Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/DWjeKEhsrCMQSkqXSu5F6-_lK2c.roa
File: DWjeKEhsrCMQSkqXSu5F6-_lK2c.roa (raw, json)
Hash identifier: E/1JJ03/M4DXDyCYKLov4LZTD3sgsbYcGtynvXI+0ao=
Subject key identifier: 0D:68:DE:28:48:6C:AC:23:10:4A:4A:97:4A:EE:45:EB:EF:E5:2B:67
Certificate issuer: /CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Certificate serial: 0197D5A92904B917D93DEBA02C6CDEF9E331
Authority key identifier: 93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/DWjeKEhsrCMQSkqXSu5F6-_lK2c.roa
Signing time: Fri 04 Jul 2025 13:38:42 +0000
ROA not before: Fri 04 Jul 2025 13:38:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56410
IP address blocks: 5.149.168.0/21 maxlen: 21
45.137.184.0/22 maxlen: 22
45.158.112.0/22 maxlen: 22
62.146.164.0/22 maxlen: 22
80.190.0.0/22 maxlen: 22
81.173.12.0/22 maxlen: 22
91.216.236.0/24 maxlen: 24
91.216.241.0/24 maxlen: 24
93.119.24.0/22 maxlen: 22
144.2.240.0/21 maxlen: 21
159.253.224.0/22 maxlen: 22
185.32.152.0/22 maxlen: 22
185.57.100.0/22 maxlen: 22
185.57.102.0/24 maxlen: 24
185.122.132.0/22 maxlen: 22
185.156.196.0/22 maxlen: 22
2a04:b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d5:a9:29:04:b9:17:d9:3d:eb:a0:2c:6c:de:f9:e3:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Validity
Not Before: Jul 4 13:38:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d68de28486cac23104a4a974aee45ebefe52b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4d:d7:48:f1:47:18:78:b6:f8:d8:e2:db:d9:
d9:53:8c:3c:3b:a2:ef:15:38:a9:87:19:d7:22:d7:
0c:26:5f:ce:40:46:e5:7f:e5:99:50:09:8b:bc:83:
5f:c0:41:79:03:7a:fd:1d:99:23:99:58:51:70:58:
fe:44:28:b8:36:c3:34:d0:46:fe:c1:20:aa:b5:36:
4a:d9:fd:f1:43:20:94:9e:90:89:e7:50:ad:03:a1:
7b:e9:8d:11:6a:ae:8e:b2:95:73:d4:bf:f7:25:17:
48:2d:b7:91:30:b1:9e:91:01:68:e9:7b:4b:68:a0:
5e:39:aa:62:4c:7a:b4:3d:30:fb:c8:6c:78:0e:f4:
e5:c3:b2:e3:17:22:b0:26:34:3b:01:b6:b6:69:32:
65:4e:6d:e0:99:b8:ad:72:de:10:3a:2d:d2:a1:6e:
f9:41:f9:09:2c:88:f0:66:d9:d9:4a:19:0a:30:4c:
e4:49:1b:1d:a0:90:88:1e:66:4c:63:d5:18:29:a9:
87:ad:38:98:a5:48:2c:36:16:9d:e5:c3:5d:d4:5e:
65:18:cf:e5:d2:da:75:43:3f:14:cb:c1:42:da:e6:
30:a9:cd:1f:1a:49:6f:04:4c:17:21:96:30:4c:22:
56:06:5f:f8:a9:e4:b4:8e:02:87:b2:c8:73:9e:33:
50:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:68:DE:28:48:6C:AC:23:10:4A:4A:97:4A:EE:45:EB:EF:E5:2B:67
X509v3 Authority Key Identifier:
keyid:93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/DWjeKEhsrCMQSkqXSu5F6-_lK2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.168.0/21
45.137.184.0/22
45.158.112.0/22
62.146.164.0/22
80.190.0.0/22
81.173.12.0/22
91.216.236.0/24
91.216.241.0/24
