Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/wPGOwnLGHizewOcMftfXF8XjPas.roa
File: wPGOwnLGHizewOcMftfXF8XjPas.roa (raw, json)
Hash identifier: 7WgPxVLEmp7JJINNiBOoOLbQjqXgGitoBvWY+g1dgIE=
Subject key identifier: C0:F1:8E:C2:72:C6:1E:2C:DE:C0:E7:0C:7E:D7:D7:17:C5:E3:3D:AB
Certificate issuer: /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial: 01990BA60F9062A1E376DE2380451AF8C39A
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/wPGOwnLGHizewOcMftfXF8XjPas.roa
Signing time: Tue 02 Sep 2025 18:17:36 +0000
ROA not before: Tue 02 Sep 2025 18:17:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43581
IP address blocks: 46.253.143.0/24 maxlen: 24
91.211.115.0/24 maxlen: 24
193.17.92.0/24 maxlen: 24
2a11:1940::/29 maxlen: 29
2a11:1940::/32 maxlen: 32
2a13:17c0::/32 maxlen: 32
2a13:17c7::/32 maxlen: 32
2a13:a500::/32 maxlen: 32
2a13:a502::/32 maxlen: 32
2a13:a503::/32 maxlen: 32
2a13:a504::/32 maxlen: 32
2a13:a505::/32 maxlen: 32
2a13:a506::/32 maxlen: 32
2a13:a507::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.mft
rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0b:a6:0f:90:62:a1:e3:76:de:23:80:45:1a:f8:c3:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Validity
Not Before: Sep 2 18:17:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0f18ec272c61e2cdec0e70c7ed7d717c5e33dab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ac:d6:cc:1b:b2:6c:2b:c8:4b:89:94:df:26:
c3:34:a4:75:ca:6b:82:e6:58:71:f3:70:4b:cb:09:
a3:00:e3:46:34:a1:d5:b5:43:3f:76:25:57:03:73:
5f:55:a2:e9:c7:41:8e:19:3e:ae:d9:81:45:f9:82:
61:67:cc:e2:d3:ab:15:82:20:5a:b0:84:9b:fd:33:
5a:dd:27:49:e0:fa:a1:f0:26:4c:6e:57:1e:83:33:
dc:95:01:93:d2:37:b0:34:6a:2d:bf:2c:f6:1f:62:
27:61:3a:21:27:30:e3:8d:be:17:58:8e:1e:30:42:
00:f6:4e:1e:fa:30:eb:63:2d:68:ef:a1:ac:4d:fd:
76:85:7f:94:69:4f:21:15:1a:66:e3:19:0f:92:e4:
89:20:0d:65:f5:e5:a7:2c:19:c5:19:c9:ce:d0:c0:
ba:a5:54:d1:04:9f:50:03:1d:bd:46:7f:6e:16:0a:
55:e9:a9:bd:ff:65:e0:40:2e:d2:83:ac:82:16:39:
38:6e:80:50:80:82:35:22:17:3b:b9:44:55:c3:6d:
b8:57:8c:a3:fa:ce:56:8f:77:92:20:60:5b:da:29:
16:f6:03:63:df:4e:70:d4:0f:ee:54:b5:c0:c0:ce:
25:12:2c:0c:10:2a:f6:e8:44:8d:b0:53:96:c4:3c:
db:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F1:8E:C2:72:C6:1E:2C:DE:C0:E7:0C:7E:D7:D7:17:C5:E3:3D:AB
X509v3 Authority Key Identifier:
keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/wPGOwnLGHizewOcMftfXF8XjPas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.143.0/24
