Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/WONdz1qm5to03GA7eB4wOaBR9zM.roa
File: WONdz1qm5to03GA7eB4wOaBR9zM.roa (raw, json)
Hash identifier: eQTFXw/XGg9l4VFoQCdFSuXas4xhDPAeQPEhKSMVdvs=
Subject key identifier: 58:E3:5D:CF:5A:A6:E6:DA:34:DC:60:3B:78:1E:30:39:A0:51:F7:33
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0197124498D0FA50B57947194EE86EB76620
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/WONdz1qm5to03GA7eB4wOaBR9zM.roa
Signing time: Tue 27 May 2025 15:02:54 +0000
ROA not before: Tue 27 May 2025 15:02:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44050
IP address blocks: 5.101.89.0/24 maxlen: 24
45.156.212.0/22 maxlen: 22
45.159.200.0/22 maxlen: 22
46.161.16.0/22 maxlen: 24
91.151.176.0/20 maxlen: 20
95.215.0.0/22 maxlen: 24
188.143.128.0/17 maxlen: 24
195.2.240.0/23 maxlen: 24
2a00:1d78::/32 maxlen: 48
2a00:1d78:666::/64 maxlen: 64
2a01:8380::/32 maxlen: 32
2a0c:8700::/29 maxlen: 29
2a0d:8fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 11:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:12:44:98:d0:fa:50:b5:79:47:19:4e:e8:6e:b7:66:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: May 27 15:02:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58e35dcf5aa6e6da34dc603b781e3039a051f733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4c:3c:e2:15:c6:2a:1d:d1:ba:b8:83:d8:fd:
a6:6d:cc:2b:95:c8:a9:59:75:3f:91:27:a7:4b:81:
22:60:1b:59:38:73:19:fd:09:5d:d2:2f:7f:3a:48:
1a:00:e6:f3:2e:38:79:21:d4:b3:d8:14:6b:c3:36:
f2:e5:89:a5:13:e7:b2:c9:fc:17:4d:d2:01:da:30:
a5:f1:cf:e4:96:0a:57:22:5e:e6:cc:be:e9:c0:fd:
b9:7e:1c:7d:6e:5e:b9:dd:af:b9:ad:83:d6:2a:77:
61:2d:0c:85:32:28:f0:90:20:a9:23:09:18:d3:5d:
6f:e5:56:4b:fa:88:07:fd:38:5c:5e:1d:e0:c3:93:
7d:a1:19:af:bc:f5:e5:c1:97:f5:df:41:24:98:7c:
4e:27:98:41:a3:b5:37:28:40:b8:26:7b:a2:9c:b5:
2f:07:65:e9:6c:26:5c:f7:8c:6e:39:f1:f4:62:ea:
d8:68:24:82:54:43:01:07:83:18:e7:9c:56:c6:93:
36:26:e0:db:76:75:cb:7b:35:09:dd:15:44:11:aa:
e7:ab:48:b3:4a:49:f1:26:12:5f:35:94:8c:41:8e:
06:1f:60:b7:3d:9d:ab:3f:a3:35:27:7e:a6:eb:47:
78:09:5b:29:c8:22:3e:00:2e:0c:4d:ff:94:63:46:
32:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E3:5D:CF:5A:A6:E6:DA:34:DC:60:3B:78:1E:30:39:A0:51:F7:33
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/WONdz1qm5to03GA7eB4wOaBR9zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.89.0/24
45.156.212.0/22
45.159.200.0/22
46.161.16.0/22
