Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/woJH5-HYmLxgS7HCSw5sCXK5808.roa
File: woJH5-HYmLxgS7HCSw5sCXK5808.roa (raw, json)
Hash identifier: qVrzBE1DWgGS9OViz8YZTKkrrspAQK/+hPvRuKw2jmw=
Subject key identifier: C2:82:47:E7:E1:D8:98:BC:60:4B:B1:C2:4B:0E:6C:09:72:B9:F3:4F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 019A30EFF50801D8697C8F15543BBADCB5C9
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/woJH5-HYmLxgS7HCSw5sCXK5808.roa
Signing time: Wed 29 Oct 2025 17:07:03 +0000
ROA not before: Wed 29 Oct 2025 17:07:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56361
IP address blocks: 31.148.40.0/21 maxlen: 24
31.148.52.0/22 maxlen: 24
31.148.56.0/21 maxlen: 24
31.148.104.0/21 maxlen: 24
31.148.112.0/21 maxlen: 24
31.148.192.0/22 maxlen: 24
93.170.166.0/23 maxlen: 24
93.170.192.0/21 maxlen: 24
93.171.34.0/23 maxlen: 24
93.171.36.0/22 maxlen: 24
95.46.128.0/21 maxlen: 24
95.46.166.0/23 maxlen: 24
95.46.168.0/22 maxlen: 24
95.46.172.0/22 maxlen: 24
146.158.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:30:ef:f5:08:01:d8:69:7c:8f:15:54:3b:ba:dc:b5:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Oct 29 17:07:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c28247e7e1d898bc604bb1c24b0e6c0972b9f34f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:23:4d:0e:53:25:90:6f:5c:c8:22:d6:34:50:
95:45:87:80:80:22:53:cf:99:d0:f0:47:cb:b6:bc:
3a:4b:55:af:19:93:06:9e:93:76:2d:0f:39:53:71:
22:77:00:cf:c3:6c:57:4b:20:9e:26:7f:0e:6b:6d:
7d:cb:d8:bf:fe:bd:71:2b:b1:80:63:af:de:2b:8d:
c7:a3:11:00:5b:1f:6e:b0:58:2d:3e:14:fb:fb:ae:
63:6e:eb:d6:cd:cf:68:bf:57:81:92:49:bf:4e:d5:
19:2c:80:85:5a:d8:e2:88:6c:23:58:b7:d1:13:fd:
0f:37:90:8b:bd:9f:b8:d8:b4:d5:81:b3:c6:f5:14:
b5:38:a7:a8:88:38:dc:c6:31:0b:7b:81:f0:ae:ab:
cf:9d:24:2b:f1:25:33:79:b6:f6:b6:e5:7c:a0:95:
0c:e1:42:4e:3a:5d:cb:ae:7c:ad:94:5b:cc:0f:2e:
49:35:e5:92:2a:36:ce:1e:ed:5b:b1:4b:c2:8d:ac:
30:c0:08:1c:3d:b1:ab:82:a3:70:14:ae:be:b5:76:
b4:e7:9f:b5:77:62:3f:da:e6:1c:ae:29:08:b7:15:
c3:37:10:48:2e:50:eb:12:52:2b:e9:ea:1a:d1:a1:
a9:1c:dc:61:c2:0c:42:71:89:3b:c5:97:ff:fd:a2:
1d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:82:47:E7:E1:D8:98:BC:60:4B:B1:C2:4B:0E:6C:09:72:B9:F3:4F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/woJH5-HYmLxgS7HCSw5sCXK5808.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.40.0/21
31.148.52.0-31.148.63.255
31.148.104.0-31.148.119.255