91.211.115.0/24
193.17.92.0/24
IPv6:
2a11:1940::/29
2a13:17c0::/32
2a13:17c7::/32
2a13:a500::/32
2a13:a502::-2a13:a507:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
31:a3:04:19:eb:90:ad:8f:36:be:96:f1:e6:77:1b:4d:b3:0e:
59:eb:7b:a4:d4:44:de:36:b3:d3:dd:1a:fb:80:97:bc:ab:48:
ba:6f:e5:33:d6:bb:a7:4f:83:79:a7:ca:c4:04:09:f4:b6:9d:
b2:29:5a:20:10:1c:e7:fc:d2:98:50:c7:83:74:b5:79:1c:91:
2d:f0:b1:b9:a8:ea:ac:b3:df:68:ee:7d:df:48:d1:49:93:3d:
4b:c6:96:cc:9d:98:ff:d7:a5:37:89:ca:ee:bc:35:33:f0:33:
5e:dc:2c:ad:ee:e4:ca:04:53:53:72:1e:52:5e:b1:d9:41:f1:
3d:cd:0c:9f:20:fe:bd:eb:77:96:f3:a0:f1:de:39:fd:d1:08:
3a:f8:da:0e:c4:80:6b:cc:08:eb:13:9d:1e:57:a6:42:94:e0:
06:29:08:ec:20:b9:8f:17:5f:7d:1a:af:0c:0e:16:9a:01:d0:
76:a5:7f:59:b0:7e:4f:e1:85:8f:80:35:50:74:fe:f0:bd:5b:
b2:35:c2:eb:16:bb:4b:3f:0f:1a:a8:8e:1d:24:bf:4a:42:d7:
b6:80:5c:2b:3b:00:7e:21:69:a2:a1:87:0b:12:d7:22:2d:ac:
3c:5b:83:1e:47:9b:b2:b0:f2:32:6c:0e:95:ef:9a:f5:8c:e0:
3d:9e:bc:da
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZkLpg+QYqHjdt4jgEUa+MOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjUwOTAyMTgxNzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGYxOGVjMjcyYzYxZTJjZGVjMGU3MGM3ZWQ3ZDcxN2M1ZTMzZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqzWzBuybCvIS4mU3ybDNKR1ymuC
5lhx83BLywmjAONGNKHVtUM/diVXA3NfVaLpx0GOGT6u2YFF+YJhZ8zi06sVgiBa
sISb/TNa3SdJ4Pqh8CZMblcegzPclQGT0jewNGotvyz2H2InYTohJzDjjb4XWI4e
MEIA9k4e+jDrYy1o76GsTf12hX+UaU8hFRpm4xkPkuSJIA1l9eWnLBnFGcnO0MC6
pVTRBJ9QAx29Rn9uFgpV6am9/2XgQC7Sg6yCFjk4boBQgII1Ihc7uURVw224V4yj
+s5Wj3eSIGBb2ikW9gNj305w1A/uVLXAwM4lEiwMECr26ESNsFOWxDzbBwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFMDxjsJyxh4s3sDnDH7X1xfF4z2rMB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvd1BHT3duTEdIaXpld09jTWZ0ZlhGOFhqUGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAYBAIAATASAwQALv2PAwQA
W9NzAwQAwRFcMDIEAgACMCwDBQMqERlAAwUAKhMXwAMFACoTF8cDBQAqE6UAMA4D
BQEqE6UCAwUDKhOlADANBgkqhkiG9w0BAQsFAAOCAQEAMaMEGeuQrY82vpbx5ncb
TbMOWet7pNRE3jaz090a+4CXvKtIum/lM9a7p0+DeafKxAQJ9LadsilaIBAc5/zS
mFDHg3S1eRyRLfCxuajqrLPfaO5930jRSZM9S8aWzJ2Y/9elN4nK7rw1M/AzXtws
re7kygRTU3IeUl6x2UHxPc0MnyD+vet3lvOg8d45/dEIOvjaDsSAa8wI6xOdHlem
QpTgBikI7CC5jxdffRqvDA4WmgHQdqV/WbB+T+GFj4A1UHT+8L1bsjXC6xa7Sz8P
GqiOHSS/SkLXtoBcKzsAfiFpoqGHCxLXIi2sPFuDHkebsrDyMmwOle+a9YzgPZ68
2g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:57:57 2025 by rpki-client