Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/wEf0XFewVLDEH498_3ycA_iLwpA.roa
File: wEf0XFewVLDEH498_3ycA_iLwpA.roa (raw, json)
Hash identifier: jj8EG5dFJudLiKXib9hP+9XTMUS6HXp2GHHzc8cEo24=
Subject key identifier: C0:47:F4:5C:57:B0:54:B0:C4:1F:8F:7C:FF:7C:9C:03:F8:8B:C2:90
Certificate issuer: /CN=a6e8a25a93792a58b3a2d80fb1aad959e65aeddf
Certificate serial: 01976186DCFF75201B7027E9420A737F699F
Authority key identifier: A6:E8:A2:5A:93:79:2A:58:B3:A2:D8:0F:B1:AA:D9:59:E6:5A:ED:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/wEf0XFewVLDEH498_3ycA_iLwpA.roa
Signing time: Thu 12 Jun 2025 00:25:17 +0000
ROA not before: Thu 12 Jun 2025 00:25:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29070
IP address blocks: 185.103.20.0/22 maxlen: 22
185.103.20.0/24 maxlen: 24
185.103.21.0/24 maxlen: 24
185.103.22.0/24 maxlen: 24
185.103.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.mft
rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:61:86:dc:ff:75:20:1b:70:27:e9:42:0a:73:7f:69:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6e8a25a93792a58b3a2d80fb1aad959e65aeddf
Validity
Not Before: Jun 12 00:25:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c047f45c57b054b0c41f8f7cff7c9c03f88bc290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:63:87:41:d5:09:77:3a:e4:00:d3:eb:f3:0e:
db:19:fb:71:61:ba:e1:77:b5:83:d6:24:0d:75:ce:
3b:50:7a:71:11:3d:3c:d3:00:55:f8:57:26:06:9f:
98:3c:51:7a:9c:3a:76:df:80:6d:12:66:82:03:b1:
fe:d4:f8:bf:6b:72:ae:ed:b5:f2:9e:78:8c:dd:d3:
18:c0:41:3a:d3:dc:f4:4a:05:f7:a4:93:87:c7:2f:
58:e7:61:61:fc:e8:42:03:62:2c:41:2c:97:7d:92:
99:77:1c:37:77:0b:11:6e:e1:65:e0:b3:22:3c:69:
b1:85:ef:10:d8:f1:8d:7e:4c:f1:09:cb:7e:67:6d:
10:e7:f3:4e:b3:13:46:1f:c5:c0:b9:24:f2:61:79:
4f:42:a2:09:3b:46:14:85:3f:e2:3a:22:4e:e4:0c:
0d:50:bc:a1:7c:3d:e4:41:a8:db:77:3d:59:4e:07:
3b:de:d8:75:99:c7:6e:6c:d9:94:0f:97:5c:71:34:
99:fe:43:89:32:06:d3:e5:03:1e:41:bf:56:ac:b3:
28:28:bd:b2:cd:28:f8:3b:b9:97:35:dd:cb:39:0a:
7d:16:9b:cd:f0:fa:70:97:07:5e:9b:6b:c6:01:15:
6c:15:d5:77:85:ee:34:75:8a:5e:23:09:d9:1e:40:
5d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:47:F4:5C:57:B0:54:B0:C4:1F:8F:7C:FF:7C:9C:03:F8:8B:C2:90
X509v3 Authority Key Identifier:
keyid:A6:E8:A2:5A:93:79:2A:58:B3:A2:D8:0F:B1:AA:D9:59:E6:5A:ED:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/wEf0XFewVLDEH498_3ycA_iLwpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.20.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:7a:c5:be:a7:5b:a5:f8:cd:31:93:1e:98:f6:ab:9c:79:2a:
