Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/Wfeid4woSfByYkoo--aLxPo9zD4.roa
File: Wfeid4woSfByYkoo--aLxPo9zD4.roa (raw, json)
Hash identifier: QUVhvh15KGbcjHhaMo64Af/kJPBMQKRCzuutrYgGreU=
Subject key identifier: 59:F7:A2:77:8C:28:49:F0:72:62:4A:28:FB:E6:8B:C4:FA:3D:CC:3E
Certificate issuer: /CN=64c2493e4c2eea930b1ec2c8363d2d1ffae6e17e
Certificate serial: 0197E3D25784EEA0293189522C4A97D6B3D7
Authority key identifier: 64:C2:49:3E:4C:2E:EA:93:0B:1E:C2:C8:36:3D:2D:1F:FA:E6:E1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZMJJPkwu6pMLHsLINj0tH_rm4X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/Wfeid4woSfByYkoo--aLxPo9zD4.roa
Signing time: Mon 07 Jul 2025 07:38:22 +0000
ROA not before: Mon 07 Jul 2025 07:38:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52043
IP address blocks: 46.151.240.0/21 maxlen: 24
176.106.8.0/21 maxlen: 24
176.106.16.0/20 maxlen: 24
176.124.116.0/22 maxlen: 24
176.124.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/ZMJJPkwu6pMLHsLINj0tH_rm4X4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/ZMJJPkwu6pMLHsLINj0tH_rm4X4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZMJJPkwu6pMLHsLINj0tH_rm4X4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 13:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e3:d2:57:84:ee:a0:29:31:89:52:2c:4a:97:d6:b3:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64c2493e4c2eea930b1ec2c8363d2d1ffae6e17e
Validity
Not Before: Jul 7 07:38:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59f7a2778c2849f072624a28fbe68bc4fa3dcc3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fb:91:a1:76:8e:10:15:aa:ec:41:42:39:51:
b4:f2:4b:0f:78:c2:06:12:c7:99:7a:77:cc:62:02:
fb:0e:ec:59:9d:95:61:62:ef:ed:f3:0c:38:64:cf:
08:30:f0:ac:18:2b:09:f1:cf:2d:96:69:a8:50:92:
9e:e2:c3:7f:62:71:d4:94:ce:38:35:ee:e5:46:41:
7e:fd:1d:9f:4d:37:f7:6b:57:37:b4:2e:90:d2:b5:
91:ae:1a:93:71:e7:f2:4b:7b:fd:97:e7:7b:ac:d1:
10:35:11:20:43:ca:8a:b1:84:84:e3:94:d9:3c:84:
ef:36:7c:10:f5:ad:5b:50:91:4c:be:52:02:31:e1:
9b:fe:0f:c8:be:e9:60:69:9e:5f:ac:0c:a6:0e:a0:
c0:bc:2b:2d:3c:15:9d:32:a0:45:96:90:28:2f:c5:
6f:c9:34:fd:c1:16:37:69:13:4e:6a:6d:68:0a:c0:
21:90:3b:d8:fb:8b:fe:f3:a1:ba:10:63:dd:04:6b:
f4:b8:d1:9f:0b:89:3d:4c:9c:c3:8e:cd:e5:49:14:
68:6f:70:71:8c:77:b3:a6:eb:f1:6d:06:79:d4:ec:
01:ed:63:d7:43:00:5f:a7:be:b6:5f:c5:cd:bf:96:
e1:d0:dc:d3:55:78:54:44:67:30:02:2a:a0:37:b3:
88:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F7:A2:77:8C:28:49:F0:72:62:4A:28:FB:E6:8B:C4:FA:3D:CC:3E
X509v3 Authority Key Identifier:
keyid:64:C2:49:3E:4C:2E:EA:93:0B:1E:C2:C8:36:3D:2D:1F:FA:E6:E1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZMJJPkwu6pMLHsLINj0tH_rm4X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/Wfeid4woSfByYkoo--aLxPo9zD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/ZMJJPkwu6pMLHsLINj0tH_rm4X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.240.0/21
