Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/wlPsVBZE3IB9ajxNMFuhywUiQmU.roa
File: wlPsVBZE3IB9ajxNMFuhywUiQmU.roa (raw, json)
Hash identifier: Vf+lexsaTCbsX6oyeji8k6+eXormbDvLL1F56QDbmpM=
Subject key identifier: C2:53:EC:54:16:44:DC:80:7D:6A:3C:4D:30:5B:A1:CB:05:22:42:65
Certificate issuer: /CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Certificate serial: 01991B087826B21483B94A86B968048C9793
Authority key identifier: 82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/wlPsVBZE3IB9ajxNMFuhywUiQmU.roa
Signing time: Fri 05 Sep 2025 17:59:23 +0000
ROA not before: Fri 05 Sep 2025 17:59:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 89.104.206.0/24 maxlen: 24
185.195.0.0/22 maxlen: 24
2a01:77c0:1619::/48 maxlen: 48
2a01:77c0:7135::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 11:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1b:08:78:26:b2:14:83:b9:4a:86:b9:68:04:8c:97:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Validity
Not Before: Sep 5 17:59:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c253ec541644dc807d6a3c4d305ba1cb05224265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0f:03:3e:21:25:43:b0:e0:ca:26:ee:8b:c9:
ed:64:8b:d3:f8:47:40:c8:51:0d:03:66:73:2e:1f:
af:19:b9:01:38:03:fc:c7:0c:3b:da:cb:1f:14:b7:
45:a3:2e:f6:b9:38:b9:c5:d3:db:25:62:e3:05:cd:
6a:b5:3c:df:9b:80:8b:29:9c:bd:15:5f:64:56:a5:
2e:57:06:30:b2:df:5d:69:57:d9:ef:84:77:fd:7e:
93:70:08:c1:63:7b:d1:5b:1b:2c:bd:6a:70:4b:a1:
2d:a0:15:9f:b1:1b:f6:d7:40:70:3f:2c:6e:85:e2:
f0:20:d2:33:49:43:fc:44:f7:a6:63:73:19:b0:eb:
06:1a:3e:6d:52:76:9f:f4:8a:30:10:c6:96:d8:60:
db:c3:5b:88:5d:ca:0d:9e:42:5a:71:f9:0e:41:b3:
cf:c6:e3:de:a4:13:e8:07:b8:ce:33:57:25:e8:7d:
fb:7a:1b:fe:c7:c1:3f:a5:97:ff:0e:0a:c9:43:81:
bc:c8:05:67:90:2f:09:2e:ac:1c:78:ac:25:b0:0f:
ae:44:b4:6a:21:c4:07:ff:cb:a1:79:c5:9e:05:68:
03:71:2d:a9:dc:4a:84:4e:05:c3:77:d0:6c:fb:c9:
bb:c6:dc:ea:ed:ed:b2:75:d0:18:e3:79:d9:82:11:
93:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:53:EC:54:16:44:DC:80:7D:6A:3C:4D:30:5B:A1:CB:05:22:42:65
X509v3 Authority Key Identifier:
keyid:82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/wlPsVBZE3IB9ajxNMFuhywUiQmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.206.0/24
185.195.0.0/22
IPv6:
2a01:77c0:1619::/48
2a01:77c0:7135::/48
Signature Algorithm: sha256WithRSAEncryption