93.119.24.0/22
144.2.240.0/21
159.253.224.0/22
185.32.152.0/22
185.57.100.0/22
185.122.132.0/22
185.156.196.0/22
IPv6:
2a04:b00::/29
Signature Algorithm: sha256WithRSAEncryption
17:19:1e:e5:f7:05:83:d6:b9:97:2a:ea:32:31:82:43:62:8b:
95:a1:55:2d:a3:8b:76:ca:b8:bd:56:47:8c:00:91:e4:b0:c7:
65:e4:05:63:1f:ec:87:59:bf:51:c2:d6:5c:c1:f3:b9:a1:2d:
3e:ad:d4:57:c0:10:d7:8d:c6:c2:a7:6a:de:c1:09:5e:69:1b:
d8:b2:17:49:d8:86:00:eb:58:66:78:be:37:6b:da:8d:52:01:
1c:0a:41:0c:9a:94:94:af:28:f7:03:a6:4c:b5:33:ea:0b:8f:
bf:d1:dc:4a:d4:c7:72:c8:41:47:e1:52:c5:07:6f:74:d9:23:
e5:89:f4:fd:70:e3:82:f4:67:e8:c5:71:4b:c9:ed:9b:63:12:
57:7f:f2:0a:41:b8:7b:27:4a:67:96:79:71:33:f2:18:17:18:
08:a3:f4:4a:f6:b5:d5:fd:2e:be:86:43:35:55:b2:1b:9f:5c:
26:4d:6b:7b:ea:38:a5:53:a8:1f:af:6d:3f:0e:ab:5b:6d:a2:
f4:2e:6d:57:c8:59:e6:fb:33:d9:de:b2:72:6c:67:a9:a1:6a:
5e:6f:fc:da:bd:b9:cd:86:62:ed:3b:51:f5:41:e0:b9:ee:5f:
7b:f3:12:1b:21:f1:16:38:b5:a8:f0:b9:3d:d9:d1:71:35:62:
5f:b8:81:e8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZfVqSkEuRfZPeugLGze+eMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjI5ODE5Nzg4ODU2OTZjZTFjMmJiZjRhZjk5ZGFkYzJj
NjE4ZWIwHhcNMjUwNzA0MTMzODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDY4ZGUyODQ4NmNhYzIzMTA0YTRhOTc0YWVlNDVlYmVmZTUyYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxU3XSPFHGHi2+Nji29nZU4w8O6Lv
FTiphxnXItcMJl/OQEblf+WZUAmLvINfwEF5A3r9HZkjmVhRcFj+RCi4NsM00Eb+
wSCqtTZK2f3xQyCUnpCJ51CtA6F76Y0Raq6OspVz1L/3JRdILbeRMLGekQFo6XtL
aKBeOapiTHq0PTD7yGx4DvTlw7LjFyKwJjQ7Aba2aTJlTm3gmbitct4QOi3SoW75
QfkJLIjwZtnZShkKMEzkSRsdoJCIHmZMY9UYKamHrTiYpUgsNhad5cNd1F5lGM/l
0tp1Qz8Uy8FC2uYwqc0fGklvBEwXIZYwTCJWBl/4qeS0jgKHsshznjNQaQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFA1o3ihIbKwjEEpKl0ruRevv5StnMB8GA1UdIwQY
MBaAFJOymBl4iFaWzhwrv0r5na3CxhjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzkt
MzFjOTVlMmExZDZmLzEvRFdqZUtFaHNyQ01RU2txWFN1NUY2LV9sSzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzktMzFjOTVlMmExZDZm
LzEvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAwWVqAME
Ai2JuAMEAi2ecAMEAj6SpAMEAlC+AAMEAlGtDAMEAFvY7AMEAFvY8QMEAl13GAME
A5AC8AMEAp/94AMEArkgmAMEArk5ZAMEArl6hAMEArmcxDANBAIAAjAHAwUDKgQL
ADANBgkqhkiG9w0BAQsFAAOCAQEAFxke5fcFg9a5lyrqMjGCQ2KLlaFVLaOLdsq4
vVZHjACR5LDHZeQFYx/sh1m/UcLWXMHzuaEtPq3UV8AQ143Gwqdq3sEJXmkb2LIX
SdiGAOtYZni+N2vajVIBHApBDJqUlK8o9wOmTLUz6guPv9HcStTHcshBR+FSxQdv
dNkj5Yn0/XDjgvRn6MVxS8ntm2MSV3/yCkG4eydKZ5Z5cTPyGBcYCKP0Sva11f0u
voZDNVWyG59cJk1re+o4pVOoH69tPw6rW22i9C5tV8hZ5vsz2d6ycmxnqaFqXm/8
2r25zYZi7TtR9UHgue5fe/MSGyHxFji1qPC5PdnRcTViX7iB6A==
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:25:01 2025 by rpki-client