Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/wnY5Ebsttfchh5_cjKHfXygWQuY.roa
File: wnY5Ebsttfchh5_cjKHfXygWQuY.roa (raw, json)
Hash identifier: pCJ1hwFTcCv21l06fDQUFO4YTCzZdCwHc6g2mOw0WNI=
Subject key identifier: C2:76:39:11:BB:2D:B5:F7:21:87:9F:DC:8C:A1:DF:5F:28:16:42:E6
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019817C8164C2A79AA2EC991F2BB9435359F
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/wnY5Ebsttfchh5_cjKHfXygWQuY.roa
Signing time: Thu 17 Jul 2025 09:47:25 +0000
ROA not before: Thu 17 Jul 2025 09:47:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 5.182.184.0/24 maxlen: 24
45.67.146.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
162.218.89.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 20:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:17:c8:16:4c:2a:79:aa:2e:c9:91:f2:bb:94:35:35:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 17 09:47:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2763911bb2db5f721879fdc8ca1df5f281642e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b1:18:55:06:17:ce:b8:84:7a:b1:98:fe:9d:
62:ee:1c:49:0d:cd:1a:61:67:bd:7c:5e:b8:6b:5c:
3b:f6:05:ac:8c:75:f8:7a:db:ca:ae:ab:50:83:ba:
ec:53:67:fa:b6:2e:c8:f6:28:e2:51:53:d0:fb:37:
39:9c:dc:34:96:9f:e5:14:bc:0a:03:71:cc:a2:84:
fe:6c:6e:4a:09:01:3e:d8:a9:e2:87:b8:51:34:03:
62:f2:bb:35:45:be:54:f4:0b:9b:03:58:87:70:5c:
40:59:2b:db:5d:f8:f2:cb:a2:40:e4:03:da:ca:e4:
a3:02:6c:32:c9:05:c9:a0:9f:cd:c7:b2:7a:5d:63:
ef:b0:e6:da:27:40:a6:eb:6b:52:a1:66:b2:f3:43:
36:d7:94:ef:1d:be:cb:36:aa:b7:84:b9:9c:89:47:
59:6c:ed:ba:ba:a9:3c:2b:57:12:12:98:93:8a:df:
08:83:6f:3f:2f:53:9d:a3:84:ee:78:b6:ea:f1:cf:
e4:f4:a9:31:db:27:e4:4c:26:1c:b2:1d:4e:dc:47:
38:62:78:98:7f:dd:fe:6a:3e:cd:80:09:cf:28:63:
21:0d:22:d3:ba:9d:a0:ab:fe:3f:be:6d:0d:0a:9d:
29:69:2d:6e:97:48:e3:c0:63:36:64:c9:e5:24:de:
5d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:76:39:11:BB:2D:B5:F7:21:87:9F:DC:8C:A1:DF:5F:28:16:42:E6
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/wnY5Ebsttfchh5_cjKHfXygWQuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
45.67.146.0/24
78.31.206.0/24
162.218.89.0/24
162.218.93.0/24
185.52.136.0/24
185.52.139.0/24
185.161.191.0/24
185.187.214.0/23
185.205.206.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:06:15:7a:2a:2e:87:f4:4c:fb:ff:f2:23:a4:73:f1:db:2e:
de:67:3f:92:79:de:b0:d3:a0:bc:b9:e3:69:b9:22:19:74:aa:
2b:78:5a:56:a3:89:67:00:55:21:44:ad:e6:4b:f9:ae:51:86:
bf:fb:7f:0a:60:c8:7a:e8:f2:a7:94:19:18:d4:40:fb:8c:2f:
b5:10:ba:4d:89:9b:5c:37:70:d8:41:65:a3:31:7f:b0:7e:ec:
0e:14:b6:87:21:0b:8b:05:29:8a:96:1a:45:1a:ea:ee:1a:41:
48:33:20:e2:d5:d9:60:c6:ac:99:9d:f6:ce:10:91:c2:7c:c9:
a7:ff:d1:5d:80:b9:0c:3a:4b:db:23:eb:8d:67:d4:a5:cd:89:
51:97:8e:21:55:31:fa:45:ff:08:f8:d6:d4:d7:4c:f0:c5:ae:
7e:a8:67:1c:9e:40:43:d4:b7:f1:5f:68:f9:3e:23:42:de:72:
4e:1d:58:a7:53:5d:21:87:71:9f:0e:98:af:80:6e:c5:87:6b:
46:f0:29:2a:f2:09:4f:72:5e:e0:7c:56:f2:bf:58:64:ba:e5:
04:12:f1:34:36:c6:a6:d3:a4:67:90:3c:69:ad:c9:08:bf:72:
3c:55:91:f4:8d:c2:45:cf:56:57:48:ac:71:22:69:f6:f7:a8:
c2:12:f5:eb
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZgXyBZMKnmqLsmR8ruUNTWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNzE3MDk0NzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjc2MzkxMWJiMmRiNWY3MjE4NzlmZGM4Y2ExZGY1ZjI4MTY0MmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLEYVQYXzriEerGY/p1i7hxJDc0a
YWe9fF64a1w79gWsjHX4etvKrqtQg7rsU2f6ti7I9ijiUVPQ+zc5nNw0lp/lFLwK
A3HMooT+bG5KCQE+2Knih7hRNANi8rs1Rb5U9AubA1iHcFxAWSvbXfjyy6JA5APa
yuSjAmwyyQXJoJ/Nx7J6XWPvsObaJ0Cm62tSoWay80M215TvHb7LNqq3hLmciUdZ
bO26uqk8K1cSEpiTit8Ig28/L1Odo4TueLbq8c/k9Kkx2yfkTCYcsh1O3Ec4YniY
f93+aj7NgAnPKGMhDSLTup2gq/4/vm0NCp0paS1ul0jjwGM2ZMnlJN5dsQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFMJ2ORG7LbX3IYef3Iyh318oFkLmMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvd25ZNUVic3R0ZmNoaDVfY2pLSGZYeWdXUXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABba4AwQA
LUOSAwQATh/OAwQAotpZAwQAotpdAwQAuTSIAwQAuTSLAwQAuaG/AwQBubvWAwQA
uc3OMAwDBAO50JgDBAC50JoDBAC55nkwDQYJKoZIhvcNAQELBQADggEBAC0GFXoq
Lof0TPv/8iOkc/HbLt5nP5J53rDToLy542m5Ihl0qit4WlajiWcAVSFEreZL+a5R
hr/7fwpgyHro8qeUGRjUQPuML7UQuk2Jm1w3cNhBZaMxf7B+7A4UtochC4sFKYqW
GkUa6u4aQUgzIOLV2WDGrJmd9s4QkcJ8yaf/0V2AuQw6S9sj641n1KXNiVGXjiFV
MfpF/wj41tTXTPDFrn6oZxyeQEPUt/FfaPk+I0Leck4dWKdTXSGHcZ8OmK+AbsWH
a0bwKSryCU9yXuB8VvK/WGS65QQS8TQ2xqbTpGeQPGmtyQi/cjxVkfSNwkXPVldI
rHEiafb3qMIS9es=
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:27:16 2025 by rpki-client