5e:b4:c4:c1:3a:66:1b:96:
97:ba:d8:c4:d4:87:ec:a0:37:62:89:0b:82:dc:6c:4a:1d:df:
bf:33:a8:0a:10:0a:a9:f8:c4:85:cd:3d:48:fd:72:25:88:1a:
bb:a6:5c:dd:44:23:6f:39:c4:6e:86:cc:62:68:28:4f:d3:a0:
d1:30:87:2a:20:74:0a:7e:d6:1a:41:d5:41:8a:ec:34:10:55:
1e:64:f7:b2:dd:e4:e9:0a:40:ca:ac:d5:bd:b0:51:d3:11:dc:
d0:bb:5a:53:51:a9:24:a4:1c:bc:0c:24:23:d6:98:08:af:2c:
70:1a:72:41:4c:da:9c:99:14:ab:b9:93:f8:a5:d8:95:0f:13:
77:32:69:de:30:74:50:84:d5:4e:d2:d0:d0:1e:dc:9e:c3:de:
01:b3:75:56:e5:57:86:f7:ea:c3:5e:7b:21:ab:36:54:52:d4:
8e:2d:6f:8b:ca:8b:13:11:9d:a8:38:6a:ba:39:b9:d1:02:8d:
fb:97:de:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZafrLa9P1AwDaAS1Lj0hShxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNTA1MDkwMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWE1ZjNlMzVlNzY4MzgyMzI0MjdlMjJkYjQ3MDEyZDA3NzBiOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux+V5Ng9j/CakqZiWM1djoPmCZGO
45978+mXFsPYoxV3NXxhEIBzsmm+K2NB4lemByB6MiWDkyATiFMsME/3jvswzPTb
BmqwtTjmDtuZZ8sQjgb8oDOvQ+WmW8vow6qmWIgsh4eVSZqhAure1rJ/EEUtHtzk
2JXQMEL+ciZIpErvr2R1Q6olWmrUcNFhgP1DwtW/4Np1BlXvOe8LkOCyLIX5Oxsu
5j/N5XzcFK4KN2bP0/8glYHA5Olt+6sBhEVAe1iUvGP8UZqqY1Xgh5SLNE9jBTkT
wXG2hFhAjq7KPkDAE+nLFbeG71+mDLm3vwd5MrciE6qD+f9P/OtdmRKJjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFml8+NedoOCMkJ+IttHAS0HcLmaMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvV2FYejQxNTJnNEl5UW40aTIwY0JMUWR3dVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT2L4MA0G
CSqGSIb3DQEBCwUAA4IBAQB79VjvLloN2nMU5E90TteRKqRiRlIjKUICtJjApBEh
DV1IMS+HBs8XBSo+yJJhFnQsqGFUMihMWwE6Rl+SMw6cXrTEwTpmG5aXutjE1Ifs
oDdiiQuC3GxKHd+/M6gKEAqp+MSFzT1I/XIliBq7plzdRCNvOcRuhsxiaChP06DR
MIcqIHQKftYaQdVBiuw0EFUeZPey3eTpCkDKrNW9sFHTEdzQu1pTUakkpBy8DCQj
1pgIryxwGnJBTNqcmRSruZP4pdiVDxN3MmneMHRQhNVO0tDQHtyew94Bs3VW5VeG
9+rDXnshqzZUUtSOLW+LyosTEZ2oOGq6ObnRAo37l94D
-----END CERTIFICATE-----
Generated at Sun May 11 17:04:54 2025 by rpki-client