31.148.192.0/22
93.170.166.0/23
93.170.192.0/21
93.171.34.0-93.171.39.255
95.46.128.0/21
95.46.166.0-95.46.175.255
146.158.48.0/21
Signature Algorithm: sha256WithRSAEncryption
54:3a:de:76:b5:bf:9b:69:26:7b:25:1f:f8:91:47:e8:a4:58:
5f:ce:d2:91:86:57:cf:4e:3f:47:48:fb:9e:c4:33:df:5a:2a:
5a:96:28:0b:23:ab:1c:c8:71:43:05:05:48:fe:ab:c0:12:f8:
32:c7:02:be:3e:a4:19:b1:a3:7f:db:4e:cc:aa:2b:e8:4d:64:
8c:8a:e9:39:12:d0:19:85:6a:0d:a9:82:fc:a1:be:36:77:ef:
4d:8f:d3:7a:7a:55:86:69:85:3b:ff:0e:3e:44:f3:53:e9:e1:
b2:f4:48:40:93:06:11:0d:cb:04:af:45:6d:a3:24:66:7b:37:
1e:53:a1:e2:f4:2f:97:f7:08:ba:95:bb:08:db:97:e6:09:da:
fc:43:28:a2:35:33:4a:64:16:09:a9:1a:f6:a8:68:b4:e5:ba:
26:89:df:55:dd:0b:38:0f:de:02:8c:09:34:d4:46:93:b0:4b:
11:62:20:37:27:99:80:67:0c:9c:3b:28:ee:1e:24:8d:43:00:
ed:7b:d9:de:1c:6e:94:85:ee:3d:b4:42:5c:d0:f9:7f:41:31:
91:5a:6b:74:cd:e1:46:dc:c3:5b:81:b5:5e:30:6f:e1:38:7a:
96:38:04:0f:b8:10:32:ae:8e:78:a6:c6:52:7f:be:82:a7:45:
7c:27:8c:28
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZow7/UIAdhpfI8VVDu63LXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUxMDI5MTcwNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjgyNDdlN2UxZDg5OGJjNjA0YmIxYzI0YjBlNmMwOTcyYjlmMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SNNDlMlkG9cyCLWNFCVRYeAgCJT
z5nQ8EfLtrw6S1WvGZMGnpN2LQ85U3EidwDPw2xXSyCeJn8Oa219y9i//r1xK7GA
Y6/eK43HoxEAWx9usFgtPhT7+65jbuvWzc9ov1eBkkm/TtUZLICFWtjiiGwjWLfR
E/0PN5CLvZ+42LTVgbPG9RS1OKeoiDjcxjELe4HwrqvPnSQr8SUzebb2tuV8oJUM
4UJOOl3LrnytlFvMDy5JNeWSKjbOHu1bsUvCjawwwAgcPbGrgqNwFK6+tXa055+1
d2I/2uYcrikItxXDNxBILlDrElIr6eoa0aGpHNxhwgxCcYk7xZf//aId4wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFMKCR+fh2Ji8YEuxwksObAlyufNPMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvd29KSDUtSFltTHhnUzdIQ1N3NXNDWEs1ODA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQDH5QoMAwD
BAIflDQDBAYflAAwDAMEAx+UaAMEAx+UcAMEAh+UwAMEAV2qpgMEA12qwDAMAwQB
XasiAwQDXasgAwQDXy6AMAwDBAFfLqYDBARfLqADBAOSnjAwDQYJKoZIhvcNAQEL
BQADggEBAFQ63na1v5tpJnslH/iRR+ikWF/O0pGGV89OP0dI+57EM99aKlqWKAsj
qxzIcUMFBUj+q8AS+DLHAr4+pBmxo3/bTsyqK+hNZIyK6TkS0BmFag2pgvyhvjZ3
702P03p6VYZphTv/Dj5E81Pp4bL0SECTBhENywSvRW2jJGZ7Nx5ToeL0L5f3CLqV
uwjbl+YJ2vxDKKI1M0pkFgmpGvaoaLTluiaJ31XdCzgP3gKMCTTURpOwSxFiIDcn
mYBnDJw7KO4eJI1DAO172d4cbpSF7j20QlzQ+X9BMZFaa3TN4Ubcw1uBtV4wb+E4
epY4BA+4EDKujnimxlJ/voKnRXwnjCg=
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:20:00 2025 by rpki-client