Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/WjmF6GDCnU7BjMADRQkLqtYvq1Q.roa
File: WjmF6GDCnU7BjMADRQkLqtYvq1Q.roa (raw, json)
Hash identifier: L7E9NOBJibBjCnjz75U4cNyr3XJ2nd04ODfo5D/O2HM=
Subject key identifier: 5A:39:85:E8:60:C2:9D:4E:C1:8C:C0:03:45:09:0B:AA:D6:2F:AB:54
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019CB83DDA17FE207F180004A20A1185F146
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/WjmF6GDCnU7BjMADRQkLqtYvq1Q.roa
Signing time: Wed 04 Mar 2026 09:46:27 +0000
ROA not before: Wed 04 Mar 2026 09:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48678
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.74.242.0/24 maxlen: 24
45.74.243.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.149.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
91.208.204.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb05::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a442::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 12:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b8:3d:da:17:fe:20:7f:18:00:04:a2:0a:11:85:f1:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Mar 4 09:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5a3985e860c29d4ec18cc00345090baad62fab54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b5:0a:78:34:11:4b:a2:49:ff:bb:f2:1a:54:
09:52:b7:61:cc:15:ed:b3:61:34:7a:75:18:d2:0d:
9b:7c:a8:28:a2:3c:9d:89:de:18:a3:92:0d:23:10:
fa:a9:15:db:6d:2f:aa:c2:22:65:70:eb:bb:db:ab:
4f:72:e4:c4:90:8d:4e:1d:6f:54:09:d1:3a:fb:8b:
2a:9f:9c:d1:14:73:90:15:b2:30:42:e5:07:f9:b3:
22:69:20:e9:5f:04:ca:59:53:0c:22:bb:db:f5:ac:
b0:45:bd:d6:63:07:d4:f7:84:65:2a:c1:61:82:16:
86:b6:2c:cb:e6:1a:47:75:13:32:74:fb:d8:c0:49:
0f:64:31:2e:f5:78:c2:6c:b0:1c:ec:8c:31:02:22:
20:a9:01:92:b1:a6:19:44:a6:87:ac:55:10:e8:66:
f7:86:34:4d:6b:71:4a:cb:57:bb:fc:a8:35:e4:7e:
90:6c:ef:e7:f0:fb:e8:18:76:f2:7e:53:82:85:f4:
1e:31:1d:a2:07:9c:78:5a:42:be:84:d3:92:2e:12:
63:ba:04:49:cd:71:02:4c:8b:91:d2:24:f7:c5:2a:
01:94:d0:6c:ac:73:5c:49:7b:d4:a6:66:d5:3d:89:
ad:47:47:4e:44:36:2c:1a:d7:8d:80:1b:84:28:f7:
50:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:39:85:E8:60:C2:9D:4E:C1:8C:C0:03:45:09:0B:AA:D6:2F:AB:54
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/WjmF6GDCnU7BjMADRQkLqtYvq1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.74.242.0/23
45.131.0.0/22
45.136.4.0/24
45.141.149.0/24
77.83.200.0-77.83.202.255
91.208.204.0/24
194.116.237.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440:7::/48
2a13:a441::-2a13:a442:ffff:ffff:ffff:ffff:ffff:ffff
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
88:b0:e3:c5:a3:80:38:a9:5a:9a:40:b7:3d:77:03:ab:1e:68:
87:ad:6a:fa:38:a7:32:e1:22:7d:97:06:9c:f8:63:fc:af:6b:
70:f0:2d:e2:bc:1b:2c:18:b5:38:7f:8b:72:98:59:52:2e:ca:
95:55:45:49:2a:9f:fa:1a:c3:73:db:2f:10:10:57:6b:31:b1:
35:4e:47:9a:0f:a5:d1:e2:6f:e2:aa:84:31:67:b2:d6:c4:b2:
26:54:ba:e2:a3:fb:3f:56:80:1a:c7:d5:09:a7:89:50:a6:0d:
18:ab:df:1e:52:56:61:1b:99:5f:e5:4f:77:ad:9d:99:55:bc:
e8:74:6d:80:fc:4e:67:6e:3c:0b:b7:a1:d3:c4:73:23:5b:7c:
93:b6:e8:97:bc:29:af:fa:08:7c:3d:13:bd:82:8e:fb:1a:e1:
1b:9b:c8:c1:15:5c:7c:96:de:1f:d9:29:1c:ae:96:e7:bf:9f:
32:05:84:76:35:5d:79:19:0f:4a:6d:bf:4f:f8:cb:d5:ed:cd:
65:a5:ed:10:36:54:9a:45:df:ae:a8:cc:96:4f:7e:8e:98:03:
92:a8:54:40:2a:90:c4:eb:53:a4:b9:11:66:ea:f6:d2:c3:78:
48:8c:e1:a5:63:2c:47:16:15:1e:54:45:fc:2d:1e:43:a3:82:
49:d4:35:52
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZy4PdoX/iB/GAAEogoRhfFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjYwMzA0MDk0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTM5ODVlODYwYzI5ZDRlYzE4Y2MwMDM0NTA5MGJhYWQ2MmZhYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrUKeDQRS6JJ/7vyGlQJUrdhzBXt
s2E0enUY0g2bfKgoojydid4Yo5INIxD6qRXbbS+qwiJlcOu726tPcuTEkI1OHW9U
CdE6+4sqn5zRFHOQFbIwQuUH+bMiaSDpXwTKWVMMIrvb9aywRb3WYwfU94RlKsFh
ghaGtizL5hpHdRMydPvYwEkPZDEu9XjCbLAc7IwxAiIgqQGSsaYZRKaHrFUQ6Gb3
hjRNa3FKy1e7/Kg15H6QbO/n8PvoGHbyflOChfQeMR2iB5x4WkK+hNOSLhJjugRJ
zXECTIuR0iT3xSoBlNBsrHNcSXvUpmbVPYmtR0dORDYsGteNgBuEKPdQnwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFFo5hehgwp1OwYzAA0UJC6rWL6tUMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvV2ptRjZHRENuVTdCak1BRFJRa0xxdFl2cTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTBGBAIAATBAMAwDBAAF
tGkDBAIFtGgDBAEtSvIDBAItgwADBAAtiAQDBAAtjZUwDAMEA01TyAMEAE1TygME
AFvQzAMEAMJ07TBXBAIAAjBRAwUDKgmHgAMFAyoPtwADBQMqD+kAAwUDKg/rAAMF
AyoP7QADBQMqD/kAAwcAKhOkQAAHMA4DBQAqE6RBAwUAKhOkQgMFACoTpEUDBQAq
E6RHMA0GCSqGSIb3DQEBCwUAA4IBAQCIsOPFo4A4qVqaQLc9dwOrHmiHrWr6OKcy
4SJ9lwac+GP8r2tw8C3ivBssGLU4f4tymFlSLsqVVUVJKp/6GsNz2y8QEFdrMbE1
TkeaD6XR4m/iqoQxZ7LWxLImVLrio/s/VoAax9UJp4lQpg0Yq98eUlZhG5lf5U93
rZ2ZVbzodG2A/E5nbjwLt6HTxHMjW3yTtuiXvCmv+gh8PRO9go77GuEbm8jBFVx8
lt4f2Skcrpbnv58yBYR2NV15GQ9Kbb9P+MvV7c1lpe0QNlSaRd+uqMyWT36OmAOS
qFRAKpDE61OkuRFm6vbSw3hIjOGlYyxHFhUeVEX8LR5Do4JJ1DVS
-----END CERTIFICATE-----
Generated at Thu Mar 5 20:34:05 2026 by rpki-client