176.106.8.0-176.106.31.255
176.124.116.0-176.124.127.255
Signature Algorithm: sha256WithRSAEncryption
70:c6:77:17:58:1a:f8:06:d3:a9:bd:42:c9:72:54:92:f1:f5:
45:02:28:a7:a5:1a:96:c0:54:6f:79:40:8f:28:48:70:7c:84:
9c:9b:27:9a:34:7e:41:1c:3f:31:3d:62:21:77:21:9e:e7:1a:
cc:d9:06:50:a8:51:b3:76:60:05:77:92:a3:55:94:4d:b4:8e:
d8:9f:b5:b7:b8:9c:a7:af:18:9c:b3:22:f5:7d:20:ce:d5:d2:
78:4f:fe:7e:48:e4:15:89:7f:0e:8f:46:1a:56:00:6e:24:42:
5e:5c:ab:b5:24:2d:ab:92:68:d1:e5:0d:f5:41:77:99:e3:01:
67:df:b5:12:c6:16:6f:d3:cc:fe:06:42:c0:49:79:89:d7:6b:
25:3a:cd:8e:b1:34:79:6f:5f:21:ff:2d:69:56:61:2f:3c:38:
d0:15:ba:34:20:2f:47:2e:cf:de:32:ce:d8:12:9a:d7:f8:64:
8f:75:5c:c2:29:f7:26:47:9d:b4:78:ca:12:62:86:31:36:de:
30:ea:24:11:8e:31:7d:f4:fe:7f:8a:be:21:dc:59:89:b4:dc:
86:f8:c8:b7:dd:3f:e9:55:1b:9f:1d:02:82:3f:3e:21:06:78:
02:52:9d:61:b1:a0:30:2d:9e:82:03:56:91:df:f1:8a:2f:80:
a2:bb:a8:46
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZfj0leE7qApMYlSLEqX1rPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YzI0OTNlNGMyZWVhOTMwYjFlYzJjODM2M2QyZDFmZmFl
NmUxN2UwHhcNMjUwNzA3MDczODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWY3YTI3NzhjMjg0OWYwNzI2MjRhMjhmYmU2OGJjNGZhM2RjYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvuRoXaOEBWq7EFCOVG08ksPeMIG
EseZenfMYgL7DuxZnZVhYu/t8ww4ZM8IMPCsGCsJ8c8tlmmoUJKe4sN/YnHUlM44
Ne7lRkF+/R2fTTf3a1c3tC6Q0rWRrhqTcefyS3v9l+d7rNEQNREgQ8qKsYSE45TZ
PITvNnwQ9a1bUJFMvlICMeGb/g/IvulgaZ5frAymDqDAvCstPBWdMqBFlpAoL8Vv
yTT9wRY3aRNOam1oCsAhkDvY+4v+86G6EGPdBGv0uNGfC4k9TJzDjs3lSRRob3Bx
jHezpuvxbQZ51OwB7WPXQwBfp762X8XNv5bh0NzTVXhURGcwAiqgN7OIVQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFn3oneMKEnwcmJKKPvmi8T6Pcw+MB8GA1UdIwQY
MBaAFGTCST5MLuqTCx7CyDY9LR/65uF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk1KSlBrd3U2cE1MSHNMSU5qMHRIX3JtNFg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80M2NhZjctOGZjNi00MTIzLThhOTMt
NjUyZTBmNWU1YmU4LzEvV2ZlaWQ0d29TZkJ5WWtvby0tYUx4UG85ekQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80M2NhZjctOGZjNi00MTIzLThhOTMtNjUyZTBmNWU1YmU4
LzEvWk1KSlBrd3U2cE1MSHNMSU5qMHRIX3JtNFg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQDLpfwMAwD
BAOwaggDBAWwagAwDAMEArB8dAMEB7B8ADANBgkqhkiG9w0BAQsFAAOCAQEAcMZ3
F1ga+AbTqb1CyXJUkvH1RQIop6UalsBUb3lAjyhIcHyEnJsnmjR+QRw/MT1iIXch
nucazNkGUKhRs3ZgBXeSo1WUTbSO2J+1t7icp68YnLMi9X0gztXSeE/+fkjkFYl/
Do9GGlYAbiRCXlyrtSQtq5Jo0eUN9UF3meMBZ9+1EsYWb9PM/gZCwEl5iddrJTrN
jrE0eW9fIf8taVZhLzw40BW6NCAvRy7P3jLO2BKa1/hkj3Vcwin3JkedtHjKEmKG
MTbeMOokEY4xffT+f4q+IdxZibTchvjIt90/6VUbnx0Cgj8+IQZ4AlKdYbGgMC2e
ggNWkd/xii+AoruoRg==
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:08:01 2025 by rpki-client