Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/VWkW07I1zIXdyqs4BQIBdaBd2vc.roa
File: VWkW07I1zIXdyqs4BQIBdaBd2vc.roa (raw, json)
Hash identifier: h5pIJAnIs7+ZjnOWO3/wnU97A/ELdSh5CNwqpKVYXPM=
Subject key identifier: 55:69:16:D3:B2:35:CC:85:DD:CA:AB:38:05:02:01:75:A0:5D:DA:F7
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 019753AB3255F5A1A0265D024CEA97EF0BA0
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/VWkW07I1zIXdyqs4BQIBdaBd2vc.roa
Signing time: Mon 09 Jun 2025 07:50:17 +0000
ROA not before: Mon 09 Jun 2025 07:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.22.139.0/24 maxlen: 24
81.22.142.0/23 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:ab:32:55:f5:a1:a0:26:5d:02:4c:ea:97:ef:0b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 9 07:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=556916d3b235cc85ddcaab3805020175a05ddaf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ac:6e:43:e9:e4:19:7f:e6:6d:5f:64:8e:59:
f7:3e:51:7b:fd:dd:55:b2:d8:86:51:bf:d1:5d:76:
6f:c1:64:48:8d:68:3c:7b:0c:a6:5a:e6:d7:a1:c3:
3b:26:7c:41:18:70:85:00:1b:a1:84:ac:0e:b2:0a:
dd:2d:62:8c:4c:27:e3:f0:36:a6:6d:8f:e0:17:b0:
3d:14:73:88:c0:5e:05:8b:24:5c:9b:79:4e:f7:53:
5c:e8:76:71:16:6d:db:d6:96:01:39:8c:69:ad:7a:
73:f4:37:39:9d:f0:78:3d:ef:6a:c7:96:24:c1:19:
6e:1c:44:81:41:f6:c0:38:fb:df:69:d2:3d:f9:86:
23:ad:08:a3:a6:03:95:bc:54:4a:0e:77:9a:b3:c5:
a7:26:d0:08:3f:fa:b3:fa:b2:0a:33:48:1d:86:be:
0a:55:6f:7e:a7:b3:77:23:48:a4:b4:52:cc:16:b9:
88:5d:ad:b8:44:b9:fe:85:9d:f4:96:3c:47:c8:1a:
36:f4:d6:5c:d0:62:7b:86:83:fe:b8:4f:bd:20:00:
d9:05:21:07:da:81:99:9f:8c:2d:f5:52:7c:4d:e0:
9f:fa:cc:a9:99:50:52:59:69:f2:0c:01:10:df:9f:
80:13:69:5d:71:0d:1f:b2:54:14:94:aa:03:9f:e9:
9b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:69:16:D3:B2:35:CC:85:DD:CA:AB:38:05:02:01:75:A0:5D:DA:F7
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/VWkW07I1zIXdyqs4BQIBdaBd2vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.139.0/24
81.22.142.0/23
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:9b:62:e7:cc:16:ba:e8:25:f9:66:2a:3f:d9:08:65:10:91:
bc:79:40:61:79:09:02:80:60:a0:e2:2d:1c:c2:ed:51:b9:92:
83:79:11:0b:1a:94:6e:1b:16:4d:d0:65:b2:a6:70:b3:24:a0:
43:37:32:1c:c2:3f:8d:dd:30:1b:fb:4c:d7:07:49:5a:ce:8d:
2b:59:df:62:6b:fa:26:5f:4a:57:d6:2e:41:b9:0c:97:b0:a9:
14:33:79:71:a0:01:4e:5a:b5:e1:4e:a5:d7:2f:12:b8:71:36:
f2:77:8a:76:38:6c:9a:94:6f:09:bc:b0:31:af:17:b4:3f:db:
29:33:8f:8a:7c:6b:b6:98:94:39:9c:83:84:c6:3e:ee:f5:2b:
70:7e:1c:78:a5:f6:0b:b2:99:e7:d4:97:9f:17:f1:ea:cf:d0:
fa:a8:ea:2d:cf:32:f7:d3:c6:5a:5a:3a:50:8f:1f:df:d3:71:
b8:12:98:42:70:e5:65:1b:b8:3c:34:c5:e0:7d:2c:d9:9c:91:
45:0d:57:83:28:cb:80:e4:1c:28:05:a5:a4:c2:2b:3a:6a:88:
20:b6:3d:e0:32:62:da:58:9a:17:76:b1:90:5b:9c:bd:a6:c4:
34:12:a4:ec:76:c8:ea:51:73:93:87:24:82:d2:e8:28:c1:96:
de:43:12:b4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdTqzJV9aGgJl0CTOqX7wugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwNjA5MDc1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTY5MTZkM2IyMzVjYzg1ZGRjYWFiMzgwNTAyMDE3NWEwNWRkYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqxuQ+nkGX/mbV9kjln3PlF7/d1V
stiGUb/RXXZvwWRIjWg8ewymWubXocM7JnxBGHCFABuhhKwOsgrdLWKMTCfj8Dam
bY/gF7A9FHOIwF4FiyRcm3lO91Nc6HZxFm3b1pYBOYxprXpz9Dc5nfB4Pe9qx5Yk
wRluHESBQfbAOPvfadI9+YYjrQijpgOVvFRKDneas8WnJtAIP/qz+rIKM0gdhr4K
VW9+p7N3I0iktFLMFrmIXa24RLn+hZ30ljxHyBo29NZc0GJ7hoP+uE+9IADZBSEH
2oGZn4wt9VJ8TeCf+sypmVBSWWnyDAEQ35+AE2ldcQ0fslQUlKoDn+mbLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFVpFtOyNcyF3cqrOAUCAXWgXdr3MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVldrVzA3STF6SVhkeXFzNEJRSUJkYUJkMnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAURaLAwQB
URaOAwQCWbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQB7m2LnzBa66CX5Zio/
2QhlEJG8eUBheQkCgGCg4i0cwu1RuZKDeRELGpRuGxZN0GWypnCzJKBDNzIcwj+N
3TAb+0zXB0lazo0rWd9ia/omX0pX1i5BuQyXsKkUM3lxoAFOWrXhTqXXLxK4cTby
d4p2OGyalG8JvLAxrxe0P9spM4+KfGu2mJQ5nIOExj7u9Stwfhx4pfYLspnn1Jef
F/Hqz9D6qOotzzL308ZaWjpQjx/f03G4EphCcOVlG7g8NMXgfSzZnJFFDVeDKMuA
5BwoBaWkwis6aoggtj3gMmLaWJoXdrGQW5y9psQ0EqTsdsjqUXOThySC0ugowZbe
QxK0
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:04:22 2025 by rpki-client