91.151.176.0/20
95.215.0.0/22
188.143.128.0/17
195.2.240.0/23
IPv6:
2a00:1d78::/32
2a01:8380::/32
2a0c:8700::/29
2a0d:8fc0::/29
Signature Algorithm: sha256WithRSAEncryption
98:c3:a1:39:17:08:fc:8d:12:32:bf:c8:47:66:8b:91:95:f3:
43:ee:dd:1e:d7:1f:f1:64:e1:51:96:a4:e9:a8:5a:ad:89:72:
f0:be:f8:87:b7:41:60:22:14:66:89:4e:45:89:07:85:0d:43:
c0:a7:c9:c7:8b:03:63:80:6d:57:63:4a:6f:eb:1a:35:c8:a2:
b0:03:a1:f9:ee:5b:5f:6a:b3:c1:10:04:f3:ce:3f:63:67:be:
9c:c5:75:d8:86:74:d8:41:a0:28:75:c0:0a:b8:5b:48:80:59:
4a:ff:46:d2:a9:3c:8f:9f:ec:dd:2c:ca:a0:54:e2:be:eb:b7:
84:c9:53:0a:5f:6c:de:55:fc:d9:76:c5:2d:3d:11:1e:2d:ac:
ec:f0:6e:d2:c1:1a:1e:d2:7a:b3:f1:c8:c9:b9:d7:72:91:17:
f8:6e:9d:6f:e1:cb:3a:53:1f:c1:62:ef:68:e9:1d:72:55:79:
1f:bf:17:84:32:f4:23:7f:69:da:6d:2a:2f:f3:85:05:30:96:
ad:92:e0:bf:fa:44:d8:05:19:ad:0d:28:ec:33:c9:5d:f3:48:
90:03:65:95:44:f0:2a:e1:fc:3b:e4:65:1c:ae:83:45:20:1c:
6f:9d:a1:55:f3:b4:42:97:39:17:4c:e0:20:c5:6d:01:6c:68:
70:55:ac:89
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZcSRJjQ+lC1eUcZTuhut2YgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwNTI3MTUwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGUzNWRjZjVhYTZlNmRhMzRkYzYwM2I3ODFlMzAzOWEwNTFmNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00w84hXGKh3RuriD2P2mbcwrlcip
WXU/kSenS4EiYBtZOHMZ/Qld0i9/OkgaAObzLjh5IdSz2BRrwzby5YmlE+eyyfwX
TdIB2jCl8c/klgpXIl7mzL7pwP25fhx9bl653a+5rYPWKndhLQyFMijwkCCpIwkY
011v5VZL+ogH/ThcXh3gw5N9oRmvvPXlwZf130EkmHxOJ5hBo7U3KEC4JnuinLUv
B2XpbCZc94xuOfH0YurYaCSCVEMBB4MY55xWxpM2JuDbdnXLezUJ3RVEEarnq0iz
SknxJhJfNZSMQY4GH2C3PZ2rP6M1J36m60d4CVspyCI+AC4MTf+UY0Yy+wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFFjjXc9apubaNNxgO3geMDmgUfczMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvV09OZHoxcW01dG8wM0dBN2VCNHdPYUJSOXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQABWVZAwQC
LZzUAwQCLZ/IAwQCLqEQAwQEW5ewAwQCX9cAAwQHvI+AAwQBwwLwMCIEAgACMBwD
BQAqAB14AwUAKgGDgAMFAyoMhwADBQMqDY/AMA0GCSqGSIb3DQEBCwUAA4IBAQCY
w6E5Fwj8jRIyv8hHZouRlfND7t0e1x/xZOFRlqTpqFqtiXLwvviHt0FgIhRmiU5F
iQeFDUPAp8nHiwNjgG1XY0pv6xo1yKKwA6H57ltfarPBEATzzj9jZ76cxXXYhnTY
QaAodcAKuFtIgFlK/0bSqTyPn+zdLMqgVOK+67eEyVMKX2zeVfzZdsUtPREeLazs
8G7SwRoe0nqz8cjJuddykRf4bp1v4cs6Ux/BYu9o6R1yVXkfvxeEMvQjf2nabSov
84UFMJatkuC/+kTYBRmtDSjsM8ld80iQA2WVRPAq4fw75GUcroNFIBxvnaFV87RC
lzkXTOAgxW0BbGhwVayJ
-----END CERTIFICATE-----
Generated at Sun Jun 8 19:32:43 2025 by rpki-client