a8:49:25:0e:a5:28:a4:d6:5a:bd:b6:e8:a6:fc:7e:52:45:88:
de:cb:f9:3c:9e:29:1f:f5:e3:32:5d:24:f2:6f:de:6e:3b:fe:
11:72:f8:70:e9:88:ff:ef:73:64:8c:8d:0c:80:21:ee:d7:f8:
ab:9e:25:4d:7a:62:5c:ed:98:fa:7a:55:15:b2:c4:4a:e2:2a:
7f:7a:44:71:fb:bd:35:5a:d7:92:9e:c0:08:74:a6:bf:66:44:
83:c4:0a:b6:77:f1:5e:d1:37:0b:47:8d:04:e3:05:07:c7:a4:
5c:34:b5:03:84:fe:f4:61:69:9c:25:c7:40:24:15:19:f3:0b:
8e:67:21:ea:14:49:0f:4a:75:79:38:c0:d7:43:13:d5:9d:74:
a1:e6:34:34:45:05:27:04:fc:08:b5:45:51:0e:a3:62:95:3f:
61:02:0c:48:e3:32:86:64:ce:7a:ca:c6:41:c1:8c:b6:f8:ab:
ff:99:b6:e2:d6:24:72:b8:59:f2:2e:ec:ae:16:41:6d:3b:d2:
2c:19:b2:aa:56:57:35:7b:0d:f0:db:04:96:49:46:db:1b:4d:
c1:be:70:c3:81:3c:1d:a3:ad:7e:0f:42:e4:3a:db:e3:90:71:
a5:81:c2:5c:80:35:2c:4b:1e:94:5b:91:98:7b:90:b5:c3:93:
ff:d2:31:24
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZkbCHgmshSDuUqGuWgEjJeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyN2FmMTdmMDQ5OTYyN2U0YjNjOGNjNWMzMzNlYzRiOGU3
NjM1ZTAwHhcNMjUwOTA1MTc1OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjUzZWM1NDE2NDRkYzgwN2Q2YTNjNGQzMDViYTFjYjA1MjI0MjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg8DPiElQ7Dgyibui8ntZIvT+EdA
yFENA2ZzLh+vGbkBOAP8xww72ssfFLdFoy72uTi5xdPbJWLjBc1qtTzfm4CLKZy9
FV9kVqUuVwYwst9daVfZ74R3/X6TcAjBY3vRWxssvWpwS6EtoBWfsRv210BwPyxu
heLwINIzSUP8RPemY3MZsOsGGj5tUnaf9IowEMaW2GDbw1uIXcoNnkJacfkOQbPP
xuPepBPoB7jOM1cl6H37ehv+x8E/pZf/DgrJQ4G8yAVnkC8JLqwceKwlsA+uRLRq
IcQH/8uhecWeBWgDcS2p3EqETgXDd9Bs+8m7xtzq7e2yddAY43nZghGTXwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMJT7FQWRNyAfWo8TTBbocsFIkJlMB8GA1UdIwQY
MBaAFIJ68X8EmWJ+SzyMxcMz7EuOdjXgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgt
NzMxM2M3ZjNjYTNmLzEvd2xQc1ZCWkUzSUI5YWp4Tk1GdWh5d1VpUW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgtNzMxM2M3ZjNjYTNm
LzEvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAWWjOAwQC
ucMAMBgEAgACMBIDBwAqAXfAFhkDBwAqAXfAcTUwDQYJKoZIhvcNAQELBQADggEB
AKhJJQ6lKKTWWr226Kb8flJFiN7L+TyeKR/14zJdJPJv3m47/hFy+HDpiP/vc2SM
jQyAIe7X+KueJU16YlztmPp6VRWyxEriKn96RHH7vTVa15KewAh0pr9mRIPECrZ3
8V7RNwtHjQTjBQfHpFw0tQOE/vRhaZwlx0AkFRnzC45nIeoUSQ9KdXk4wNdDE9Wd
dKHmNDRFBScE/Ai1RVEOo2KVP2ECDEjjMoZkznrKxkHBjLb4q/+ZtuLWJHK4WfIu
7K4WQW070iwZsqpWVzV7DfDbBJZJRtsbTcG+cMOBPB2jrX4PQuQ62+OQcaWBwlyA
NSxLHpRbkZh7kLXDk//SMSQ=
-----END CERTIFICATE-----
Generated at Wed Sep 10 20:27:55 2025 by rpki-client