Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/b0144e-9f30-4f9f-a87f-d29a5d918fd8/1/We_eJU8uhiQBtd3wrWn-ZlbXQRc.roa
File: We_eJU8uhiQBtd3wrWn-ZlbXQRc.roa (raw, json)
Hash identifier: 6QN0Fg3SAd13aQtCCegpoqGppEXLz5qo/Z2EDHmRRaY=
Subject key identifier: 59:EF:DE:25:4F:2E:86:24:01:B5:DD:F0:AD:69:FE:66:56:D7:41:17
Certificate issuer: /CN=c143204e97ad79ad6a1f0940ef41b16f207b489d
Certificate serial: 0199806405573682A459693C1CB8E82F2971
Authority key identifier: C1:43:20:4E:97:AD:79:AD:6A:1F:09:40:EF:41:B1:6F:20:7B:48:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wUMgTpetea1qHwlA70GxbyB7SJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/b0144e-9f30-4f9f-a87f-d29a5d918fd8/1/We_eJU8uhiQBtd3wrWn-ZlbXQRc.roa
Signing time: Thu 25 Sep 2025 10:21:02 +0000
ROA not before: Thu 25 Sep 2025 10:21:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44927
IP address blocks: 62.84.104.0/21 maxlen: 21
91.203.80.0/22 maxlen: 22
91.224.76.0/23 maxlen: 23
185.15.117.0/24 maxlen: 24
185.15.118.0/24 maxlen: 24
185.15.119.0/24 maxlen: 24
185.48.36.0/22 maxlen: 22
193.201.88.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/b0144e-9f30-4f9f-a87f-d29a5d918fd8/1/wUMgTpetea1qHwlA70GxbyB7SJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/b0144e-9f30-4f9f-a87f-d29a5d918fd8/1/wUMgTpetea1qHwlA70GxbyB7SJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/wUMgTpetea1qHwlA70GxbyB7SJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:80:64:05:57:36:82:a4:59:69:3c:1c:b8:e8:2f:29:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c143204e97ad79ad6a1f0940ef41b16f207b489d
Validity
Not Before: Sep 25 10:21:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=59efde254f2e862401b5ddf0ad69fe6656d74117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c4:0a:bc:4b:50:88:d3:7b:a8:93:29:47:ea:
10:83:6d:d4:19:17:6d:a5:51:e0:58:ef:06:a6:cb:
8b:7f:16:f9:83:98:a7:6c:88:91:69:c0:2c:40:dc:
20:ab:13:70:2a:a8:ab:a6:d3:32:a5:a1:ec:ed:70:
31:23:8c:ef:52:cc:61:70:0d:d7:73:2f:5a:03:97:
88:b1:70:84:73:87:df:7f:83:a1:60:01:95:23:94:
5d:86:f6:99:b8:e1:ea:33:15:0c:3d:65:0f:10:b6:
c8:d2:c4:ad:1a:53:e5:93:3b:dc:92:70:cd:dd:4e:
8c:f9:05:87:f2:80:41:84:dd:ca:d8:97:c5:f7:27:
8c:4b:f3:70:8c:5d:9b:cc:6d:a2:35:39:4c:98:ac:
45:b0:56:46:d4:dc:37:01:8c:ee:58:80:e9:41:e4:
6f:3f:03:72:9f:0e:38:41:52:88:16:53:ec:05:4e:
b8:e0:15:2f:1f:51:1b:26:ff:3e:27:52:d2:0a:dd:
da:0c:c2:81:b8:37:46:6a:ef:ea:5e:c6:ea:c7:b0:
4a:a1:b6:30:37:83:10:05:d1:ca:d9:90:95:84:65:
b3:dd:3c:22:c9:03:f2:ec:73:d2:96:9e:82:fd:ea:
f7:ba:3d:a3:15:3d:38:6c:11:82:d6:07:d2:78:70:
3e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:EF:DE:25:4F:2E:86:24:01:B5:DD:F0:AD:69:FE:66:56:D7:41:17
X509v3 Authority Key Identifier:
