Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/w957DfnwZRNsvOjiEmwL6wBJ8ug.roa
File: w957DfnwZRNsvOjiEmwL6wBJ8ug.roa (raw, json)
Hash identifier: dIOhmCcjfHKlH6PB2ObazIQBGUB74fKOam5QTJ1/pAc=
Subject key identifier: C3:DE:7B:0D:F9:F0:65:13:6C:BC:E8:E2:12:6C:0B:EB:00:49:F2:E8
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0198377B0244A1274794507C811AD265D914
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/w957DfnwZRNsvOjiEmwL6wBJ8ug.roa
Signing time: Wed 23 Jul 2025 13:31:05 +0000
ROA not before: Wed 23 Jul 2025 13:31:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 62.93.164.0/22 maxlen: 24
62.93.176.0/22 maxlen: 24
84.20.4.0/22 maxlen: 24
84.20.16.0/22 maxlen: 24
84.20.24.0/22 maxlen: 24
92.71.34.0/23 maxlen: 24
92.71.40.0/22 maxlen: 24
92.71.98.0/23 maxlen: 24
213.139.8.0/22 maxlen: 24
213.201.242.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 00:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:7b:02:44:a1:27:47:94:50:7c:81:1a:d2:65:d9:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jul 23 13:31:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3de7b0df9f065136cbce8e2126c0beb0049f2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f0:5e:6d:8f:d4:9d:d8:04:41:08:6c:7c:5b:
a9:19:f7:48:85:df:25:9e:c0:8a:1a:d8:27:6f:97:
02:2c:05:39:2f:1e:4b:26:b4:d9:02:89:9d:58:8a:
0a:b1:31:11:68:7d:5e:29:27:80:93:ef:de:a6:4c:
16:a0:e6:71:5c:67:59:ed:0d:e5:4e:4e:92:c2:5f:
f5:dc:00:da:27:dd:e1:54:60:4e:e3:18:33:a3:12:
5e:c3:41:ba:57:13:ff:46:73:79:92:db:d6:65:ae:
8a:00:c7:f6:b4:7d:57:b6:f0:4b:bf:db:68:2c:fa:
3e:9d:a1:e5:28:56:7d:7d:23:a8:e3:ae:f6:54:92:
bc:7e:90:95:91:9a:c3:20:de:9d:09:b1:fa:41:ed:
91:88:97:64:ad:e6:19:1d:40:36:35:0d:f3:27:7f:
20:59:b8:e0:c2:d7:43:b7:94:65:3d:c1:8a:62:d5:
04:c1:69:d1:71:88:1f:27:25:13:d8:ac:ec:de:c7:
74:8c:24:f2:66:e4:50:13:ee:42:6a:1e:4b:1c:43:
97:22:6d:49:c8:cd:52:14:d5:ed:82:30:d7:1a:4f:
a1:44:cf:e3:ed:59:72:1b:81:ce:68:3e:3f:48:af:
a8:82:da:04:39:60:76:90:44:7a:b6:ac:56:f4:78:
6d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:DE:7B:0D:F9:F0:65:13:6C:BC:E8:E2:12:6C:0B:EB:00:49:F2:E8
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/w957DfnwZRNsvOjiEmwL6wBJ8ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.93.164.0/22
62.93.176.0/22
84.20.4.0/22
84.20.16.0/22
84.20.24.0/22
92.71.34.0/23
92.71.40.0/22
92.71.98.0/23
213.139.8.0/22
213.201.242.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:07:d3:0b:d4:2d:54:4a:28:3f:28:aa:62:c8:f8:d7:db:ad:
e4:0c:76:b1:1b:10:43:5a:57:88:9d:e3:8b:fa:d8:3b:67:7e:
c2:6a:f6:ea:22:9a:21:d6:52:55:7c:a8:21:4e:94:07:4c:1a:
ae:23:98:11:27:d7:c3:23:b4:e0:6d:0e:57:b5:e1:e8:90:b9:
75:98:9e:18:17:90:0f:39:78:09:f7:3b:51:ae:6a:72:e5:14:
c6:ab:a0:b9:9e:24:59:12:ce:cf:2f:c0:64:15:6b:a1:c7:d4:
27:11:5a:4c:4e:20:de:a1:14:b6:1b:0f:60:a7:38:b1:63:f2:
97:c4:4a:7e:76:15:fc:3e:d2:d0:8e:75:c3:b4:eb:42:69:5b:
a4:a3:62:48:22:53:ec:fd:b7:4b:ae:a4:03:84:cc:f4:47:78:
69:76:19:96:8f:dd:15:58:56:0c:1d:51:e9:6a:a6:cb:4c:16:
b7:44:08:74:b4:0f:b4:9a:d0:65:b6:7c:1b:2d:9f:32:c3:22:
18:d0:f6:70:0a:0d:1a:dc:c0:28:fc:83:3a:e0:b5:b7:44:eb:
a4:a8:e2:20:05:18:f1:8d:9d:1d:c5:5e:fc:bb:9b:35:ed:7a:
73:79:24:ef:cb:65:3a:24:b3:28:64:37:a7:2b:ae:b1:3d:60:
87:3f:0a:ad
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZg3ewJEoSdHlFB8gRrSZdkUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwNzIzMTMzMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2RlN2IwZGY5ZjA2NTEzNmNiY2U4ZTIxMjZjMGJlYjAwNDlmMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPBebY/UndgEQQhsfFupGfdIhd8l
nsCKGtgnb5cCLAU5Lx5LJrTZAomdWIoKsTERaH1eKSeAk+/epkwWoOZxXGdZ7Q3l
Tk6Swl/13ADaJ93hVGBO4xgzoxJew0G6VxP/RnN5ktvWZa6KAMf2tH1XtvBLv9to
LPo+naHlKFZ9fSOo4672VJK8fpCVkZrDIN6dCbH6Qe2RiJdkreYZHUA2NQ3zJ38g
WbjgwtdDt5RlPcGKYtUEwWnRcYgfJyUT2Kzs3sd0jCTyZuRQE+5Cah5LHEOXIm1J
yM1SFNXtgjDXGk+hRM/j7VlyG4HOaD4/SK+ogtoEOWB2kER6tqxW9HhtrQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMPeew358GUTbLzo4hJsC+sASfLoMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvdzk1N0RmbndaUk5zdk9qaUVtd0w2d0JKOHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCPl2kAwQC
Pl2wAwQCVBQEAwQCVBQQAwQCVBQYAwQBXEciAwQCXEcoAwQBXEdiAwQC1YsIAwQB
1cnyMA0GCSqGSIb3DQEBCwUAA4IBAQAfB9ML1C1USig/KKpiyPjX263kDHaxGxBD
WleIneOL+tg7Z37CavbqIpoh1lJVfKghTpQHTBquI5gRJ9fDI7TgbQ5XteHokLl1
mJ4YF5APOXgJ9ztRrmpy5RTGq6C5niRZEs7PL8BkFWuhx9QnEVpMTiDeoRS2Gw9g
pzixY/KXxEp+dhX8PtLQjnXDtOtCaVuko2JIIlPs/bdLrqQDhMz0R3hpdhmWj90V
WFYMHVHpaqbLTBa3RAh0tA+0mtBltnwbLZ8ywyIY0PZwCg0a3MAo/IM64LW3ROuk
qOIgBRjxjZ0dxV78u5s17XpzeSTvy2U6JLMoZDenK66xPWCHPwqt
-----END CERTIFICATE-----
Generated at Sat Jul 26 07:33:07 2025 by rpki-client