Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/WodU5gDNw3cjAmLp67NGPeKWzm4.roa
File: WodU5gDNw3cjAmLp67NGPeKWzm4.roa (raw, json)
Hash identifier: YXZKSjPXGmgzYL0wl21TgIMvnXm5A4XUDZj4O/e7fR4=
Subject key identifier: 5A:87:54:E6:00:CD:C3:77:23:02:62:E9:EB:B3:46:3D:E2:96:CE:6E
Certificate issuer: /CN=0d814a5f08fb47711d7160b027f996dfb612f045
Certificate serial: 0196F6FB1F892B47DF5A4EAE58045BBE4692
Authority key identifier: 0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/WodU5gDNw3cjAmLp67NGPeKWzm4.roa
Signing time: Thu 22 May 2025 07:52:54 +0000
ROA not before: Thu 22 May 2025 07:52:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35132
IP address blocks: 37.32.48.0/21 maxlen: 21
62.50.160.0/19 maxlen: 19
89.20.224.0/19 maxlen: 19
93.89.32.0/20 maxlen: 20
95.111.160.0/19 maxlen: 19
109.122.48.0/21 maxlen: 21
109.235.100.0/22 maxlen: 22
178.249.120.0/21 maxlen: 21
185.141.156.0/22 maxlen: 22
185.186.132.0/22 maxlen: 22
185.197.220.0/22 maxlen: 22
185.214.16.0/22 maxlen: 22
185.243.176.0/22 maxlen: 22
188.119.80.0/22 maxlen: 22
217.149.112.0/20 maxlen: 20
2a02:1660::/29 maxlen: 29
2a02:1660::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/DYFKXwj7R3EdcWCwJ_mW37YS8EU.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/DYFKXwj7R3EdcWCwJ_mW37YS8EU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f6:fb:1f:89:2b:47:df:5a:4e:ae:58:04:5b:be:46:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d814a5f08fb47711d7160b027f996dfb612f045
Validity
Not Before: May 22 07:52:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a8754e600cdc377230262e9ebb3463de296ce6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9a:25:f3:8a:c1:35:08:ff:4c:ca:71:2c:11:
96:96:ca:0c:68:5c:7a:03:5e:90:2b:e6:90:70:7f:
47:6b:08:c3:1a:47:2e:f1:bc:3c:d0:1d:f6:8e:d3:
79:ab:ee:25:e9:83:5a:42:3f:aa:fa:ae:ee:d3:7f:
f0:b4:f3:09:4a:6c:b1:9c:74:e7:39:fe:c9:de:d5:
4a:73:77:3a:6f:ca:78:d3:78:81:77:97:f4:e9:04:
d6:19:c4:0b:59:ca:06:4c:3e:46:43:61:05:98:ae:
97:9b:46:f0:5e:a4:53:75:df:ea:14:79:f0:bf:d1:
5e:08:5f:6e:52:d2:a9:2c:9f:83:32:56:2d:82:22:
c1:92:bd:91:95:59:3f:bd:da:87:b9:4b:76:6e:d9:
91:20:78:6a:74:18:8a:c0:fa:fc:32:57:c2:4a:63:
43:3a:aa:ec:9e:d0:ad:b0:b0:fa:3c:cc:4c:ab:d2:
68:9f:0d:e0:2e:14:a5:0e:9f:d5:90:fe:6b:88:83:
04:99:ef:18:b2:46:5f:f5:c3:ba:2d:59:4d:17:60:
47:5e:80:2d:9d:68:83:b1:86:e6:95:ec:05:c1:de:
ff:f3:d2:30:91:7d:c3:48:95:14:3c:85:1e:84:00:
8b:90:14:c3:18:1d:08:69:3e:90:d1:0f:d2:9d:97:
bb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:87:54:E6:00:CD:C3:77:23:02:62:E9:EB:B3:46:3D:E2:96:CE:6E
X509v3 Authority Key Identifier:
keyid:0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/WodU5gDNw3cjAmLp67NGPeKWzm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/DYFKXwj7R3EdcWCwJ_mW37YS8EU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.48.0/21
62.50.160.0/19
89.20.224.0/19
93.89.32.0/20
