Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/Wkxvq3ZiPl0qv1OLcV1kpa4Vvnw.roa
File: Wkxvq3ZiPl0qv1OLcV1kpa4Vvnw.roa (raw, json)
Hash identifier: S6LXrHLg6p9w4lwlyU+7OXuh80963B2E8AzibJIQL8Y=
Subject key identifier: 5A:4C:6F:AB:76:62:3E:5D:2A:BF:53:8B:71:5D:64:A5:AE:15:BE:7C
Certificate issuer: /CN=4c3c665e51cc4cb5caf05b8294843e2733a13dee
Certificate serial: 0198EB15B17DC8664C3B9CD5506B24796F5B
Authority key identifier: 4C:3C:66:5E:51:CC:4C:B5:CA:F0:5B:82:94:84:3E:27:33:A1:3D:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/Wkxvq3ZiPl0qv1OLcV1kpa4Vvnw.roa
Signing time: Wed 27 Aug 2025 10:32:04 +0000
ROA not before: Wed 27 Aug 2025 10:32:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58172
IP address blocks: 45.135.131.0/24 maxlen: 24
91.213.49.0/24 maxlen: 24
94.131.224.0/24 maxlen: 24
94.131.225.0/24 maxlen: 24
94.131.226.0/23 maxlen: 23
94.131.226.0/24 maxlen: 24
94.131.227.0/24 maxlen: 24
94.131.228.0/24 maxlen: 24
94.131.229.0/24 maxlen: 24
94.131.230.0/24 maxlen: 24
94.131.231.0/24 maxlen: 24
94.131.232.0/24 maxlen: 24
94.131.233.0/24 maxlen: 24
94.131.234.0/23 maxlen: 23
94.131.234.0/24 maxlen: 24
94.131.235.0/24 maxlen: 24
185.191.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:15:b1:7d:c8:66:4c:3b:9c:d5:50:6b:24:79:6f:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3c665e51cc4cb5caf05b8294843e2733a13dee
Validity
Not Before: Aug 27 10:32:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a4c6fab76623e5d2abf538b715d64a5ae15be7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cf:4f:17:15:17:2b:fc:b5:33:71:34:79:73:
9c:b0:ab:fb:86:62:31:f8:b8:b6:54:d0:a8:21:b1:
cc:f8:48:88:8b:55:9b:5e:cb:8d:9f:5d:74:55:45:
1b:cf:87:ac:84:1f:74:61:3f:70:74:db:21:5e:4a:
73:ec:00:4c:73:e0:d9:df:79:ac:a6:bd:47:32:13:
4b:fb:71:d4:f8:61:b1:64:14:e6:2c:b9:a0:be:07:
42:d8:ea:3c:3d:b9:15:2c:6d:d0:9f:8e:b2:40:ad:
62:fb:f7:83:f9:f9:e1:51:dc:4c:7e:a6:c8:3d:ae:
85:8a:22:d3:a2:46:b2:36:de:f4:4a:3a:02:e7:2c:
ed:b4:3a:33:b3:dc:b4:e5:f2:33:50:4b:26:aa:b4:
2a:e2:cb:84:a1:08:ff:b3:81:a7:36:ea:8b:c2:c2:
bb:92:74:46:8c:2f:54:9f:8d:c1:18:91:eb:a9:00:
37:48:1a:26:8f:cb:70:b0:c5:fd:24:88:bb:f2:20:
c0:dd:fb:29:d6:f7:13:ed:53:c6:7a:89:ee:94:92:
9b:92:f6:ae:e4:45:40:a8:ba:dc:4c:78:22:2a:e8:
28:2c:bd:29:5f:39:b5:88:5b:02:95:93:2f:62:ca:
c7:ac:52:ac:1b:05:25:35:06:5d:97:18:ac:4a:bf:
73:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4C:6F:AB:76:62:3E:5D:2A:BF:53:8B:71:5D:64:A5:AE:15:BE:7C
X509v3 Authority Key Identifier:
keyid:4C:3C:66:5E:51:CC:4C:B5:CA:F0:5B:82:94:84:3E:27:33:A1:3D:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/Wkxvq3ZiPl0qv1OLcV1kpa4Vvnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.131.0/24
