Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/WBffc3wGa2m1CjtzwSo2ANLC2_k.roa
File: WBffc3wGa2m1CjtzwSo2ANLC2_k.roa (raw, json)
Hash identifier: C2rVr6gGi0lWvmUo18ICyqCcI6lKd8eb2LMx5pg8BDQ=
Subject key identifier: 58:17:DF:73:7C:06:6B:69:B5:0A:3B:73:C1:2A:36:00:D2:C2:DB:F9
Certificate issuer: /CN=bbffd123cb93e24e025f952842108402958d4a4c
Certificate serial: 01994A1330F5AB11A8479E7DA35C1CB18631
Authority key identifier: BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/WBffc3wGa2m1CjtzwSo2ANLC2_k.roa
Signing time: Sun 14 Sep 2025 21:13:15 +0000
ROA not before: Sun 14 Sep 2025 21:13:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 86.109.0.0/24 maxlen: 24
86.109.1.0/24 maxlen: 24
86.109.2.0/23 maxlen: 23
86.109.4.0/23 maxlen: 23
86.109.6.0/24 maxlen: 24
86.109.7.0/24 maxlen: 24
86.109.8.0/24 maxlen: 24
86.109.9.0/24 maxlen: 24
86.109.10.0/23 maxlen: 23
86.109.12.0/24 maxlen: 24
86.109.13.0/24 maxlen: 24
93.187.216.0/23 maxlen: 23
93.187.218.0/23 maxlen: 23
136.144.48.0/23 maxlen: 23
136.144.50.0/23 maxlen: 23
136.144.54.0/23 maxlen: 23
136.144.56.0/23 maxlen: 23
136.144.58.0/23 maxlen: 23
136.144.60.0/23 maxlen: 23
136.144.62.0/23 maxlen: 23
139.178.64.0/22 maxlen: 22
139.178.68.0/22 maxlen: 22
139.178.72.0/22 maxlen: 22
139.178.76.0/23 maxlen: 23
139.178.80.0/21 maxlen: 21
139.178.88.0/22 maxlen: 22
139.178.94.0/23 maxlen: 23
145.40.64.0/23 maxlen: 23
145.40.67.0/24 maxlen: 24
145.40.68.0/24 maxlen: 24
145.40.69.0/24 maxlen: 24
145.40.74.0/23 maxlen: 23
145.40.76.0/23 maxlen: 23
145.40.78.0/24 maxlen: 24
145.40.79.0/24 maxlen: 24
145.40.80.0/23 maxlen: 23
145.40.82.0/23 maxlen: 23
145.40.84.0/23 maxlen: 23
145.40.86.0/23 maxlen: 23
145.40.88.0/24 maxlen: 24
145.40.89.0/24 maxlen: 24
145.40.90.0/24 maxlen: 24
145.40.91.0/24 maxlen: 24
145.40.92.0/22 maxlen: 22
145.40.96.0/23 maxlen: 23
145.40.98.0/23 maxlen: 23
145.40.100.0/24 maxlen: 24
145.40.101.0/24 maxlen: 24
145.40.102.0/23 maxlen: 23
145.40.104.0/22 maxlen: 22
145.40.108.0/22 maxlen: 22
145.40.112.0/22 maxlen: 22
145.40.120.0/22 maxlen: 22
145.40.124.0/22 maxlen: 22
147.28.128.0/23 maxlen: 23
147.28.131.0/24 maxlen: 24
147.28.132.0/22 maxlen: 22
147.28.136.0/23 maxlen: 23
147.28.138.0/23 maxlen: 23
147.28.140.0/22 maxlen: 22
147.28.141.0/24 maxlen: 24
147.28.142.0/23 maxlen: 23
147.28.144.0/23 maxlen: 23
147.28.146.0/23 maxlen: 23
147.28.148.0/23 maxlen: 23
147.28.150.0/23 maxlen: 23
147.28.152.0/24 maxlen: 24
147.28.153.0/24 maxlen: 24
147.28.154.0/23 maxlen: 23
