Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/WNIo6fh_J1JaSjunj1Z5Xu1CXJ0.roa
File: WNIo6fh_J1JaSjunj1Z5Xu1CXJ0.roa (raw, json)
Hash identifier: I9y0xJA8TLrCiSo9CMmPRbQsrLPI2QdSmCxydXLI1h0=
Subject key identifier: 58:D2:28:E9:F8:7F:27:52:5A:4A:3B:A7:8F:56:79:5E:ED:42:5C:9D
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 019D43BAF05C820DA853B9314AF62518C8AE
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/WNIo6fh_J1JaSjunj1Z5Xu1CXJ0.roa
Signing time: Tue 31 Mar 2026 11:50:17 +0000
ROA not before: Tue 31 Mar 2026 11:50:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 145.219.0.0/22 maxlen: 22
145.219.4.0/24 maxlen: 24
145.219.5.0/24 maxlen: 24
145.219.7.0/24 maxlen: 24
145.219.34.0/24 maxlen: 24
145.219.35.0/24 maxlen: 24
145.219.36.0/22 maxlen: 22
145.219.40.0/21 maxlen: 21
145.219.48.0/21 maxlen: 21
145.219.56.0/21 maxlen: 21
145.219.64.0/18 maxlen: 18
145.219.128.0/17 maxlen: 17
193.176.255.0/24 maxlen: 24
2a04:b0c4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 14:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:43:ba:f0:5c:82:0d:a8:53:b9:31:4a:f6:25:18:c8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Mar 31 11:50:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=58d228e9f87f27525a4a3ba78f56795eed425c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ea:bb:07:cf:88:c4:9e:6b:66:09:58:98:16:
d7:f9:fe:3c:b8:53:65:f5:10:60:6a:3a:10:a9:24:
fa:2b:31:0a:57:cb:dd:ac:25:6b:0c:63:c8:9f:7f:
85:b8:c7:1f:56:a2:6f:51:af:c1:30:4c:85:ad:1a:
44:34:9e:59:17:8e:89:64:f6:17:a7:89:3a:b8:e0:
fe:be:b9:c5:ec:ba:5d:bf:36:39:ef:59:51:2b:5a:
2e:81:7f:3a:76:bd:52:a6:02:cd:c1:5b:24:d8:e3:
23:da:61:44:e0:5f:0a:46:f6:5e:74:de:09:f3:ad:
e6:ec:18:9d:2a:3c:1d:3c:7b:a2:44:87:af:90:e4:
8f:56:ae:01:6d:6a:71:ec:c6:bb:c5:f2:52:f7:5b:
61:d9:c8:51:68:44:25:a2:b4:ba:b3:a6:25:4d:52:
3b:ee:b4:4c:1b:37:f4:70:34:02:43:32:ca:bf:40:
63:b5:70:cc:a2:0c:4c:1c:e1:c1:76:cb:14:90:1e:
d7:6a:2e:87:3e:16:1e:1b:a1:10:cc:c8:a1:70:6e:
18:6a:51:d6:f1:1b:24:e7:d4:80:ee:f9:e9:52:48:
48:c0:c6:6f:97:38:53:da:61:c7:53:83:1d:51:c2:
28:12:19:b4:11:4d:1f:01:ad:8d:71:4c:10:b1:13:
de:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D2:28:E9:F8:7F:27:52:5A:4A:3B:A7:8F:56:79:5E:ED:42:5C:9D
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/WNIo6fh_J1JaSjunj1Z5Xu1CXJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.0.0-145.219.5.255
