Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/wj33JoQLWARvqka0yZK45_1318I.roa
File: wj33JoQLWARvqka0yZK45_1318I.roa (raw, json)
Hash identifier: TfGyszRr6br7JzJj6n9Z5YtEXoLaFYdaPq8IN1vIPao=
Subject key identifier: C2:3D:F7:26:84:0B:58:04:6F:AA:46:B4:C9:92:B8:E7:FD:77:D7:C2
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 0197355D0469CEB3139BB0C4D7241F380D84
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/wj33JoQLWARvqka0yZK45_1318I.roa
Signing time: Tue 03 Jun 2025 10:36:17 +0000
ROA not before: Tue 03 Jun 2025 10:36:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60117
IP address blocks: 152.89.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 11:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:5d:04:69:ce:b3:13:9b:b0:c4:d7:24:1f:38:0d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Jun 3 10:36:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c23df726840b58046faa46b4c992b8e7fd77d7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f7:1c:10:f2:ba:8c:24:96:d9:76:00:e0:db:
7a:00:0d:87:e3:91:42:55:a5:10:d2:2b:5e:e1:61:
3f:4a:c6:24:14:9e:54:ae:25:3c:b0:cc:ee:d9:1d:
ee:34:8f:be:f4:75:41:35:7a:02:a2:ea:a0:49:5b:
57:15:fc:5c:fa:5b:29:78:d2:c0:14:4f:46:5c:4d:
48:0d:e1:7a:49:f8:b9:59:5b:c6:4d:da:ea:69:13:
89:c8:a6:42:08:fe:fa:44:8b:c3:3b:df:9a:a3:23:
16:d2:1d:1d:1a:e4:85:03:78:88:5e:2a:a7:3b:c6:
5d:89:1c:d7:82:4b:be:d1:ec:c9:a0:c8:3a:5e:85:
7b:a7:a5:28:d1:a6:6e:3d:c1:26:9e:d9:89:9b:97:
0a:d1:55:40:c8:4b:80:61:09:dc:6f:32:e9:c8:67:
69:fa:c7:ef:57:14:1c:73:22:44:0c:c8:fc:f1:4f:
6a:1a:04:9d:11:42:27:6f:58:dc:1e:4e:c0:08:d8:
68:94:8f:6b:d2:95:ee:0a:89:ac:3b:ea:52:2c:ed:
54:f7:e8:f9:7f:84:1a:3d:1c:d0:32:5a:12:52:28:
cf:14:b2:1d:3b:b8:0f:b4:d9:11:95:e9:0a:28:72:
8b:2c:6f:e8:98:38:d9:3c:bc:43:6d:27:06:06:7e:
90:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:3D:F7:26:84:0B:58:04:6F:AA:46:B4:C9:92:B8:E7:FD:77:D7:C2
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/wj33JoQLWARvqka0yZK45_1318I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.85.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:ef:0f:27:32:d7:3a:0c:0c:b3:c9:49:33:5b:df:ef:c8:cb:
54:da:74:1b:fc:9d:1d:36:26:a2:0d:fc:19:64:53:89:6d:20:
44:fc:15:bc:10:3c:8f:8f:44:07:6e:af:35:f5:72:25:77:36:
42:69:5b:ca:53:75:43:36:cc:96:70:76:9d:7c:d0:76:45:83:
65:9f:df:e3:04:f7:10:33:d4:77:52:7f:24:a8:08:a0:fe:e9:
60:42:fe:e0:0a:a0:b4:43:f4:64:0f:db:7f:78:67:1c:12:fd:
2a:8a:7b:21:e7:9a:ee:fb:62:93:90:54:af:8b:cc:02:32:67:
e5:bc:e7:50:52:bb:7c:54:58:0a:16:a1:5a:16:ff:16:83:c8:
88:86:8b:2c:5c:c7:02:70:a4:fe:d0:97:b6:1f:be:00:5b:fc:
f8:cd:af:8e:36:12:72:ca:5a:00:f4:bf:a0:e6:6f:5b:1f:79:
61:10:8c:8b:f9:eb:8e:dd:b5:b9:a2:0e:2c:ca:13:93:2d:58:
4f:34:db:65:fc:4f:59:04:49:97:e8:6e:46:e6:b9:99:4f:47:
65:34:38:da:40:8c:b0:d7:0d:c4:bc:d0:8f:db:58:a5:77:40:
13:1d:a2:b3:d7:14:b9:1a:76:c2:95:21:a6:02:ac:3a:2d:ea:
eb:fc:02:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc1XQRpzrMTm7DE1yQfOA2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUwNjAzMTAzNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjNkZjcyNjg0MGI1ODA0NmZhYTQ2YjRjOTkyYjhlN2ZkNzdkN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/ccEPK6jCSW2XYA4Nt6AA2H45FC
VaUQ0ite4WE/SsYkFJ5UriU8sMzu2R3uNI++9HVBNXoCouqgSVtXFfxc+lspeNLA
FE9GXE1IDeF6Sfi5WVvGTdrqaROJyKZCCP76RIvDO9+aoyMW0h0dGuSFA3iIXiqn
O8ZdiRzXgku+0ezJoMg6XoV7p6Uo0aZuPcEmntmJm5cK0VVAyEuAYQncbzLpyGdp
+sfvVxQccyJEDMj88U9qGgSdEUInb1jcHk7ACNholI9r0pXuComsO+pSLO1U9+j5
f4QaPRzQMloSUijPFLIdO7gPtNkRlekKKHKLLG/omDjZPLxDbScGBn6QXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMI99yaEC1gEb6pGtMmSuOf9d9fCMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvd2ozM0pvUUxXQVJ2cWthMHlaSzQ1XzEzMThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFlVMA0G
CSqGSIb3DQEBCwUAA4IBAQB97w8nMtc6DAyzyUkzW9/vyMtU2nQb/J0dNiaiDfwZ
ZFOJbSBE/BW8EDyPj0QHbq819XIldzZCaVvKU3VDNsyWcHadfNB2RYNln9/jBPcQ
M9R3Un8kqAig/ulgQv7gCqC0Q/RkD9t/eGccEv0qinsh55ru+2KTkFSvi8wCMmfl
vOdQUrt8VFgKFqFaFv8Wg8iIhossXMcCcKT+0Je2H74AW/z4za+ONhJyyloA9L+g
5m9bH3lhEIyL+euO3bW5og4syhOTLVhPNNtl/E9ZBEmX6G5G5rmZT0dlNDjaQIyw
1w3EvNCP21ild0ATHaKz1xS5GnbClSGmAqw6Lerr/AJ8
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:42:17 2025 by rpki-client