91.213.49.0/24
94.131.224.0-94.131.235.255
185.191.212.0/24
Signature Algorithm: sha256WithRSAEncryption
12:23:e2:46:ef:f4:50:3d:1e:29:4e:e6:74:bb:65:a9:98:fc:
fa:ef:eb:a9:f1:7a:cc:49:73:ec:e0:c4:2b:8d:6f:d0:f7:90:
52:cb:c1:f0:12:dc:08:8b:ab:06:3f:06:dd:3f:18:6f:d7:27:
72:3a:df:8f:3f:e0:a3:89:2c:f5:85:1a:7d:c8:de:d6:ef:40:
12:08:26:13:2b:46:8e:2c:3b:0c:f6:b6:e6:db:02:f4:59:88:
c2:c6:11:46:d3:7d:1f:94:88:cb:3c:3f:d3:e6:13:37:ae:66:
c2:7a:ec:aa:e5:05:b4:c3:7a:5d:d4:a7:ff:fd:b4:23:06:0e:
e2:58:0b:29:9b:65:c0:19:1b:62:ac:27:5e:4d:23:79:92:38:
4e:84:fa:bf:f8:c1:62:e7:00:80:fc:93:61:82:56:68:3b:68:
f0:92:90:eb:e0:84:cd:bf:05:0d:69:70:55:5a:68:e2:50:4c:
80:31:a7:dd:e7:30:5b:64:d0:66:c2:4a:9b:5f:af:a0:eb:1b:
28:3e:76:15:7c:32:84:4a:72:f9:ac:c8:c4:8f:92:01:59:83:
c8:90:c3:0e:b6:44:9f:c6:15:39:85:e9:99:16:3b:82:6c:d1:
19:88:42:8c:17:45:b3:91:b9:4d:0c:a6:85:cb:4a:2c:ac:be:
3a:62:2d:82
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZjrFbF9yGZMO5zVUGskeW9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjM2M2NjVlNTFjYzRjYjVjYWYwNWI4Mjk0ODQzZTI3MzNh
MTNkZWUwHhcNMjUwODI3MTAzMjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTRjNmZhYjc2NjIzZTVkMmFiZjUzOGI3MTVkNjRhNWFlMTViZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs9PFxUXK/y1M3E0eXOcsKv7hmIx
+Li2VNCoIbHM+EiIi1WbXsuNn110VUUbz4eshB90YT9wdNshXkpz7ABMc+DZ33ms
pr1HMhNL+3HU+GGxZBTmLLmgvgdC2Oo8PbkVLG3Qn46yQK1i+/eD+fnhUdxMfqbI
Pa6FiiLTokayNt70SjoC5yzttDozs9y05fIzUEsmqrQq4suEoQj/s4GnNuqLwsK7
knRGjC9Un43BGJHrqQA3SBomj8twsMX9JIi78iDA3fsp1vcT7VPGeonulJKbkvau
5EVAqLrcTHgiKugoLL0pXzm1iFsClZMvYsrHrFKsGwUlNQZdlxisSr9z3wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFpMb6t2Yj5dKr9Ti3FdZKWuFb58MB8GA1UdIwQY
MBaAFEw8Zl5RzEy1yvBbgpSEPiczoT3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVER4bVhsSE1UTFhLOEZ1Q2xJUS1Kek9oUGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS82YjY2YjQtMDY0Yy00MmVlLWE1ZWUt
MWE2NWI5MWJlZTU4LzEvV2t4dnEzWmlQbDBxdjFPTGNWMWtwYTRWdm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS82YjY2YjQtMDY0Yy00MmVlLWE1ZWUtMWE2NWI5MWJlZTU4
LzEvVER4bVhsSE1UTFhLOEZ1Q2xJUS1Kek9oUGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALYeDAwQA
W9UxMAwDBAVeg+ADBAJeg+gDBAC5v9QwDQYJKoZIhvcNAQELBQADggEBABIj4kbv
9FA9HilO5nS7ZamY/Prv66nxesxJc+zgxCuNb9D3kFLLwfAS3AiLqwY/Bt0/GG/X
J3I6348/4KOJLPWFGn3I3tbvQBIIJhMrRo4sOwz2tubbAvRZiMLGEUbTfR+UiMs8
P9PmEzeuZsJ67KrlBbTDel3Up//9tCMGDuJYCymbZcAZG2KsJ15NI3mSOE6E+r/4
wWLnAID8k2GCVmg7aPCSkOvghM2/BQ1pcFVaaOJQTIAxp93nMFtk0GbCSptfr6Dr
Gyg+dhV8MoRKcvmsyMSPkgFZg8iQww62RJ/GFTmF6ZkWO4Js0RmIQowXRbORuU0M
poXLSiysvjpiLYI=
-----END CERTIFICATE-----
Generated at Sun Sep 7 16:14:42 2025 by rpki-client