Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/VaWzyHeML33KxuuEmctCiEY7ve4.roa
File: VaWzyHeML33KxuuEmctCiEY7ve4.roa (raw, json)
Hash identifier: ZRkkyo8TWSxcIvMrlabpWghExO5/yAw+64Ol/bnmML8=
Subject key identifier: 55:A5:B3:C8:77:8C:2F:7D:CA:C6:EB:84:99:CB:42:88:46:3B:BD:EE
Certificate issuer: /CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Certificate serial: 0197D44D425E43F603E7550638ABB0E22AC7
Authority key identifier: 5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/VaWzyHeML33KxuuEmctCiEY7ve4.roa
Signing time: Fri 04 Jul 2025 07:18:42 +0000
ROA not before: Fri 04 Jul 2025 07:18:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29037
IP address blocks: 5.57.192.0/21 maxlen: 24
77.236.104.0/21 maxlen: 24
77.236.112.0/21 maxlen: 24
79.171.176.0/21 maxlen: 24
82.115.96.0/19 maxlen: 24
93.119.240.0/20 maxlen: 24
178.248.216.0/21 maxlen: 24
185.5.168.0/22 maxlen: 24
192.54.67.0/24 maxlen: 24
192.54.68.0/22 maxlen: 24
212.7.160.0/19 maxlen: 24
217.17.16.0/20 maxlen: 24
2a01:5580::/32 maxlen: 48
2a02:1628::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:4d:42:5e:43:f6:03:e7:55:06:38:ab:b0:e2:2a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Validity
Not Before: Jul 4 07:18:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55a5b3c8778c2f7dcac6eb8499cb4288463bbdee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ab:35:10:d1:92:37:64:6d:72:d9:4e:c5:ff:
b1:68:a6:11:a3:35:1a:35:ce:d7:4a:b2:e2:7d:e4:
0f:e9:de:48:42:cb:8c:18:97:e7:49:7c:a5:7d:cf:
ea:1f:2e:0d:91:18:77:bd:00:f9:d1:5a:71:4c:ce:
1e:dd:57:9e:34:69:e9:5d:16:8d:27:3b:5d:15:c1:
67:83:37:fa:df:36:c1:1a:32:ad:ff:96:ad:16:3f:
f0:69:0b:b1:3f:1f:c8:a1:33:52:b4:cd:45:fe:38:
42:63:8a:0f:67:7e:ed:55:da:9f:94:4b:0f:e1:73:
0f:4c:fc:28:49:d2:03:db:c0:7f:49:0f:2f:17:bd:
6c:48:73:91:91:f1:06:95:2f:93:ba:9b:20:df:a6:
e6:ce:d9:2d:59:f5:be:03:8b:93:74:57:56:e0:25:
ed:41:4d:92:76:90:74:df:54:27:55:a7:9d:bf:b9:
14:c3:45:36:47:4d:5f:e4:de:76:41:96:f6:73:47:
c3:d3:30:6c:56:cf:8c:4f:70:a0:db:73:26:59:3e:
fb:06:85:ac:32:20:fa:05:6d:b7:7c:28:3e:27:28:
3a:9e:0a:7a:cf:91:93:1b:eb:9b:b2:8f:a4:df:41:
e0:d4:ba:4e:fa:4c:b5:06:98:2b:0b:70:26:e7:e6:
a4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A5:B3:C8:77:8C:2F:7D:CA:C6:EB:84:99:CB:42:88:46:3B:BD:EE
X509v3 Authority Key Identifier:
keyid:5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/VaWzyHeML33KxuuEmctCiEY7ve4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.192.0/21
77.236.104.0-77.236.119.255
79.171.176.0/21
82.115.96.0/19
93.119.240.0/20
178.248.216.0/21
185.5.168.0/22
192.54.67.0-192.54.71.255
