Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/wgBEAv_s5Yeu64s2srmHMm6VshM.roa
File: wgBEAv_s5Yeu64s2srmHMm6VshM.roa (raw, json)
Hash identifier: PA9Y3OxXZDulXb7iZ/HYBhANxIUbKy8DpAShxD2SiwU=
Subject key identifier: C2:00:44:02:FF:EC:E5:87:AE:EB:8B:36:B2:B9:87:32:6E:95:B2:13
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0199C36A75F4740D3AB077A5926AAAEE3B2C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/wgBEAv_s5Yeu64s2srmHMm6VshM.roa
Signing time: Wed 08 Oct 2025 10:42:38 +0000
ROA not before: Wed 08 Oct 2025 10:42:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
128.0.1.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c3:6a:75:f4:74:0d:3a:b0:77:a5:92:6a:aa:ee:3b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Oct 8 10:42:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2004402ffece587aeeb8b36b2b987326e95b213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:67:4b:bb:99:07:a9:2a:a7:0a:c4:56:21:69:
b2:b8:2c:28:15:94:29:61:fd:b3:0d:49:65:de:29:
46:c1:90:56:a5:8e:28:57:fd:6d:86:da:9a:64:ec:
cc:89:c1:4a:34:58:8b:ef:50:bc:5f:0f:33:a7:68:
08:39:02:16:89:ed:eb:fb:38:b7:0d:aa:9b:db:15:
4f:37:9c:96:42:c7:f5:2d:16:3c:6a:64:ea:8b:ab:
f3:d4:25:e4:f1:14:f9:27:4a:ec:93:6b:42:54:60:
49:9c:f2:a2:b1:95:d4:cf:c1:bd:1c:fb:e0:94:ab:
3a:4d:10:0b:40:eb:71:57:b2:23:7a:3e:09:bf:39:
9f:16:c9:ff:17:ac:ef:93:13:72:91:f1:7c:1c:8c:
2f:73:f8:6b:4a:76:41:9d:e8:67:1c:c7:11:79:9e:
dc:86:b1:b1:1d:85:5f:4a:61:92:67:8e:fd:fb:9b:
f2:f2:ff:62:5a:07:4b:35:10:7f:37:89:64:77:9e:
8f:cc:d4:03:97:68:ad:20:59:3a:46:fd:a6:c1:e0:
e2:58:52:c9:33:88:27:07:f7:80:ae:11:a2:6a:1c:
a5:28:3b:0a:dd:31:6c:d9:f3:cf:5c:d7:ce:38:11:
2e:ed:f3:f7:bb:62:ef:22:1e:b8:8c:2d:4a:55:be:
7c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:00:44:02:FF:EC:E5:87:AE:EB:8B:36:B2:B9:87:32:6E:95:B2:13
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/wgBEAv_s5Yeu64s2srmHMm6VshM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.106.0/24
93.114.183.0/24
93.115.106.0/24
94.177.106.0/24
128.0.1.0/24
193.124.36.0/24
193.124.80.0/24
194.58.47.0/24
212.192.11.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:40:7e:07:3a:38:2d:01:14:7a:51:73:6f:87:4b:16:66:85:
8f:63:ae:55:e8:cf:30:2c:97:45:66:c0:32:7a:89:c0:88:40:
3b:ad:48:1b:5c:73:29:61:92:3d:69:ea:df:f2:29:35:98:10:
8e:7e:a9:9b:08:9c:55:c0:b4:a8:c8:cf:01:9e:b1:b3:a1:c6:
7b:8a:22:2b:7e:a3:5c:0f:76:aa:2e:6b:9b:64:21:36:66:30:
62:d3:62:fe:1a:72:c1:29:6a:d5:7d:31:c3:6b:f9:eb:7e:21:
9c:42:ca:51:0e:79:71:e5:bf:ab:fc:d8:a7:5d:bf:ba:50:da:
bb:99:cd:ab:72:eb:0c:e8:7e:50:aa:3c:34:75:e6:20:fc:77:
fe:70:2b:e8:f1:45:5c:5e:b5:dd:8a:0e:96:56:cc:a0:aa:50:
4f:c7:85:5f:69:51:23:03:ae:ee:fb:e9:09:d0:fe:13:9b:a9:
11:59:21:e3:c4:77:54:07:6e:be:e2:b1:fa:11:b3:5f:2a:45:
ce:17:1e:dd:76:9b:6e:78:69:17:f6:34:bd:ae:9f:d2:69:09:
ff:fe:ea:e9:8b:75:1f:90:cf:bd:e9:ba:4f:5b:7d:18:58:f6:
ad:3c:81:82:94:6a:0d:22:3a:13:56:74:cc:fc:a9:43:d9:78:
f0:6e:cf:aa
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZnDanX0dA06sHelkmqq7jssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUxMDA4MTA0MjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjAwNDQwMmZmZWNlNTg3YWVlYjhiMzZiMmI5ODczMjZlOTViMjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2dLu5kHqSqnCsRWIWmyuCwoFZQp
Yf2zDUll3ilGwZBWpY4oV/1thtqaZOzMicFKNFiL71C8Xw8zp2gIOQIWie3r+zi3
Daqb2xVPN5yWQsf1LRY8amTqi6vz1CXk8RT5J0rsk2tCVGBJnPKisZXUz8G9HPvg
lKs6TRALQOtxV7Ijej4JvzmfFsn/F6zvkxNykfF8HIwvc/hrSnZBnehnHMcReZ7c
hrGxHYVfSmGSZ479+5vy8v9iWgdLNRB/N4lkd56PzNQDl2itIFk6Rv2mweDiWFLJ
M4gnB/eArhGiahylKDsK3TFs2fPPXNfOOBEu7fP3u2LvIh64jC1KVb58dwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMIARAL/7OWHruuLNrK5hzJulbITMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvd2dCRUF2X3M1WWV1NjRzMnNybUhNbTZWc2hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAWSJqAwQA
XXK3AwQAXXNqAwQAXrFqAwQAgAABAwQAwXwkAwQAwXxQAwQAwjovAwQA1MALMA0G
CSqGSIb3DQEBCwUAA4IBAQCMQH4HOjgtARR6UXNvh0sWZoWPY65V6M8wLJdFZsAy
eonAiEA7rUgbXHMpYZI9aerf8ik1mBCOfqmbCJxVwLSoyM8BnrGzocZ7iiIrfqNc
D3aqLmubZCE2ZjBi02L+GnLBKWrVfTHDa/nrfiGcQspRDnlx5b+r/NinXb+6UNq7
mc2rcusM6H5Qqjw0deYg/Hf+cCvo8UVcXrXdig6WVsygqlBPx4VfaVEjA67u++kJ
0P4Tm6kRWSHjxHdUB26+4rH6EbNfKkXOFx7ddptueGkX9jS9rp/SaQn//urpi3Uf
kM+96bpPW30YWPatPIGClGoNIjoTVnTM/KlD2Xjwbs+q
-----END CERTIFICATE-----
Generated at Wed Oct 8 13:57:47 2025 by rpki-client