147.28.158.0/23 maxlen: 23
147.28.160.0/23 maxlen: 23
147.28.162.0/23 maxlen: 23
147.28.164.0/23 maxlen: 23
147.28.166.0/23 maxlen: 23
147.28.168.0/23 maxlen: 23
147.28.170.0/23 maxlen: 23
147.28.176.0/23 maxlen: 23
147.28.180.0/23 maxlen: 23
147.28.182.0/23 maxlen: 23
147.28.184.0/23 maxlen: 23
147.28.186.0/23 maxlen: 23
147.28.188.0/24 maxlen: 24
147.28.189.0/24 maxlen: 24
147.28.192.0/24 maxlen: 24
147.28.193.0/24 maxlen: 24
147.28.194.0/24 maxlen: 24
147.28.195.0/24 maxlen: 24
147.28.196.0/23 maxlen: 23
147.28.200.0/24 maxlen: 24
147.28.201.0/24 maxlen: 24
147.28.202.0/24 maxlen: 24
147.28.203.0/24 maxlen: 24
147.28.204.0/23 maxlen: 23
147.28.206.0/23 maxlen: 23
147.28.208.0/23 maxlen: 23
147.28.210.0/23 maxlen: 23
147.28.212.0/24 maxlen: 24
147.28.214.0/23 maxlen: 23
147.28.216.0/23 maxlen: 23
147.28.218.0/24 maxlen: 24
147.28.219.0/24 maxlen: 24
147.28.220.0/23 maxlen: 23
147.28.222.0/23 maxlen: 23
147.28.224.0/24 maxlen: 24
147.28.225.0/24 maxlen: 24
147.28.226.0/23 maxlen: 23
147.28.228.0/24 maxlen: 24
147.28.229.0/24 maxlen: 24
147.28.230.0/24 maxlen: 24
147.28.231.0/24 maxlen: 24
147.28.232.0/24 maxlen: 24
147.28.233.0/24 maxlen: 24
147.28.234.0/24 maxlen: 24
147.28.235.0/24 maxlen: 24
147.28.240.0/24 maxlen: 24
147.28.241.0/24 maxlen: 24
147.28.242.0/24 maxlen: 24
147.28.244.0/24 maxlen: 24
147.75.32.0/23 maxlen: 23
147.75.34.0/24 maxlen: 24
147.75.35.0/24 maxlen: 24
147.75.36.0/22 maxlen: 22
147.75.38.0/23 maxlen: 23
147.75.40.0/23 maxlen: 23
147.75.44.0/24 maxlen: 24
147.75.45.0/24 maxlen: 24
147.75.47.0/24 maxlen: 24
147.75.48.0/24 maxlen: 24
147.75.49.0/24 maxlen: 24
147.75.50.0/23 maxlen: 23
147.75.52.0/24 maxlen: 24
147.75.53.0/24 maxlen: 24
147.75.54.0/23 maxlen: 23
147.75.54.0/24 maxlen: 24
147.75.55.0/24 maxlen: 24
147.75.56.0/23 maxlen: 23
147.75.56.0/24 maxlen: 24
147.75.57.0/24 maxlen: 24
147.75.59.0/24 maxlen: 24
147.75.61.0/24 maxlen: 24
147.75.62.0/23 maxlen: 23
147.75.62.0/24 maxlen: 24
147.75.63.0/24 maxlen: 24
147.75.64.0/22 maxlen: 22
147.75.68.0/22 maxlen: 22
147.75.72.0/21 maxlen: 21
147.75.80.0/22 maxlen: 22
147.75.84.0/23 maxlen: 23
147.75.86.0/23 maxlen: 23
147.75.88.0/22 maxlen: 22
147.75.96.0/22 maxlen: 22
147.75.96.0/23 maxlen: 23
147.75.99.0/24 maxlen: 24
147.75.100.0/22 maxlen: 22
147.75.104.0/22 maxlen: 22
147.75.108.0/23 maxlen: 23
147.75.192.0/21 maxlen: 21
147.75.193.0/24 maxlen: 24
147.75.194.0/23 maxlen: 23
147.75.196.0/22 maxlen: 22
147.75.200.0/22 maxlen: 22
147.75.204.0/23 maxlen: 23