212.7.160.0/19
217.17.16.0/20
IPv6:
2a01:5580::/32
2a02:1628::/32
Signature Algorithm: sha256WithRSAEncryption
5b:d0:c9:ca:b8:c4:5d:46:c8:4a:55:58:e2:32:d3:68:0c:5a:
5a:ba:5c:bf:d0:7e:a4:2e:fb:ea:98:17:d1:fb:85:00:ed:bb:
35:73:43:4a:37:4d:2f:41:8d:37:f5:1c:63:e8:d3:6f:d4:64:
89:41:ea:d5:26:cc:86:c5:84:76:97:c9:3b:1d:6f:8b:08:79:
46:a5:66:3c:38:f2:96:59:a6:d7:61:ca:59:d6:b0:24:20:f9:
c3:37:41:55:62:81:c1:ec:13:4a:a2:c4:4c:cf:e6:a6:42:75:
b3:48:95:97:ae:48:01:fb:2e:76:29:37:a6:7f:e3:8b:5a:bb:
ce:f3:a5:98:6f:62:1a:51:6a:e4:cd:7c:17:b2:29:05:4a:9e:
ef:a9:26:79:a3:aa:02:ce:b5:34:59:de:23:c9:cc:5d:c1:b3:
57:a3:fb:0c:76:1f:12:c7:00:c0:48:73:65:3a:e3:ad:b6:bd:
60:4e:24:ff:f8:c6:4a:a8:bf:43:aa:25:ba:cf:7f:d4:82:d5:
59:4c:db:64:95:70:cc:38:a2:02:35:1c:87:7c:ad:bc:b4:01:
e1:2b:f4:5d:cf:9f:ad:56:cc:15:16:47:e2:e6:93:40:0a:6d:
54:d5:b3:5b:07:4f:12:39:73:40:4b:12:aa:cf:28:65:c8:38:
2a:72:27:67
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZfUTUJeQ/YD51UGOKuw4irHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzU2OTk0YmIyOTJlNDllY2M2MzM3YjdmOTVkNjllZTJh
ZjYxZTEwHhcNMjUwNzA0MDcxODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWE1YjNjODc3OGMyZjdkY2FjNmViODQ5OWNiNDI4ODQ2M2JiZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKs1ENGSN2RtctlOxf+xaKYRozUa
Nc7XSrLifeQP6d5IQsuMGJfnSXylfc/qHy4NkRh3vQD50VpxTM4e3VeeNGnpXRaN
JztdFcFngzf63zbBGjKt/5atFj/waQuxPx/IoTNStM1F/jhCY4oPZ37tVdqflEsP
4XMPTPwoSdID28B/SQ8vF71sSHORkfEGlS+Tupsg36bmztktWfW+A4uTdFdW4CXt
QU2SdpB031QnVaedv7kUw0U2R01f5N52QZb2c0fD0zBsVs+MT3Cg23MmWT77BoWs
MiD6BW23fCg+Jyg6ngp6z5GTG+ubso+k30Hg1LpO+ky1BpgrC3Am5+aklQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFFWls8h3jC99ysbrhJnLQohGO73uMB8GA1UdIwQY
MBaAFFp1aZS7KS5J7MYze3+V1p7ir2HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUt
NGUwYWE0MmExNWE4LzEvVmFXenlIZU1MMzNLeHV1RW1jdENpRVk3dmU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUtNGUwYWE0MmExNWE4
LzEvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBSBAIAATBMAwQDBTnAMAwD
BANN7GgDBANN7HADBANPq7ADBAVSc2ADBARdd/ADBAOy+NgDBAK5BagwDAMEAMA2
QwMEA8A2QAMEBdQHoAMEBNkREDAUBAIAAjAOAwUAKgFVgAMFACoCFigwDQYJKoZI
hvcNAQELBQADggEBAFvQycq4xF1GyEpVWOIy02gMWlq6XL/QfqQu++qYF9H7hQDt
uzVzQ0o3TS9BjTf1HGPo02/UZIlB6tUmzIbFhHaXyTsdb4sIeUalZjw48pZZptdh
ylnWsCQg+cM3QVVigcHsE0qixEzP5qZCdbNIlZeuSAH7LnYpN6Z/44tau87zpZhv
YhpRauTNfBeyKQVKnu+pJnmjqgLOtTRZ3iPJzF3Bs1ej+wx2HxLHAMBIc2U64622
vWBOJP/4xkqov0OqJbrPf9SC1VlM22SVcMw4ogI1HId8rby0AeEr9F3Pn61WzBUW
R+Lmk0AKbVTVs1sHTxI5c0BLEqrPKGXIOCpyJ2c=
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:40:23 2025 by rpki-client