Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/wWRwvyrn-LAOgtkAhCo3MlchYWQ.roa
File: wWRwvyrn-LAOgtkAhCo3MlchYWQ.roa (raw, json)
Hash identifier: Uba3h/vRuJ26W0MxcGsxkEurmXFyfeD+ONZVIUG7QEM=
Subject key identifier: C1:64:70:BF:2A:E7:F8:B0:0E:82:D9:00:84:2A:37:32:57:21:61:64
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 01973AE38247A9171F78760E9CE2EFF06611
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/wWRwvyrn-LAOgtkAhCo3MlchYWQ.roa
Signing time: Wed 04 Jun 2025 12:21:17 +0000
ROA not before: Wed 04 Jun 2025 12:21:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60485
IP address blocks: 5.157.18.0/24 maxlen: 24
5.157.38.0/24 maxlen: 24
5.157.47.0/24 maxlen: 24
5.157.57.0/24 maxlen: 24
37.72.187.0/24 maxlen: 24
37.203.209.0/24 maxlen: 24
91.108.183.0/24 maxlen: 24
176.61.141.0/24 maxlen: 24
192.40.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:e3:82:47:a9:17:1f:78:76:0e:9c:e2:ef:f0:66:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Jun 4 12:21:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c16470bf2ae7f8b00e82d900842a373257216164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d1:2a:ae:d6:50:42:cf:c3:54:5b:dc:59:3e:
d5:8f:a1:a9:dc:0c:0d:52:16:44:f7:69:2c:26:c7:
8f:9c:39:d8:cf:54:1b:52:c9:66:80:85:86:5b:ba:
3f:32:e4:be:b1:87:cb:75:6f:6b:14:ca:c6:b5:ee:
db:0f:c6:ab:7d:2d:d7:9c:d7:ec:b5:a3:b2:b1:65:
77:15:57:44:ec:09:c2:50:db:88:75:cd:62:ff:95:
14:eb:ea:05:1f:49:ba:8f:94:d8:be:71:d3:42:5b:
39:28:9f:37:28:66:2c:b3:c0:1d:41:76:cb:c2:1b:
59:7a:3f:7c:fd:d9:a7:e1:75:46:7d:37:24:5d:37:
15:ad:7b:6a:d5:22:55:c3:f2:65:6e:5c:94:2a:d8:
57:6c:93:62:55:fc:e6:b4:49:5f:f6:b2:a2:8d:64:
60:d3:af:46:53:a6:88:d6:ac:ce:2a:e3:b1:6c:73:
82:d2:ae:d1:17:0d:45:71:56:bc:00:c8:36:49:8b:
da:e4:e1:5f:32:bf:ee:e9:ab:63:fe:48:b3:8d:8d:
7f:ed:37:d1:df:de:cb:8e:4a:db:ba:bd:94:cd:38:
ec:e7:15:38:43:2c:90:ba:17:39:5e:f7:b3:5f:0e:
db:97:a3:6f:18:a8:c7:13:43:3c:f2:94:3a:36:29:
a1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:64:70:BF:2A:E7:F8:B0:0E:82:D9:00:84:2A:37:32:57:21:61:64
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/wWRwvyrn-LAOgtkAhCo3MlchYWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.18.0/24
5.157.38.0/24
5.157.47.0/24
5.157.57.0/24
37.72.187.0/24
37.203.209.0/24
91.108.183.0/24
176.61.141.0/24
192.40.89.0/24
Signature Algorithm: sha256WithRSAEncryption
09:f8:ec:d0:a0:3e:aa:ab:46:5c:0c:c4:f8:20:41:b4:f9:72:
a1:75:20:52:ec:32:b6:b1:91:77:51:73:dc:23:14:13:74:07:
d8:d7:bc:7d:b6:39:0a:61:4a:0c:ee:ea:e4:97:20:f2:e2:a6:
07:68:93:4c:51:47:8f:ba:6c:a0:68:4c:9d:84:a4:ab:2c:e4:
31:2a:a7:60:e0:53:4f:7d:17:98:fb:80:25:9e:6c:24:da:28:
23:d8:48:e2:5f:6e:08:15:17:7e:dc:30:2b:ca:9c:33:3f:a7:
eb:0a:b3:04:06:fe:ea:9b:68:c3:3b:b0:db:fe:3b:39:45:71:
57:84:c6:d1:8d:71:85:9b:08:98:a6:57:e0:c3:b3:c1:67:c9:
6f:b9:c7:b9:ad:3a:60:f4:53:26:6a:03:c6:bb:d8:8e:8a:09:
e5:68:45:15:63:aa:72:00:b4:2b:aa:36:47:12:3a:31:4d:68:
83:93:3a:ca:11:26:1b:a7:10:f0:b0:1c:99:94:b7:8c:6c:fd:
6e:c5:04:7f:2b:27:3b:9b:b6:ab:9d:7c:bb:3e:7d:58:b9:85:
57:ce:86:ce:7c:16:00:e6:70:d2:d4:38:bc:2b:a1:3c:69:c7:
52:41:24:57:16:db:d0:0d:dc:e4:2c:fb:81:42:32:e4:2d:8f:
36:c6:d8:d2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZc644JHqRcfeHYOnOLv8GYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwNjA0MTIyMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTY0NzBiZjJhZTdmOGIwMGU4MmQ5MDA4NDJhMzczMjU3MjE2MTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9EqrtZQQs/DVFvcWT7Vj6Gp3AwN
UhZE92ksJsePnDnYz1QbUslmgIWGW7o/MuS+sYfLdW9rFMrGte7bD8arfS3XnNfs
taOysWV3FVdE7AnCUNuIdc1i/5UU6+oFH0m6j5TYvnHTQls5KJ83KGYss8AdQXbL
whtZej98/dmn4XVGfTckXTcVrXtq1SJVw/JlblyUKthXbJNiVfzmtElf9rKijWRg
069GU6aI1qzOKuOxbHOC0q7RFw1FcVa8AMg2SYva5OFfMr/u6atj/kizjY1/7TfR
397Ljkrbur2UzTjs5xU4QyyQuhc5XvezXw7bl6NvGKjHE0M88pQ6NimhmwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMFkcL8q5/iwDoLZAIQqNzJXIWFkMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvd1dSd3Z5cm4tTEFPZ3RrQWhDbzNNbGNoWVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABZ0SAwQA
BZ0mAwQABZ0vAwQABZ05AwQAJUi7AwQAJcvRAwQAW2y3AwQAsD2NAwQAwChZMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ+OzQoD6qq0ZcDMT4IEG0+XKhdSBS7DK2sZF3UXPc
IxQTdAfY17x9tjkKYUoM7urklyDy4qYHaJNMUUePumygaEydhKSrLOQxKqdg4FNP
fReY+4Alnmwk2igj2EjiX24IFRd+3DArypwzP6frCrMEBv7qm2jDO7Db/js5RXFX
hMbRjXGFmwiYplfgw7PBZ8lvuce5rTpg9FMmagPGu9iOignlaEUVY6pyALQrqjZH
EjoxTWiDkzrKESYbpxDwsByZlLeMbP1uxQR/Kyc7m7arnXy7Pn1YuYVXzobOfBYA
5nDS1Di8K6E8acdSQSRXFtvQDdzkLPuBQjLkLY82xtjS
-----END CERTIFICATE-----
Generated at Sun Jun 8 02:00:46 2025 by rpki-client