Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wpv5l58xzTMai5hFQmzmGvauCoo.roa
File: wpv5l58xzTMai5hFQmzmGvauCoo.roa (raw, json)
Hash identifier: kb8Xe6hMFPz0lqHSTmA9z23omjXtNfW1Hk5cTP2W434=
Subject key identifier: C2:9B:F9:97:9F:31:CD:33:1A:8B:98:45:42:6C:E6:1A:F6:AE:0A:8A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198507ADE9EA770A1BC8E25DB78DC93373E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wpv5l58xzTMai5hFQmzmGvauCoo.roa
Signing time: Mon 28 Jul 2025 10:01:26 +0000
ROA not before: Mon 28 Jul 2025 10:01:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400909
IP address blocks: 37.202.192.0/24 maxlen: 24
37.202.214.0/23 maxlen: 23
151.242.6.0/24 maxlen: 24
151.244.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:7a:de:9e:a7:70:a1:bc:8e:25:db:78:dc:93:37:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 28 10:01:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c29bf9979f31cd331a8b9845426ce61af6ae0a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3c:d1:85:ea:3a:9c:a6:3a:17:d3:11:93:50:
b9:81:18:86:c9:07:e5:cd:2d:44:3a:e9:9b:41:45:
85:02:c2:1b:95:6e:5e:6e:6e:85:e3:26:ad:5c:f5:
57:0f:1c:0e:8c:de:71:66:0a:8c:00:e7:34:17:52:
2d:82:2c:bc:aa:21:e5:38:97:e9:a1:d8:88:f9:ce:
cf:d5:f3:c8:3d:83:9e:32:1a:1b:24:42:93:cf:56:
21:84:38:21:9d:3c:46:88:95:c2:57:2c:7f:5b:10:
a2:93:49:eb:cb:7e:d0:62:31:f5:2b:3b:c7:84:d0:
64:2e:eb:ac:bf:66:9d:9a:29:86:4f:0d:04:df:38:
3f:28:6b:e2:00:49:5e:0a:26:a8:8b:2b:2f:7d:b5:
b2:12:93:35:88:a7:ee:29:39:d0:29:cf:35:f9:98:
b1:3e:56:39:84:26:b4:de:1c:57:37:e5:32:b5:db:
31:49:ec:a2:3b:be:d0:74:12:22:14:eb:b0:1f:2b:
bd:fc:ef:c7:47:02:c4:1d:60:03:b0:39:fc:61:f5:
0c:c3:03:57:8c:4c:c2:70:1f:36:a8:b3:e5:06:7e:
59:85:bd:79:47:7a:3b:8d:23:0e:45:9d:f4:c9:db:
33:c4:e7:01:e5:3e:71:49:01:ca:d6:17:27:49:23:
fa:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:9B:F9:97:9F:31:CD:33:1A:8B:98:45:42:6C:E6:1A:F6:AE:0A:8A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wpv5l58xzTMai5hFQmzmGvauCoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.192.0/24
37.202.214.0/23
151.242.6.0/24
151.244.246.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:be:95:99:85:2c:91:00:a8:9b:e3:2b:49:66:cc:34:28:75:
13:5a:61:69:38:3c:2e:6d:14:17:d8:6e:c2:f3:ab:e3:7c:f3:
db:fb:2d:d7:6a:6c:0c:72:4b:0d:75:bd:69:af:a1:2c:b2:f8:
23:a7:2a:95:88:ed:fd:1d:da:91:0a:11:b6:66:4c:24:04:48:
cb:63:74:b3:f7:52:69:b3:67:8f:73:73:fb:f6:7c:72:bd:5a:
15:51:35:c1:d2:f3:c8:73:32:d4:64:ba:e7:21:16:2f:5c:ab:
62:e8:41:03:4e:39:06:ed:ae:e5:5c:8e:f9:e0:be:c4:aa:59:
ea:f6:ff:ac:ce:ee:bc:7a:05:60:8e:29:cc:84:59:9a:9e:4a:
57:14:76:6f:61:c4:cc:4d:87:66:94:da:02:87:07:9c:86:84:
7b:b2:6f:9a:a5:c1:ec:02:71:bc:75:77:53:6d:3d:45:bd:ce:
82:f4:bd:a9:63:87:cb:e4:c2:4c:4a:bd:42:29:97:eb:d5:64:
d2:db:65:45:67:fb:c7:33:b0:ef:d5:bf:a3:7c:7e:42:c1:7d:
2f:cf:03:8b:7a:e4:c9:10:7d:3d:a2:59:90:be:14:26:66:f1:
fb:2c:19:d0:0d:79:4a:ee:3b:94:51:c8:9b:7c:05:30:34:d6:
69:be:c0:41
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhQet6ep3ChvI4l23jckzc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzI4MTAwMTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjliZjk5NzlmMzFjZDMzMWE4Yjk4NDU0MjZjZTYxYWY2YWUwYThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTzRheo6nKY6F9MRk1C5gRiGyQfl
zS1EOumbQUWFAsIblW5ebm6F4yatXPVXDxwOjN5xZgqMAOc0F1Itgiy8qiHlOJfp
odiI+c7P1fPIPYOeMhobJEKTz1YhhDghnTxGiJXCVyx/WxCik0nry37QYjH1KzvH
hNBkLuusv2admimGTw0E3zg/KGviAEleCiaoiysvfbWyEpM1iKfuKTnQKc81+Zix
PlY5hCa03hxXN+UytdsxSeyiO77QdBIiFOuwHyu9/O/HRwLEHWADsDn8YfUMwwNX
jEzCcB82qLPlBn5Zhb15R3o7jSMORZ30ydszxOcB5T5xSQHK1hcnSSP6zwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMKb+ZefMc0zGouYRUJs5hr2rgqKMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvd3B2NWw1OHh6VE1haTVoRlFtem1HdmF1Q29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJcrAAwQB
JcrWAwQAl/IGAwQAl/T2MA0GCSqGSIb3DQEBCwUAA4IBAQBbvpWZhSyRAKib4ytJ
Zsw0KHUTWmFpODwubRQX2G7C86vjfPPb+y3XamwMcksNdb1pr6EssvgjpyqViO39
HdqRChG2ZkwkBEjLY3Sz91Jps2ePc3P79nxyvVoVUTXB0vPIczLUZLrnIRYvXKti
6EEDTjkG7a7lXI754L7Eqlnq9v+szu68egVgjinMhFmankpXFHZvYcTMTYdmlNoC
hwechoR7sm+apcHsAnG8dXdTbT1Fvc6C9L2pY4fL5MJMSr1CKZfr1WTS22VFZ/vH
M7Dv1b+jfH5CwX0vzwOLeuTJEH09olmQvhQmZvH7LBnQDXlK7juUUcibfAUwNNZp
vsBB
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:22:14 2025 by rpki-client