Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/wTGr0SPUsiRHSxZtorLxVk8wk-I.roa
File: wTGr0SPUsiRHSxZtorLxVk8wk-I.roa (raw, json)
Hash identifier: l27/BeXMm5kMEU8bDA4Me1n0VFr88fXBxMtP17kcSgI=
Subject key identifier: C1:31:AB:D1:23:D4:B2:24:47:4B:16:6D:A2:B2:F1:56:4F:30:93:E2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197D09E45986A5E6BA3813C0950A7DE5EF3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/wTGr0SPUsiRHSxZtorLxVk8wk-I.roa
Signing time: Thu 03 Jul 2025 14:08:42 +0000
ROA not before: Thu 03 Jul 2025 14:08:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 87.120.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 16:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d0:9e:45:98:6a:5e:6b:a3:81:3c:09:50:a7:de:5e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 3 14:08:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c131abd123d4b224474b166da2b2f1564f3093e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9e:ed:73:32:55:b9:60:72:12:a8:15:2d:93:
fd:42:f5:de:05:fe:dc:20:6b:0d:10:5c:63:d8:bf:
4a:86:81:7a:39:c1:f0:55:3d:98:e0:cb:5b:97:a0:
59:59:05:43:ce:8d:41:98:cc:e7:91:5f:18:8b:a2:
16:4b:dd:cd:40:bb:12:8c:37:8d:07:94:ae:b9:e7:
fe:04:80:80:1b:1a:1e:1d:60:17:a6:67:08:08:74:
cd:76:53:65:ba:ea:96:75:46:8a:90:5b:cb:e3:13:
9b:44:57:36:f8:a8:99:bc:a2:6b:54:dd:da:f2:22:
f0:b0:7a:33:26:20:a3:2e:bd:c9:c2:23:35:e5:b4:
e4:6e:9e:22:b9:8f:95:7d:93:82:5d:cb:37:95:1c:
53:78:a2:80:97:e3:be:82:36:1f:94:74:60:c0:ff:
f1:7a:44:24:d6:f6:c9:d4:1b:5e:c4:bb:95:68:33:
61:fa:52:8a:8a:39:39:d3:5f:2a:d4:df:14:55:cb:
ff:bf:f9:aa:a5:b4:30:43:e4:0d:52:ac:cc:c1:2b:
bc:54:7a:31:4b:05:75:12:55:ff:cd:81:89:51:94:
4c:33:32:06:d3:70:5c:a0:46:07:9a:d3:95:b5:49:
c9:c1:f7:4c:d3:48:91:cf:d2:85:8d:44:38:c6:61:
cf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:31:AB:D1:23:D4:B2:24:47:4B:16:6D:A2:B2:F1:56:4F:30:93:E2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/wTGr0SPUsiRHSxZtorLxVk8wk-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/24
Signature Algorithm: sha256WithRSAEncryption
41:39:d1:94:a9:29:31:ea:87:44:07:1b:b6:39:75:20:0a:bc:
98:7f:60:14:10:df:78:dd:7c:2a:48:fe:59:ac:f2:24:30:ea:
47:1c:45:38:7f:90:2f:c6:d0:da:82:52:49:8a:28:4e:c7:79:
7b:7f:9d:ed:ec:55:44:28:0a:cf:40:d1:c1:d0:73:c4:78:5c:
ae:a8:40:fa:8d:fe:02:6a:86:91:5c:11:3b:d2:aa:e1:b2:20:
c1:9f:f0:b0:48:d3:20:ba:b8:30:2e:46:19:49:ea:4a:aa:d7:
94:1d:d1:6c:06:c0:e8:4f:69:db:7f:af:a5:06:26:6f:ae:04:
8e:1a:bf:96:1a:6a:95:c5:78:8c:dd:8b:54:f6:89:3e:91:70:
47:80:4e:d2:06:84:ac:ca:6a:28:23:63:4a:d5:be:ae:eb:06:
9d:08:bd:c3:e4:be:40:e9:c2:64:5c:bf:f8:ea:08:39:cf:d1:
83:7c:9a:48:9d:f2:45:52:79:c3:32:c2:a3:60:96:07:92:ff:
ee:2b:cc:a7:26:51:fd:38:36:7c:e3:25:c3:7f:57:8e:33:56:
99:1b:23:ce:d3:ee:de:18:93:b9:fa:f3:af:e2:8f:05:e2:60:
e7:d9:22:6d:55:bc:70:23:33:18:5b:c1:c4:60:d0:b6:4c:af:
b2:e4:55:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfQnkWYal5ro4E8CVCn3l7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzAzMTQwODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTMxYWJkMTIzZDRiMjI0NDc0YjE2NmRhMmIyZjE1NjRmMzA5M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ7tczJVuWByEqgVLZP9QvXeBf7c
IGsNEFxj2L9KhoF6OcHwVT2Y4Mtbl6BZWQVDzo1BmMznkV8Yi6IWS93NQLsSjDeN
B5Suuef+BICAGxoeHWAXpmcICHTNdlNluuqWdUaKkFvL4xObRFc2+KiZvKJrVN3a
8iLwsHozJiCjLr3JwiM15bTkbp4iuY+VfZOCXcs3lRxTeKKAl+O+gjYflHRgwP/x
ekQk1vbJ1BtexLuVaDNh+lKKijk5018q1N8UVcv/v/mqpbQwQ+QNUqzMwSu8VHox
SwV1ElX/zYGJUZRMMzIG03BcoEYHmtOVtUnJwfdM00iRz9KFjUQ4xmHP7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMExq9Ej1LIkR0sWbaKy8VZPMJPiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvd1RHcjBTUFVzaVJIU3hadG9yTHhWazh3ay1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3hEMA0G
CSqGSIb3DQEBCwUAA4IBAQBBOdGUqSkx6odEBxu2OXUgCryYf2AUEN943XwqSP5Z
rPIkMOpHHEU4f5AvxtDaglJJiihOx3l7f53t7FVEKArPQNHB0HPEeFyuqED6jf4C
aoaRXBE70qrhsiDBn/CwSNMgurgwLkYZSepKqteUHdFsBsDoT2nbf6+lBiZvrgSO
Gr+WGmqVxXiM3YtU9ok+kXBHgE7SBoSsymooI2NK1b6u6wadCL3D5L5A6cJkXL/4
6gg5z9GDfJpInfJFUnnDMsKjYJYHkv/uK8ynJlH9ODZ84yXDf1eOM1aZGyPO0+7e
GJO5+vOv4o8F4mDn2SJtVbxwIzMYW8HEYNC2TK+y5FUe
-----END CERTIFICATE-----
Generated at Sat Jul 5 23:52:19 2025 by rpki-client