95.111.160.0/19
109.122.48.0/21
109.235.100.0/22
178.249.120.0/21
185.141.156.0/22
185.186.132.0/22
185.197.220.0/22
185.214.16.0/22
185.243.176.0/22
188.119.80.0/22
217.149.112.0/20
IPv6:
2a02:1660::/29
Signature Algorithm: sha256WithRSAEncryption
a1:1d:58:fb:ca:de:3a:9a:a9:c5:0f:ba:25:4c:fa:8f:cd:4c:
4a:48:92:27:4b:1b:a0:40:2a:27:f4:3a:f7:77:01:57:b8:fd:
c0:55:05:fe:f2:5a:94:13:af:25:6a:7d:28:0c:55:3a:6d:51:
0c:e9:dc:65:08:d3:77:02:4a:d4:8f:29:e2:22:9f:09:2c:4e:
3a:d5:44:74:aa:3a:fa:d6:04:7d:c2:3f:24:66:42:15:13:e5:
bd:c4:01:fe:d0:65:1b:82:ff:a3:ec:04:4c:c5:58:2c:5b:e7:
e7:80:ee:fa:90:25:70:83:00:be:31:ec:d6:63:0b:18:21:bd:
a3:3b:1c:3f:4a:37:03:ce:b1:34:60:95:e5:ae:7c:53:09:c9:
f3:34:00:a5:37:39:53:c8:e0:72:71:e4:de:6c:4e:7a:b8:58:
0d:9a:a3:49:bc:b0:c6:15:51:dc:fb:4f:a2:6b:cd:12:48:bb:
64:1f:b4:c9:97:d9:89:3d:7e:e8:e1:af:cd:a0:ed:cf:fe:be:
55:6a:1b:4b:a7:64:09:1e:50:83:ca:91:43:ea:df:f1:23:49:
85:86:2b:02:36:ce:2f:05:ea:87:0a:0e:10:f2:c9:bb:2b:43:
62:0d:47:b4:a8:79:5c:ff:31:b3:63:74:89:23:45:2a:1f:8a:
c5:8b:77:a6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZb2+x+JK0ffWk6uWARbvkaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODE0YTVmMDhmYjQ3NzExZDcxNjBiMDI3Zjk5NmRmYjYx
MmYwNDUwHhcNMjUwNTIyMDc1MjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTg3NTRlNjAwY2RjMzc3MjMwMjYyZTllYmIzNDYzZGUyOTZjZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpol84rBNQj/TMpxLBGWlsoMaFx6
A16QK+aQcH9HawjDGkcu8bw80B32jtN5q+4l6YNaQj+q+q7u03/wtPMJSmyxnHTn
Of7J3tVKc3c6b8p403iBd5f06QTWGcQLWcoGTD5GQ2EFmK6Xm0bwXqRTdd/qFHnw
v9FeCF9uUtKpLJ+DMlYtgiLBkr2RlVk/vdqHuUt2btmRIHhqdBiKwPr8MlfCSmND
OqrsntCtsLD6PMxMq9Jonw3gLhSlDp/VkP5riIMEme8YskZf9cO6LVlNF2BHXoAt
nWiDsYbmlewFwd7/89IwkX3DSJUUPIUehACLkBTDGB0IaT6Q0Q/SnZe7sQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFFqHVOYAzcN3IwJi6euzRj3ils5uMB8GA1UdIwQY
MBaAFA2BSl8I+0dxHXFgsCf5lt+2EvBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFlGS1h3ajdSM0VkY1dDd0pfbVczN1lTOEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84YTY4NGItMDM3NS00MGU1LWI3MjYt
Y2U3OTg1YjU2MDkzLzEvV29kVTVnRE53M2NqQW1McDY3TkdQZUtXem00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84YTY4NGItMDM3NS00MGU1LWI3MjYtY2U3OTg1YjU2MDkz
LzEvRFlGS1h3ajdSM0VkY1dDd0pfbVczN1lTOEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAyUgMAME
BT4yoAMEBVkU4AMEBF1ZIAMEBV9voAMEA216MAMEAm3rZAMEA7L5eAMEArmNnAME
Arm6hAMEArnF3AMEArnWEAMEArnzsAMEArx3UAMEBNmVcDANBAIAAjAHAwUDKgIW
YDANBgkqhkiG9w0BAQsFAAOCAQEAoR1Y+8reOpqpxQ+6JUz6j81MSkiSJ0sboEAq
J/Q693cBV7j9wFUF/vJalBOvJWp9KAxVOm1RDOncZQjTdwJK1I8p4iKfCSxOOtVE
dKo6+tYEfcI/JGZCFRPlvcQB/tBlG4L/o+wETMVYLFvn54Du+pAlcIMAvjHs1mML
GCG9ozscP0o3A86xNGCV5a58UwnJ8zQApTc5U8jgcnHk3mxOerhYDZqjSbywxhVR
3PtPomvNEki7ZB+0yZfZiT1+6OGvzaDtz/6+VWobS6dkCR5Qg8qRQ+rf8SNJhYYr
AjbOLwXqhwoOEPLJuytDYg1HtKh5XP8xs2N0iSNFKh+KxYt3pg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:53:42 2025 by rpki-client