Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rW5_HGw5v2cDyoyeL7-59Gw3Uhk.roa
File: rW5_HGw5v2cDyoyeL7-59Gw3Uhk.roa (raw, json)
Hash identifier: Z3MvnOKrCY40P32y++b8YK3o1R/6gmeTCaIxhOMoGCk=
Subject key identifier: AD:6E:7F:1C:6C:39:BF:67:03:CA:8C:9E:2F:BF:B9:F4:6C:37:52:19
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0197D60A34B878EEB72A0C60FE76988D0876
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rW5_HGw5v2cDyoyeL7-59Gw3Uhk.roa
Signing time: Fri 04 Jul 2025 15:24:42 +0000
ROA not before: Fri 04 Jul 2025 15:24:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44208
IP address blocks: 31.170.48.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.190.0/24 maxlen: 24
176.46.153.0/24 maxlen: 24
176.46.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 20:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d6:0a:34:b8:78:ee:b7:2a:0c:60:fe:76:98:8d:08:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jul 4 15:24:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad6e7f1c6c39bf6703ca8c9e2fbfb9f46c375219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4d:a9:4c:f6:06:5d:62:4a:73:97:1c:d6:b4:
8b:57:9a:d3:b8:55:44:df:57:ca:a7:65:f1:57:67:
ea:ef:0c:45:fa:51:ce:88:37:aa:2e:4e:8f:50:20:
3d:e8:50:03:9c:a2:c8:0f:2a:7e:92:e9:4b:7a:13:
27:82:90:5e:47:d8:30:da:86:9c:15:a1:ce:5f:74:
12:e4:bd:af:0f:41:1c:02:50:f6:de:6f:51:89:e1:
25:c6:7a:51:fc:10:d1:79:78:a9:1d:e9:cd:8f:c1:
48:0c:93:b6:cc:13:d1:5c:28:c0:37:f7:2f:be:1d:
34:ce:0c:98:91:f7:7d:73:8e:92:fe:72:f8:a0:f0:
30:57:1e:23:f9:82:37:41:7e:9e:c3:40:34:d2:78:
88:76:e7:25:6b:9e:8c:9f:5e:9a:1a:c1:e6:b0:a1:
d9:34:1d:5e:8c:af:f7:bf:9d:5f:5b:f9:8f:fe:cd:
d9:17:08:c4:42:d1:c3:c1:1f:e6:12:be:bd:b2:4d:
a8:1f:b8:9a:a0:59:be:19:65:5f:6c:bc:9d:66:c8:
ee:d5:16:ff:2f:c7:ab:e8:51:45:16:fc:78:98:37:
6f:5a:29:64:79:53:9e:7e:7f:5c:91:a6:7f:be:f1:
3a:57:9e:06:b6:4b:96:50:37:62:eb:1c:da:61:c4:
5b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:6E:7F:1C:6C:39:BF:67:03:CA:8C:9E:2F:BF:B9:F4:6C:37:52:19
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rW5_HGw5v2cDyoyeL7-59Gw3Uhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
176.46.153.0-176.46.154.255
Signature Algorithm: sha256WithRSAEncryption
1e:f2:74:4f:2b:84:49:91:ec:d2:e3:93:bd:14:cf:00:11:96:
ce:1c:a4:16:d6:92:2a:f3:d7:1c:d8:4d:fd:05:8e:80:76:2f:
db:ea:a0:cd:9b:23:98:96:f1:5d:68:79:1f:a9:78:cb:a3:86:
05:ac:56:20:38:2c:b2:15:59:72:1a:f2:4f:4f:63:63:45:25:
a1:93:e2:f2:af:5d:40:31:81:67:9b:6f:05:ce:94:c3:25:73:
9e:3b:1e:bf:58:13:5e:01:c2:4b:21:7e:ad:75:a5:16:60:35:
17:ab:48:8b:f3:b9:8f:b3:68:22:21:ad:7d:e2:2b:f5:a5:48:
2d:15:ef:f3:d6:17:66:7c:ac:13:1d:4e:2e:1b:e5:bb:c1:a1:
99:3f:e3:29:b5:03:47:af:cc:c6:6f:a0:ae:98:e5:cc:b3:fc:
57:5b:c6:69:15:11:1e:a9:75:32:f5:a4:e3:48:a3:41:ba:b1:
00:37:28:7b:59:ab:2f:b4:87:9a:1a:95:a8:5e:db:86:9d:63:
50:be:e8:e6:84:b6:f4:52:52:3f:55:e0:f7:da:d5:b9:6d:a9:
81:09:ba:e3:d5:50:8e:7e:65:d9:c7:7b:f2:e3:69:ca:6a:83:
a3:1a:4f:c3:b9:e7:19:83:5e:4c:d2:87:78:81:bc:8d:da:53:
e2:80:a1:30
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZfWCjS4eO63Kgxg/naYjQh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNzA0MTUyNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDZlN2YxYzZjMzliZjY3MDNjYThjOWUyZmJmYjlmNDZjMzc1MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxk2pTPYGXWJKc5cc1rSLV5rTuFVE
31fKp2XxV2fq7wxF+lHOiDeqLk6PUCA96FADnKLIDyp+kulLehMngpBeR9gw2oac
FaHOX3QS5L2vD0EcAlD23m9RieElxnpR/BDReXipHenNj8FIDJO2zBPRXCjAN/cv
vh00zgyYkfd9c46S/nL4oPAwVx4j+YI3QX6ew0A00niIducla56Mn16aGsHmsKHZ
NB1ejK/3v51fW/mP/s3ZFwjEQtHDwR/mEr69sk2oH7iaoFm+GWVfbLydZsju1Rb/
L8er6FFFFvx4mDdvWilkeVOefn9ckaZ/vvE6V54GtkuWUDdi6xzaYcRbsQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK1ufxxsOb9nA8qMni+/ufRsN1IZMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvclc1X0hHdzV2MmNEeW95ZUw3LTU5R3czVWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEH6owAwQG
XkqAMAwDBACwLpkDBACwLpowDQYJKoZIhvcNAQELBQADggEBAB7ydE8rhEmR7NLj
k70UzwARls4cpBbWkirz1xzYTf0FjoB2L9vqoM2bI5iW8V1oeR+peMujhgWsViA4
LLIVWXIa8k9PY2NFJaGT4vKvXUAxgWebbwXOlMMlc547Hr9YE14Bwkshfq11pRZg
NRerSIvzuY+zaCIhrX3iK/WlSC0V7/PWF2Z8rBMdTi4b5bvBoZk/4ym1A0evzMZv
oK6Y5cyz/FdbxmkVER6pdTL1pONIo0G6sQA3KHtZqy+0h5oalahe24adY1C+6OaE
tvRSUj9V4Pfa1bltqYEJuuPVUI5+ZdnHe/Ljacpqg6MaT8O55xmDXkzSh3iBvI3a
U+KAoTA=
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:49:52 2025 by rpki-client