Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/wYh93a95GpR2os9Mw6n4qntabug.roa
File: wYh93a95GpR2os9Mw6n4qntabug.roa (raw, json)
Hash identifier: +l/5zm42nWsFgSlNxtbMQiH9yt1XqsayvCuVkikeLbM=
Subject key identifier: C1:88:7D:DD:AF:79:1A:94:76:A2:CF:4C:C3:A9:F8:AA:7B:5A:6E:E8
Certificate issuer: /CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Certificate serial: 01975DB1A5D45D3E73D9761AD9D56DDC7B00
Authority key identifier: 4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/wYh93a95GpR2os9Mw6n4qntabug.roa
Signing time: Wed 11 Jun 2025 06:33:32 +0000
ROA not before: Wed 11 Jun 2025 06:33:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 13:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:b1:a5:d4:5d:3e:73:d9:76:1a:d9:d5:6d:dc:7b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e13d0c0a703e09cda64c12b08dda2b749a0429c
Validity
Not Before: Jun 11 06:33:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1887dddaf791a9476a2cf4cc3a9f8aa7b5a6ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:62:0e:42:07:2c:3a:ef:db:d5:f5:3b:3c:80:
f5:7e:eb:0d:50:dc:22:21:3b:55:a1:44:5d:50:6d:
9c:77:cd:b7:4f:45:15:b7:3b:db:8b:87:c5:46:4c:
b3:34:3a:84:9a:23:29:87:83:c2:eb:44:b1:95:7c:
9f:cf:3a:d3:2b:df:eb:6a:d0:4a:0a:41:3e:21:27:
11:44:4e:7e:84:e9:70:72:4a:b8:03:c1:64:c7:10:
9f:61:57:0b:98:76:b2:e9:7e:13:e9:8e:ed:62:8c:
26:24:22:60:b0:ce:ee:cd:95:09:d5:26:18:81:c1:
45:d7:1f:c9:99:91:1c:85:8c:cd:ff:36:7f:8c:17:
f9:cb:a9:47:c2:21:7a:ca:89:35:b9:24:00:6f:fc:
e6:da:24:2a:92:43:5e:e2:ed:a3:d3:a7:e5:69:de:
55:87:f5:f9:05:7b:9d:39:28:c5:ae:46:a6:44:eb:
e7:89:48:ed:50:11:f3:2f:9c:ce:c5:db:c7:f2:05:
03:77:d0:e9:05:af:0d:14:31:58:f5:30:bc:78:c3:
a7:b1:84:2a:b9:3a:f4:24:ea:03:41:d7:b8:a8:ed:
3d:83:47:74:d1:fe:20:b7:af:bf:28:6e:90:96:ad:
ad:73:72:86:91:2b:45:c9:49:70:c1:6e:8a:c3:0c:
b2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:88:7D:DD:AF:79:1A:94:76:A2:CF:4C:C3:A9:F8:AA:7B:5A:6E:E8
X509v3 Authority Key Identifier:
keyid:4E:13:D0:C0:A7:03:E0:9C:DA:64:C1:2B:08:DD:A2:B7:49:A0:42:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThPQwKcD4JzaZMErCN2it0mgQpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/wYh93a95GpR2os9Mw6n4qntabug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ae049a-078b-42ed-a28f-6aa443528ce5/1/ThPQwKcD4JzaZMErCN2it0mgQpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:44:1f:d2:1a:65:83:22:f5:c6:4f:03:27:5d:4f:58:39:76:
66:0a:bd:a8:24:52:c0:bc:d1:7b:d8:89:79:a3:ee:38:35:07:
89:18:91:ea:cf:97:4b:29:c5:9e:fb:b8:3e:07:78:ba:a4:85:
06:55:84:af:94:60:e6:65:c5:2d:28:ad:8b:4a:78:70:f0:06:
87:46:d7:a8:fe:7e:e8:57:1d:cf:8a:7c:67:d7:6b:b9:66:2e:
19:53:6f:6c:bd:a7:c6:4e:0c:34:90:98:99:31:26:02:6d:00:
5e:7c:d6:fd:91:95:e0:3d:43:80:cb:2d:b4:de:4b:68:98:6a:
c5:b1:d6:ea:0c:97:46:f6:7f:82:c2:ff:f1:ac:cb:68:1b:fa:
47:f8:48:18:43:f8:24:b3:ae:8c:3b:0a:e9:5b:4a:53:38:66:
4d:f4:64:e8:15:b4:51:f5:37:8e:2c:50:bd:4e:a8:58:9c:b5:
c8:ac:40:23:55:89:cd:b0:43:3b:09:7e:d7:ca:48:51:e3:ff:
a3:3e:79:9e:bb:8b:86:81:26:ed:5e:ee:d4:78:96:31:89:98:
1f:34:4f:ea:ce:36:9c:54:fc:e2:3b:b4:c9:e1:8d:ea:0f:66:
e3:ba:f7:da:5c:e2:d6:48:0e:c9:cc:10:3d:d4:05:6b:ff:09:
d2:50:64:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZddsaXUXT5z2XYa2dVt3HsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTNkMGMwYTcwM2UwOWNkYTY0YzEyYjA4ZGRhMmI3NDlh
MDQyOWMwHhcNMjUwNjExMDYzMzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTg4N2RkZGFmNzkxYTk0NzZhMmNmNGNjM2E5ZjhhYTdiNWE2ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WIOQgcsOu/b1fU7PID1fusNUNwi
ITtVoURdUG2cd823T0UVtzvbi4fFRkyzNDqEmiMph4PC60SxlXyfzzrTK9/ratBK
CkE+IScRRE5+hOlwckq4A8FkxxCfYVcLmHay6X4T6Y7tYowmJCJgsM7uzZUJ1SYY
gcFF1x/JmZEchYzN/zZ/jBf5y6lHwiF6yok1uSQAb/zm2iQqkkNe4u2j06flad5V
h/X5BXudOSjFrkamROvniUjtUBHzL5zOxdvH8gUDd9DpBa8NFDFY9TC8eMOnsYQq
uTr0JOoDQde4qO09g0d00f4gt6+/KG6Qlq2tc3KGkStFyUlwwW6KwwyykwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMGIfd2veRqUdqLPTMOp+Kp7Wm7oMB8GA1UdIwQY
MBaAFE4T0MCnA+Cc2mTBKwjdordJoEKcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYt
NmFhNDQzNTI4Y2U1LzEvd1loOTNhOTVHcFIyb3M5TXc2bjRxbnRhYnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hZTA0OWEtMDc4Yi00MmVkLWEyOGYtNmFhNDQzNTI4Y2U1
LzEvVGhQUXdLY0Q0SnphWk1FckNOMml0MG1nUXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHpEH9IaZYMi9cZPAydd
T1g5dmYKvagkUsC80XvYiXmj7jg1B4kYkerPl0spxZ77uD4HeLqkhQZVhK+UYOZl
xS0orYtKeHDwBodG16j+fuhXHc+KfGfXa7lmLhlTb2y9p8ZODDSQmJkxJgJtAF58
1v2RleA9Q4DLLbTeS2iYasWx1uoMl0b2f4LC//Gsy2gb+kf4SBhD+CSzrow7Culb
SlM4Zk30ZOgVtFH1N44sUL1OqFictcisQCNVic2wQzsJftfKSFHj/6M+eZ67i4aB
Ju1e7tR4ljGJmB80T+rONpxU/OI7tMnhjeoPZuO699pc4tZIDsnMED3UBWv/CdJQ
ZAA=
-----END CERTIFICATE-----
Generated at Fri Jun 13 18:54:20 2025 by rpki-client