Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WLrMeL4es_fVKe_9Bip70D4MbS4.roa
File: WLrMeL4es_fVKe_9Bip70D4MbS4.roa (raw, json)
Hash identifier: AwmlQNdBTUWcQVTlvgFLHrORPszPaBrN7yUI0bA/EXE=
Subject key identifier: 58:BA:CC:78:BE:1E:B3:F7:D5:29:EF:FD:06:2A:7B:D0:3E:0C:6D:2E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019A52E22484585B0A1FE1E2CC9DB2E96243
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WLrMeL4es_fVKe_9Bip70D4MbS4.roa
Signing time: Wed 05 Nov 2025 07:19:03 +0000
ROA not before: Wed 05 Nov 2025 07:19:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201178
IP address blocks: 45.84.220.0/24 maxlen: 24
45.84.221.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
93.123.37.0/24 maxlen: 32
93.123.64.0/24 maxlen: 32
193.148.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Nov 2025 02:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:e2:24:84:58:5b:0a:1f:e1:e2:cc:9d:b2:e9:62:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 5 07:19:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58bacc78be1eb3f7d529effd062a7bd03e0c6d2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4c:7c:73:48:c3:cf:40:80:d3:f4:1b:6b:82:
f9:86:9e:88:b4:78:4e:10:da:2b:d5:50:8b:6c:13:
b4:f1:96:da:e5:18:7b:4b:90:0f:27:3e:5e:53:80:
a4:f6:4d:85:2e:ae:33:16:98:4f:80:66:99:cf:af:
a4:09:5d:a3:ca:40:0a:4b:23:49:47:a0:85:ff:86:
58:cb:1f:27:ad:2c:4b:64:3c:20:6f:76:26:60:fb:
2d:e0:0c:96:73:13:92:4e:51:e4:25:00:5f:74:5d:
8d:e6:d2:ab:23:2a:78:5b:9e:7f:a6:ef:97:87:a1:
95:65:01:ad:73:d0:0b:1c:ca:3e:97:25:88:b7:d0:
81:f6:11:82:ad:1b:77:30:2c:c2:61:49:8a:c3:81:
0b:6d:f9:21:05:5c:0f:40:ba:f4:8e:d9:f8:ea:63:
63:08:c7:02:9d:cf:d7:b7:76:dc:aa:fc:b0:65:95:
9a:53:df:9b:fe:7e:ff:22:56:79:39:b6:48:15:6d:
24:1e:75:39:50:3d:61:79:bb:8a:f6:2c:82:de:e1:
f2:a4:8d:0e:f1:c5:43:3f:1a:b6:5a:f5:c9:b6:8b:
85:c1:ee:3b:a8:da:a8:0e:37:1e:89:05:b4:86:1f:
37:a6:80:d3:bf:23:f4:29:24:06:52:91:db:37:6f:
47:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BA:CC:78:BE:1E:B3:F7:D5:29:EF:FD:06:2A:7B:D0:3E:0C:6D:2E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WLrMeL4es_fVKe_9Bip70D4MbS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.220.0/23
91.92.70.0/24
93.123.37.0/24
93.123.64.0/24
193.148.252.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:3d:e5:e6:e5:e1:69:d3:d2:1a:b4:0f:51:06:6d:27:6e:fe:
c2:83:8f:57:57:26:7b:f8:ca:c9:49:ad:6c:4d:b6:a8:08:6e:
a3:84:81:11:5c:0e:57:01:bb:65:3c:c5:95:4b:dc:fc:51:e4:
56:47:a9:42:43:cb:3f:8b:36:b3:f0:1c:07:a3:57:ba:e1:31:
ba:b3:2a:bd:ea:37:ef:db:db:e2:5d:ac:65:f3:f1:b9:51:94:
43:1c:a0:ce:a6:49:c9:ad:a4:c8:32:b0:24:27:11:a8:1f:fd:
da:d1:a9:ea:d6:6f:e6:ba:7d:0b:6d:6a:35:f0:42:98:3d:66:
a3:95:86:f9:2b:5d:94:91:35:bc:9c:ac:a3:7f:07:01:4a:de:
cf:ed:54:49:e1:79:a9:7c:b2:2b:28:fc:5b:86:f6:0b:3b:7a:
08:a9:5c:a1:cb:91:f2:c0:0c:e0:b2:e5:4f:1c:c4:9c:88:5b:
96:6c:c9:ea:4e:81:a9:57:9e:b7:b6:d6:89:99:a2:6e:f8:fc:
2a:41:23:38:8d:b7:51:1f:78:f4:03:e2:1d:46:e4:fa:b3:52:
26:92:96:02:1d:14:7b:29:e5:8a:7f:09:ec:9d:84:f7:52:50:
54:72:70:a0:4d:5f:51:28:f1:c9:40:03:1c:88:e2:39:51:83:
70:ba:a8:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZpS4iSEWFsKH+HizJ2y6WJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUxMTA1MDcxOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGJhY2M3OGJlMWViM2Y3ZDUyOWVmZmQwNjJhN2JkMDNlMGM2ZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0x8c0jDz0CA0/Qba4L5hp6ItHhO
ENor1VCLbBO08Zba5Rh7S5APJz5eU4Ck9k2FLq4zFphPgGaZz6+kCV2jykAKSyNJ
R6CF/4ZYyx8nrSxLZDwgb3YmYPst4AyWcxOSTlHkJQBfdF2N5tKrIyp4W55/pu+X
h6GVZQGtc9ALHMo+lyWIt9CB9hGCrRt3MCzCYUmKw4ELbfkhBVwPQLr0jtn46mNj
CMcCnc/Xt3bcqvywZZWaU9+b/n7/IlZ5ObZIFW0kHnU5UD1hebuK9iyC3uHypI0O
8cVDPxq2WvXJtouFwe47qNqoDjceiQW0hh83poDTvyP0KSQGUpHbN29HRQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFi6zHi+HrP31Snv/QYqe9A+DG0uMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV0xyTWVMNGVzX2ZWS2VfOUJpcDcwRDRNYlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLVTcAwQA
W1xGAwQAXXslAwQAXXtAAwQAwZT8MA0GCSqGSIb3DQEBCwUAA4IBAQCPPeXm5eFp
09IatA9RBm0nbv7Cg49XVyZ7+MrJSa1sTbaoCG6jhIERXA5XAbtlPMWVS9z8UeRW
R6lCQ8s/izaz8BwHo1e64TG6syq96jfv29viXaxl8/G5UZRDHKDOpknJraTIMrAk
JxGoH/3a0anq1m/mun0LbWo18EKYPWajlYb5K12UkTW8nKyjfwcBSt7P7VRJ4Xmp
fLIrKPxbhvYLO3oIqVyhy5HywAzgsuVPHMSciFuWbMnqToGpV563ttaJmaJu+Pwq
QSM4jbdRH3j0A+IdRuT6s1ImkpYCHRR7KeWKfwnsnYT3UlBUcnCgTV9RKPHJQAMc
iOI5UYNwuqh2
-----END CERTIFICATE-----
Generated at Mon Nov 10 11:38:48 2025 by rpki-client