Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/wcZznbX9VosJP0oVFOMR9sEtRTM.roa
File: wcZznbX9VosJP0oVFOMR9sEtRTM.roa (raw, json)
Hash identifier: z/i6QSkFVh2Ed4/qc7yxip/ox8LwcslNmjsXdqJkdo4=
Subject key identifier: C1:C6:73:9D:B5:FD:56:8B:09:3F:4A:15:14:E3:11:F6:C1:2D:45:33
Certificate issuer: /CN=597a01de87e011803f890ae17749020f995f140c
Certificate serial: 0199A01BD5397B802C9BA490C65E3CA0C9B4
Authority key identifier: 59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/wcZznbX9VosJP0oVFOMR9sEtRTM.roa
Signing time: Wed 01 Oct 2025 14:10:02 +0000
ROA not before: Wed 01 Oct 2025 14:10:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2773
IP address blocks: 164.18.0.0/24 maxlen: 24
164.18.1.0/24 maxlen: 24
164.18.2.0/23 maxlen: 23
164.18.4.0/22 maxlen: 22
164.18.8.0/22 maxlen: 22
164.18.12.0/24 maxlen: 24
164.18.13.0/24 maxlen: 24
164.18.14.0/24 maxlen: 24
164.18.15.0/24 maxlen: 24
164.18.65.0/24 maxlen: 24
164.18.128.0/23 maxlen: 23
164.18.160.0/24 maxlen: 24
164.18.161.0/24 maxlen: 24
164.18.162.0/24 maxlen: 24
164.18.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a0:1b:d5:39:7b:80:2c:9b:a4:90:c6:5e:3c:a0:c9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597a01de87e011803f890ae17749020f995f140c
Validity
Not Before: Oct 1 14:10:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1c6739db5fd568b093f4a1514e311f6c12d4533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f9:c2:5b:e5:b5:f8:bb:0c:e7:de:70:8c:6f:
20:bc:4a:bc:22:6c:6c:22:d7:7b:b2:af:55:24:f3:
8b:86:24:7e:50:c8:ba:ef:4e:2c:2e:4c:a0:37:a0:
15:46:47:4b:6c:bf:16:bc:4b:05:49:68:8c:e5:b4:
04:f9:54:3d:e2:f4:8d:fb:82:0d:67:d9:b6:49:d3:
be:e1:34:88:0d:de:74:47:59:95:ef:10:ff:de:dc:
fc:99:1d:19:d1:48:f0:6a:b8:41:d3:9c:69:43:37:
b3:cb:e6:ac:b8:3d:7c:e8:60:a5:ce:71:9c:9e:17:
24:32:96:05:61:cd:1d:57:ac:87:47:bc:bf:53:27:
cb:83:db:95:e1:17:72:40:82:12:cc:6b:d4:10:27:
61:7f:82:bb:48:7b:c3:93:c5:b7:fa:93:33:80:78:
27:f3:97:1a:17:11:b8:6b:f2:91:f3:5c:f4:66:83:
53:2b:a1:e9:c2:27:85:d0:7f:cc:52:76:8a:69:8d:
38:e5:14:1e:b4:99:1d:84:df:11:ba:f5:56:a8:45:
9e:09:e0:b9:88:d6:a6:34:87:57:af:4f:f0:28:6c:
89:14:3f:46:58:86:ea:d5:62:dc:24:4d:44:1a:a5:
0b:d9:64:60:5b:90:82:2b:df:1b:32:be:71:a4:f5:
c0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C6:73:9D:B5:FD:56:8B:09:3F:4A:15:14:E3:11:F6:C1:2D:45:33
X509v3 Authority Key Identifier:
keyid:59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/wcZznbX9VosJP0oVFOMR9sEtRTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.18.0.0/20
