Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/vdwj-YL5qkaKRDVt2Zto5EYwOL4.roa
File: vdwj-YL5qkaKRDVt2Zto5EYwOL4.roa (raw, json)
Hash identifier: JWEAJzW0lyftKypfeSLVAETbGxOalN2+cR5DvBGTHdE=
Subject key identifier: BD:DC:23:F9:82:F9:AA:46:8A:44:35:6D:D9:9B:68:E4:46:30:38:BE
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 0197D62FBF146D1AFA44014E67F5AFBCEB7D
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/vdwj-YL5qkaKRDVt2Zto5EYwOL4.roa
Signing time: Fri 04 Jul 2025 16:05:42 +0000
ROA not before: Fri 04 Jul 2025 16:05:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398993
IP address blocks: 116.204.164.0/23 maxlen: 23
116.204.166.0/24 maxlen: 24
222.167.216.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d6:2f:bf:14:6d:1a:fa:44:01:4e:67:f5:af:bc:eb:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Jul 4 16:05:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bddc23f982f9aa468a44356dd99b68e4463038be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d6:32:e0:e7:58:8f:25:90:a6:da:2b:34:d5:
bd:db:1a:1f:c3:ee:ea:89:c3:d3:57:d8:87:21:4a:
36:5c:dc:65:9a:67:20:d5:9c:b6:c0:59:47:6a:18:
ef:2a:4f:da:ea:7d:a0:d7:43:83:74:18:af:0a:90:
05:78:16:8a:20:47:d5:75:cd:12:80:ba:ee:4f:5d:
b4:3d:96:c2:d5:ff:d0:7a:01:6d:9c:99:e2:82:cd:
e2:93:f4:bb:cd:91:a0:30:b6:a6:1b:14:c1:dd:13:
05:85:9a:15:8c:f7:c7:18:bf:17:2f:ae:c5:a0:39:
f4:31:fd:1f:bd:d5:01:9a:f4:83:e7:de:6d:e0:0e:
32:92:81:1f:92:94:71:42:19:8b:59:fb:fe:bb:ba:
20:4a:8c:ac:3d:1c:ba:5e:8f:d7:0b:21:21:5e:45:
00:fe:3f:68:ff:1e:21:03:cf:55:c2:2c:dc:a9:ab:
d7:59:f5:45:e2:bf:02:92:b1:95:e9:eb:bd:01:80:
08:ee:13:a3:51:7f:d6:0a:a4:d5:84:00:60:a0:82:
50:67:f3:ae:a0:87:2d:65:f6:22:9f:d3:4b:83:f2:
b0:8e:79:a2:03:7e:ea:15:bc:48:65:c6:68:61:ee:
8d:14:a6:78:59:e1:fb:76:d2:8e:da:bc:18:c2:0b:
cd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DC:23:F9:82:F9:AA:46:8A:44:35:6D:D9:9B:68:E4:46:30:38:BE
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/vdwj-YL5qkaKRDVt2Zto5EYwOL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.204.164.0-116.204.166.255
222.167.216.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:a0:47:19:8d:06:ae:91:b5:9e:e8:d2:21:27:d0:6a:eb:3f:
d4:2c:31:48:4d:51:63:bd:0a:4f:10:79:74:f6:1b:c1:9a:d1:
15:9d:2d:fb:98:dc:22:10:f8:a6:ed:86:88:0a:93:1b:06:d1:
5e:93:44:f8:f7:13:9d:b3:af:f7:19:06:00:cc:f8:fc:a6:62:
2e:d4:84:58:43:20:06:d8:15:0e:9b:bd:26:8d:5e:9b:04:80:
e1:91:4e:8d:ec:6f:91:94:89:8b:b3:03:96:e6:41:42:a5:d7:
eb:2a:9e:fc:59:f7:08:cd:a8:13:e0:ef:7b:9d:40:87:39:04:
b8:68:21:fe:10:a2:cb:a5:e5:2a:4a:33:8c:cb:9c:e3:5d:ed:
25:ad:5b:52:c7:fb:57:64:ef:51:e2:18:ed:3e:94:44:67:7a:
69:df:2c:10:51:80:4f:37:46:e7:49:2b:54:aa:e7:21:19:85:
e6:83:8d:75:41:e5:5a:ab:ab:3f:7f:eb:28:3f:a2:05:30:51:
67:42:89:ba:c3:e9:e6:07:24:29:bb:02:11:a3:8f:75:2e:aa:
e9:d7:a8:2c:86:93:a5:7a:ca:67:c5:d5:fe:06:8e:f9:8d:f6:
c2:8f:92:1e:4c:0e:17:59:aa:d8:99:fe:d8:3e:9d:a6:25:5d:
16:83:da:85
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZfWL78UbRr6RAFOZ/WvvOt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjUwNzA0MTYwNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGRjMjNmOTgyZjlhYTQ2OGE0NDM1NmRkOTliNjhlNDQ2MzAzOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA69Yy4OdYjyWQptorNNW92xofw+7q
icPTV9iHIUo2XNxlmmcg1Zy2wFlHahjvKk/a6n2g10ODdBivCpAFeBaKIEfVdc0S
gLruT120PZbC1f/QegFtnJnigs3ik/S7zZGgMLamGxTB3RMFhZoVjPfHGL8XL67F
oDn0Mf0fvdUBmvSD595t4A4ykoEfkpRxQhmLWfv+u7ogSoysPRy6Xo/XCyEhXkUA
/j9o/x4hA89VwizcqavXWfVF4r8CkrGV6eu9AYAI7hOjUX/WCqTVhABgoIJQZ/Ou
oIctZfYin9NLg/KwjnmiA37qFbxIZcZoYe6NFKZ4WeH7dtKO2rwYwgvNCwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFL3cI/mC+apGikQ1bdmbaORGMDi+MB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvdmR3ai1ZTDVxa2FLUkRWdDJadG81RVl3T0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJ0zKQD
BAB0zKYDBAPep9gwDQYJKoZIhvcNAQELBQADggEBAF+gRxmNBq6RtZ7o0iEn0Grr
P9QsMUhNUWO9Ck8QeXT2G8Ga0RWdLfuY3CIQ+KbthogKkxsG0V6TRPj3E52zr/cZ
BgDM+PymYi7UhFhDIAbYFQ6bvSaNXpsEgOGRTo3sb5GUiYuzA5bmQUKl1+sqnvxZ
9wjNqBPg73udQIc5BLhoIf4Qosul5SpKM4zLnONd7SWtW1LH+1dk71HiGO0+lERn
emnfLBBRgE83RudJK1Sq5yEZheaDjXVB5Vqrqz9/6yg/ogUwUWdCibrD6eYHJCm7
AhGjj3UuqunXqCyGk6V6ymfF1f4GjvmN9sKPkh5MDhdZqtiZ/tg+naYlXRaD2oU=
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:48:29 2025 by rpki-client