Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/pWKwCP_lM1lV6k1_8iA6jNpjHqg.roa
File: pWKwCP_lM1lV6k1_8iA6jNpjHqg.roa (raw, json)
Hash identifier: RStEnKPVfL8STTUgjI+bGS1TABSbUFHPohIVOs18xGk=
Subject key identifier: A5:62:B0:08:FF:E5:33:59:55:EA:4D:7F:F2:20:3A:8C:DA:63:1E:A8
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 0196C64A7531DB4A7CB6D205ED9B565FF1CC
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/pWKwCP_lM1lV6k1_8iA6jNpjHqg.roa
Signing time: Mon 12 May 2025 20:58:10 +0000
ROA not before: Mon 12 May 2025 20:58:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211486
IP address blocks: 91.211.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c6:4a:75:31:db:4a:7c:b6:d2:05:ed:9b:56:5f:f1:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: May 12 20:58:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a562b008ffe5335955ea4d7ff2203a8cda631ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:81:98:44:cb:05:9e:0e:dd:45:ae:65:fa:ac:
fe:48:99:32:91:57:5f:72:f9:c8:66:ba:21:34:16:
b8:55:9a:90:b3:0c:a4:5f:87:86:51:f6:0e:f4:10:
d3:9b:01:4b:50:f4:7a:ee:95:b5:43:f8:dc:a4:02:
02:f4:34:a8:69:0d:22:b6:d5:4d:45:88:ef:9c:3d:
12:c6:0c:6a:b1:a4:a5:dc:cb:69:6d:59:53:90:38:
0e:4d:27:0f:f8:86:d3:7c:d0:15:2f:3f:78:9f:c5:
88:0f:1a:ba:1e:c4:2c:c2:31:a3:4c:8b:a6:f2:9f:
b1:76:6e:6f:12:66:66:70:0c:cd:00:1c:21:9e:6b:
da:52:1b:ca:db:79:17:7f:f3:3d:e9:0d:f9:43:d4:
49:e7:4b:af:4a:7e:45:7b:91:21:fd:d9:e1:98:97:
e9:27:ab:fd:5c:3d:d9:c1:10:f1:8c:6b:8b:bc:14:
da:09:a4:da:c2:e7:8f:db:4b:f9:7a:7f:a6:99:83:
2c:5c:fc:c8:0f:0a:55:dd:8e:27:16:7e:c8:42:c6:
4a:b1:b7:bc:d7:16:a7:de:a8:c4:c6:23:ff:a5:5f:
7e:a9:11:b0:cc:39:7d:f5:a6:8a:1e:50:ff:cf:a9:
21:c4:ce:bc:0d:fa:fc:20:6b:23:b9:75:57:8a:b3:
73:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:62:B0:08:FF:E5:33:59:55:EA:4D:7F:F2:20:3A:8C:DA:63:1E:A8
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/pWKwCP_lM1lV6k1_8iA6jNpjHqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.114.0/24
Signature Algorithm: sha256WithRSAEncryption
73:ab:64:15:76:37:24:6f:70:ff:96:91:d4:e9:bb:34:ff:5b:
ab:dc:a9:93:91:d6:a2:24:68:9c:1c:7f:5f:89:ee:22:b9:4d:
f7:18:08:49:77:94:3f:bd:d8:f5:d8:a1:90:86:92:7e:0b:50:
73:a7:b8:be:2c:02:2a:7b:e1:2f:66:2b:b5:25:f7:84:ec:f3:
c0:80:fa:56:49:dd:83:b7:5a:98:36:fa:9d:3d:84:49:57:0d:
bb:65:f0:36:2d:af:57:6c:be:1e:eb:da:de:78:64:77:32:91:
e0:54:fa:31:f5:f5:24:d6:35:6b:a5:36:9d:74:e5:6b:84:8c:
9c:fc:ab:ba:19:0d:f1:a4:97:85:4b:07:42:51:ec:37:a8:73:
fc:24:ff:dc:ca:49:73:aa:b7:5b:03:99:02:92:37:53:3c:e5:
0d:9c:b7:a9:a0:b8:09:d0:75:3b:92:e9:88:fb:61:0c:13:b3:
ab:91:dc:00:0e:41:ec:69:40:62:73:eb:37:c3:3f:f7:f1:ff:
1e:d0:d5:3c:af:f1:60:0a:41:a4:f3:30:b1:2f:78:ce:59:e2:
b2:a0:96:a2:cb:8f:8f:79:4d:19:71:bd:2b:81:e2:cc:74:7a:
58:ca:81:4a:90:5b:c8:d9:b7:c8:3d:9b:cf:a0:20:b6:8c:68:
14:62:0f:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbGSnUx20p8ttIF7ZtWX/HMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUwNTEyMjA1ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTYyYjAwOGZmZTUzMzU5NTVlYTRkN2ZmMjIwM2E4Y2RhNjMxZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24GYRMsFng7dRa5l+qz+SJkykVdf
cvnIZrohNBa4VZqQswykX4eGUfYO9BDTmwFLUPR67pW1Q/jcpAIC9DSoaQ0ittVN
RYjvnD0SxgxqsaSl3MtpbVlTkDgOTScP+IbTfNAVLz94n8WIDxq6HsQswjGjTIum
8p+xdm5vEmZmcAzNABwhnmvaUhvK23kXf/M96Q35Q9RJ50uvSn5Fe5Eh/dnhmJfp
J6v9XD3ZwRDxjGuLvBTaCaTawueP20v5en+mmYMsXPzIDwpV3Y4nFn7IQsZKsbe8
1xan3qjExiP/pV9+qRGwzDl99aaKHlD/z6khxM68Dfr8IGsjuXVXirNzmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKVisAj/5TNZVepNf/IgOozaYx6oMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvcFdLd0NQX2xNMWxWNmsxXzhpQTZqTnBqSHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9NyMA0G
CSqGSIb3DQEBCwUAA4IBAQBzq2QVdjckb3D/lpHU6bs0/1ur3KmTkdaiJGicHH9f
ie4iuU33GAhJd5Q/vdj12KGQhpJ+C1Bzp7i+LAIqe+EvZiu1JfeE7PPAgPpWSd2D
t1qYNvqdPYRJVw27ZfA2La9XbL4e69reeGR3MpHgVPox9fUk1jVrpTaddOVrhIyc
/Ku6GQ3xpJeFSwdCUew3qHP8JP/cyklzqrdbA5kCkjdTPOUNnLepoLgJ0HU7kumI
+2EME7OrkdwADkHsaUBic+s3wz/38f8e0NU8r/FgCkGk8zCxL3jOWeKyoJaiy4+P
eU0Zcb0rgeLMdHpYyoFKkFvI2bfIPZvPoCC2jGgUYg8I
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:30:36 2025 by rpki-client