c4:34:7d:c5:3a:eb:c6:8a:68:dd:b8:b1:57:a2:12:a6:4c:15:
37:f7:68:3e:96:49:5d:2b:83:09:1e:a5:10:d2:b3:ee:24:b9:
b4:de:7c:8f:46:bc:26:24:ea:bb:83:60:5b:53:ec:36:7b:b4:
a5:97:90:a9:21:c0:a6:ab:a2:d5:a0:6b:1c:e7:cf:99:57:73:
ef:f0:29:b5:1b:6f:76:d0:6f:55:cf:93:da:bb:de:19:9f:3a:
ae:af:f0:17:6d:b2:ed:05:10:f9:91:4c:ae:8a:e7:ca:05:26:
65:37:17:84:c8:71:70:af:4c:d4:37:7a:ad:bb:a8:7a:bf:8a:
9c:80:b5:88:8e:50:7a:0f:a2:2b:79:a6:ab:c0:19:48:36:59:
db:fa:39:b0:f7:e2:d4:8e:19:02:ee:2d:33:d2:12:3c:d2:80:
69:95:63:cd:7e:db:8d:ff:15:e7:e6:a3:32:87:b6:d2:72:c6:
1e:b4:94:a1:ca:e5:ed:17:9f:0a:7a:4d:05:9d:6f:e7:85:6b:
e9:1a:a4:b9:ea:1e:70:2f:84:bc:0b:db:9d:18:18:d1:09:6d:
15:05:a9:8d:2e:a2:cd:5f:de:66:41:26:09:0c:28:03:c3:41:
5e:60:1a:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdhhtz/dSAbcCfpQgpzf2mfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZThhMjVhOTM3OTJhNThiM2EyZDgwZmIxYWFkOTU5ZTY1
YWVkZGYwHhcNMjUwNjEyMDAyNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDQ3ZjQ1YzU3YjA1NGIwYzQxZjhmN2NmZjdjOWMwM2Y4OGJjMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGOHQdUJdzrkANPr8w7bGftxYbrh
d7WD1iQNdc47UHpxET080wBV+FcmBp+YPFF6nDp234BtEmaCA7H+1Pi/a3Ku7bXy
nniM3dMYwEE609z0SgX3pJOHxy9Y52Fh/OhCA2IsQSyXfZKZdxw3dwsRbuFl4LMi
PGmxhe8Q2PGNfkzxCct+Z20Q5/NOsxNGH8XAuSTyYXlPQqIJO0YUhT/iOiJO5AwN
ULyhfD3kQajbdz1ZTgc73th1mcdubNmUD5dccTSZ/kOJMgbT5QMeQb9WrLMoKL2y
zSj4O7mXNd3LOQp9FpvN8Ppwlwdem2vGARVsFdV3he40dYpeIwnZHkBdxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBH9FxXsFSwxB+PfP98nAP4i8KQMB8GA1UdIwQY
MBaAFKboolqTeSpYs6LYD7Gq2VnmWu3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YzZlNzUtYTgwMC00ZDRmLThhYzct
NGVhZWIyYTIzYjI3LzEvd0VmMFhGZXdWTERFSDQ5OF8zeWNBX2lMd3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YzZlNzUtYTgwMC00ZDRmLThhYzctNGVhZWIyYTIzYjI3
LzEvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWcUMA0G
CSqGSIb3DQEBCwUAA4IBAQBbesW+p1ul+M0xkx6Y9quceSrENH3FOuvGimjduLFX
ohKmTBU392g+lkldK4MJHqUQ0rPuJLm03nyPRrwmJOq7g2BbU+w2e7Sll5CpIcCm
q6LVoGsc58+ZV3Pv8Cm1G2920G9Vz5Pau94Znzqur/AXbbLtBRD5kUyuiufKBSZl
NxeEyHFwr0zUN3qtu6h6v4qcgLWIjlB6D6IreaarwBlINlnb+jmw9+LUjhkC7i0z
0hI80oBplWPNftuN/xXn5qMyh7bScsYetJShyuXtF58Kek0FnW/nhWvpGqS56h5w
L4S8C9udGBjRCW0VBamNLqLNX95mQSYJDCgDw0FeYBp7
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:10:50 2025 by rpki-client