Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa
File: Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa (raw, json)
Hash identifier: mBaJPapqwbvtmJukkLZju5JRZWG5d49D3KPZxGiRkTk=
Subject key identifier: 59:BB:76:89:A3:FA:5A:ED:BD:11:31:19:7A:F1:A3:91:8C:B2:C3:C6
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019708E7BF2AC2FEB2BB1CC82BD4A7B0E1BC
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa
Signing time: Sun 25 May 2025 19:24:54 +0000
ROA not before: Sun 25 May 2025 19:24:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36454
IP address blocks: 65.181.112.0/24 maxlen: 24
65.181.116.0/24 maxlen: 24
65.181.123.0/24 maxlen: 24
65.181.124.0/24 maxlen: 24
65.181.125.0/24 maxlen: 24
162.208.8.0/24 maxlen: 24
162.208.9.0/24 maxlen: 24
162.208.10.0/24 maxlen: 24
162.208.11.0/24 maxlen: 24
192.243.96.0/24 maxlen: 24
192.243.97.0/24 maxlen: 24
192.243.98.0/24 maxlen: 24
192.243.99.0/24 maxlen: 24
192.243.100.0/24 maxlen: 24
192.243.101.0/24 maxlen: 24
192.243.102.0/24 maxlen: 24
192.243.103.0/24 maxlen: 24
192.243.104.0/24 maxlen: 24
192.243.105.0/24 maxlen: 24
192.243.106.0/24 maxlen: 24
192.243.107.0/24 maxlen: 24
192.243.108.0/24 maxlen: 24
192.243.109.0/24 maxlen: 24
192.243.111.0/24 maxlen: 24
192.250.224.0/20 maxlen: 20
192.250.226.0/24 maxlen: 24
192.250.227.0/24 maxlen: 24
192.250.236.0/24 maxlen: 24
195.250.25.0/24 maxlen: 24
198.38.90.0/24 maxlen: 24
199.175.48.0/24 maxlen: 24
199.175.49.0/24 maxlen: 24
199.175.50.0/24 maxlen: 24
199.175.51.0/24 maxlen: 24
199.175.52.0/24 maxlen: 24
199.175.53.0/24 maxlen: 24
199.175.54.0/24 maxlen: 24
199.175.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 19:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:08:e7:bf:2a:c2:fe:b2:bb:1c:c8:2b:d4:a7:b0:e1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: May 25 19:24:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59bb7689a3fa5aedbd1131197af1a3918cb2c3c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8c:c8:81:a1:5e:e7:fc:7f:89:04:03:9c:a6:
77:82:24:30:49:30:74:5e:72:66:0e:8c:d1:ab:ad:
f1:3b:7f:c6:eb:5e:33:21:ed:04:dd:36:e8:6a:75:
4b:3c:5b:be:c3:47:5c:f8:04:bd:f2:9e:59:17:42:
4c:14:0d:69:0f:72:ed:97:21:4a:3e:70:3d:26:65:
bd:b8:e1:b8:10:b4:83:87:fc:6e:5d:c0:40:66:13:
08:41:65:26:88:d8:73:d0:95:2d:78:dd:02:25:4a:
27:f0:bb:67:9b:b9:a5:13:53:07:a3:c5:b3:21:9a:
60:d2:a4:b0:00:e2:6d:da:c4:ed:3b:71:14:80:f3:
38:9d:ee:b9:c7:b4:12:c7:3a:5f:82:1f:b5:d3:95:
22:fc:d1:6c:08:02:d8:7d:73:12:33:8e:f0:3b:69:
60:7d:73:7c:89:3e:c7:0f:5f:0f:a5:3e:a5:5b:9b:
cf:01:07:94:31:f5:b5:00:70:72:de:2e:71:3a:e2:
3a:85:37:ed:aa:10:11:a9:db:ae:9f:ae:f4:25:91:
29:35:eb:cc:16:9d:e8:49:fe:17:6a:dc:35:5f:ef:
