Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/WUIZNw-eLQQOt4EwITxJgmOZJT4.roa
File: WUIZNw-eLQQOt4EwITxJgmOZJT4.roa (raw, json)
Hash identifier: 0l3pBIn4i2Fvp84T8M3rRiheZfEabYEorNMSMQJub/8=
Subject key identifier: 59:42:19:37:0F:9E:2D:04:0E:B7:81:30:21:3C:49:82:63:99:25:3E
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 01971FD7F0C5B221830271C50AD6599DF3F5
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/WUIZNw-eLQQOt4EwITxJgmOZJT4.roa
Signing time: Fri 30 May 2025 06:18:55 +0000
ROA not before: Fri 30 May 2025 06:18:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215245
IP address blocks: 31.22.72.0/24 maxlen: 24
31.22.76.0/24 maxlen: 24
31.22.77.0/24 maxlen: 24
46.247.108.0/24 maxlen: 24
46.247.109.0/24 maxlen: 24
62.169.152.0/24 maxlen: 24
86.54.5.0/24 maxlen: 24
194.46.60.0/24 maxlen: 24
2a14:6780:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1f:d7:f0:c5:b2:21:83:02:71:c5:0a:d6:59:9d:f3:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: May 30 06:18:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=594219370f9e2d040eb78130213c49826399253e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:89:bb:a7:df:e0:e2:ee:a6:e5:2d:47:b8:84:
4c:29:a3:82:a5:60:f8:c1:c8:bd:34:3f:0c:04:c3:
0d:1c:c1:31:3e:c8:76:1c:4f:4b:c1:f4:3b:ca:2c:
a3:2d:bc:32:c9:96:ef:cb:1b:02:e6:74:9c:f2:af:
83:1a:83:f3:66:9c:7a:92:23:45:2a:83:54:fa:b6:
ea:08:59:57:dd:cc:d1:80:af:b4:23:aa:d2:fb:65:
8f:a0:3e:fe:a4:fa:89:58:cb:88:9a:06:0d:8f:fc:
5b:7a:ac:ad:1d:22:9d:b9:c3:aa:a8:97:25:63:5b:
dc:46:91:f2:ba:4f:62:b7:7d:39:af:82:74:af:c1:
44:65:e5:d4:84:02:c6:a2:0d:23:77:2a:ce:56:21:
29:7a:aa:3f:29:a3:11:7f:19:e4:c7:8b:14:9b:d9:
61:49:dc:36:4a:a0:a1:e1:93:5d:4a:d2:53:94:da:
b1:92:63:39:bb:ed:18:f4:40:11:21:ae:98:26:28:
86:cb:95:20:13:3e:5a:45:f4:59:a1:50:6c:c6:e5:
ba:f3:6a:7a:ed:7c:9c:d8:c2:d8:2d:1d:8e:f0:df:
3d:33:db:50:e9:ff:fc:8e:84:62:c1:06:8f:d2:04:
38:72:92:83:bb:6d:3a:26:41:d4:7d:b8:85:2c:6c:
4f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:42:19:37:0F:9E:2D:04:0E:B7:81:30:21:3C:49:82:63:99:25:3E
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/WUIZNw-eLQQOt4EwITxJgmOZJT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.72.0/24
31.22.76.0/23
46.247.108.0/23
62.169.152.0/24
86.54.5.0/24
194.46.60.0/24
IPv6:
2a14:6780:4::/48
Signature Algorithm: sha256WithRSAEncryption
50:de:fc:0f:da:0a:96:cc:80:d3:31:9b:73:01:2c:b8:e4:f4:
e3:b5:d3:d6:e7:d6:0d:82:7a:0a:12:c2:86:f4:97:39:5f:a8:
0f:40:03:25:72:97:17:ae:08:6d:7b:87:33:95:23:1d:11:96:
6a:29:7f:93:7f:61:72:ef:9f:27:bd:5d:a4:6f:68:da:66:cf:
db:8f:e9:1b:66:d2:58:83:4b:63:b5:e9:4a:18:78:0e:6f:60:
55:96:64:14:d8:e4:dd:8e:5a:90:ed:53:8d:86:d9:2a:35:df:
a6:c3:5c:bc:c1:48:fd:2d:e0:5f:af:7c:5d:28:48:22:b6:a6:
79:78:f2:e1:ff:0f:e5:d5:c9:e7:c7:92:9e:6e:d3:86:12:3a:
8e:a0:e4:99:22:bd:7d:a0:2b:c0:92:0a:22:01:52:e7:6b:00:
d5:05:48:cc:45:e2:14:6f:0a:3f:36:94:d7:72:06:43:5d:23:
30:12:25:eb:bb:6a:88:e8:00:75:81:c0:6a:3e:83:64:66:5c:
ba:81:04:00:a2:c5:61:00:2e:7f:0d:5a:12:91:7f:e5:36:0e:
46:4e:66:f1:35:2f:69:2f:8c:a4:a7:1e:ad:46:a6:af:62:ce:
65:aa:35:0a:40:87:d7:90:91:61:41:8a:c4:98:88:2e:81:fb:
6d:74:dd:42
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZcf1/DFsiGDAnHFCtZZnfP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNTMwMDYxODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTQyMTkzNzBmOWUyZDA0MGViNzgxMzAyMTNjNDk4MjYzOTkyNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4m7p9/g4u6m5S1HuIRMKaOCpWD4
wci9ND8MBMMNHMExPsh2HE9LwfQ7yiyjLbwyyZbvyxsC5nSc8q+DGoPzZpx6kiNF
KoNU+rbqCFlX3czRgK+0I6rS+2WPoD7+pPqJWMuImgYNj/xbeqytHSKducOqqJcl
Y1vcRpHyuk9it305r4J0r8FEZeXUhALGog0jdyrOViEpeqo/KaMRfxnkx4sUm9lh
Sdw2SqCh4ZNdStJTlNqxkmM5u+0Y9EARIa6YJiiGy5UgEz5aRfRZoVBsxuW682p6
7Xyc2MLYLR2O8N89M9tQ6f/8joRiwQaP0gQ4cpKDu206JkHUfbiFLGxPTwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFFlCGTcPni0EDreBMCE8SYJjmSU+MB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvV1VJWk53LWVMUVFPdDRFd0lUeEpnbU9aSlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAHxZIAwQB
HxZMAwQBLvdsAwQAPqmYAwQAVjYFAwQAwi48MA8EAgACMAkDBwAqFGeAAAQwDQYJ
KoZIhvcNAQELBQADggEBAFDe/A/aCpbMgNMxm3MBLLjk9OO109bn1g2CegoSwob0
lzlfqA9AAyVylxeuCG17hzOVIx0Rlmopf5N/YXLvnye9XaRvaNpmz9uP6Rtm0liD
S2O16UoYeA5vYFWWZBTY5N2OWpDtU42G2So136bDXLzBSP0t4F+vfF0oSCK2pnl4
8uH/D+XVyefHkp5u04YSOo6g5JkivX2gK8CSCiIBUudrANUFSMxF4hRvCj82lNdy
BkNdIzASJeu7aojoAHWBwGo+g2RmXLqBBACixWEALn8NWhKRf+U2DkZOZvE1L2kv
jKSnHq1Gpq9izmWqNQpAh9eQkWFBisSYiC6B+2103UI=
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:45:25 2025 by rpki-client