Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/twlLYmbCRCsbg0jEd6qCwLeH9oc.roa
File: twlLYmbCRCsbg0jEd6qCwLeH9oc.roa (raw, json)
Hash identifier: zwvhfCI/Pw4pHgo1pLAN63otGNIBAxwmA9MT43uXM9s=
Subject key identifier: B7:09:4B:62:66:C2:44:2B:1B:83:48:C4:77:AA:82:C0:B7:87:F6:87
Certificate issuer: /CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Certificate serial: 01982B62180A6A8424EFB117A55FF9B4A859
Authority key identifier: 59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/twlLYmbCRCsbg0jEd6qCwLeH9oc.roa
Signing time: Mon 21 Jul 2025 05:08:25 +0000
ROA not before: Mon 21 Jul 2025 05:08:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22773
IP address blocks: 84.37.40.0/22 maxlen: 24
84.37.184.0/22 maxlen: 24
84.37.196.0/22 maxlen: 24
84.37.200.0/21 maxlen: 24
84.37.208.0/21 maxlen: 24
84.37.216.0/22 maxlen: 24
84.37.224.0/20 maxlen: 24
84.37.240.0/21 maxlen: 24
84.37.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.mft
rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2b:62:18:0a:6a:84:24:ef:b1:17:a5:5f:f9:b4:a8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Validity
Not Before: Jul 21 05:08:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7094b6266c2442b1b8348c477aa82c0b787f687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dd:10:b2:39:4d:ef:9f:eb:ba:68:22:ae:54:
1f:0c:fa:04:ea:9b:a5:79:f5:83:d2:0e:32:34:11:
b1:c5:85:c8:53:8e:75:a9:5b:50:59:f7:db:83:a9:
05:31:93:27:6d:95:c8:b3:09:20:cd:56:a6:17:b9:
7f:e4:e4:1b:23:b2:c8:48:57:b9:a9:96:56:fd:d5:
ab:95:c5:ee:f6:e0:a0:53:64:fb:5f:8f:29:61:3e:
65:4c:84:32:64:85:a5:c6:09:55:b8:1b:eb:6a:13:
9e:42:f1:2e:96:77:42:d8:1e:d3:9d:6c:e9:9c:52:
37:40:10:dd:67:44:d9:43:b3:91:9a:59:5f:3e:cd:
2c:fe:84:13:ac:42:40:92:86:c9:44:5f:ed:29:ed:
d0:67:ba:f9:b3:9e:61:f0:46:cb:79:75:b1:e6:4a:
e4:76:84:f1:13:c4:52:8c:58:65:65:11:c4:a4:f0:
b8:a4:56:e2:da:ea:16:98:a7:1d:b5:10:d1:7a:4c:
e2:e7:3a:ae:ca:8b:38:6e:00:b9:9d:30:fb:82:da:
7c:52:ec:ef:ee:b8:12:5d:f6:3a:95:46:1c:7b:9d:
77:e9:b0:b8:89:32:ef:b5:60:6d:be:41:0f:a8:4c:
bf:2b:6e:73:3e:cb:9c:bd:77:11:f7:6c:f0:63:ba:
f4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:09:4B:62:66:C2:44:2B:1B:83:48:C4:77:AA:82:C0:B7:87:F6:87
X509v3 Authority Key Identifier:
keyid:59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/twlLYmbCRCsbg0jEd6qCwLeH9oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.37.40.0/22
84.37.184.0/22
84.37.196.0-84.37.219.255
