Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/wqdD0a39N2pD1IRMeo4FrAYYk1I.roa
File: wqdD0a39N2pD1IRMeo4FrAYYk1I.roa (raw, json)
Hash identifier: bGjtOb9HsPCPEJOGpYMJTwEEWvhL/q/X9n/6hCHJTHc=
Subject key identifier: C2:A7:43:D1:AD:FD:37:6A:43:D4:84:4C:7A:8E:05:AC:06:18:93:52
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0198553EF1F6F48C55F7B14C269B203673B1
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/wqdD0a39N2pD1IRMeo4FrAYYk1I.roa
Signing time: Tue 29 Jul 2025 08:14:05 +0000
ROA not before: Tue 29 Jul 2025 08:14:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64289
IP address blocks: 158.173.129.0/24 maxlen: 24
158.173.130.0/23 maxlen: 24
170.62.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 08:14:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:3e:f1:f6:f4:8c:55:f7:b1:4c:26:9b:20:36:73:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jul 29 08:14:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2a743d1adfd376a43d4844c7a8e05ac06189352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d6:50:0e:7b:fb:67:90:d0:87:95:54:3c:3c:
e3:ae:3c:f7:5d:ff:50:f3:49:33:ff:a7:a5:7c:c6:
50:40:d1:41:49:64:0e:83:67:b7:c2:94:a5:d7:b9:
fb:e3:2c:b1:ea:8c:e8:7b:a5:41:11:fb:b0:8b:63:
44:48:fd:94:88:be:d4:96:2c:46:65:3d:12:64:bf:
d7:f8:e0:f5:60:76:b7:b0:c5:5f:b7:04:6a:85:ec:
7b:e8:ae:3e:e9:16:69:3f:b3:27:9f:94:3c:7b:aa:
fa:4d:f5:46:cb:da:e6:87:41:b4:c3:62:d9:8a:61:
6d:6a:8a:77:54:af:92:d5:3c:a2:7a:0c:d7:67:de:
a3:98:e2:ba:91:30:86:ab:2c:31:66:19:7c:35:b4:
af:72:46:f8:99:9f:a1:cb:94:32:97:7e:ce:d1:15:
d6:fc:45:a2:13:86:a9:85:00:28:5e:63:68:9a:9a:
a1:46:b0:23:9d:04:dd:25:5b:73:d7:e7:36:f1:f1:
0e:c5:6a:aa:b8:2d:84:9c:a0:ce:b2:0d:f9:75:e5:
7e:43:5a:48:85:4f:0a:48:3e:b7:17:5f:ae:78:cc:
e4:10:30:fe:38:82:ae:7f:a9:3c:78:a4:1a:f8:79:
d3:f0:54:fc:70:15:c5:20:c9:ac:d6:44:ed:c4:e0:
af:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A7:43:D1:AD:FD:37:6A:43:D4:84:4C:7A:8E:05:AC:06:18:93:52
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/wqdD0a39N2pD1IRMeo4FrAYYk1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.129.0-158.173.131.255
170.62.240.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:77:9e:76:43:6c:0f:3a:f0:04:f9:72:2b:a7:46:ce:2b:10:
34:af:4b:09:1a:63:5f:ff:3f:ef:1a:ef:48:9e:66:85:3f:84:
ad:b6:73:91:1d:28:15:ef:3c:a6:d9:ce:4a:fe:7c:d2:54:49:
e5:76:5a:38:38:a1:2a:66:4d:a3:61:e0:b7:5f:9e:1e:60:3c:
45:91:31:ec:ef:6a:ee:9f:34:de:05:5a:67:db:ed:37:c6:b5:
28:95:29:f2:f5:d2:58:71:74:20:ab:5c:f4:24:21:fb:43:91:
d6:4c:e4:d9:64:c6:f1:d6:1f:77:a9:f5:0c:6c:a7:0e:b0:19:
76:5b:3e:03:e5:d6:d0:ad:ec:36:f6:1c:3d:fe:1a:c8:bf:de:
16:e8:de:af:3d:1c:66:20:68:5e:42:f9:42:24:0d:7c:3b:7f:
8c:f3:09:d4:a1:21:c9:aa:b8:2b:98:5b:19:4e:16:4c:78:f7:
c7:ad:dc:f2:89:8c:e8:1a:43:af:4a:fc:81:db:cf:60:21:cb:
b1:4c:71:ef:de:44:e0:54:da:c1:78:ab:a5:e9:6c:27:d2:8e:
8a:f8:b8:17:a1:b0:3a:10:5c:0f:05:4a:8d:42:81:ba:7f:8e:
38:23:b4:30:36:5a:06:6d:85:4e:ac:32:f5:4e:f3:c0:60:34:
ca:64:db:48
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZhVPvH29IxV97FMJpsgNnOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNzI5MDgxNDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmE3NDNkMWFkZmQzNzZhNDNkNDg0NGM3YThlMDVhYzA2MTg5MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNZQDnv7Z5DQh5VUPDzjrjz3Xf9Q
80kz/6elfMZQQNFBSWQOg2e3wpSl17n74yyx6ozoe6VBEfuwi2NESP2UiL7UlixG
ZT0SZL/X+OD1YHa3sMVftwRqhex76K4+6RZpP7Mnn5Q8e6r6TfVGy9rmh0G0w2LZ
imFtaop3VK+S1TyiegzXZ96jmOK6kTCGqywxZhl8NbSvckb4mZ+hy5Qyl37O0RXW
/EWiE4aphQAoXmNompqhRrAjnQTdJVtz1+c28fEOxWqquC2EnKDOsg35deV+Q1pI
hU8KSD63F1+ueMzkEDD+OIKuf6k8eKQa+HnT8FT8cBXFIMms1kTtxOCvowIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMKnQ9Gt/TdqQ9SETHqOBawGGJNSMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvd3FkRDBhMzlOMnBEMUlSTWVvNEZyQVlZazFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACerYED
BAKerYADBAKqPvAwDQYJKoZIhvcNAQELBQADggEBAAx3nnZDbA868AT5ciunRs4r
EDSvSwkaY1//P+8a70ieZoU/hK22c5EdKBXvPKbZzkr+fNJUSeV2Wjg4oSpmTaNh
4Ldfnh5gPEWRMezvau6fNN4FWmfb7TfGtSiVKfL10lhxdCCrXPQkIftDkdZM5Nlk
xvHWH3ep9Qxspw6wGXZbPgPl1tCt7Db2HD3+Gsi/3hbo3q89HGYgaF5C+UIkDXw7
f4zzCdShIcmquCuYWxlOFkx498et3PKJjOgaQ69K/IHbz2Ahy7FMce/eROBU2sF4
q6XpbCfSjor4uBehsDoQXA8FSo1Cgbp/jjgjtDA2WgZthU6sMvVO88BgNMpk20g=
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:20:31 2025 by rpki-client