Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/WKAggwW4-2Bg4MeY0gX0Cx4LA4U.roa
File: WKAggwW4-2Bg4MeY0gX0Cx4LA4U.roa (raw, json)
Hash identifier: /G/TygfNsNBDAG6vbAPSrcTJMAI8N6hE5YMA8pkrvnA=
Subject key identifier: 58:A0:20:83:05:B8:FB:60:60:E0:C7:98:D2:05:F4:0B:1E:0B:03:85
Certificate issuer: /CN=1994bf84de36ffb9d94b257f3278134194133498
Certificate serial: 019DF2B396C7D4A77C49C0EDBC2F27FFF565
Authority key identifier: 19:94:BF:84:DE:36:FF:B9:D9:4B:25:7F:32:78:13:41:94:13:34:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZS_hN42_7nZSyV_MngTQZQTNJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/WKAggwW4-2Bg4MeY0gX0Cx4LA4U.roa
Signing time: Mon 04 May 2026 11:15:49 +0000
ROA not before: Mon 04 May 2026 11:15:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215984
IP address blocks: 89.150.43.0/24 maxlen: 24
89.150.56.0/24 maxlen: 24
89.150.61.0/24 maxlen: 24
195.13.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/GZS_hN42_7nZSyV_MngTQZQTNJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/GZS_hN42_7nZSyV_MngTQZQTNJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/GZS_hN42_7nZSyV_MngTQZQTNJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f2:b3:96:c7:d4:a7:7c:49:c0:ed:bc:2f:27:ff:f5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1994bf84de36ffb9d94b257f3278134194133498
Validity
Not Before: May 4 11:15:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=58a0208305b8fb6060e0c798d205f40b1e0b0385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d7:34:90:22:a9:54:58:1c:3a:4a:c9:c4:1c:
a9:a5:1a:2f:55:41:15:e4:7f:0a:e6:94:cf:8a:21:
e1:2b:92:b4:94:46:71:36:53:4c:6e:e1:fc:93:ce:
4e:62:bc:80:97:45:3f:cb:61:b5:48:1c:77:5f:07:
75:6f:9d:ca:1a:0f:45:b4:51:02:49:bf:ed:7f:88:
2d:09:3e:c6:ab:e4:47:35:b0:08:47:40:c3:6a:43:
2c:ec:3b:2d:dc:f8:11:ca:68:5e:92:d2:8b:66:1d:
09:aa:09:48:b6:fa:ff:62:98:69:53:2f:83:a6:f9:
19:a0:3d:9c:c1:a0:73:fa:9f:ac:2f:0b:13:da:30:
61:26:d8:51:08:4a:ab:2e:ce:84:dd:cc:37:39:47:
2f:ed:0c:bc:14:d5:3f:74:8e:54:96:e7:61:ff:ef:
d9:5a:01:e7:f0:7d:05:f9:51:cc:86:e8:a0:24:be:
d1:0f:a2:85:49:b5:75:ed:3c:ea:28:5e:a1:79:3e:
38:6d:42:8f:6d:e2:21:82:de:5c:bf:9a:04:34:fe:
af:3c:98:46:3f:c4:8c:ac:f3:49:1a:e2:3c:10:6c:
af:f2:ef:24:f9:d3:25:9d:68:76:77:75:3d:d9:53:
2e:fb:2b:d1:1e:9c:b8:13:4e:ce:8a:a1:fe:e9:16:
ff:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A0:20:83:05:B8:FB:60:60:E0:C7:98:D2:05:F4:0B:1E:0B:03:85
X509v3 Authority Key Identifier:
keyid:19:94:BF:84:DE:36:FF:B9:D9:4B:25:7F:32:78:13:41:94:13:34:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZS_hN42_7nZSyV_MngTQZQTNJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/WKAggwW4-2Bg4MeY0gX0Cx4LA4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/GZS_hN42_7nZSyV_MngTQZQTNJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.43.0/24