84.37.224.0-84.37.251.255
Signature Algorithm: sha256WithRSAEncryption
2d:15:82:af:54:2e:c0:a3:8d:47:1c:d6:4f:6b:99:a9:ba:1c:
05:5e:97:6b:56:dc:96:cc:7e:ff:18:c8:4f:01:41:46:15:bf:
15:59:75:03:eb:5c:2e:a1:3e:08:bd:d6:65:2e:39:f0:3b:d3:
04:2a:84:7e:f7:a2:ce:b8:28:8d:8f:74:3c:a2:c7:cb:68:4c:
df:e2:8e:90:73:bc:be:f6:d8:82:c0:c5:14:0b:2a:a0:7d:75:
8c:e0:9f:f7:a5:64:5c:cb:bb:4f:73:30:1d:4c:c6:51:98:1e:
1a:46:5f:ca:cb:65:21:90:f4:a2:19:6f:28:b8:81:0b:c6:b0:
b5:bd:1f:51:ab:e2:a8:7a:f4:f7:1b:b1:c4:81:3f:09:41:00:
b5:ce:3a:19:97:21:16:44:39:d9:a2:6e:16:12:db:cd:79:89:
c2:6b:03:1c:b0:3b:00:91:b5:2d:e9:82:33:92:80:55:cc:d6:
b3:36:1a:ab:86:10:62:66:af:af:90:1b:37:42:5d:46:6f:b3:
07:17:ce:3a:9c:ea:47:d9:f5:8f:03:be:bf:6c:5b:88:f9:db:
49:bf:b4:d4:d6:d4:83:b6:50:03:aa:17:11:3f:75:cc:ce:5b:
c5:41:b1:a9:df:45:bb:2b:19:36:05:b6:9c:09:67:d2:2a:08:
b0:96:1d:c5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZgrYhgKaoQk77EXpV/5tKhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRiNjE4M2U0NTk3NDhjODllZTU0MzFiOGYzMWRlNjky
YWUzYjcwHhcNMjUwNzIxMDUwODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA5NGI2MjY2YzI0NDJiMWI4MzQ4YzQ3N2FhODJjMGI3ODdmNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0N0QsjlN75/rumgirlQfDPoE6pul
efWD0g4yNBGxxYXIU451qVtQWffbg6kFMZMnbZXIswkgzVamF7l/5OQbI7LISFe5
qZZW/dWrlcXu9uCgU2T7X48pYT5lTIQyZIWlxglVuBvrahOeQvEulndC2B7TnWzp
nFI3QBDdZ0TZQ7ORmllfPs0s/oQTrEJAkobJRF/tKe3QZ7r5s55h8EbLeXWx5krk
doTxE8RSjFhlZRHEpPC4pFbi2uoWmKcdtRDRekzi5zquyos4bgC5nTD7gtp8Uuzv
7rgSXfY6lUYce5136bC4iTLvtWBtvkEPqEy/K25zPsucvXcR92zwY7r0XwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLcJS2JmwkQrG4NIxHeqgsC3h/aHMB8GA1UdIwQY
MBaAFFlUthg+RZdIyJ7lQxuPMd5pKuO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMt
ZDJhZGVlZDc1NWQ4LzEvdHdsTFltYkNSQ3NiZzBqRWQ2cUN3TGVIOW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMtZDJhZGVlZDc1NWQ4
LzEvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCVCUoAwQC
VCW4MAwDBAJUJcQDBAJUJdgwDAMEBVQl4AMEAlQl+DANBgkqhkiG9w0BAQsFAAOC
AQEALRWCr1QuwKONRxzWT2uZqbocBV6Xa1bclsx+/xjITwFBRhW/FVl1A+tcLqE+
CL3WZS458DvTBCqEfveizrgojY90PKLHy2hM3+KOkHO8vvbYgsDFFAsqoH11jOCf
96VkXMu7T3MwHUzGUZgeGkZfystlIZD0ohlvKLiBC8awtb0fUaviqHr09xuxxIE/
CUEAtc46GZchFkQ52aJuFhLbzXmJwmsDHLA7AJG1LemCM5KAVczWszYaq4YQYmav
r5AbN0JdRm+zBxfOOpzqR9n1jwO+v2xbiPnbSb+01NbUg7ZQA6oXET91zM5bxUGx
qd9FuysZNgW2nAln0ioIsJYdxQ==
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:57:28 2025 by rpki-client