Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/WtirBgLdd1QDsDcFh1HdrsUIlWo.roa
File: WtirBgLdd1QDsDcFh1HdrsUIlWo.roa (raw, json)
Hash identifier: GA2Y0Eudc/59qW3vmpiDOm6qcDbR/NWl/VMU6tiADWg=
Subject key identifier: 5A:D8:AB:06:02:DD:77:54:03:B0:37:05:87:51:DD:AE:C5:08:95:6A
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0199291A27C635EA56ABBE58C23DBB710AFC
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/WtirBgLdd1QDsDcFh1HdrsUIlWo.roa
Signing time: Mon 08 Sep 2025 11:33:23 +0000
ROA not before: Mon 08 Sep 2025 11:33:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 5.44.248.0/24 maxlen: 24
36.255.188.0/24 maxlen: 24
36.255.189.0/24 maxlen: 24
36.255.190.0/24 maxlen: 24
36.255.191.0/24 maxlen: 24
45.94.232.0/24 maxlen: 24
45.94.233.0/24 maxlen: 24
45.94.234.0/24 maxlen: 24
45.94.235.0/24 maxlen: 24
45.143.68.0/24 maxlen: 24
45.143.69.0/24 maxlen: 24
45.143.70.0/24 maxlen: 24
45.143.71.0/24 maxlen: 24
45.157.124.0/22 maxlen: 24
45.157.124.0/24 maxlen: 24
45.157.125.0/24 maxlen: 24
45.157.126.0/24 maxlen: 24
45.157.127.0/24 maxlen: 24
83.150.240.0/24 maxlen: 24
83.150.241.0/24 maxlen: 24
83.150.242.0/24 maxlen: 24
83.150.243.0/24 maxlen: 24
87.239.254.0/24 maxlen: 24
95.181.216.0/24 maxlen: 24
95.181.217.0/24 maxlen: 24
95.181.218.0/24 maxlen: 24
95.181.219.0/24 maxlen: 24
103.225.200.0/24 maxlen: 24
103.225.201.0/24 maxlen: 24
103.225.202.0/24 maxlen: 24
103.225.203.0/24 maxlen: 24
171.22.252.0/24 maxlen: 24
185.46.116.0/24 maxlen: 24
185.46.117.0/24 maxlen: 24
185.46.240.0/24 maxlen: 24
185.46.241.0/24 maxlen: 24
185.46.242.0/24 maxlen: 24
185.46.243.0/24 maxlen: 24
185.75.208.0/24 maxlen: 24
185.75.209.0/24 maxlen: 24
185.75.210.0/24 maxlen: 24
185.75.211.0/24 maxlen: 24
185.201.190.0/24 maxlen: 24
185.253.68.0/24 maxlen: 24
185.253.69.0/24 maxlen: 24
185.253.70.0/24 maxlen: 24
185.253.71.0/24 maxlen: 24
193.108.242.0/24 maxlen: 24
193.108.243.0/24 maxlen: 24
193.201.248.0/24 maxlen: 24
193.201.249.0/24 maxlen: 24
193.201.250.0/24 maxlen: 24
193.201.251.0/24 maxlen: 24
194.36.96.0/24 maxlen: 24
194.36.97.0/24 maxlen: 24
194.36.98.0/24 maxlen: 24
194.36.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 05:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:29:1a:27:c6:35:ea:56:ab:be:58:c2:3d:bb:71:0a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Sep 8 11:33:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ad8ab0602dd775403b037058751ddaec508956a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6c:db:3e:a2:19:a7:99:92:8c:4b:23:05:bf:
21:b2:e0:37:6c:a5:77:65:3c:44:85:58:c2:39:4e:
07:b2:03:02:08:bc:6f:58:b2:94:de:d9:ba:c2:53:
09:93:7d:38:94:cb:b1:cc:d0:d0:4b:75:53:ff:af:
8d:02:c5:cb:8c:b5:f9:1a:2b:ae:98:7e:b2:cb:fe:
21:00:f7:01:ef:4f:1a:f2:c3:e9:74:60:0d:cb:a4:
a4:06:f7:ba:5c:cb:f6:47:72:ca:ad:85:85:14:51:
6e:53:c5:53:77:48:d1:a1:6e:51:d2:ff:d1:b7:e8:
cf:73:75:3d:70:17:81:87:27:1b:a1:45:44:96:62:
b3:7e:f8:3d:2a:b9:30:61:6a:af:43:b1:69:90:dd:
09:7e:47:89:16:ff:05:ec:a7:05:51:2b:88:9c:de:
1c:df:c6:59:94:0c:a2:31:2b:e0:77:07:e8:68:f5:
5c:73:07:fa:bb:c0:1b:e3:c6:5f:7f:de:65:b3:86:
4e:3e:8c:f2:59:df:40:0d:91:2a:32:6e:ad:95:41:
33:fa:d7:37:2a:72:a0:68:12:52:b6:4c:91:99:ab:
b0:e9:57:39:4f:d3:bb:e4:1c:f5:7a:c3:23:7f:eb:
8c:88:99:8b:ff:f9:a1:cf:61:b3:e6:5c:d0:8f:ec:
57:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D8:AB:06:02:DD:77:54:03:B0:37:05:87:51:DD:AE:C5:08:95:6A
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/WtirBgLdd1QDsDcFh1HdrsUIlWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.248.0/24
36.255.188.0/22
45.94.232.0/22
45.143.68.0/22
45.157.124.0/22
83.150.240.0/22
87.239.254.0/24
95.181.216.0/22
103.225.200.0/22
171.22.252.0/24
185.46.116.0/23
185.46.240.0/22
185.75.208.0/22
185.201.190.0/24
185.253.68.0/22
193.108.242.0/23
193.201.248.0/22
194.36.96.0/22
Signature Algorithm: sha256WithRSAEncryption
14:16:cf:17:86:20:d7:ae:ff:5e:41:ca:82:ae:91:cb:39:da:
99:d1:a7:09:17:1d:80:9f:ac:e0:48:d5:a5:0b:4e:95:2b:5e:
d0:4e:c0:8e:d4:86:50:57:0f:b6:b8:e4:5c:9f:3c:2a:cb:7a:
52:65:db:68:02:c8:64:46:10:27:ae:9b:fa:fe:f7:8a:c3:82:
6a:d2:38:99:d5:f0:8a:68:e4:57:b5:39:5a:2a:06:92:d3:1d:
f6:cc:1a:c6:5b:bd:9e:f1:71:cb:db:d2:2a:6e:33:35:09:39:
61:24:74:a7:e4:7c:03:84:e2:da:f3:1a:42:c0:9f:fa:3f:5a:
1d:72:5d:88:9f:4e:30:48:a9:30:19:53:8b:c5:ac:6c:f6:cd:
d5:1d:52:7f:06:a6:8c:9d:41:77:4d:19:d5:d5:ce:a5:12:b6:
45:30:0b:d6:40:11:a4:cb:bc:c3:71:12:55:24:70:19:6a:02:
12:44:6f:c8:1c:20:11:ca:98:e2:30:51:94:6d:a2:df:66:4f:
cc:2e:9c:c1:13:fe:0c:c3:f0:98:49:44:7a:28:87:02:8d:27:
79:90:eb:15:43:b9:45:18:eb:e3:de:06:a6:88:5f:76:74:8f:
5d:51:33:a8:0c:ed:68:9a:7f:3a:ea:e9:46:89:79:4c:ea:4a:
6d:e2:11:ae
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZkpGifGNepWq75Ywj27cQr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwOTA4MTEzMzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQ4YWIwNjAyZGQ3NzU0MDNiMDM3MDU4NzUxZGRhZWM1MDg5NTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mzbPqIZp5mSjEsjBb8hsuA3bKV3
ZTxEhVjCOU4HsgMCCLxvWLKU3tm6wlMJk304lMuxzNDQS3VT/6+NAsXLjLX5Giuu
mH6yy/4hAPcB708a8sPpdGANy6SkBve6XMv2R3LKrYWFFFFuU8VTd0jRoW5R0v/R
t+jPc3U9cBeBhycboUVElmKzfvg9KrkwYWqvQ7FpkN0JfkeJFv8F7KcFUSuInN4c
38ZZlAyiMSvgdwfoaPVccwf6u8Ab48Zff95ls4ZOPozyWd9ADZEqMm6tlUEz+tc3
KnKgaBJStkyRmauw6Vc5T9O75Bz1esMjf+uMiJmL//mhz2Gz5lzQj+xXmwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFFrYqwYC3XdUA7A3BYdR3a7FCJVqMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvV3RpckJnTGRkMVFEc0RjRmgxSGRyc1VJbFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAAUs+AME
AiT/vAMEAi1e6AMEAi2PRAMEAi2dfAMEAlOW8AMEAFfv/gMEAl+12AMEAmfhyAME
AKsW/AMEAbkudAMEArku8AMEArlL0AMEALnJvgMEArn9RAMEAcFs8gMEAsHJ+AME
AsIkYDANBgkqhkiG9w0BAQsFAAOCAQEAFBbPF4Yg167/XkHKgq6RyznamdGnCRcd
gJ+s4EjVpQtOlSte0E7AjtSGUFcPtrjkXJ88Kst6UmXbaALIZEYQJ66b+v73isOC
atI4mdXwimjkV7U5WioGktMd9swaxlu9nvFxy9vSKm4zNQk5YSR0p+R8A4Ti2vMa
QsCf+j9aHXJdiJ9OMEipMBlTi8WsbPbN1R1SfwamjJ1Bd00Z1dXOpRK2RTAL1kAR
pMu8w3ESVSRwGWoCEkRvyBwgEcqY4jBRlG2i32ZPzC6cwRP+DMPwmElEeiiHAo0n
eZDrFUO5RRjr494GpohfdnSPXVEzqAztaJp/OurpRol5TOpKbeIRrg==
-----END CERTIFICATE-----
Generated at Tue Sep 9 13:32:16 2025 by rpki-client