164.18.65.0/24
164.18.128.0/23
164.18.160.0-164.18.162.255
164.18.164.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:8f:1b:63:9a:44:0d:4f:38:73:8b:8b:ca:80:14:44:47:f9:
bd:46:5d:87:6a:7a:02:26:34:ee:5a:9e:c3:69:9b:88:39:a8:
00:14:a1:b5:37:06:ce:90:20:b4:9f:54:6f:4d:45:1e:5d:08:
4d:3c:ee:e3:e1:d4:c3:fe:eb:13:13:da:b3:4e:70:31:fc:21:
9d:8b:5b:ef:6d:58:01:b3:d5:48:2e:7a:a4:33:ef:e6:80:d7:
df:59:93:41:cc:87:24:55:aa:a5:93:9b:2d:2d:9d:88:65:00:
97:88:6b:bb:e8:ac:a0:ad:62:f5:3d:96:45:d5:8d:fe:6f:f0:
6b:51:40:f0:98:12:58:ff:5f:a7:53:d9:29:9c:00:b4:d4:3f:
26:20:60:9b:02:af:16:f3:ca:cb:8e:ed:bc:4e:ec:9d:9d:2c:
cf:72:2d:e0:fe:cd:07:aa:7f:92:ec:62:55:95:51:3c:ca:dd:
6e:ef:11:db:6e:63:46:6d:bb:8c:fe:13:59:31:d4:bc:82:ac:
0d:7f:ce:0c:b2:4c:87:6b:d0:1f:6d:c6:dc:ea:bb:a1:31:6c:
41:9b:85:ee:29:d9:7a:c1:11:18:49:84:c6:ad:99:4f:a1:0e:
ed:dc:bc:12:18:d7:1a:42:6f:5a:fd:59:a1:10:9b:71:55:ed:
43:62:f7:a4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZmgG9U5e4Asm6SQxl48oMm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2EwMWRlODdlMDExODAzZjg5MGFlMTc3NDkwMjBmOTk1
ZjE0MGMwHhcNMjUxMDAxMTQxMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWM2NzM5ZGI1ZmQ1NjhiMDkzZjRhMTUxNGUzMTFmNmMxMmQ0NTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/nCW+W1+LsM595wjG8gvEq8Imxs
Itd7sq9VJPOLhiR+UMi6704sLkygN6AVRkdLbL8WvEsFSWiM5bQE+VQ94vSN+4IN
Z9m2SdO+4TSIDd50R1mV7xD/3tz8mR0Z0UjwarhB05xpQzezy+asuD186GClznGc
nhckMpYFYc0dV6yHR7y/UyfLg9uV4RdyQIISzGvUECdhf4K7SHvDk8W3+pMzgHgn
85caFxG4a/KR81z0ZoNTK6HpwieF0H/MUnaKaY045RQetJkdhN8RuvVWqEWeCeC5
iNamNIdXr0/wKGyJFD9GWIbq1WLcJE1EGqUL2WRgW5CCK98bMr5xpPXAYQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMHGc521/VaLCT9KFRTjEfbBLUUzMB8GA1UdIwQY
MBaAFFl6Ad6H4BGAP4kK4XdJAg+ZXxQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMt
NzM1MzNkZTA5OWMzLzEvd2Naem5iWDlWb3NKUDBvVkZPTVI5c0V0UlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMtNzM1MzNkZTA5OWMz
LzEvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEpBIAAwQA
pBJBAwQBpBKAMAwDBAWkEqADBACkEqIDBACkEqQwDQYJKoZIhvcNAQELBQADggEB
AMOPG2OaRA1POHOLi8qAFERH+b1GXYdqegImNO5ansNpm4g5qAAUobU3Bs6QILSf
VG9NRR5dCE087uPh1MP+6xMT2rNOcDH8IZ2LW+9tWAGz1UgueqQz7+aA199Zk0HM
hyRVqqWTmy0tnYhlAJeIa7vorKCtYvU9lkXVjf5v8GtRQPCYElj/X6dT2SmcALTU
PyYgYJsCrxbzysuO7bxO7J2dLM9yLeD+zQeqf5LsYlWVUTzK3W7vEdtuY0Ztu4z+
E1kx1LyCrA1/zgyyTIdr0B9txtzqu6ExbEGbhe4p2XrBERhJhMatmU+hDu3cvBIY
1xpCb1r9WaEQm3FV7UNi96Q=
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:26:17 2025 by rpki-client