8b:0f:db:97:42:6d:b3:9d:25:b6:07:65:86:68:26:
ea:3b:25:50:cf:fd:b9:48:4e:db:cd:c3:35:e7:e7:
20:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BB:76:89:A3:FA:5A:ED:BD:11:31:19:7A:F1:A3:91:8C:B2:C3:C6
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.181.112.0/24
65.181.116.0/24
65.181.123.0-65.181.125.255
162.208.8.0/22
192.243.96.0-192.243.109.255
192.243.111.0/24
192.250.224.0/20
195.250.25.0/24
198.38.90.0/24
199.175.48.0/21
Signature Algorithm: sha256WithRSAEncryption
08:b5:83:dd:3a:3c:43:f6:f2:ea:9d:f0:34:bc:b7:0b:21:70:
1e:be:1c:7c:b1:30:09:9d:58:ab:ef:ae:f6:d4:10:18:c4:6d:
e6:a1:02:c7:da:dd:1f:88:27:fd:65:ff:0f:5f:24:d4:18:97:
9e:7a:8e:7c:43:5d:36:81:50:63:82:f4:5b:8d:8b:e7:22:92:
b3:10:1e:d4:a0:3e:27:ff:25:69:17:a6:5d:1a:6d:5e:24:85:
51:34:0a:d7:21:60:56:a7:ca:2c:c7:e0:19:f2:e9:da:de:02:
b6:f8:d0:e0:55:c2:00:29:24:e9:3e:ed:19:ab:1c:0c:5b:65:
01:1e:b2:ff:6c:7f:56:4e:37:f5:0e:11:87:ff:58:11:2b:37:
9e:20:77:50:8e:9d:10:ef:d0:a9:65:b9:28:6d:fc:5e:7c:0c:
6f:33:cf:0e:6f:2e:aa:4e:01:3b:fa:71:ea:04:ef:11:45:3a:
11:48:dd:9d:52:8c:83:9e:80:c4:41:0d:54:93:4b:2d:45:e4:
4a:ea:bf:f1:5a:c4:ed:97:b0:f5:91:3d:c2:d8:6f:7e:35:03:
73:2b:f7:04:c1:0e:e4:f2:d0:d6:bb:a2:a4:c4:fe:5b:94:a8:
00:41:aa:43:bc:be:a9:8e:bd:e8:c6:37:07:6c:5d:05:08:30:
3c:45:b4:0d
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZcI578qwv6yuxzIK9SnsOG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwNTI1MTkyNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWJiNzY4OWEzZmE1YWVkYmQxMTMxMTk3YWYxYTM5MThjYjJjM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIzIgaFe5/x/iQQDnKZ3giQwSTB0
XnJmDozRq63xO3/G614zIe0E3TboanVLPFu+w0dc+AS98p5ZF0JMFA1pD3LtlyFK
PnA9JmW9uOG4ELSDh/xuXcBAZhMIQWUmiNhz0JUteN0CJUon8Ltnm7mlE1MHo8Wz
IZpg0qSwAOJt2sTtO3EUgPM4ne65x7QSxzpfgh+105Ui/NFsCALYfXMSM47wO2lg
fXN8iT7HD18PpT6lW5vPAQeUMfW1AHBy3i5xOuI6hTftqhARqduun670JZEpNevM
Fp3oSf4Xatw1X++LD9uXQm2znSW2B2WGaCbqOyVQz/25SE7bzcM15+cgAQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFm7domj+lrtvRExGXrxo5GMssPGMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvV2J0MmlhUDZXdTI5RVRFWmV2R2prWXl5dzhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAQbVwAwQA
QbV0MAwDBABBtXsDBAFBtXwDBAKi0AgwDAMEBcDzYAMEAcDzbAMEAMDzbwMEBMD6
4AMEAMP6GQMEAMYmWgMEA8evMDANBgkqhkiG9w0BAQsFAAOCAQEACLWD3To8Q/by
6p3wNLy3CyFwHr4cfLEwCZ1Yq++u9tQQGMRt5qECx9rdH4gn/WX/D18k1BiXnnqO
fENdNoFQY4L0W42L5yKSsxAe1KA+J/8laRemXRptXiSFUTQK1yFgVqfKLMfgGfLp
2t4CtvjQ4FXCACkk6T7tGascDFtlAR6y/2x/Vk439Q4Rh/9YESs3niB3UI6dEO/Q
qWW5KG38XnwMbzPPDm8uqk4BO/px6gTvEUU6EUjdnVKMg56AxEENVJNLLUXkSuq/
8VrE7Zew9ZE9wthvfjUDcyv3BMEO5PLQ1ruipMT+W5SoAEGqQ7y+qY696MY3B2xd
BQgwPEW0DQ==
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:34:54 2025 by rpki-client