Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/wfpLWZRqjYyqOYG4nZjXl1hddKM.roa
File: wfpLWZRqjYyqOYG4nZjXl1hddKM.roa (raw, json)
Hash identifier: tBG35yaSr292GrQvLa8I1LIYccs3GlTu5MD9aZU7b9E=
Subject key identifier: C1:FA:4B:59:94:6A:8D:8C:AA:39:81:B8:9D:98:D7:97:58:5D:74:A3
Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Certificate serial: 019DFDCF71EAB5CADD7071B65025C7F9F084
Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/wfpLWZRqjYyqOYG4nZjXl1hddKM.roa
Signing time: Wed 06 May 2026 15:02:03 +0000
ROA not before: Wed 06 May 2026 15:02:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 81.85.72.0/24 maxlen: 24
81.85.74.0/24 maxlen: 24
81.85.75.0/24 maxlen: 24
185.5.75.0/24 maxlen: 24
185.9.24.0/24 maxlen: 24
185.9.25.0/24 maxlen: 24
185.9.26.0/24 maxlen: 24
185.28.172.0/24 maxlen: 24
185.28.173.0/24 maxlen: 24
185.28.174.0/24 maxlen: 24
185.74.44.0/24 maxlen: 24
213.155.9.0/24 maxlen: 24
213.155.10.0/24 maxlen: 24
213.155.11.0/24 maxlen: 24
213.155.12.0/24 maxlen: 24
213.155.14.0/24 maxlen: 24
213.155.15.0/24 maxlen: 24
213.155.28.0/24 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.33.0/24 maxlen: 24
217.177.34.0/24 maxlen: 24
217.177.44.0/24 maxlen: 24
217.177.45.0/24 maxlen: 24
217.177.46.0/24 maxlen: 24
217.177.47.0/24 maxlen: 24
217.179.48.0/24 maxlen: 24
217.179.49.0/24 maxlen: 24
2a11:2cc0:2::/47 maxlen: 47
2a11:2cc0:4::/47 maxlen: 47
2a11:2cc0:6::/47 maxlen: 47
2a11:2cc0:8::/47 maxlen: 47
2a11:2cc0:10::/47 maxlen: 47
2a11:2cc0:20::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:cf:71:ea:b5:ca:dd:70:71:b6:50:25:c7:f9:f0:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Validity
Not Before: May 6 15:02:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c1fa4b59946a8d8caa3981b89d98d797585d74a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7b:d8:69:4d:3c:27:62:57:d4:12:83:17:fa:
29:cc:42:5a:2b:60:44:ea:67:1a:7c:37:92:2e:e6:
0e:0d:37:a9:2e:cb:69:49:a4:f2:78:f1:2d:9b:6b:
80:1d:c1:fd:08:60:e3:3c:24:9b:8d:9b:22:67:ef:
78:a4:86:d4:85:7f:e9:80:83:5f:4a:d1:16:fa:ca:
34:47:32:5c:07:74:9d:9f:9f:1e:a9:7c:5f:ee:23:
4b:f0:e3:0e:78:a1:3c:81:e0:b8:23:0c:ca:d5:6b:
77:cf:e4:0e:b9:31:60:7d:af:ff:7e:b2:61:40:d6:
a5:2f:8d:20:82:f2:a9:6c:df:f8:9c:7c:84:30:0e:
95:4b:da:a4:5a:53:a8:ca:52:d1:ea:1a:5e:2a:c6:
08:c7:71:98:4c:7d:5b:7e:0d:b5:d7:dc:97:1d:0d:
38:11:de:2a:23:df:ce:d6:df:b8:23:92:1f:02:a8:
34:5c:5c:63:31:74:65:6f:4e:77:da:e2:03:52:1d:
e8:d9:ab:b5:c9:bb:ca:a2:4b:03:93:d9:71:af:31:
8d:14:2b:90:93:bc:07:7f:06:bc:87:92:7e:1d:75:
c1:90:72:ce:09:4e:3c:67:b4:a5:cc:11:15:52:33:
cc:1f:b6:b0:30:27:85:95:e5:5b:ed:2a:f9:3b:cd:
