Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/wGY7w33wbp754v9ca7Ik2gL3Voc.roa
File: wGY7w33wbp754v9ca7Ik2gL3Voc.roa (raw, json)
Hash identifier: cLU9Ywl9VMx+T+dYulHYxfzmlahVeyhReHN4Xp/Qd78=
Subject key identifier: C0:66:3B:C3:7D:F0:6E:9E:F9:E2:FF:5C:6B:B2:24:DA:02:F7:56:87
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 0197E3F0DCB30C8B28AEC75975DCFD96F444
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/wGY7w33wbp754v9ca7Ik2gL3Voc.roa
Signing time: Mon 07 Jul 2025 08:11:42 +0000
ROA not before: Mon 07 Jul 2025 08:11:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206996
IP address blocks: 87.237.52.0/24 maxlen: 24
87.237.53.0/24 maxlen: 24
87.237.54.0/24 maxlen: 24
87.237.55.0/24 maxlen: 24
195.62.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e3:f0:dc:b3:0c:8b:28:ae:c7:59:75:dc:fd:96:f4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Jul 7 08:11:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0663bc37df06e9ef9e2ff5c6bb224da02f75687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7a:f5:84:36:7d:71:4d:05:42:6e:25:6d:2b:
aa:64:ff:31:4c:af:32:57:3b:ef:bd:e0:55:45:49:
91:25:01:a5:0a:70:16:8b:74:00:06:ae:84:a5:24:
86:cc:4a:58:9a:41:95:f7:7f:59:6b:b8:fb:65:5e:
54:65:fa:79:48:62:ff:cc:49:f6:e1:5f:ba:00:92:
c3:f9:46:49:e3:f6:6c:b1:79:0d:eb:8d:f8:40:51:
0e:2a:3b:5d:6e:69:d7:df:32:be:83:62:13:fe:71:
a6:11:ad:de:fc:de:98:27:62:0c:8d:73:ef:56:a8:
0a:3e:39:67:61:00:07:21:51:b5:30:1b:65:78:58:
af:13:da:e8:8a:c2:69:19:f7:d6:a9:99:53:48:ed:
01:cf:90:91:03:32:61:32:fb:25:59:5a:c5:f9:e2:
94:c4:4f:c4:15:ba:af:62:10:74:f6:e1:ca:4f:87:
ff:18:c6:ba:da:e5:1d:7c:59:aa:2c:29:47:7a:c6:
76:fc:42:23:f8:02:5d:59:b2:7d:e8:e1:05:9a:4e:
8e:2f:58:91:e7:80:89:7b:f2:ef:f3:ce:cf:ad:92:
68:40:90:52:80:d7:41:fb:0c:91:a6:97:4f:d3:29:
21:48:4c:2c:38:71:73:ac:52:dd:4d:8d:07:b4:85:
87:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:66:3B:C3:7D:F0:6E:9E:F9:E2:FF:5C:6B:B2:24:DA:02:F7:56:87
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/wGY7w33wbp754v9ca7Ik2gL3Voc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.52.0/22
195.62.33.0/24
Signature Algorithm: sha256WithRSAEncryption
75:81:4f:3c:ac:d0:a4:97:4b:ec:93:ad:c4:53:7c:bd:7c:2c:
57:bc:a8:ed:05:d0:ca:51:e8:ba:12:62:05:56:03:fb:30:97:
0b:a1:3f:ee:be:5e:0b:fc:9c:f3:3d:8e:86:10:9a:73:08:c7:
ee:d5:b2:1e:32:9a:d1:3b:61:39:1d:0c:72:3f:92:99:3d:fa:
4c:a5:45:a2:c1:fb:c2:eb:5a:5b:d0:a4:47:bb:01:77:81:12:
19:f2:49:8a:cb:0f:c0:92:96:c7:4e:c0:08:59:f3:06:41:fa:
e0:da:8e:09:b5:13:d2:1d:83:0a:9f:d0:a9:6b:b9:a2:69:d9:
0c:eb:d8:ad:a8:74:ec:6f:f3:e8:cf:81:58:05:c5:aa:08:8f:
e9:ec:5b:b5:86:f9:35:db:21:53:b1:f0:62:34:df:23:65:fd:
0d:1c:7a:91:62:9e:6f:29:2e:97:9a:be:2d:87:c7:a1:9b:d4:
b7:bb:66:55:82:b9:ae:f2:60:fc:12:34:06:af:8e:1b:de:26:
8a:1a:47:8d:80:a6:9b:af:0c:f8:23:8f:b3:85:50:4c:46:50:
71:55:b6:4a:4f:b0:cd:39:13:65:fe:78:09:af:1e:4c:8c:73:
af:a5:63:b6:dc:1f:7f:0f:4c:87:f9:0b:d0:ad:0b:13:ca:f8:
f6:b7:45:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfj8NyzDIsorsdZddz9lvREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjUwNzA3MDgxMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDY2M2JjMzdkZjA2ZTllZjllMmZmNWM2YmIyMjRkYTAyZjc1Njg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3r1hDZ9cU0FQm4lbSuqZP8xTK8y
VzvvveBVRUmRJQGlCnAWi3QABq6EpSSGzEpYmkGV939Za7j7ZV5UZfp5SGL/zEn2
4V+6AJLD+UZJ4/ZssXkN6434QFEOKjtdbmnX3zK+g2IT/nGmEa3e/N6YJ2IMjXPv
VqgKPjlnYQAHIVG1MBtleFivE9roisJpGffWqZlTSO0Bz5CRAzJhMvslWVrF+eKU
xE/EFbqvYhB09uHKT4f/GMa62uUdfFmqLClHesZ2/EIj+AJdWbJ96OEFmk6OL1iR
54CJe/Lv887PrZJoQJBSgNdB+wyRppdP0ykhSEwsOHFzrFLdTY0HtIWHwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMBmO8N98G6e+eL/XGuyJNoC91aHMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvd0dZN3czM3dicDc1NHY5Y2E3SWsyZ0wzVm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCV+00AwQA
wz4hMA0GCSqGSIb3DQEBCwUAA4IBAQB1gU88rNCkl0vsk63EU3y9fCxXvKjtBdDK
Uei6EmIFVgP7MJcLoT/uvl4L/JzzPY6GEJpzCMfu1bIeMprRO2E5HQxyP5KZPfpM
pUWiwfvC61pb0KRHuwF3gRIZ8kmKyw/AkpbHTsAIWfMGQfrg2o4JtRPSHYMKn9Cp
a7miadkM69itqHTsb/Poz4FYBcWqCI/p7Fu1hvk12yFTsfBiNN8jZf0NHHqRYp5v
KS6Xmr4th8ehm9S3u2ZVgrmu8mD8EjQGr44b3iaKGkeNgKabrwz4I4+zhVBMRlBx
VbZKT7DNORNl/ngJrx5MjHOvpWO23B9/D0yH+QvQrQsTyvj2t0XZ
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:39:52 2025 by rpki-client