Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/PWSfCZt09MdS0QQvAR2pXMY6SkU.roa
File: PWSfCZt09MdS0QQvAR2pXMY6SkU.roa (raw, json)
Hash identifier: VBjVP2VmUWdbTbx4QWa5MBdLEthK/+ye620Bo5kalbk=
Subject key identifier: 3D:64:9F:09:9B:74:F4:C7:52:D1:04:2F:01:1D:A9:5C:C6:3A:4A:45
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 01982B63ECCFC28493B4F107AFB89ABEA018
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/PWSfCZt09MdS0QQvAR2pXMY6SkU.roa
Signing time: Mon 21 Jul 2025 05:10:25 +0000
ROA not before: Mon 21 Jul 2025 05:10:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22773
IP address blocks: 92.71.72.0/21 maxlen: 24
92.71.80.0/20 maxlen: 24
92.71.100.0/22 maxlen: 24
92.71.104.0/21 maxlen: 24
92.71.112.0/21 maxlen: 24
92.71.120.0/22 maxlen: 24
213.201.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 04:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2b:63:ec:cf:c2:84:93:b4:f1:07:af:b8:9a:be:a0:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jul 21 05:10:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d649f099b74f4c752d1042f011da95cc63a4a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cf:40:e0:b8:10:5c:a4:12:50:e4:2d:54:49:
c3:21:d1:7f:a1:c5:a2:a3:61:52:81:c5:ad:08:e7:
d4:74:28:46:9f:6c:0c:28:f9:c1:07:33:b4:e8:f3:
55:7c:46:7e:cb:e7:cd:c2:a2:48:9e:26:e7:93:77:
cd:ba:f4:f3:0e:64:3c:d9:cf:76:8d:e4:10:dc:41:
96:1a:83:bb:49:86:d2:d1:74:61:b9:41:43:3a:72:
39:1d:73:06:cd:ed:f2:bc:0f:dd:eb:ca:02:0b:17:
e8:8a:f7:d2:8e:50:37:bd:6b:b2:b1:f2:73:fe:86:
8b:9f:11:1a:5f:3d:1d:81:d8:fc:17:6f:39:b0:7b:
ca:b8:fe:28:b6:cb:5b:f7:bb:6b:7f:49:a8:ea:73:
8d:65:b8:20:b2:92:6b:1f:ca:1b:79:1b:cc:46:26:
02:0c:ce:e2:7e:47:c0:8b:c1:c4:76:09:4f:e3:e0:
7d:e9:d1:b5:b4:ff:40:da:1b:8c:9d:17:9c:cb:d4:
1c:cd:ad:e0:9b:72:07:8f:2c:e2:68:13:f0:5f:5c:
90:f5:59:18:d0:1a:8f:10:de:3c:75:4c:21:33:36:
ab:63:fb:05:78:04:30:1e:ca:65:99:04:9c:0d:f3:
3b:41:4b:1b:3c:92:a5:ad:55:0d:84:61:76:3a:5f:
ae:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:64:9F:09:9B:74:F4:C7:52:D1:04:2F:01:1D:A9:5C:C6:3A:4A:45
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/PWSfCZt09MdS0QQvAR2pXMY6SkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.71.72.0-92.71.95.255
92.71.100.0-92.71.123.255
213.201.244.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:8a:18:c3:bb:f0:c4:c6:63:2c:fc:c0:57:d7:17:d8:fa:d9:
3a:06:63:c7:f2:70:e3:d7:b8:d7:65:4c:9c:8c:f1:0e:40:ef:
15:31:1b:83:2b:54:81:0f:94:b5:6d:d3:24:cb:37:e9:46:c1:
cd:cd:62:0b:88:76:e2:99:0f:be:fc:c3:7d:7c:17:83:31:bc:
79:7f:88:aa:4f:6c:e2:90:dd:0b:43:c1:f5:44:dd:36:d4:08:
44:73:62:22:33:8c:23:f0:19:59:69:b8:42:20:28:e2:ee:34:
23:8e:c5:e8:4a:41:93:25:ea:d3:d9:bd:67:b9:31:d6:42:30:
96:c2:d3:0f:08:32:49:18:bd:38:77:51:24:58:8f:b2:30:77:
68:9f:43:dc:a2:f4:d2:80:2c:17:8e:c5:a1:8c:8e:78:28:3e:
69:dd:24:6d:aa:e9:9e:51:e3:1a:93:9c:b5:22:41:63:e2:cd:
89:66:0e:fd:cc:32:e2:9b:b7:d5:7a:d4:9d:0a:57:fb:6b:88:
7c:ba:0b:cc:31:c7:d3:b0:aa:66:5e:bd:25:87:e7:c3:bf:a3:
88:c1:59:d3:3a:05:e2:84:57:5c:d1:f1:53:20:5c:7e:34:50:
83:e2:16:55:9a:40:59:fe:a0:57:63:dd:c3:6f:b1:2a:f4:3c:
de:57:f4:5f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZgrY+zPwoSTtPEHr7iavqAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwNzIxMDUxMDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDY0OWYwOTliNzRmNGM3NTJkMTA0MmYwMTFkYTk1Y2M2M2E0YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM9A4LgQXKQSUOQtVEnDIdF/ocWi
o2FSgcWtCOfUdChGn2wMKPnBBzO06PNVfEZ+y+fNwqJInibnk3fNuvTzDmQ82c92
jeQQ3EGWGoO7SYbS0XRhuUFDOnI5HXMGze3yvA/d68oCCxfoivfSjlA3vWuysfJz
/oaLnxEaXz0dgdj8F285sHvKuP4otstb97trf0mo6nONZbggspJrH8obeRvMRiYC
DM7ifkfAi8HEdglP4+B96dG1tP9A2huMnRecy9Qcza3gm3IHjyziaBPwX1yQ9VkY
0BqPEN48dUwhMzarY/sFeAQwHsplmQScDfM7QUsbPJKlrVUNhGF2Ol+uIQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFD1knwmbdPTHUtEELwEdqVzGOkpFMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvUFdTZkNadDA5TWRTMFFRdkFSMnBYTVk2U2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBANcR0gD
BAVcR0AwDAMEAlxHZAMEAlxHeAMEAtXJ9DANBgkqhkiG9w0BAQsFAAOCAQEAqIoY
w7vwxMZjLPzAV9cX2PrZOgZjx/Jw49e412VMnIzxDkDvFTEbgytUgQ+UtW3TJMs3
6UbBzc1iC4h24pkPvvzDfXwXgzG8eX+Iqk9s4pDdC0PB9UTdNtQIRHNiIjOMI/AZ
WWm4QiAo4u40I47F6EpBkyXq09m9Z7kx1kIwlsLTDwgySRi9OHdRJFiPsjB3aJ9D
3KL00oAsF47FoYyOeCg+ad0kbarpnlHjGpOctSJBY+LNiWYO/cwy4pu31XrUnQpX
+2uIfLoLzDHH07CqZl69JYfnw7+jiMFZ0zoF4oRXXNHxUyBcfjRQg+IWVZpAWf6g
V2Pdw2+xKvQ83lf0Xw==
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:10:42 2025 by rpki-client