Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/wsLC_w4AOStk82-vZ-uHdqGVW48.roa
File: wsLC_w4AOStk82-vZ-uHdqGVW48.roa (raw, json)
Hash identifier: LIzRD/FiCHdzYED8LlPu0DGCeuymZlw1RjMxbiZPzGY=
Subject key identifier: C2:C2:C2:FF:0E:00:39:2B:64:F3:6F:AF:67:EB:87:76:A1:95:5B:8F
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 0199BDC61EEB969580AC25772C552BDBCCDC
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/wsLC_w4AOStk82-vZ-uHdqGVW48.roa
Signing time: Tue 07 Oct 2025 08:25:01 +0000
ROA not before: Tue 07 Oct 2025 08:25:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 80.255.192.0/19 maxlen: 19
82.38.0.0/15 maxlen: 15
82.40.0.0/15 maxlen: 15
82.46.0.0/15 maxlen: 15
84.19.104.0/21 maxlen: 21
84.19.122.0/23 maxlen: 23
84.19.124.0/22 maxlen: 22
185.228.252.0/22 maxlen: 22
193.39.32.0/20 maxlen: 20
193.39.65.0/24 maxlen: 24
193.193.96.0/20 maxlen: 20
194.145.148.0/23 maxlen: 23
195.182.160.0/19 maxlen: 19
212.43.160.0/19 maxlen: 19
213.147.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bd:c6:1e:eb:96:95:80:ac:25:77:2c:55:2b:db:cc:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Oct 7 08:25:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2c2c2ff0e00392b64f36faf67eb8776a1955b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a6:da:e3:ab:e9:73:83:b9:8d:7b:a7:bc:e0:
0e:28:32:16:fb:98:97:59:3a:69:4f:27:5d:2f:52:
88:50:1f:eb:ce:c9:e0:1d:d5:99:8b:8d:39:38:61:
90:87:78:91:dc:09:49:13:08:5b:87:85:81:44:6b:
86:aa:92:b8:f0:c2:89:3f:8e:cc:c5:00:ec:3b:49:
93:0a:7b:d0:43:68:67:55:f8:0b:ec:75:a6:b0:6b:
c9:2d:11:84:12:3a:ef:75:5a:79:d0:72:26:85:5d:
15:5f:1d:29:13:1a:56:a4:c4:34:81:4d:9f:f1:a3:
78:40:b5:cf:28:b9:29:57:8c:5b:fc:77:e0:7d:7f:
a1:00:4b:d1:a7:28:dd:5b:e9:dd:dd:56:a3:7c:50:
4b:8b:f5:92:d5:45:c0:d3:e8:a7:90:a5:17:f6:a1:
b8:e2:25:b7:b7:ab:31:b3:d5:57:8b:79:4c:76:61:
cc:ba:e2:c2:ea:dc:65:17:7b:e4:9c:94:00:80:72:
ae:a3:ea:b4:0e:cb:d3:c4:8f:45:e1:6e:1c:e0:ad:
61:07:03:78:14:03:f6:ba:27:74:71:23:d0:18:b9:
22:75:2c:6d:d3:f6:97:b1:1e:44:49:5e:81:2b:4e:
0c:55:89:5c:4c:32:d2:f6:bb:be:5f:78:cf:40:54:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:C2:C2:FF:0E:00:39:2B:64:F3:6F:AF:67:EB:87:76:A1:95:5B:8F
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/wsLC_w4AOStk82-vZ-uHdqGVW48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.255.192.0/19
82.38.0.0-82.41.255.255
82.46.0.0/15
84.19.104.0/21
84.19.122.0-84.19.127.255