89.150.56.0/24
89.150.61.0/24
195.13.35.0/24
Signature Algorithm: sha256WithRSAEncryption
54:5d:eb:3a:d4:33:4e:ae:b2:5c:da:68:cf:77:cf:ca:e8:97:
dc:f0:75:dd:be:83:b1:56:b0:cd:d4:7e:53:bc:75:5a:44:3e:
e6:c1:7b:6c:21:b4:4b:81:9d:a7:aa:d1:4a:1e:92:64:7f:51:
e6:51:9e:23:34:af:b5:f0:c9:a6:98:f3:85:40:08:a2:61:ec:
6e:1b:79:28:26:c9:9b:d5:d2:00:90:6d:fa:86:2e:7c:6d:bf:
cc:30:15:ac:de:9d:e8:6c:bc:22:2f:0a:28:47:9d:7e:af:25:
f1:1b:94:3c:d7:85:4d:17:03:66:53:c8:13:75:6c:66:5f:6b:
d9:af:f1:cd:de:92:fc:78:9a:db:47:7c:fe:cb:72:0d:91:f3:
f8:42:65:1d:a7:22:f1:9b:21:fb:61:09:8a:9a:ff:94:40:2e:
69:e6:b7:ba:64:ea:de:6b:8e:20:b5:e6:20:92:0d:68:fc:1d:
d9:1f:b4:55:89:34:3d:de:49:6c:a8:a8:df:31:e2:a0:1a:b4:
b0:15:5a:95:7b:81:21:cc:e9:c3:96:50:5a:e8:63:76:cc:74:
02:c1:d4:91:76:43:63:1c:86:3a:f4:1a:ad:a3:8c:94:04:42:
c5:52:34:f5:51:48:c0:04:6e:f8:44:bd:29:5f:c1:da:a5:34:
16:31:69:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3ys5bH1Kd8ScDtvC8n//VlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5OTRiZjg0ZGUzNmZmYjlkOTRiMjU3ZjMyNzgxMzQxOTQx
MzM0OTgwHhcNMjYwNTA0MTExNTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGEwMjA4MzA1YjhmYjYwNjBlMGM3OThkMjA1ZjQwYjFlMGIwMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNc0kCKpVFgcOkrJxByppRovVUEV
5H8K5pTPiiHhK5K0lEZxNlNMbuH8k85OYryAl0U/y2G1SBx3Xwd1b53KGg9FtFEC
Sb/tf4gtCT7Gq+RHNbAIR0DDakMs7Dst3PgRymhektKLZh0JqglItvr/YphpUy+D
pvkZoD2cwaBz+p+sLwsT2jBhJthRCEqrLs6E3cw3OUcv7Qy8FNU/dI5Uludh/+/Z
WgHn8H0F+VHMhuigJL7RD6KFSbV17TzqKF6heT44bUKPbeIhgt5cv5oENP6vPJhG
P8SMrPNJGuI8EGyv8u8k+dMlnWh2d3U92VMu+yvRHpy4E07OiqH+6Rb/nQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFigIIMFuPtgYODHmNIF9AseCwOFMB8GA1UdIwQY
MBaAFBmUv4TeNv+52UslfzJ4E0GUEzSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1pTX2hONDJfN25aU3lWX01uZ1RRWlFUTkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wNGQ0YmItZWQ0Ni00MmUxLWIwNDUt
NDZhZjNlNTBjMDUyLzEvV0tBZ2d3VzQtMkJnNE1lWTBnWDBDeDRMQTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wNGQ0YmItZWQ0Ni00MmUxLWIwNDUtNDZhZjNlNTBjMDUy
LzEvR1pTX2hONDJfN25aU3lWX01uZ1RRWlFUTkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWZYrAwQA
WZY4AwQAWZY9AwQAww0jMA0GCSqGSIb3DQEBCwUAA4IBAQBUXes61DNOrrJc2mjP
d8/K6Jfc8HXdvoOxVrDN1H5TvHVaRD7mwXtsIbRLgZ2nqtFKHpJkf1HmUZ4jNK+1
8MmmmPOFQAiiYexuG3koJsmb1dIAkG36hi58bb/MMBWs3p3obLwiLwooR51+ryXx
G5Q814VNFwNmU8gTdWxmX2vZr/HN3pL8eJrbR3z+y3INkfP4QmUdpyLxmyH7YQmK
mv+UQC5p5re6ZOrea44gteYgkg1o/B3ZH7RViTQ93klsqKjfMeKgGrSwFVqVe4Eh
zOnDllBa6GN2zHQCwdSRdkNjHIY69Bqto4yUBELFUjT1UUjABG74RL0pX8HapTQW
MWkC
-----END CERTIFICATE-----
Generated at Wed May 13 09:15:24 2026 by rpki-client