Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/WxEOCPDpQ8QTKChQawP9F_BJiCQ.roa
File: WxEOCPDpQ8QTKChQawP9F_BJiCQ.roa (raw, json)
Hash identifier: /NHsUSrM7kXA63U7z1/sQTuryXcszRmOwke6dNdlyYs=
Subject key identifier: 5B:11:0E:08:F0:E9:43:C4:13:28:28:50:6B:03:FD:17:F0:49:88:24
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 019985C2D1D1F268C50923BA6205A718341A
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/WxEOCPDpQ8QTKChQawP9F_BJiCQ.roa
Signing time: Fri 26 Sep 2025 11:22:41 +0000
ROA not before: Fri 26 Sep 2025 11:22:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 78.40.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Oct 2025 14:36:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:85:c2:d1:d1:f2:68:c5:09:23:ba:62:05:a7:18:34:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Sep 26 11:22:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b110e08f0e943c4132828506b03fd17f0498824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:83:62:15:3f:8d:9d:5f:9c:22:9a:aa:e6:74:
76:fd:ac:27:12:16:1d:7f:3a:f2:e7:34:00:dc:88:
56:a3:0c:36:48:fa:27:40:da:2e:a1:4b:27:59:9e:
ef:20:3e:1b:5e:7e:42:b4:1c:5e:76:d5:c5:9a:11:
76:f5:07:51:fd:61:73:3a:2f:cf:16:d3:20:c1:6f:
d1:ca:f8:91:52:d4:c7:44:82:fc:09:52:ff:e8:ca:
70:0b:d0:42:55:2c:c0:c6:a4:01:bf:f5:ab:0f:7e:
b1:a6:1b:bc:34:6b:3a:5b:39:78:11:94:2b:ad:59:
2c:e4:e3:2f:6d:19:ea:cf:4c:8e:21:72:58:4d:d0:
9f:59:55:21:ce:57:c6:43:16:be:90:90:4e:21:40:
5d:7a:db:8d:73:b6:6d:d9:1b:cb:83:5a:3d:f1:44:
a2:9a:50:1a:2a:80:29:65:29:b6:2c:f7:7e:18:c5:
86:9f:cc:00:26:8b:96:8a:cd:c8:64:6a:52:19:b4:
96:b3:90:e3:7b:a3:d0:3e:ea:c6:6b:fb:87:0f:ab:
de:8a:6d:c3:f0:95:60:df:a3:34:25:07:f0:16:e6:
6d:25:50:c2:72:53:c7:3d:54:82:2f:6c:00:6a:36:
b1:c1:2d:e8:63:14:3f:87:b0:9c:1e:f8:13:31:99:
ae:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:11:0E:08:F0:E9:43:C4:13:28:28:50:6B:03:FD:17:F0:49:88:24
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/WxEOCPDpQ8QTKChQawP9F_BJiCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.208.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:8b:f8:e6:75:2b:7a:12:fe:2e:82:67:38:bc:d8:a9:98:e5:
cf:36:dc:f3:78:b6:ef:53:8d:5c:ba:87:c8:9b:bc:3e:b6:a9:
c5:5e:61:e8:65:f0:9d:63:e7:03:7d:0d:14:52:bf:83:9d:80:
c7:c8:f5:0e:19:b2:3d:eb:f2:78:9b:8e:fd:b4:ee:e4:0a:fc:
d4:d3:a3:05:85:5e:bb:eb:e0:a1:a2:c6:88:2f:c6:f4:2b:0e:
1c:56:2b:a4:4a:ee:cb:a5:e4:09:76:8f:89:10:79:24:cd:a0:
63:85:2c:f0:21:63:c5:a8:e3:86:ab:b1:20:8c:5c:7d:f2:62:
4f:7f:22:09:55:b6:a5:e7:68:96:9f:56:13:35:7b:77:23:07:
97:0b:16:cf:e7:88:bc:21:6c:51:22:e7:9c:32:7b:df:13:49:
b4:5b:e9:fc:38:93:19:6b:58:4d:ba:68:06:c0:9d:33:ac:d3:
66:35:22:ce:79:d2:2d:49:05:69:3e:d2:6e:43:90:2d:f7:3b:
57:c6:ca:56:74:1c:10:1f:c9:d4:63:d1:c9:8f:6b:b6:3e:7b:
2f:0e:2a:a5:6a:ec:fe:dd:7a:af:22:4d:5b:5c:c8:44:72:08:
91:7c:e3:24:7d:85:05:c8:83:b4:c4:20:cb:f1:c7:91:3b:f4:
51:73:86:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmFwtHR8mjFCSO6YgWnGDQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwOTI2MTEyMjQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjExMGUwOGYwZTk0M2M0MTMyODI4NTA2YjAzZmQxN2YwNDk4ODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4NiFT+NnV+cIpqq5nR2/awnEhYd
fzry5zQA3IhWoww2SPonQNouoUsnWZ7vID4bXn5CtBxedtXFmhF29QdR/WFzOi/P
FtMgwW/RyviRUtTHRIL8CVL/6MpwC9BCVSzAxqQBv/WrD36xphu8NGs6Wzl4EZQr
rVks5OMvbRnqz0yOIXJYTdCfWVUhzlfGQxa+kJBOIUBdetuNc7Zt2RvLg1o98USi
mlAaKoApZSm2LPd+GMWGn8wAJouWis3IZGpSGbSWs5Dje6PQPurGa/uHD6veim3D
8JVg36M0JQfwFuZtJVDCclPHPVSCL2wAajaxwS3oYxQ/h7CcHvgTMZmuQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsRDgjw6UPEEygoUGsD/RfwSYgkMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvV3hFT0NQRHBROFFUS0NoUWF3UDlGX0JKaUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTijQMA0G
CSqGSIb3DQEBCwUAA4IBAQBai/jmdSt6Ev4ugmc4vNipmOXPNtzzeLbvU41cuofI
m7w+tqnFXmHoZfCdY+cDfQ0UUr+DnYDHyPUOGbI96/J4m479tO7kCvzU06MFhV67
6+ChosaIL8b0Kw4cViukSu7LpeQJdo+JEHkkzaBjhSzwIWPFqOOGq7EgjFx98mJP
fyIJVbal52iWn1YTNXt3IweXCxbP54i8IWxRIuecMnvfE0m0W+n8OJMZa1hNumgG
wJ0zrNNmNSLOedItSQVpPtJuQ5At9ztXxspWdBwQH8nUY9HJj2u2PnsvDiqlauz+
3XqvIk1bXMhEcgiRfOMkfYUFyIO0xCDL8ceRO/RRc4YB
-----END CERTIFICATE-----
Generated at Mon Oct 13 22:06:17 2025 by rpki-client