Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/WyMoFYnAIn1sAAAmnPjWInPKCN0.roa
File: WyMoFYnAIn1sAAAmnPjWInPKCN0.roa (raw, json)
Hash identifier: 1MKnjj6EqbU+hUr91/B+f0YJrJKMU7mmnJwoLcY6nt0=
Subject key identifier: 5B:23:28:15:89:C0:22:7D:6C:00:00:26:9C:F8:D6:22:73:CA:08:DD
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 01989D9EC4E3F30D850EB72D07EB1A1E94BA
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/WyMoFYnAIn1sAAAmnPjWInPKCN0.roa
Signing time: Tue 12 Aug 2025 09:31:24 +0000
ROA not before: Tue 12 Aug 2025 09:31:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197730
IP address blocks: 91.190.152.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9d:9e:c4:e3:f3:0d:85:0e:b7:2d:07:eb:1a:1e:94:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Aug 12 09:31:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b23281589c0227d6c0000269cf8d62273ca08dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e5:18:75:02:e7:d7:5a:55:8a:6e:eb:bd:dd:
e4:9c:01:37:96:35:7b:48:ec:42:37:f7:f6:fb:38:
e8:e7:fa:ad:9a:15:20:39:c8:c9:a5:11:c2:e3:b5:
c0:19:e3:75:dd:1f:ad:54:01:98:25:75:cc:9a:c9:
61:40:1a:0b:3c:c1:96:fc:1f:c9:41:f0:14:5f:a0:
ca:ba:7c:b0:75:f2:5e:95:7f:9e:0c:8d:97:e0:5d:
2e:ab:1f:10:d7:71:23:01:b5:d2:da:22:21:cf:ca:
cb:74:09:e1:e8:6f:51:1a:ba:ff:64:44:6d:00:7a:
e3:42:cd:ce:83:24:cd:87:81:1e:98:49:30:b3:34:
92:70:2b:10:a5:56:bf:aa:8b:66:83:35:56:ac:43:
d3:ed:71:77:99:5a:60:3f:a0:e5:14:f7:1c:2b:98:
13:5c:37:9b:e6:ef:05:ff:b3:a8:2a:58:38:3b:46:
b6:39:20:79:98:82:5e:bd:fe:f5:89:e7:28:59:6d:
4c:8f:85:b3:07:5f:f4:64:6a:17:89:db:22:ae:5e:
e7:b0:30:0d:9a:ea:ff:7e:ab:13:59:b8:8b:5b:04:
2c:b9:66:db:f4:d9:fa:1c:bd:5c:50:e5:f8:c9:b2:
3c:68:62:ca:d4:27:69:59:31:6f:3d:90:a7:f1:a7:
5e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:23:28:15:89:C0:22:7D:6C:00:00:26:9C:F8:D6:22:73:CA:08:DD
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/WyMoFYnAIn1sAAAmnPjWInPKCN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.152.0/24
Signature Algorithm: sha256WithRSAEncryption
75:2b:25:7b:99:cb:ed:03:2f:63:8c:a1:e3:df:5a:28:48:e7:
bc:94:c1:3e:f1:fe:38:da:56:d2:ca:a0:c7:e5:93:0c:e4:a4:
76:ef:20:6d:dd:59:11:1b:86:f7:ec:f4:96:65:b6:8d:d2:4e:
b0:fa:15:a7:d1:0e:ad:aa:7b:8f:7e:72:00:a4:47:e3:64:16:
9a:2c:fb:86:88:b2:fe:8d:96:b2:08:d9:e0:5b:d2:f4:9e:92:
24:48:e9:07:fe:bb:b4:f7:25:60:2f:80:62:47:a2:38:62:ee:
61:aa:79:1d:89:b6:96:fa:53:53:4b:8d:0b:72:d9:1c:70:99:
fa:fa:6b:fb:18:92:50:9f:a8:0d:b7:2e:bc:1e:70:cc:89:d4:
37:0a:4b:ee:47:13:35:0e:ec:3b:f6:eb:b6:e2:68:6b:f5:f9:
04:cc:80:f0:df:9e:20:bd:76:bf:1b:af:9b:84:83:12:3e:c2:
70:0e:2a:d4:b3:6d:09:76:69:9e:3a:e0:ad:66:65:5b:b0:a3:
ef:64:ce:0a:1a:1f:62:35:5a:68:58:b9:df:b3:e1:4f:e4:87:
e0:31:1a:78:37:1e:2e:27:b3:6a:9a:f5:e9:94:4d:e4:ac:a3:
e5:cc:6a:bf:2b:8f:d3:43:e0:2d:d4:fb:df:3c:39:6e:06:43:
4c:13:46:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZidnsTj8w2FDrctB+saHpS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjUwODEyMDkzMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjIzMjgxNTg5YzAyMjdkNmMwMDAwMjY5Y2Y4ZDYyMjczY2EwOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouUYdQLn11pVim7rvd3knAE3ljV7
SOxCN/f2+zjo5/qtmhUgOcjJpRHC47XAGeN13R+tVAGYJXXMmslhQBoLPMGW/B/J
QfAUX6DKunywdfJelX+eDI2X4F0uqx8Q13EjAbXS2iIhz8rLdAnh6G9RGrr/ZERt
AHrjQs3OgyTNh4EemEkwszSScCsQpVa/qotmgzVWrEPT7XF3mVpgP6DlFPccK5gT
XDeb5u8F/7OoKlg4O0a2OSB5mIJevf71iecoWW1Mj4WzB1/0ZGoXidsirl7nsDAN
mur/fqsTWbiLWwQsuWbb9Nn6HL1cUOX4ybI8aGLK1CdpWTFvPZCn8adeIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsjKBWJwCJ9bAAAJpz41iJzygjdMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvV3lNb0ZZbkFJbjFzQUFBbW5QaldJblBLQ04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW76YMA0G
CSqGSIb3DQEBCwUAA4IBAQB1KyV7mcvtAy9jjKHj31ooSOe8lME+8f442lbSyqDH
5ZMM5KR27yBt3VkRG4b37PSWZbaN0k6w+hWn0Q6tqnuPfnIApEfjZBaaLPuGiLL+
jZayCNngW9L0npIkSOkH/ru09yVgL4BiR6I4Yu5hqnkdibaW+lNTS40LctkccJn6
+mv7GJJQn6gNty68HnDMidQ3CkvuRxM1Duw79uu24mhr9fkEzIDw354gvXa/G6+b
hIMSPsJwDirUs20JdmmeOuCtZmVbsKPvZM4KGh9iNVpoWLnfs+FP5IfgMRp4Nx4u
J7NqmvXplE3krKPlzGq/K4/TQ+At1PvfPDluBkNME0an
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:01:36 2025 by rpki-client