Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/wbFrdlHilmo6ynv8g1mcxsfTnGs.roa
File: wbFrdlHilmo6ynv8g1mcxsfTnGs.roa (raw, json)
Hash identifier: HpzV+x/JaLOkLuMbFIL7rMVeJUCL/c+GOVkPkVzQC/M=
Subject key identifier: C1:B1:6B:76:51:E2:96:6A:3A:CA:7B:FC:83:59:9C:C6:C7:D3:9C:6B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019EF415E5E09251A7C29FBAE5EE2EE4EF51
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/wbFrdlHilmo6ynv8g1mcxsfTnGs.roa
Signing time: Tue 23 Jun 2026 10:45:36 +0000
ROA not before: Tue 23 Jun 2026 10:45:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56971
IP address blocks: 45.84.88.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 32
109.206.236.0/24 maxlen: 32
194.113.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Jun 2026 10:45:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f4:15:e5:e0:92:51:a7:c2:9f:ba:e5:ee:2e:e4:ef:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 23 10:45:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c1b16b7651e2966a3aca7bfc83599cc6c7d39c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:15:a3:55:0e:57:20:19:5c:d9:c9:b6:4a:2e:
85:5e:f2:f4:a6:cf:06:a5:88:bd:33:a6:2e:56:79:
5d:0b:2d:45:04:4e:92:58:8a:07:5e:53:4b:2e:a8:
18:b7:36:85:6f:a2:35:31:e0:d1:22:71:85:12:6e:
45:ea:bd:9a:01:98:77:24:53:0f:00:c0:39:e4:b5:
cc:b9:d3:4c:83:cd:2d:bb:56:3a:31:7c:01:c8:fb:
e4:90:fe:f9:b8:96:92:d6:13:86:24:a1:70:b8:04:
c2:6b:64:ba:b4:c6:1e:cc:d1:2a:e9:7a:75:5c:bc:
9e:57:b6:ea:51:88:c5:bf:ea:81:ff:85:7c:86:95:
0a:f9:f0:a4:7a:72:1f:99:f3:60:c7:cf:15:b4:89:
47:79:d4:9f:1a:5b:22:28:6a:9e:3d:e8:ff:f8:e7:
d1:0b:e1:f7:73:a7:7d:02:14:ab:9b:c2:de:e6:13:
ad:ea:82:3d:c6:9f:47:97:10:d6:5f:b3:be:d5:1f:
0c:54:6c:f2:0a:62:85:18:e9:c0:ea:28:fa:9b:6e:
d8:68:51:78:9a:ac:85:b4:f4:6e:e3:a1:94:ce:9e:
91:fd:ce:86:71:2b:26:82:65:ca:1a:9f:bc:c7:9d:
e8:24:2f:2c:8d:dc:c3:02:ef:57:13:41:05:7b:c1:
74:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B1:6B:76:51:E2:96:6A:3A:CA:7B:FC:83:59:9C:C6:C7:D3:9C:6B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/wbFrdlHilmo6ynv8g1mcxsfTnGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.88.0/24
45.89.244.0/24
45.91.193.0/24
109.206.236.0/24
194.113.37.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:26:70:96:16:87:b0:58:e9:65:d7:3d:fa:36:36:db:a6:23:
b3:a5:3a:31:86:b2:cd:5e:a3:93:5e:1b:35:32:4d:d8:31:5e:
ba:de:75:85:4a:fe:e6:77:dc:92:2e:4a:cd:5f:6d:46:e6:70:
48:2c:01:64:51:38:e4:bf:00:41:82:d4:b3:d8:6c:25:c1:7b:
cb:92:46:15:85:dd:8b:8c:96:4e:d5:c3:f0:ce:56:18:99:4f:
37:3c:ae:a9:3e:e8:a5:3e:5d:1d:3b:65:d1:d9:fd:c3:12:fc:
a4:d9:e8:15:56:26:4d:15:2f:0c:84:5f:04:b7:25:a1:d4:9d:
0e:07:70:66:c5:bc:78:5a:cc:d0:59:ff:a3:15:af:4c:7c:84:
f9:27:f8:ed:0c:6c:ae:13:09:8a:c1:cb:14:31:2e:9b:2d:e3:
fa:69:00:4c:51:5f:45:00:de:da:4e:8e:7b:63:43:81:a9:36:
1a:53:c9:8a:8c:87:4b:7c:84:ff:36:08:9e:40:31:cd:28:6f:
a7:d9:79:bc:29:02:40:05:77:99:a2:95:1d:9a:bc:e4:d7:17:
0d:1f:69:ee:dc:59:03:28:3b:a4:3e:d0:ed:28:a4:a4:27:00:
4d:09:b0:19:2f:e4:29:a3:1d:6f:d4:84:30:26:3f:0e:c4:f4:
82:57:fa:84
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ70FeXgklGnwp+65e4u5O9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjIzMTA0NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWIxNmI3NjUxZTI5NjZhM2FjYTdiZmM4MzU5OWNjNmM3ZDM5YzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhWjVQ5XIBlc2cm2Si6FXvL0ps8G
pYi9M6YuVnldCy1FBE6SWIoHXlNLLqgYtzaFb6I1MeDRInGFEm5F6r2aAZh3JFMP
AMA55LXMudNMg80tu1Y6MXwByPvkkP75uJaS1hOGJKFwuATCa2S6tMYezNEq6Xp1
XLyeV7bqUYjFv+qB/4V8hpUK+fCkenIfmfNgx88VtIlHedSfGlsiKGqePej/+OfR
C+H3c6d9AhSrm8Le5hOt6oI9xp9HlxDWX7O+1R8MVGzyCmKFGOnA6ij6m27YaFF4
mqyFtPRu46GUzp6R/c6GcSsmgmXKGp+8x53oJC8sjdzDAu9XE0EFe8F00wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMGxa3ZR4pZqOsp7/INZnMbH05xrMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvd2JGcmRsSGlsbW82eW52OGcxbWN4c2ZUbkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVRYAwQA
LVn0AwQALVvBAwQAbc7sAwQAwnElMA0GCSqGSIb3DQEBCwUAA4IBAQA+JnCWFoew
WOll1z36NjbbpiOzpToxhrLNXqOTXhs1Mk3YMV663nWFSv7md9ySLkrNX21G5nBI
LAFkUTjkvwBBgtSz2GwlwXvLkkYVhd2LjJZO1cPwzlYYmU83PK6pPuilPl0dO2XR
2f3DEvyk2egVViZNFS8MhF8EtyWh1J0OB3Bmxbx4WszQWf+jFa9MfIT5J/jtDGyu
EwmKwcsUMS6bLeP6aQBMUV9FAN7aTo57Y0OBqTYaU8mKjIdLfIT/NgieQDHNKG+n
2Xm8KQJABXeZopUdmrzk1xcNH2nu3FkDKDukPtDtKKSkJwBNCbAZL+Qpox1v1IQw
Jj8OxPSCV/qE
-----END CERTIFICATE-----
Generated at Tue Jun 23 18:32:16 2026 by rpki-client