Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/WZY1-5x2WyCpOIyehhDGkzXs6aU.roa
File: WZY1-5x2WyCpOIyehhDGkzXs6aU.roa (raw, json)
Hash identifier: YWudaqyhwGIUN8z350ztRMjLHkWhXqHTu9WZVlmFBoY=
Subject key identifier: 59:96:35:FB:9C:76:5B:20:A9:38:8C:9E:86:10:C6:93:35:EC:E9:A5
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0199E9803BE887F3B6EFABC0CD439EE9D921
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/WZY1-5x2WyCpOIyehhDGkzXs6aU.roa
Signing time: Wed 15 Oct 2025 20:11:59 +0000
ROA not before: Wed 15 Oct 2025 20:11:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213294
IP address blocks: 2a11:6543::/32 maxlen: 32
2a11:6546::/32 maxlen: 32
2a11:6585::/32 maxlen: 32
2a11:6d00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e9:80:3b:e8:87:f3:b6:ef:ab:c0:cd:43:9e:e9:d9:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Oct 15 20:11:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=599635fb9c765b20a9388c9e8610c69335ece9a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ad:14:83:09:1a:ff:4e:28:9a:6d:e4:df:c8:
ae:88:dc:35:ef:bd:51:24:a2:c5:17:62:86:24:d4:
b7:92:cb:10:cd:b1:65:40:bc:57:97:5d:0e:a0:de:
27:85:c2:f8:93:8a:6f:a2:aa:b3:fb:e1:af:17:62:
54:05:ac:f6:3a:fa:2d:3d:62:25:82:d3:5d:68:de:
e1:37:14:a0:f3:72:64:d1:4c:82:15:bb:c5:8c:8d:
52:d8:05:93:4c:62:5a:5f:1a:0c:84:08:fb:8b:0c:
45:34:a9:67:2a:1d:dc:ff:7a:a1:39:e5:ca:87:58:
5b:9c:9f:d6:94:80:64:fc:24:7d:77:62:70:46:cb:
7e:76:32:a7:38:c8:97:ea:a0:0f:52:fc:fe:93:22:
3d:a0:61:5f:94:7b:51:68:45:47:c0:cc:04:f7:8a:
00:14:dd:55:ad:d7:a9:da:7f:a6:0c:30:c3:85:3a:
f5:99:55:35:b9:63:20:a0:e6:7d:78:a5:36:bb:91:
33:27:a3:18:79:b2:a0:41:d1:80:3c:86:a3:df:7f:
e1:aa:02:8c:70:0d:b7:88:e3:ce:27:ee:b9:9a:cf:
e2:b9:7b:35:79:63:99:19:d5:01:f6:58:c8:22:e5:
bb:4a:61:53:5d:1b:62:61:ec:fe:64:e3:96:21:e6:
0d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:96:35:FB:9C:76:5B:20:A9:38:8C:9E:86:10:C6:93:35:EC:E9:A5
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/WZY1-5x2WyCpOIyehhDGkzXs6aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:6543::/32
2a11:6546::/32
2a11:6585::/32
2a11:6d00::/32
Signature Algorithm: sha256WithRSAEncryption
0c:c1:0e:58:a9:33:c7:2f:6b:b5:3f:3d:32:46:c6:a3:d0:97:
f6:c9:c3:57:25:94:07:b3:fc:ed:f9:51:0b:70:34:39:e9:9b:
b8:55:34:81:5b:b4:a6:5d:d9:bd:a2:99:16:6a:05:98:1e:6a:
0f:22:42:d6:a1:3a:43:84:bf:61:12:5a:ad:34:4a:a6:40:8c:
d8:93:64:b1:4f:38:38:33:fc:86:47:dc:c9:24:e7:a3:73:03:
ce:db:ce:a8:37:56:98:8b:71:ff:94:5f:eb:69:02:3a:76:d3:
26:75:37:63:d2:30:a2:57:5a:0d:89:59:ce:d1:23:81:b4:ae:
53:33:c6:d9:32:5e:0e:78:61:17:f9:f2:9a:dc:d4:77:aa:38:
59:32:56:4f:df:ce:e4:cb:9a:c3:e8:ce:e8:1e:34:8c:4f:05:
52:36:29:13:c0:e6:2a:fc:d4:26:12:eb:74:fa:b3:93:88:49:
bb:c8:3f:e4:f3:75:29:9a:a1:b1:27:6b:f3:43:7d:a3:71:c1:
d4:cc:58:72:a8:5a:f5:81:73:c1:a6:b0:60:56:33:6f:7a:c0:
c5:d5:1e:77:94:5f:91:1c:65:40:90:8c:90:03:92:f0:c8:90:
94:37:c0:68:9d:62:ab:8d:b5:ac:0d:98:86:22:99:15:e1:16:
d9:ce:7a:d5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZnpgDvoh/O276vAzUOe6dkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUxMDE1MjAxMTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTk2MzVmYjljNzY1YjIwYTkzODhjOWU4NjEwYzY5MzM1ZWNlOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlq0Ugwka/04omm3k38iuiNw1771R
JKLFF2KGJNS3kssQzbFlQLxXl10OoN4nhcL4k4pvoqqz++GvF2JUBaz2OvotPWIl
gtNdaN7hNxSg83Jk0UyCFbvFjI1S2AWTTGJaXxoMhAj7iwxFNKlnKh3c/3qhOeXK
h1hbnJ/WlIBk/CR9d2JwRst+djKnOMiX6qAPUvz+kyI9oGFflHtRaEVHwMwE94oA
FN1Vrdep2n+mDDDDhTr1mVU1uWMgoOZ9eKU2u5EzJ6MYebKgQdGAPIaj33/hqgKM
cA23iOPOJ+65ms/iuXs1eWOZGdUB9ljIIuW7SmFTXRtiYez+ZOOWIeYNWwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFmWNfucdlsgqTiMnoYQxpM17OmlMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvV1pZMS01eDJXeUNwT0l5ZWhoREdrelhzNmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKhFlQwMF
ACoRZUYDBQAqEWWFAwUAKhFtADANBgkqhkiG9w0BAQsFAAOCAQEADMEOWKkzxy9r
tT89MkbGo9CX9snDVyWUB7P87flRC3A0OembuFU0gVu0pl3ZvaKZFmoFmB5qDyJC
1qE6Q4S/YRJarTRKpkCM2JNksU84ODP8hkfcySTno3MDztvOqDdWmItx/5Rf62kC
OnbTJnU3Y9IwoldaDYlZztEjgbSuUzPG2TJeDnhhF/nymtzUd6o4WTJWT9/O5Mua
w+jO6B40jE8FUjYpE8DmKvzUJhLrdPqzk4hJu8g/5PN1KZqhsSdr80N9o3HB1MxY
cqha9YFzwaawYFYzb3rAxdUed5RfkRxlQJCMkAOS8MiQlDfAaJ1iq421rA2YhiKZ
FeEW2c561Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:13:05 2025 by rpki-client