Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/wIKlIzaPvMqlbHFPKVC7a0A1RBw.roa
File: wIKlIzaPvMqlbHFPKVC7a0A1RBw.roa (raw, json)
Hash identifier: 8tz5eic6ZZ8w1FJt/f7UXX9lkmNuw6dZC8Vdyx3/23A=
Subject key identifier: C0:82:A5:23:36:8F:BC:CA:A5:6C:71:4F:29:50:BB:6B:40:35:44:1C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0198C44664DE73EF4F501A5FBE3BCD1E530B
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/wIKlIzaPvMqlbHFPKVC7a0A1RBw.roa
Signing time: Tue 19 Aug 2025 21:40:04 +0000
ROA not before: Tue 19 Aug 2025 21:40:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.102.116.0/22 maxlen: 24
5.102.120.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
82.163.52.0/23 maxlen: 24
82.163.56.0/22 maxlen: 24
82.163.64.0/22 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
185.86.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c4:46:64:de:73:ef:4f:50:1a:5f:be:3b:cd:1e:53:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 19 21:40:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c082a523368fbccaa56c714f2950bb6b4035441c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fc:78:4e:6d:3f:4b:7c:12:66:08:32:29:5f:
d9:cf:6b:1b:f3:83:fc:b5:be:53:00:eb:77:2e:8d:
60:af:6a:0b:c2:6e:a1:d6:30:61:99:8d:9b:2d:cb:
00:a4:2e:27:81:f6:69:69:14:18:1e:65:2b:4a:a4:
0d:0f:36:1e:b3:6b:b1:70:1e:f7:c3:60:a5:27:dc:
81:36:f7:c5:e1:9a:73:17:ec:63:04:90:1e:2c:f0:
01:96:58:a7:b4:6c:76:74:5d:bd:b1:14:21:26:3d:
bf:62:c5:a9:bc:ae:b7:72:9c:27:b5:26:3c:13:c5:
4e:6e:e4:db:f4:4c:c0:79:8e:28:06:71:cd:09:96:
48:40:20:4d:f0:43:40:7f:56:85:66:e9:18:d8:45:
41:79:d8:ec:eb:d9:1f:21:01:08:ca:32:bc:ae:94:
16:33:2a:7e:81:00:02:00:f2:0e:7d:d7:20:28:f0:
c4:c2:92:99:c6:43:8d:37:6e:02:ac:f5:69:92:98:
b8:69:76:b9:26:59:6b:30:0f:bd:10:b8:d6:e4:3f:
76:60:10:54:d3:20:a5:db:c4:09:b0:df:02:14:3f:
bc:24:ab:c3:ee:4f:c4:88:b0:f0:b1:d5:d0:6e:a1:
41:42:05:a2:0b:e1:06:ad:70:f3:b1:a8:d9:2d:bc:
e0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:82:A5:23:36:8F:BC:CA:A5:6C:71:4F:29:50:BB:6B:40:35:44:1C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/wIKlIzaPvMqlbHFPKVC7a0A1RBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.116.0-5.102.123.255
31.186.180.0/22
46.20.210.0/23
82.163.52.0/23
82.163.56.0/22
82.163.64.0/22
82.163.168.0/22
82.163.224.0/22
92.114.40.0/22
185.86.140.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:f3:8b:e4:ce:f3:f0:5c:52:f5:d8:be:b7:fc:9c:3d:5c:87:
a9:e9:9f:85:84:c1:55:5d:3c:e3:c4:cc:c7:da:a5:33:bf:1e:
3c:92:7d:0b:c7:4f:a7:b4:5f:68:93:b0:4b:35:4c:04:71:83:
28:15:9a:61:d1:07:97:1d:f6:a2:4c:7b:9a:85:f9:0b:67:a1:
aa:39:ba:44:49:45:b1:f0:f2:9a:84:6a:c9:36:c2:b7:5b:4b:
95:8a:5d:05:08:f0:68:37:49:0d:d7:82:46:5c:67:33:0e:5d:
93:42:a3:cb:dc:3c:7c:83:26:09:d6:ab:0f:55:ef:b6:07:7d:
d8:88:63:e2:66:5b:54:55:d2:3d:2e:bc:86:92:a3:71:df:8b:
2d:63:44:85:b4:63:d1:a8:e9:17:52:7f:b3:7c:6d:d2:30:81:
3c:8a:1d:d4:4f:6f:f1:ff:b0:6e:9c:d7:f2:70:1a:ba:74:ef:
2f:17:8f:f0:bd:eb:c6:a6:97:ba:bd:16:64:a3:c3:06:f4:ce:
59:05:77:42:17:34:75:f5:a1:bf:69:21:68:ea:91:05:73:f6:
37:e7:89:82:51:5f:17:10:be:80:b0:8e:df:06:b8:9f:e3:80:
fd:e4:fa:bd:d2:43:02:ca:95:19:89:85:32:de:4c:ff:be:15:
66:de:a1:5a
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZjERmTec+9PUBpfvjvNHlMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwODE5MjE0MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDgyYTUyMzM2OGZiY2NhYTU2YzcxNGYyOTUwYmI2YjQwMzU0NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPx4Tm0/S3wSZggyKV/Zz2sb84P8
tb5TAOt3Lo1gr2oLwm6h1jBhmY2bLcsApC4ngfZpaRQYHmUrSqQNDzYes2uxcB73
w2ClJ9yBNvfF4ZpzF+xjBJAeLPABllintGx2dF29sRQhJj2/YsWpvK63cpwntSY8
E8VObuTb9EzAeY4oBnHNCZZIQCBN8ENAf1aFZukY2EVBedjs69kfIQEIyjK8rpQW
Myp+gQACAPIOfdcgKPDEwpKZxkONN24CrPVpkpi4aXa5JllrMA+9ELjW5D92YBBU
0yCl28QJsN8CFD+8JKvD7k/EiLDwsdXQbqFBQgWiC+EGrXDzsajZLbzguwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFMCCpSM2j7zKpWxxTylQu2tANUQcMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvd0lLbEl6YVB2TXFsYkhGUEtWQzdhMEExUkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBAIFZnQD
BAIFZngDBAIfurQDBAEuFNIDBAFSozQDBAJSozgDBAJSo0ADBAJSo6gDBAJSo+AD
BAJccigDBAG5VowwDQYJKoZIhvcNAQELBQADggEBAA/zi+TO8/BcUvXYvrf8nD1c
h6npn4WEwVVdPOPEzMfapTO/HjySfQvHT6e0X2iTsEs1TARxgygVmmHRB5cd9qJM
e5qF+Qtnoao5ukRJRbHw8pqEask2wrdbS5WKXQUI8Gg3SQ3XgkZcZzMOXZNCo8vc
PHyDJgnWqw9V77YHfdiIY+JmW1RV0j0uvIaSo3Hfiy1jRIW0Y9Go6RdSf7N8bdIw
gTyKHdRPb/H/sG6c1/JwGrp07y8Xj/C968aml7q9FmSjwwb0zlkFd0IXNHX1ob9p
IWjqkQVz9jfniYJRXxcQvoCwjt8GuJ/jgP3k+r3SQwLKlRmJhTLeTP++FWbeoVo=
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:13:43 2025 by rpki-client