Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/WL0U37rtoMnf9rEUXD_6ssGaivA.roa
File: WL0U37rtoMnf9rEUXD_6ssGaivA.roa (raw, json)
Hash identifier: LZX1y/DWyL3Za7uA7BHBrGus17Rh9zUmNUrw7i+k7xU=
Subject key identifier: 58:BD:14:DF:BA:ED:A0:C9:DF:F6:B1:14:5C:3F:FA:B2:C1:9A:8A:F0
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0198181E261C645A5A04A2CDE54E0E8D6AA5
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/WL0U37rtoMnf9rEUXD_6ssGaivA.roa
Signing time: Thu 17 Jul 2025 11:21:25 +0000
ROA not before: Thu 17 Jul 2025 11:21:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209946
IP address blocks: 37.49.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 22:13:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:18:1e:26:1c:64:5a:5a:04:a2:cd:e5:4e:0e:8d:6a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jul 17 11:21:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58bd14dfbaeda0c9dff6b1145c3ffab2c19a8af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0d:3c:85:b2:4a:66:e7:8d:65:69:c8:67:c3:
14:85:8b:80:64:e6:b5:9b:8f:c3:89:b4:9c:18:0a:
40:70:6f:11:cb:5a:de:ec:ec:fc:1e:5c:85:cd:52:
ce:21:3d:98:7e:bd:8a:71:57:0f:5e:9f:a9:d4:55:
20:ed:85:ce:b4:b8:78:8c:07:17:45:9f:fd:52:4a:
05:7b:8f:fe:f9:53:0d:06:7e:1b:3a:f3:c0:5a:da:
a2:7b:98:e9:a0:62:00:99:1d:32:47:e1:e7:14:05:
a4:65:68:05:53:6c:0b:09:24:91:46:25:68:3b:a6:
f4:08:3a:16:07:4c:ca:48:06:c9:0e:5a:76:3f:92:
e3:a7:d2:84:b4:4c:c1:f6:04:0b:3b:6f:e3:29:63:
b4:38:52:60:35:b5:2b:dd:c3:22:40:0c:26:28:77:
ad:33:0f:ee:ba:d5:ae:69:61:69:07:1c:f1:3f:07:
7d:49:c4:13:a9:ec:c2:fe:2c:39:12:8b:9c:64:fc:
75:f3:a9:9a:3e:2d:f2:4c:7f:08:fd:f4:90:7e:7d:
2d:97:0d:76:3d:01:6d:e5:b4:c1:ef:81:bf:ce:55:
f6:6e:41:41:7f:ea:7b:87:21:17:ef:0d:58:f9:a9:
2a:b9:1c:2b:7f:95:84:be:fd:71:14:3a:4f:91:10:
5a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BD:14:DF:BA:ED:A0:C9:DF:F6:B1:14:5C:3F:FA:B2:C1:9A:8A:F0
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/WL0U37rtoMnf9rEUXD_6ssGaivA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.148.0/24
Signature Algorithm: sha256WithRSAEncryption
13:23:e5:07:f2:ae:4d:8f:83:7a:0a:89:33:a3:b2:3a:59:d5:
e7:41:57:67:54:62:c7:c3:cc:f9:f0:ed:7e:3d:a9:c5:c7:a7:
bb:a6:ef:76:27:61:c4:2d:e8:3a:1d:b7:cb:fb:fa:23:3b:26:
0a:6e:7c:67:fb:2b:f0:54:93:e8:e1:e0:55:df:7b:4f:39:eb:
fc:bf:46:24:2f:f6:c1:37:06:27:af:35:3a:c6:61:97:b6:2f:
82:b5:c7:33:c9:e6:69:83:92:e6:8c:da:ee:84:42:3e:0d:5d:
88:c2:85:91:85:c2:bf:9f:4e:37:e7:5e:53:1d:24:80:b6:72:
5c:df:bf:06:35:9a:74:dd:be:0c:17:82:31:b8:2f:96:7f:15:
60:44:bc:d7:22:d8:f9:69:56:aa:66:fa:58:8a:49:56:41:7b:
e5:65:0f:2b:7a:b6:2a:cb:8b:2e:3f:19:79:9d:b8:81:43:9b:
01:12:43:14:c1:46:2e:27:b3:13:71:a0:bf:1d:21:47:3c:62:
3c:ac:55:6b:ca:26:03:0e:79:89:d0:e6:57:86:46:6c:d6:a8:
dd:59:ef:5d:59:31:62:b3:5a:53:36:f3:05:6a:c1:15:0b:59:
3e:e8:5a:16:24:3f:3a:a9:df:d0:b0:68:0f:74:04:64:8b:14:
76:1e:0d:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgYHiYcZFpaBKLN5U4OjWqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNzE3MTEyMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGJkMTRkZmJhZWRhMGM5ZGZmNmIxMTQ1YzNmZmFiMmMxOWE4YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2w08hbJKZueNZWnIZ8MUhYuAZOa1
m4/DibScGApAcG8Ry1re7Oz8HlyFzVLOIT2Yfr2KcVcPXp+p1FUg7YXOtLh4jAcX
RZ/9UkoFe4/++VMNBn4bOvPAWtqie5jpoGIAmR0yR+HnFAWkZWgFU2wLCSSRRiVo
O6b0CDoWB0zKSAbJDlp2P5Ljp9KEtEzB9gQLO2/jKWO0OFJgNbUr3cMiQAwmKHet
Mw/uutWuaWFpBxzxPwd9ScQTqezC/iw5EoucZPx186maPi3yTH8I/fSQfn0tlw12
PQFt5bTB74G/zlX2bkFBf+p7hyEX7w1Y+akquRwrf5WEvv1xFDpPkRBaQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFi9FN+67aDJ3/axFFw/+rLBmorwMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvV0wwVTM3cnRvTW5mOXJFVVhEXzZzc0dhaXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTGUMA0G
CSqGSIb3DQEBCwUAA4IBAQATI+UH8q5Nj4N6Cokzo7I6WdXnQVdnVGLHw8z58O1+
PanFx6e7pu92J2HELeg6HbfL+/ojOyYKbnxn+yvwVJPo4eBV33tPOev8v0YkL/bB
NwYnrzU6xmGXti+CtcczyeZpg5LmjNruhEI+DV2IwoWRhcK/n043515THSSAtnJc
378GNZp03b4MF4IxuC+WfxVgRLzXItj5aVaqZvpYiklWQXvlZQ8rerYqy4suPxl5
nbiBQ5sBEkMUwUYuJ7MTcaC/HSFHPGI8rFVryiYDDnmJ0OZXhkZs1qjdWe9dWTFi
s1pTNvMFasEVC1k+6FoWJD86qd/QsGgPdARkixR2Hg0/
-----END CERTIFICATE-----
Generated at Fri Jul 25 01:44:37 2025 by rpki-client