Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/wcv6Vtvj_8KzJMQubxYX_mtNkA0.roa
File: wcv6Vtvj_8KzJMQubxYX_mtNkA0.roa (raw, json)
Hash identifier: 0NzmIEPG+guESJal/NU9sf3xAOXj6eL+XwYUVrhagog=
Subject key identifier: C1:CB:FA:56:DB:E3:FF:C2:B3:24:C4:2E:6F:16:17:FE:6B:4D:90:0D
Certificate issuer: /CN=1455ca30592313388925ee1441009ad31d4bb41f
Certificate serial: 019A16AB6815D5E5736DDFE6BBD98E0D7389
Authority key identifier: 14:55:CA:30:59:23:13:38:89:25:EE:14:41:00:9A:D3:1D:4B:B4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/wcv6Vtvj_8KzJMQubxYX_mtNkA0.roa
Signing time: Fri 24 Oct 2025 14:42:03 +0000
ROA not before: Fri 24 Oct 2025 14:42:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203639
IP address blocks: 46.21.20.0/24 maxlen: 24
46.21.23.0/24 maxlen: 24
46.21.28.0/24 maxlen: 24
46.21.30.0/24 maxlen: 24
185.155.186.0/24 maxlen: 24
185.155.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:16:ab:68:15:d5:e5:73:6d:df:e6:bb:d9:8e:0d:73:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1455ca30592313388925ee1441009ad31d4bb41f
Validity
Not Before: Oct 24 14:42:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1cbfa56dbe3ffc2b324c42e6f1617fe6b4d900d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:da:ef:40:1a:e0:8c:0f:fd:2c:7e:2c:90:2e:
b2:44:00:93:76:68:7e:2e:17:cd:00:81:fb:ed:8d:
ae:c4:30:8b:99:e9:42:ff:18:79:3b:df:58:04:81:
75:f3:13:40:5c:03:90:ad:91:ae:97:5b:ee:95:20:
b6:4d:02:8f:d9:df:6a:f2:56:a5:8c:90:59:4a:93:
06:01:8b:ff:d6:c8:88:80:19:60:0a:08:c5:35:ae:
a4:38:08:84:6d:9f:76:5b:fe:dc:e3:0c:f7:78:7a:
89:50:f0:17:e6:0f:fa:56:f2:6d:92:b7:93:a0:42:
7b:49:c8:2a:b4:4e:b9:98:ab:64:f4:06:96:97:93:
52:ac:5a:60:3c:19:f2:90:94:39:7d:f0:b8:e3:78:
65:8d:8d:7f:82:f1:ae:d2:57:d7:bf:00:c3:52:00:
49:19:b4:c9:2b:36:73:f2:19:66:62:87:60:6d:33:
13:89:e8:75:9d:63:e7:2a:61:35:96:dc:28:a6:34:
c4:6c:0c:e5:3f:fa:99:38:21:8b:86:85:76:70:b3:
1d:5e:6a:74:10:af:59:fd:09:bf:ee:51:ad:51:40:
99:8b:f1:6f:ce:c7:fa:6f:db:71:71:01:36:9b:ed:
0e:b8:d1:92:d8:7c:a0:b8:c6:66:82:54:3b:5e:38:
cc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:CB:FA:56:DB:E3:FF:C2:B3:24:C4:2E:6F:16:17:FE:6B:4D:90:0D
X509v3 Authority Key Identifier:
keyid:14:55:CA:30:59:23:13:38:89:25:EE:14:41:00:9A:D3:1D:4B:B4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/wcv6Vtvj_8KzJMQubxYX_mtNkA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.20.0/24
46.21.23.0/24
46.21.28.0/24
46.21.30.0/24
185.155.186.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:9a:53:93:8f:1d:64:98:99:e1:a4:bf:5f:50:fd:2a:39:2f:
59:66:c7:04:7c:19:f9:0b:23:2e:a7:68:8b:55:8f:0a:aa:dd:
40:81:38:9c:70:b4:d8:f0:ab:0f:b2:74:9d:28:e5:26:ba:19:
09:ec:a8:8d:96:c8:94:4a:79:0e:6d:bb:0b:a4:b2:e4:95:ad:
d7:28:77:a5:41:fe:c3:86:31:7f:6a:a0:ff:48:cc:92:11:09:
c7:5e:b2:d6:33:b0:f0:61:e4:54:f6:55:9a:c9:a3:33:88:ea:
a0:a2:ff:65:88:e3:4c:84:84:13:43:70:87:90:8c:70:0f:54:
01:90:a0:6e:a4:62:9e:88:6a:e4:3b:e9:f5:b7:11:a4:1f:72:
3a:c6:a1:5f:50:f7:b7:87:cc:c9:1e:78:81:a8:dc:45:6c:1b:
d5:95:c8:64:ae:cf:f3:f4:87:3c:24:d8:c8:94:6b:e5:2b:0b:
aa:dc:02:8b:1f:07:24:34:a0:e1:28:c1:23:a5:bc:3e:a0:92:
8e:78:c1:63:20:eb:cc:3a:f1:c1:60:59:05:c0:4a:17:56:66:
b0:bb:38:5f:33:5b:5e:38:90:75:5c:3f:69:28:63:e0:f2:22:
63:1e:70:24:98:cc:60:2f:4d:f0:71:c3:e6:8e:fd:32:62:d0:
fe:e5:46:a3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZoWq2gV1eVzbd/mu9mODXOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NTVjYTMwNTkyMzEzMzg4OTI1ZWUxNDQxMDA5YWQzMWQ0
YmI0MWYwHhcNMjUxMDI0MTQ0MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWNiZmE1NmRiZTNmZmMyYjMyNGM0MmU2ZjE2MTdmZTZiNGQ5MDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9rvQBrgjA/9LH4skC6yRACTdmh+
LhfNAIH77Y2uxDCLmelC/xh5O99YBIF18xNAXAOQrZGul1vulSC2TQKP2d9q8lal
jJBZSpMGAYv/1siIgBlgCgjFNa6kOAiEbZ92W/7c4wz3eHqJUPAX5g/6VvJtkreT
oEJ7ScgqtE65mKtk9AaWl5NSrFpgPBnykJQ5ffC443hljY1/gvGu0lfXvwDDUgBJ
GbTJKzZz8hlmYodgbTMTieh1nWPnKmE1ltwopjTEbAzlP/qZOCGLhoV2cLMdXmp0
EK9Z/Qm/7lGtUUCZi/Fvzsf6b9txcQE2m+0OuNGS2HyguMZmglQ7XjjMfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMHL+lbb4//CsyTELm8WF/5rTZANMB8GA1UdIwQY
MBaAFBRVyjBZIxM4iSXuFEEAmtMdS7QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZYS01Ga2pFemlKSmU0VVFRQ2EweDFMdEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMDgzMmUtNjc1Yi00ZWMyLWE4MDIt
OWIyNmNhYjc5NDUxLzEvd2N2NlZ0dmpfOEt6Sk1RdWJ4WVhfbXROa0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMDgzMmUtNjc1Yi00ZWMyLWE4MDItOWIyNmNhYjc5NDUx
LzEvRkZYS01Ga2pFemlKSmU0VVFRQ2EweDFMdEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhUUAwQA
LhUXAwQALhUcAwQALhUeAwQBuZu6MA0GCSqGSIb3DQEBCwUAA4IBAQBLmlOTjx1k
mJnhpL9fUP0qOS9ZZscEfBn5CyMup2iLVY8Kqt1AgTiccLTY8KsPsnSdKOUmuhkJ
7KiNlsiUSnkObbsLpLLkla3XKHelQf7DhjF/aqD/SMySEQnHXrLWM7DwYeRU9lWa
yaMziOqgov9liONMhIQTQ3CHkIxwD1QBkKBupGKeiGrkO+n1txGkH3I6xqFfUPe3
h8zJHniBqNxFbBvVlchkrs/z9Ic8JNjIlGvlKwuq3AKLHwckNKDhKMEjpbw+oJKO
eMFjIOvMOvHBYFkFwEoXVmawuzhfM1teOJB1XD9pKGPg8iJjHnAkmMxgL03wccPm
jv0yYtD+5Uaj
-----END CERTIFICATE-----
Generated at Tue Oct 28 13:39:08 2025 by rpki-client