Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/w5UjVXun0P_UMn66lGeXmgBCIuM.roa
File: w5UjVXun0P_UMn66lGeXmgBCIuM.roa (raw, json)
Hash identifier: mZVxYOGgf/OCRtDnOLX+hBmhBwlnRa8g9AuOQR8eVf4=
Subject key identifier: C3:95:23:55:7B:A7:D0:FF:D4:32:7E:BA:94:67:97:9A:00:42:22:E3
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 019883EC05C18B73613C95F4A08BDAD71572
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/w5UjVXun0P_UMn66lGeXmgBCIuM.roa
Signing time: Thu 07 Aug 2025 09:45:39 +0000
ROA not before: Thu 07 Aug 2025 09:45:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12548
IP address blocks: 212.68.160.0/22 maxlen: 22
212.68.188.0/22 maxlen: 22
212.68.188.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:83:ec:05:c1:8b:73:61:3c:95:f4:a0:8b:da:d7:15:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Aug 7 09:45:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c39523557ba7d0ffd4327eba9467979a004222e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bc:6f:2e:d1:18:9b:f3:75:86:ae:f3:58:ee:
8c:9c:bd:87:c8:ea:8c:ad:5b:99:94:d9:95:e1:b2:
26:7d:89:a6:2b:2e:79:91:9a:8f:27:40:a1:2b:07:
2c:b4:f1:c2:cd:47:a5:cc:0d:35:11:d4:bf:0b:2c:
24:00:24:03:e2:c2:e0:8f:2e:64:ad:71:a3:f2:a3:
8d:f7:08:e7:c6:35:58:38:e8:d9:d7:7d:8b:a6:c9:
0d:21:4d:00:89:3a:ee:50:5d:d7:c7:fd:4d:36:05:
ec:48:f2:87:16:97:4a:a1:c1:9b:a4:2a:5a:ca:8b:
09:9f:3f:3f:ac:f7:4a:d8:95:5f:61:ee:66:91:bd:
9c:b3:a4:a6:10:ba:9f:6b:11:9e:7a:d8:53:6d:33:
5b:30:83:43:25:38:c2:05:47:da:69:5a:35:6d:8e:
c5:9e:c0:ea:23:58:73:09:ff:76:2d:8b:a5:f2:cb:
2a:3b:4f:8b:a0:49:3b:3f:ef:74:72:a9:2a:30:99:
66:86:89:67:4a:71:2d:12:d3:df:ef:21:8f:c1:99:
62:ac:28:6d:1d:19:c7:e6:95:0c:9d:42:67:d8:54:
e4:65:57:13:49:17:61:99:4f:97:38:95:d0:ef:f7:
01:57:f8:53:3d:d9:03:ef:70:64:41:5c:0a:40:a5:
bf:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:95:23:55:7B:A7:D0:FF:D4:32:7E:BA:94:67:97:9A:00:42:22:E3
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/w5UjVXun0P_UMn66lGeXmgBCIuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.160.0/22
212.68.188.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:90:12:b6:2d:69:6c:64:11:10:8d:59:7e:85:a0:52:b6:ef:
4b:df:36:20:c0:03:77:21:88:01:a7:bf:48:ea:09:b4:11:c6:
34:b0:bc:c2:c6:1c:a3:b0:31:9c:1b:3f:62:81:17:76:bd:c5:
82:81:c4:45:92:df:ca:a5:fa:69:6b:21:1a:41:ea:de:6d:69:
e0:2e:a2:56:2e:a5:8b:8c:ae:f2:73:61:ee:20:dc:ba:7a:48:
b4:83:4a:1b:d7:e1:c9:df:61:6c:92:ee:f1:10:a0:1e:a0:a9:
13:a7:aa:5e:0a:d0:aa:e7:29:e4:d5:41:dc:73:8c:8d:3c:2e:
74:3b:e1:a4:73:d2:f0:70:aa:3c:b2:5c:7b:30:ff:4b:cd:1a:
d9:fa:52:8d:51:57:ef:e1:27:e5:b8:32:25:41:ec:5d:3a:1d:
e0:94:d3:6e:61:5f:06:76:00:8a:54:3f:58:b7:70:24:a1:cd:
ef:3c:cb:02:a4:70:e9:f8:5b:d4:66:27:f6:55:a2:d1:3b:9f:
a2:8b:b3:5f:0c:1d:18:c4:b5:d6:3c:6d:d0:df:2b:7e:94:38:
24:ff:eb:c5:b8:17:56:1d:6b:a1:9b:ae:6b:7b:21:cf:a0:7d:
8d:0c:ab:6e:01:97:ed:b5:8e:9d:1a:0f:85:8f:14:3a:1a:40:
18:bc:96:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZiD7AXBi3NhPJX0oIva1xVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjUwODA3MDk0NTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzk1MjM1NTdiYTdkMGZmZDQzMjdlYmE5NDY3OTc5YTAwNDIyMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7xvLtEYm/N1hq7zWO6MnL2HyOqM
rVuZlNmV4bImfYmmKy55kZqPJ0ChKwcstPHCzUelzA01EdS/CywkACQD4sLgjy5k
rXGj8qON9wjnxjVYOOjZ132LpskNIU0AiTruUF3Xx/1NNgXsSPKHFpdKocGbpCpa
yosJnz8/rPdK2JVfYe5mkb2cs6SmELqfaxGeethTbTNbMINDJTjCBUfaaVo1bY7F
nsDqI1hzCf92LYul8ssqO0+LoEk7P+90cqkqMJlmholnSnEtEtPf7yGPwZlirCht
HRnH5pUMnUJn2FTkZVcTSRdhmU+XOJXQ7/cBV/hTPdkD73BkQVwKQKW/mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMOVI1V7p9D/1DJ+upRnl5oAQiLjMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvdzVValZYdW4wUF9VTW42NmxHZVhtZ0JDSXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1ESgAwQC
1ES8MA0GCSqGSIb3DQEBCwUAA4IBAQAskBK2LWlsZBEQjVl+haBStu9L3zYgwAN3
IYgBp79I6gm0EcY0sLzCxhyjsDGcGz9igRd2vcWCgcRFkt/KpfppayEaQerebWng
LqJWLqWLjK7yc2HuINy6eki0g0ob1+HJ32Fsku7xEKAeoKkTp6peCtCq5ynk1UHc
c4yNPC50O+Gkc9LwcKo8slx7MP9LzRrZ+lKNUVfv4SfluDIlQexdOh3glNNuYV8G
dgCKVD9Yt3Akoc3vPMsCpHDp+FvUZif2VaLRO5+ii7NfDB0YxLXWPG3Q3yt+lDgk
/+vFuBdWHWuhm65reyHPoH2NDKtuAZfttY6dGg+FjxQ6GkAYvJb9
-----END CERTIFICATE-----
Generated at Mon Aug 11 09:51:16 2025 by rpki-client