Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Wm1N-1k5l17vFFDB1UYexU5pylc.roa
File: Wm1N-1k5l17vFFDB1UYexU5pylc.roa (raw, json)
Hash identifier: kl5fQQCdbrMoipvYcHYjQFpF2oGH+sJK9hivbDAv45M=
Subject key identifier: 5A:6D:4D:FB:59:39:97:5E:EF:14:50:C1:D5:46:1E:C5:4E:69:CA:57
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 019713213D6B2C0EE73FC9A73ADF47D22EDE
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Wm1N-1k5l17vFFDB1UYexU5pylc.roa
Signing time: Tue 27 May 2025 19:03:54 +0000
ROA not before: Tue 27 May 2025 19:03:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214738
IP address blocks: 37.49.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:13:21:3d:6b:2c:0e:e7:3f:c9:a7:3a:df:47:d2:2e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 27 19:03:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a6d4dfb5939975eef1450c1d5461ec54e69ca57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0a:f9:6a:af:a8:16:85:d1:fb:24:4c:b4:e0:
c7:f3:1c:c6:eb:66:8e:ac:e9:d7:b0:dc:11:18:21:
88:94:eb:89:4e:a0:84:eb:b5:9b:9c:77:b4:46:30:
8b:5a:49:25:f7:50:2c:26:92:24:02:6d:45:f5:4c:
94:7d:8b:96:f1:55:4f:49:e1:74:41:b5:5e:64:b2:
6f:b0:52:3c:0d:c0:72:c1:c6:6f:06:cf:fd:29:4e:
59:5a:d6:8f:c6:ea:37:60:4b:42:5a:0a:d2:7c:83:
c8:ce:09:00:74:d9:1e:4b:84:72:ab:e5:3a:05:2a:
d1:14:8e:6d:1e:81:31:5a:67:f4:ec:f9:a8:8d:b0:
b4:4c:dd:bb:b3:b2:b8:40:8a:bd:77:14:13:2a:7f:
43:9f:5f:17:37:23:f5:52:5a:25:16:83:1d:10:33:
fc:d0:10:9c:06:fe:f2:b3:48:b1:85:8f:65:53:c2:
d4:02:81:95:12:a7:68:04:63:92:ad:f2:e3:5a:e1:
bd:38:0e:76:1c:56:eb:f0:92:33:ee:5b:3e:e9:62:
b7:1c:c9:c9:79:0d:4f:fd:fa:47:50:5a:74:63:e8:
3d:70:70:48:9b:65:43:1e:02:86:49:b6:64:8d:94:
dc:18:ad:a0:ba:d3:dc:5c:8f:a9:4c:02:38:e0:e7:
21:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6D:4D:FB:59:39:97:5E:EF:14:50:C1:D5:46:1E:C5:4E:69:CA:57
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Wm1N-1k5l17vFFDB1UYexU5pylc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.148.0/24
Signature Algorithm: sha256WithRSAEncryption
39:7f:19:09:3b:ce:c8:b0:de:70:62:9b:8b:3f:dc:22:e9:c2:
bc:14:67:fc:9e:f9:c4:0e:f1:54:2f:08:d5:4c:a9:2b:53:59:
c9:75:89:07:ee:0f:f3:14:c6:01:aa:53:30:e6:6e:56:26:36:
35:68:6a:83:a5:51:3e:57:be:4b:7e:67:44:54:95:b8:df:df:
d7:20:3d:9e:37:7f:76:dc:f8:67:10:b9:46:dc:83:4a:e7:d3:
f8:c2:f8:1f:9a:8e:74:71:bb:40:41:b8:fa:5b:54:9f:01:b8:
7b:bd:9d:e4:62:ac:37:3f:67:60:da:1e:70:5f:ba:01:7b:88:
6e:cd:8e:fb:7d:d2:88:8d:2f:81:42:e9:4c:b4:51:62:2f:e8:
cf:13:aa:7c:ca:07:79:22:bb:95:8d:5d:e6:12:99:dd:aa:20:
c5:93:e3:c9:38:b9:7b:e9:5d:76:52:0d:66:e5:b2:f1:b9:79:
02:70:39:e4:3c:08:62:fd:b5:ec:42:1b:7d:9e:b6:97:f9:8d:
11:60:c5:65:e5:ec:b6:3e:2a:33:ae:98:fe:66:74:79:5b:ee:
2b:ce:4c:b6:02:7e:1b:fe:6e:d2:27:5b:f4:aa:b1:79:f3:9a:
cc:62:86:91:af:2d:8a:99:59:a3:6e:50:06:8d:c1:27:4c:ac:
bc:43:60:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcTIT1rLA7nP8mnOt9H0i7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNTI3MTkwMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTZkNGRmYjU5Mzk5NzVlZWYxNDUwYzFkNTQ2MWVjNTRlNjljYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgr5aq+oFoXR+yRMtODH8xzG62aO
rOnXsNwRGCGIlOuJTqCE67WbnHe0RjCLWkkl91AsJpIkAm1F9UyUfYuW8VVPSeF0
QbVeZLJvsFI8DcBywcZvBs/9KU5ZWtaPxuo3YEtCWgrSfIPIzgkAdNkeS4Ryq+U6
BSrRFI5tHoExWmf07PmojbC0TN27s7K4QIq9dxQTKn9Dn18XNyP1UlolFoMdEDP8
0BCcBv7ys0ixhY9lU8LUAoGVEqdoBGOSrfLjWuG9OA52HFbr8JIz7ls+6WK3HMnJ
eQ1P/fpHUFp0Y+g9cHBIm2VDHgKGSbZkjZTcGK2gutPcXI+pTAI44OchtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFptTftZOZde7xRQwdVGHsVOacpXMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvV20xTi0xazVsMTd2RkZEQjFVWWV4VTVweWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTGUMA0G
CSqGSIb3DQEBCwUAA4IBAQA5fxkJO87IsN5wYpuLP9wi6cK8FGf8nvnEDvFULwjV
TKkrU1nJdYkH7g/zFMYBqlMw5m5WJjY1aGqDpVE+V75LfmdEVJW439/XID2eN392
3PhnELlG3INK59P4wvgfmo50cbtAQbj6W1SfAbh7vZ3kYqw3P2dg2h5wX7oBe4hu
zY77fdKIjS+BQulMtFFiL+jPE6p8ygd5IruVjV3mEpndqiDFk+PJOLl76V12Ug1m
5bLxuXkCcDnkPAhi/bXsQht9nraX+Y0RYMVl5ey2Piozrpj+ZnR5W+4rzky2An4b
/m7SJ1v0qrF585rMYoaRry2KmVmjblAGjcEnTKy8Q2DY
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:13:43 2025 by rpki-client