Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/WPiArLAigTEal67e99p6QerkQZE.roa
File: WPiArLAigTEal67e99p6QerkQZE.roa (raw, json)
Hash identifier: wYiT+Ck5uhYYveBL51hDgu/pDtfslNiPlWofkCr3/h4=
Subject key identifier: 58:F8:80:AC:B0:22:81:31:1A:97:AE:DE:F7:DA:7A:41:EA:E4:41:91
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019DD55289CC8E7A001F853F10C13810F16D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/WPiArLAigTEal67e99p6QerkQZE.roa
Signing time: Tue 28 Apr 2026 18:20:49 +0000
ROA not before: Tue 28 Apr 2026 18:20:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210546
IP address blocks: 147.45.198.0/24 maxlen: 24
147.45.199.0/24 maxlen: 24
147.45.218.0/24 maxlen: 24
193.233.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d5:52:89:cc:8e:7a:00:1f:85:3f:10:c1:38:10:f1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 28 18:20:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=58f880acb02281311a97aedef7da7a41eae44191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bc:8d:bc:1f:91:12:31:91:5d:72:36:48:6c:
03:b3:56:29:bc:c1:25:ff:c9:46:73:e4:ed:13:76:
1f:59:28:a5:a3:9e:29:df:ca:02:87:cc:67:95:17:
af:f9:f6:f8:33:3c:34:13:73:93:d2:01:1d:09:7f:
97:52:f0:79:75:be:a7:cf:8c:f8:1e:1f:0e:ff:66:
c1:ab:d7:2b:fe:6d:26:c5:a9:bd:a8:02:ae:81:37:
61:aa:40:d2:da:69:d2:34:91:24:4d:a5:10:d3:2e:
c4:59:48:79:54:41:7f:80:48:4e:a4:ef:fc:69:81:
6c:5d:a2:60:07:5e:25:d7:f2:c4:45:fa:3d:9c:dd:
48:ea:53:2a:8f:66:d4:fa:a5:3f:f2:94:09:87:69:
b7:f3:f6:3c:bc:61:0c:9a:91:88:b8:50:62:2e:03:
01:20:38:4a:d0:6a:d7:80:16:9e:e0:44:5d:2f:45:
74:eb:56:7f:d8:8c:bb:41:30:ea:d3:5b:37:c6:37:
bc:9f:b0:4f:86:21:fc:c7:8a:ec:c5:bd:7c:78:76:
41:73:0c:82:f1:a7:f8:73:c2:7b:15:2c:a9:a7:67:
ea:5a:c0:96:06:65:9b:b0:4e:f1:1d:b0:24:47:ed:
f5:2b:f7:86:dd:df:f1:12:c9:1c:ff:7d:0f:16:7a:
73:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F8:80:AC:B0:22:81:31:1A:97:AE:DE:F7:DA:7A:41:EA:E4:41:91
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/WPiArLAigTEal67e99p6QerkQZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.198.0/23
147.45.218.0/24
193.233.86.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:b6:8c:b1:fc:0b:fa:f6:f0:3c:cf:97:a1:d9:78:52:0c:c1:
45:66:8e:b1:02:ae:71:6f:16:89:99:13:e4:a5:56:a0:9b:02:
3d:1a:8a:5c:c2:19:36:dc:09:26:a8:7c:fb:9e:21:00:d7:30:
f7:8e:98:d6:6a:1e:eb:61:c1:13:12:0a:12:76:4b:36:95:cc:
66:89:a3:2f:4e:7d:9a:b2:22:1b:ec:bd:73:13:9d:e3:43:14:
fe:b2:f1:a1:36:e8:1b:03:ce:54:62:cf:ff:5f:f9:29:00:9f:
02:fe:3c:51:3b:c1:a6:30:db:54:1d:6d:42:cb:8e:56:bf:59:
79:25:b8:12:c2:47:a3:46:ca:0c:e2:c7:8e:a1:b6:d7:85:21:
3b:d3:16:b7:a7:3b:a7:da:27:d5:e4:79:c6:f8:df:b4:b1:1d:
dd:db:30:5f:fd:9c:95:48:84:db:66:f6:25:72:48:f3:77:f0:
48:39:ae:bb:c0:33:1c:3c:db:bd:2b:00:1e:f7:d8:ac:9f:5c:
c8:9f:df:66:63:1c:dc:eb:a9:bd:09:6e:15:87:a2:66:93:83:
f0:2c:65:28:03:db:c3:52:50:1a:a4:8c:77:b6:56:b9:25:0d:
69:0b:ca:44:fb:27:79:f4:20:cd:ae:7f:07:d8:02:f5:13:42:
eb:59:46:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ3VUonMjnoAH4U/EME4EPFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjYwNDI4MTgyMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGY4ODBhY2IwMjI4MTMxMWE5N2FlZGVmN2RhN2E0MWVhZTQ0MTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLyNvB+REjGRXXI2SGwDs1YpvMEl
/8lGc+TtE3YfWSilo54p38oCh8xnlRev+fb4Mzw0E3OT0gEdCX+XUvB5db6nz4z4
Hh8O/2bBq9cr/m0mxam9qAKugTdhqkDS2mnSNJEkTaUQ0y7EWUh5VEF/gEhOpO/8
aYFsXaJgB14l1/LERfo9nN1I6lMqj2bU+qU/8pQJh2m38/Y8vGEMmpGIuFBiLgMB
IDhK0GrXgBae4ERdL0V061Z/2Iy7QTDq01s3xje8n7BPhiH8x4rsxb18eHZBcwyC
8af4c8J7FSypp2fqWsCWBmWbsE7xHbAkR+31K/eG3d/xEskc/30PFnpzuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFj4gKywIoExGpeu3vfaekHq5EGRMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvV1BpQXJMQWlnVEVhbDY3ZTk5cDZRZXJrUVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBky3GAwQA
ky3aAwQAwelWMA0GCSqGSIb3DQEBCwUAA4IBAQB9toyx/Av69vA8z5eh2XhSDMFF
Zo6xAq5xbxaJmRPkpVagmwI9Gopcwhk23AkmqHz7niEA1zD3jpjWah7rYcETEgoS
dks2lcxmiaMvTn2asiIb7L1zE53jQxT+svGhNugbA85UYs//X/kpAJ8C/jxRO8Gm
MNtUHW1Cy45Wv1l5JbgSwkejRsoM4seOobbXhSE70xa3pzun2ifV5HnG+N+0sR3d
2zBf/ZyVSITbZvYlckjzd/BIOa67wDMcPNu9KwAe99isn1zIn99mYxzc66m9CW4V
h6Jmk4PwLGUoA9vDUlAapIx3tla5JQ1pC8pE+yd59CDNrn8H2AL1E0LrWUaX
-----END CERTIFICATE-----
Generated at Tue May 12 21:45:14 2026 by rpki-client