
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/W_QbYX9ZTefRSwKnL72ps23YkbU.roa
File: W_QbYX9ZTefRSwKnL72ps23YkbU.roa (raw, json)
Hash identifier: O+yO4y0kWUxUwS+WjWuH503NMuQYxW5RzvY5stzKpfg=
Subject key identifier: 5B:F4:1B:61:7F:59:4D:E7:D1:4B:02:A7:2F:BD:A9:B3:6D:D8:91:B5
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 0197456E7B2C831371B11BAAF5D2D97C3A82
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/W_QbYX9ZTefRSwKnL72ps23YkbU.roa
Signing time: Fri 06 Jun 2025 13:29:17 +0000
ROA not before: Fri 06 Jun 2025 13:29:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398993
IP address blocks: 116.204.164.0/23 maxlen: 23
116.204.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:45:6e:7b:2c:83:13:71:b1:1b:aa:f5:d2:d9:7c:3a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Jun 6 13:29:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bf41b617f594de7d14b02a72fbda9b36dd891b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fa:cc:bf:0f:a9:af:76:00:0e:e0:b0:ea:08:
ed:05:89:8c:af:75:e0:94:69:d5:0c:0c:11:d2:87:
d8:96:16:df:37:f5:6c:46:57:bf:5f:f9:51:2f:97:
43:5c:98:19:43:69:47:ef:a0:db:d9:85:37:de:e5:
56:fa:86:ec:fc:ed:eb:3a:80:42:19:e4:57:4b:fd:
79:52:22:9c:47:14:51:14:55:7c:84:1f:57:9a:68:
19:a2:29:76:64:2a:0f:ce:1d:33:6e:5d:a9:b1:cf:
73:bc:60:7e:ad:58:52:37:4f:01:29:a0:df:ff:3c:
df:99:9e:11:ba:3b:4b:d3:91:85:03:65:8e:5f:1f:
a7:78:af:f5:96:07:8f:a5:f6:fc:31:9e:b1:45:95:
e6:c9:d9:47:91:63:4e:43:b7:5c:e3:74:65:b8:6d:
79:3b:7b:8b:dd:5d:ab:c1:21:6a:bd:fd:75:3a:8e:
8c:d1:c9:96:88:1f:29:c7:fb:4f:48:5d:ea:b4:5e:
a7:e8:98:7b:23:f3:a7:a9:05:88:46:c2:34:1e:33:
18:95:13:d8:dc:22:bc:92:10:9d:e1:38:6f:eb:df:
cb:d2:2a:7d:80:f4:f8:95:98:6f:a0:ee:50:85:38:
34:1a:29:11:c2:09:ad:7d:bf:9b:8e:a4:e1:d3:37:
10:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F4:1B:61:7F:59:4D:E7:D1:4B:02:A7:2F:BD:A9:B3:6D:D8:91:B5
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/W_QbYX9ZTefRSwKnL72ps23YkbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.204.164.0-116.204.166.255
Signature Algorithm: sha256WithRSAEncryption
40:b4:12:27:80:2e:1c:0e:c8:8b:ae:ea:78:2b:cb:09:bb:af:
c5:b9:36:39:e3:7b:35:4d:b5:17:e0:c5:ff:c2:18:e4:0a:ba:
a0:8c:54:af:59:87:24:15:be:bd:da:45:28:d4:5a:8f:37:c8:
43:e1:54:5c:63:7e:10:1d:48:9f:aa:27:ed:0e:c9:e9:70:45:
cb:17:79:5f:3b:37:fd:c5:e1:74:59:b6:cc:56:81:3c:a6:9a:
ee:ad:bf:67:1a:79:29:97:f8:f1:f4:af:62:c6:26:7f:27:94:
ef:e6:57:67:47:4e:cd:03:9c:c9:1d:45:39:fe:93:aa:5b:1c:
6f:9c:cd:9a:63:92:fc:c9:90:9a:87:e7:9c:72:f1:22:b7:1d:
20:02:1d:64:d1:10:a0:6d:53:94:48:5a:cd:ec:d9:6e:f9:fb:
48:95:4d:6b:22:31:d8:46:5f:98:f6:fb:c7:c5:98:9c:75:f4:
52:7f:19:b7:a5:f4:b6:c4:f2:ba:53:35:25:63:26:a6:cc:28:
c0:71:61:ea:10:18:74:16:50:05:96:2c:fa:82:44:e4:b7:84:
76:dd:c9:b9:8d:ae:09:cf:a2:b3:f3:3c:80:77:93:a0:d9:c0:
80:07:02:e4:93:e0:3e:50:48:a0:d1:18:74:a3:fb:66:3a:b4:
25:87:54:91
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZdFbnssgxNxsRuq9dLZfDqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjUwNjA2MTMyOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmY0MWI2MTdmNTk0ZGU3ZDE0YjAyYTcyZmJkYTliMzZkZDg5MWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/rMvw+pr3YADuCw6gjtBYmMr3Xg
lGnVDAwR0ofYlhbfN/VsRle/X/lRL5dDXJgZQ2lH76Db2YU33uVW+obs/O3rOoBC
GeRXS/15UiKcRxRRFFV8hB9XmmgZoil2ZCoPzh0zbl2psc9zvGB+rVhSN08BKaDf
/zzfmZ4RujtL05GFA2WOXx+neK/1lgePpfb8MZ6xRZXmydlHkWNOQ7dc43RluG15
O3uL3V2rwSFqvf11Oo6M0cmWiB8px/tPSF3qtF6n6Jh7I/OnqQWIRsI0HjMYlRPY
3CK8khCd4Thv69/L0ip9gPT4lZhvoO5QhTg0GikRwgmtfb+bjqTh0zcQfwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFv0G2F/WU3n0UsCpy+9qbNt2JG1MB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvV19RYllYOVpUZWZSU3dLbkw3MnBzMjNZa2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJ0zKQD
BAB0zKYwDQYJKoZIhvcNAQELBQADggEBAEC0EieALhwOyIuu6ngrywm7r8W5Njnj
ezVNtRfgxf/CGOQKuqCMVK9ZhyQVvr3aRSjUWo83yEPhVFxjfhAdSJ+qJ+0Oyelw
RcsXeV87N/3F4XRZtsxWgTymmu6tv2caeSmX+PH0r2LGJn8nlO/mV2dHTs0DnMkd
RTn+k6pbHG+czZpjkvzJkJqH55xy8SK3HSACHWTREKBtU5RIWs3s2W75+0iVTWsi
MdhGX5j2+8fFmJx19FJ/Gbel9LbE8rpTNSVjJqbMKMBxYeoQGHQWUAWWLPqCROS3
hHbdybmNrgnPorPzPIB3k6DZwIAHAuST4D5QSKDRGHSj+2Y6tCWHVJE=
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:32:42 2025 by rpki-client