147.75.206.0/24 maxlen: 24
147.75.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 22:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4a:13:30:f5:ab:11:a8:47:9e:7d:a3:5c:1c:b1:86:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbffd123cb93e24e025f952842108402958d4a4c
Validity
Not Before: Sep 14 21:13:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5817df737c066b69b50a3b73c12a3600d2c2dbf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:8b:62:37:4e:53:bb:6e:17:d5:4f:a4:d2:5f:
72:e6:c2:12:01:53:c8:3c:fd:6a:0b:ef:50:74:f1:
79:cc:be:a8:e1:49:39:b1:70:7b:0f:88:dd:3a:47:
ab:02:d4:44:86:81:8d:bd:d6:6d:e6:33:7b:ed:37:
bb:89:9b:19:cd:b1:d7:00:97:bb:ef:ed:15:54:5a:
59:e8:b7:0a:bd:59:fa:dd:83:b7:9e:0e:b9:13:2b:
85:34:74:f8:53:7e:64:c4:01:4e:88:1e:f8:c4:41:
c8:19:06:d7:0b:f5:c8:25:57:63:65:23:e6:0b:1b:
08:8d:ac:97:02:d6:a3:86:b3:c4:ec:5b:9a:a1:66:
90:14:21:1c:65:a9:d4:67:bf:15:5f:ac:83:2f:4c:
cc:7d:50:e6:00:ee:87:6f:27:ba:d6:94:74:59:da:
6c:46:50:e2:2c:34:18:64:ab:16:49:47:ae:72:aa:
af:09:26:ee:a4:7a:69:88:c7:4f:82:3b:0c:ad:ae:
f6:39:9d:93:ce:1f:6f:e8:9c:e2:f9:a0:49:c3:c5:
5c:d7:fb:02:2f:99:17:41:6a:b6:40:db:3d:79:71:
3c:e0:3d:22:a6:0c:b8:2a:f1:20:8a:1a:b9:9c:66:
60:86:56:54:94:11:cf:39:37:9d:db:68:49:f0:57:
c2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:17:DF:73:7C:06:6B:69:B5:0A:3B:73:C1:2A:36:00:D2:C2:DB:F9
X509v3 Authority Key Identifier:
keyid:BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/WBffc3wGa2m1CjtzwSo2ANLC2_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.0.0-86.109.13.255
93.187.216.0/22
136.144.48.0/22
136.144.54.0-136.144.63.255
139.178.64.0-139.178.77.255
139.178.80.0-139.178.91.255
139.178.94.0/23
145.40.64.0/23
145.40.67.0-145.40.69.255
145.40.74.0-145.40.115.255
145.40.120.0/21
147.28.128.0/23
147.28.131.0-147.28.155.255
147.28.158.0-147.28.171.255
147.28.176.0/23
147.28.180.0-147.28.189.255
147.28.192.0-147.28.197.255
147.28.200.0-147.28.212.255
147.28.214.0-147.28.235.255
147.28.240.0-147.28.242.255
147.28.244.0/24
147.75.32.0-147.75.41.255
147.75.44.0/23
147.75.47.0-147.75.57.255
147.75.59.0/24
147.75.61.0-147.75.91.255
147.75.96.0-147.75.109.255
147.75.192.0/20
Signature Algorithm: sha256WithRSAEncryption
37:00:de:84:98:c3:34:62:06:0f:77:12:9d:cb:c5:28:38:96:
2d:42:46:61:34:a5:ba:f1:06:f6:7f:db:be:80:1b:8a:fd:28:
20:23:0f:22:9d:6e:18:05:fa:6c:25:ed:ec:95:73:e8:24:21:
18:db:20:f2:2e:8d:f8:39:af:dd:34:eb:0b:d8:2e:a9:23:d0:
dd:78:38:72:1e:8a:17:86:01:cf:23:a8:22:03:56:71:3b:84:
15:77:0d:0b:dc:6a:10:d5:af:86:8e:ad:75:3b:0c:31:7e:75:
1c:a2:1e:28:f6:a0:90:67:47:a0:83:d7:ab:c0:2d:b7:81:59:
84:5c:0e:4c:49:13:b5:e0:b6:6a:78:ca:75:15:04:87:a2:00:
00:7e:40:e7:9c:fe:03:49:c2:7f:c5:a9:83:20:63:82:63:ef:
0f:41:a3:6a:08:c2:fb:05:44:5c:a5:8d:5d:4b:a0:b0:a2:bb:
83:38:7c:e2:a2:99:19:f1:e0:23:f6:ed:a0:ab:77:52:bc:51:
55:90:80:10:ad:1e:72:04:69:89:a8:18:16:64:1d:91:b7:dc:
ce:b2:17:50:65:50:b3:b4:94:02:83:01:dc:b8:77:4a:7c:3e:
30:92:37:3d:b3:35:0a:c0:d2:d6:8c:1d:02:58:3c:ec:25:62:
2f:16:af:e6
-----BEGIN CERTIFICATE-----
MIIGMDCCBRigAwIBAgISAZlKEzD1qxGoR559o1wcsYYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmZkMTIzY2I5M2UyNGUwMjVmOTUyODQyMTA4NDAyOTU4
ZDRhNGMwHhcNMjUwOTE0MjExMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODE3ZGY3MzdjMDY2YjY5YjUwYTNiNzNjMTJhMzYwMGQyYzJkYmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+4tiN05Tu24X1U+k0l9y5sISAVPI
PP1qC+9QdPF5zL6o4Uk5sXB7D4jdOkerAtREhoGNvdZt5jN77Te7iZsZzbHXAJe7
7+0VVFpZ6LcKvVn63YO3ng65EyuFNHT4U35kxAFOiB74xEHIGQbXC/XIJVdjZSPm
CxsIjayXAtajhrPE7FuaoWaQFCEcZanUZ78VX6yDL0zMfVDmAO6Hbye61pR0Wdps
RlDiLDQYZKsWSUeucqqvCSbupHppiMdPgjsMra72OZ2Tzh9v6Jzi+aBJw8Vc1/sC
L5kXQWq2QNs9eXE84D0ipgy4KvEgihq5nGZghlZUlBHPOTed22hJ8FfC6QIDAQAB
o4IDPDCCAzgwHQYDVR0OBBYEFFgX33N8BmtptQo7c8EqNgDSwtv5MB8GA1UdIwQY
MBaAFLv/0SPLk+JOAl+VKEIQhAKVjUpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjIt
YWM0YTQwNjE3NDZkLzEvV0JmZmMzd0dhMm0xQ2p0endTbzJBTkxDMl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjItYWM0YTQwNjE3NDZk
LzEvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUAYIKwYBBQUHAQcBAf8EggE/MIIBOzCCATcEAgABMIIB
LzALAwMAVm0DBAFWbQwDBAJdu9gDBAKIkDAwDAMEAYiQNgMEBoiQADAMAwQGi7JA
AwQBi7JMMAwDBASLslADBAKLslgDBAGLsl4DBAGRKEAwDAMEAJEoQwMEAZEoRDAM
AwQBkShKAwQCkShwAwQDkSh4AwQBkxyAMAwDBACTHIMDBAKTHJgwDAMEAZMcngME
ApMcqAMEAZMcsDAMAwQCkxy0AwQBkxy8MAwDBAaTHMADBAGTHMQwDAMEA5McyAME
AJMc1DAMAwQBkxzWAwQCkxzoMAwDBASTHPADBACTHPIDBACTHPQwDAMEBZNLIAME
AZNLKAMEAZNLLDAMAwQAk0svAwQBk0s4AwQAk0s7MAwDBACTSz0DBAKTS1gwDAME
BZNLYAMEAZNLbAMEBJNLwDANBgkqhkiG9w0BAQsFAAOCAQEANwDehJjDNGIGD3cS
ncvFKDiWLUJGYTSluvEG9n/bvoAbiv0oICMPIp1uGAX6bCXt7JVz6CQhGNsg8i6N
+Dmv3TTrC9guqSPQ3Xg4ch6KF4YBzyOoIgNWcTuEFXcNC9xqENWvho6tdTsMMX51
HKIeKPagkGdHoIPXq8Att4FZhFwOTEkTteC2anjKdRUEh6IAAH5A55z+A0nCf8Wp
gyBjgmPvD0GjagjC+wVEXKWNXUugsKK7gzh84qKZGfHgI/btoKt3UrxRVZCAEK0e
cgRpiagYFmQdkbfczrIXUGVQs7SUAoMB3Lh3Snw+MJI3PbM1CsDS1owdAlg87CVi
Lxav5g==
-----END CERTIFICATE-----
Generated at Tue Sep 16 03:26:31 2025 by rpki-client