keyid:C1:43:20:4E:97:AD:79:AD:6A:1F:09:40:EF:41:B1:6F:20:7B:48:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wUMgTpetea1qHwlA70GxbyB7SJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b0144e-9f30-4f9f-a87f-d29a5d918fd8/1/We_eJU8uhiQBtd3wrWn-ZlbXQRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/b0144e-9f30-4f9f-a87f-d29a5d918fd8/1/wUMgTpetea1qHwlA70GxbyB7SJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.104.0/21
91.203.80.0/22
91.224.76.0/23
185.15.117.0-185.15.119.255
185.48.36.0/22
193.201.88.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:07:39:3c:c3:fb:b9:e5:70:63:37:ac:3f:af:4d:ea:42:0b:
e9:49:92:c1:98:e5:21:b9:20:dd:07:55:56:ff:83:f1:56:61:
bc:04:d7:6b:78:2f:b6:26:8c:e9:e5:cd:8d:7d:25:4b:fb:6b:
e7:60:95:1d:f0:03:66:d1:cc:3c:45:a2:a6:16:22:ed:8d:50:
73:ba:e0:cc:ea:03:f7:85:9e:56:6f:a9:5a:29:66:c4:0b:30:
aa:bd:6a:16:51:52:3c:8a:9f:69:02:c7:6e:81:da:49:99:da:
21:a8:80:2d:ef:66:14:23:8b:69:7f:24:39:c1:a1:4d:f5:47:
63:a5:3e:ef:c9:d1:c7:76:ef:d1:f2:9f:88:1d:8a:c6:7d:38:
41:2b:4e:0f:d6:b2:2a:78:41:b1:0d:39:0c:ff:b1:80:69:5d:
53:f8:83:6c:93:4d:3d:05:4b:37:2f:6c:98:93:8b:80:f7:fc:
7c:18:1b:83:f0:bf:49:b8:17:a6:26:33:18:aa:f4:7d:dd:3d:
35:16:84:02:f8:21:f1:cd:29:5c:96:bb:42:4f:48:14:60:33:
ea:21:e6:5a:29:6e:6f:6a:49:c7:f9:20:a0:4c:f8:9c:57:7a:
65:eb:5d:fc:c9:a2:3d:8d:b4:c9:0d:7f:9c:5c:b4:f5:16:d2:
9e:a3:ea:42
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZmAZAVXNoKkWWk8HLjoLylxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxNDMyMDRlOTdhZDc5YWQ2YTFmMDk0MGVmNDFiMTZmMjA3
YjQ4OWQwHhcNMjUwOTI1MTAyMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWVmZGUyNTRmMmU4NjI0MDFiNWRkZjBhZDY5ZmU2NjU2ZDc0MTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cQKvEtQiNN7qJMpR+oQg23UGRdt
pVHgWO8GpsuLfxb5g5inbIiRacAsQNwgqxNwKqirptMypaHs7XAxI4zvUsxhcA3X
cy9aA5eIsXCEc4fff4OhYAGVI5RdhvaZuOHqMxUMPWUPELbI0sStGlPlkzvcknDN
3U6M+QWH8oBBhN3K2JfF9yeMS/NwjF2bzG2iNTlMmKxFsFZG1Nw3AYzuWIDpQeRv
PwNynw44QVKIFlPsBU644BUvH1EbJv8+J1LSCt3aDMKBuDdGau/qXsbqx7BKobYw
N4MQBdHK2ZCVhGWz3TwiyQPy7HPSlp6C/er3uj2jFT04bBGC1gfSeHA+OQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFnv3iVPLoYkAbXd8K1p/mZW10EXMB8GA1UdIwQY
MBaAFMFDIE6XrXmtah8JQO9BsW8ge0idMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1VNZ1RwZXRlYTFxSHdsQTcwR3hieUI3U0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9iMDE0NGUtOWYzMC00ZjlmLWE4N2Yt
ZDI5YTVkOTE4ZmQ4LzEvV2VfZUpVOHVoaVFCdGQzd3JXbi1abGJYUVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9iMDE0NGUtOWYzMC00ZjlmLWE4N2YtZDI5YTVkOTE4ZmQ4
LzEvd1VNZ1RwZXRlYTFxSHdsQTcwR3hieUI3U0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDPlRoAwQC
W8tQAwQBW+BMMAwDBAC5D3UDBAO5D3ADBAK5MCQDBALByVgwDQYJKoZIhvcNAQEL
BQADggEBAAwHOTzD+7nlcGM3rD+vTepCC+lJksGY5SG5IN0HVVb/g/FWYbwE12t4
L7YmjOnlzY19JUv7a+dglR3wA2bRzDxFoqYWIu2NUHO64MzqA/eFnlZvqVopZsQL
MKq9ahZRUjyKn2kCx26B2kmZ2iGogC3vZhQji2l/JDnBoU31R2OlPu/J0cd279Hy
n4gdisZ9OEErTg/Wsip4QbENOQz/sYBpXVP4g2yTTT0FSzcvbJiTi4D3/HwYG4Pw
v0m4F6YmMxiq9H3dPTUWhAL4IfHNKVyWu0JPSBRgM+oh5lopbm9qScf5IKBM+JxX
emXrXfzJoj2NtMkNf5xctPUW0p6j6kI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:13 2025 by rpki-client