185.228.252.0/22
193.39.32.0/20
193.39.65.0/24
193.193.96.0/20
194.145.148.0/23
195.182.160.0/19
212.43.160.0/19
213.147.224.0/19
Signature Algorithm: sha256WithRSAEncryption
3e:02:09:c6:09:9b:54:96:2d:96:4f:94:69:97:a0:a8:c7:3f:
da:4f:da:5b:3a:f6:7d:5e:c3:78:c5:c9:7f:48:95:87:bc:e8:
43:94:08:43:dc:ca:2b:29:4c:b9:fc:1f:36:40:8d:0a:67:20:
92:75:8a:cc:f8:22:54:a8:64:db:6b:ee:53:c8:03:6e:5a:89:
9b:96:4b:d4:8f:10:21:f2:79:09:65:ab:8d:1b:2b:1a:4d:29:
d5:52:e8:2f:c8:52:8b:05:68:c1:48:0a:da:e6:13:48:ff:29:
0c:18:8d:fc:a3:a7:56:0f:f9:00:9e:15:18:fa:8a:c7:41:0f:
d2:21:0b:20:70:23:e6:c5:ca:64:c7:11:08:d3:88:dd:dd:90:
3c:99:88:ac:d8:83:be:3a:ef:ee:10:82:79:bc:c6:90:2c:17:
67:d5:c9:2e:7a:59:6e:e2:d8:25:21:c6:82:fe:2b:c7:d5:65:
4f:37:0c:00:5a:f4:99:19:2a:14:c1:3f:5b:7c:21:21:c5:e6:
a5:07:bc:9f:39:13:4a:44:2f:43:bf:cb:ae:03:a4:e7:65:78:
ef:2e:98:8b:c2:a4:de:b8:88:c2:ee:b2:ea:58:bc:7c:91:5e:
e9:db:82:b7:0a:e3:81:bf:f2:c7:aa:1e:85:87:59:e0:af:e3:
6b:d9:bc:a9
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZm9xh7rlpWArCV3LFUr28zcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjUxMDA3MDgyNTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmMyYzJmZjBlMDAzOTJiNjRmMzZmYWY2N2ViODc3NmExOTU1YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6ba46vpc4O5jXunvOAOKDIW+5iX
WTppTyddL1KIUB/rzsngHdWZi405OGGQh3iR3AlJEwhbh4WBRGuGqpK48MKJP47M
xQDsO0mTCnvQQ2hnVfgL7HWmsGvJLRGEEjrvdVp50HImhV0VXx0pExpWpMQ0gU2f
8aN4QLXPKLkpV4xb/HfgfX+hAEvRpyjdW+nd3VajfFBLi/WS1UXA0+inkKUX9qG4
4iW3t6sxs9VXi3lMdmHMuuLC6txlF3vknJQAgHKuo+q0DsvTxI9F4W4c4K1hBwN4
FAP2uid0cSPQGLkidSxt0/aXsR5ESV6BK04MVYlcTDLS9ru+X3jPQFRNdwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFMLCwv8OADkrZPNvr2frh3ahlVuPMB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvd3NMQ193NEFPU3RrODItdlotdUhkcUdWVzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAATBbAwQFUP/AMAoD
AwFSJgMDAVIoAwMBUi4DBANUE2gwDAMEAVQTegMEB1QTAAMEArnk/AMEBMEnIAME
AMEnQQMEBMHBYAMEAcKRlAMEBcO2oAMEBdQroAMEBdWT4DANBgkqhkiG9w0BAQsF
AAOCAQEAPgIJxgmbVJYtlk+UaZegqMc/2k/aWzr2fV7DeMXJf0iVh7zoQ5QIQ9zK
KylMufwfNkCNCmcgknWKzPgiVKhk22vuU8gDblqJm5ZL1I8QIfJ5CWWrjRsrGk0p
1VLoL8hSiwVowUgK2uYTSP8pDBiN/KOnVg/5AJ4VGPqKx0EP0iELIHAj5sXKZMcR
CNOI3d2QPJmIrNiDvjrv7hCCebzGkCwXZ9XJLnpZbuLYJSHGgv4rx9VlTzcMAFr0
mRkqFME/W3whIcXmpQe8nzkTSkQvQ7/LrgOk52V47y6Yi8Kk3riIwu6y6li8fJFe
6duCtwrjgb/yx6oehYdZ4K/ja9m8qQ==
-----END CERTIFICATE-----
Generated at Wed Oct 8 13:57:39 2025 by rpki-client