145.219.7.0/24
145.219.34.0-145.219.255.255
193.176.255.0/24
IPv6:
2a04:b0c4::/30
Signature Algorithm: sha256WithRSAEncryption
41:d1:9e:ec:b3:e1:b7:65:8e:1a:cc:4c:8f:fc:c3:15:36:b1:
2f:34:3b:d6:fd:c9:fc:d2:c5:4a:60:f4:a5:44:a6:bd:c6:f1:
6c:2a:92:8e:3c:22:7b:74:60:15:74:11:95:f4:40:a7:54:46:
a8:40:40:5b:3e:1b:cd:dc:c1:c3:4b:58:bc:30:4d:13:c8:73:
52:f1:41:d0:77:52:4a:28:3d:33:09:33:79:22:7f:d3:86:34:
74:06:c2:c7:97:29:8e:9a:ac:82:53:ac:73:c2:58:13:5e:96:
d8:e5:e3:0d:2d:5a:6a:41:02:0e:7d:5d:df:68:0c:03:db:c6:
4f:58:ac:d2:b7:78:64:2e:ec:cc:b1:f0:3f:8f:9f:20:bd:4f:
d3:29:35:b8:27:b7:ff:6a:b0:ea:7a:fd:36:83:63:95:e2:30:
d4:3d:1b:70:f9:1b:66:27:5f:28:47:47:27:11:a4:f8:9e:ad:
25:f7:c9:8a:d2:4a:13:2f:ad:bb:08:a4:25:f8:37:ed:60:13:
d1:ec:2b:1d:75:7c:56:21:25:51:12:94:2d:e5:c6:85:44:e2:
8a:5e:36:27:33:f4:2d:1b:7f:9a:a8:5b:7e:52:17:62:c9:27:
5b:19:c4:e9:f6:57:6e:0b:1c:02:23:37:44:05:95:03:51:c9:
52:00:e8:f2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZ1DuvBcgg2oU7kxSvYlGMiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjYwMzMxMTE1MDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGQyMjhlOWY4N2YyNzUyNWE0YTNiYTc4ZjU2Nzk1ZWVkNDI1YzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+q7B8+IxJ5rZglYmBbX+f48uFNl
9RBgajoQqST6KzEKV8vdrCVrDGPIn3+FuMcfVqJvUa/BMEyFrRpENJ5ZF46JZPYX
p4k6uOD+vrnF7LpdvzY571lRK1ougX86dr1SpgLNwVsk2OMj2mFE4F8KRvZedN4J
863m7BidKjwdPHuiRIevkOSPVq4BbWpx7Ma7xfJS91th2chRaEQlorS6s6YlTVI7
7rRMGzf0cDQCQzLKv0BjtXDMogxMHOHBdssUkB7Xai6HPhYeG6EQzMihcG4YalHW
8Rsk59SA7vnpUkhIwMZvlzhT2mHHU4MdUcIoEhm0EU0fAa2NcUwQsRPe2QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFFjSKOn4fydSWko7p49WeV7tQlydMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvV05JbzZmaF9KMUphU2p1bmoxWjVYdTFDWEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAsDAwCR2wME
AZHbBAMEAJHbBzALAwQBkdsiAwMCkdgDBADBsP8wDQQCAAIwBwMFAioEsMQwDQYJ
KoZIhvcNAQELBQADggEBAEHRnuyz4bdljhrMTI/8wxU2sS80O9b9yfzSxUpg9KVE
pr3G8Wwqko48Int0YBV0EZX0QKdURqhAQFs+G83cwcNLWLwwTRPIc1LxQdB3Ukoo
PTMJM3kif9OGNHQGwseXKY6arIJTrHPCWBNeltjl4w0tWmpBAg59Xd9oDAPbxk9Y
rNK3eGQu7Myx8D+PnyC9T9MpNbgnt/9qsOp6/TaDY5XiMNQ9G3D5G2YnXyhHRycR
pPierSX3yYrSShMvrbsIpCX4N+1gE9HsKx11fFYhJVESlC3lxoVE4opeNicz9C0b
f5qoW35SF2LJJ1sZxOn2V24LHAIjN0QFlQNRyVIA6PI=
-----END CERTIFICATE-----
Generated at Tue Apr 7 19:40:10 2026 by rpki-client