2e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FA:4B:59:94:6A:8D:8C:AA:39:81:B8:9D:98:D7:97:58:5D:74:A3
X509v3 Authority Key Identifier:
keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/wfpLWZRqjYyqOYG4nZjXl1hddKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.72.0/24
81.85.74.0/23
185.5.75.0/24
185.9.24.0-185.9.26.255
185.28.172.0-185.28.174.255
185.74.44.0/24
213.155.9.0-213.155.12.255
213.155.14.0/23
213.155.28.0/24
217.177.32.0-217.177.34.255
217.177.44.0/22
217.179.48.0/23
IPv6:
2a11:2cc0:2::-2a11:2cc0:9:ffff:ffff:ffff:ffff:ffff
2a11:2cc0:10::/47
2a11:2cc0:20::/47
Signature Algorithm: sha256WithRSAEncryption
13:7f:8c:d9:17:89:d1:ed:4e:1f:d9:31:62:fb:93:aa:9f:f9:
be:50:7f:cc:38:58:73:cb:b2:34:b5:ad:14:07:b3:0c:9c:1f:
8d:d6:4e:2b:51:b0:88:27:ca:e5:b6:b5:81:7c:57:2b:6d:8a:
9c:9b:16:70:ab:4d:d6:65:df:b7:7b:58:22:cb:c7:2e:54:1f:
fa:b9:8f:1e:d7:58:e6:39:0f:60:67:77:75:48:64:5f:ab:80:
91:43:82:67:e9:7d:df:78:e6:50:eb:b7:62:29:b4:f1:0f:9e:
fa:67:15:66:ef:dc:32:6c:1f:7d:ec:c3:ad:aa:d3:1d:06:00:
9e:14:d0:55:fc:be:5c:df:e8:88:9b:5e:fd:55:6e:d3:d8:66:
3d:2f:7d:a5:41:73:4c:db:b5:bf:97:28:a5:b9:9f:a7:e5:44:
d2:f6:c7:7d:2b:7f:4a:25:e8:11:93:1b:72:71:19:3f:a3:ea:
ab:f7:44:1f:a5:53:4a:39:00:c4:88:6b:42:9d:08:40:14:57:
77:4f:45:6d:5f:5d:79:c0:7f:49:6e:d5:7e:d2:0a:8c:d1:7a:
dd:6b:b9:db:fd:e4:66:57:af:7b:d2:db:8a:be:03:f7:80:bf:
44:fa:b3:4f:59:ba:63:d7:a4:21:09:f3:8f:89:dc:01:93:00:
96:8f:f5:46
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZ39z3HqtcrdcHG2UCXH+fCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm
NDI2MTEwHhcNMjYwNTA2MTUwMjAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWZhNGI1OTk0NmE4ZDhjYWEzOTgxYjg5ZDk4ZDc5NzU4NWQ3NGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunvYaU08J2JX1BKDF/opzEJaK2BE
6mcafDeSLuYODTepLstpSaTyePEtm2uAHcH9CGDjPCSbjZsiZ+94pIbUhX/pgINf
StEW+so0RzJcB3Sdn58eqXxf7iNL8OMOeKE8geC4IwzK1Wt3z+QOuTFgfa//frJh
QNalL40ggvKpbN/4nHyEMA6VS9qkWlOoylLR6hpeKsYIx3GYTH1bfg2119yXHQ04
Ed4qI9/O1t+4I5IfAqg0XFxjMXRlb0532uIDUh3o2au1ybvKoksDk9lxrzGNFCuQ
k7wHfwa8h5J+HXXBkHLOCU48Z7SlzBEVUjPMH7awMCeFleVb7Sr5O80u+wIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFMH6S1mUao2MqjmBuJ2Y15dYXXSjMB8GA1UdIwQY
MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct
MjQyNDY2ODJiZjAwLzEvd2ZwTFdaUnFqWXlxT1lHNG5aalhsMWhkZEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw
LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjBuBAIAATBoAwQAUVVI
AwQBUVVKAwQAuQVLMAwDBAO5CRgDBAC5CRowDAMEArkcrAMEALkcrgMEALlKLDAM
AwQA1ZsJAwQA1ZsMAwQB1ZsOAwQA1ZscMAwDBAXZsSADBADZsSIDBALZsSwDBAHZ
szAwLAQCAAIwJjASAwcBKhEswAACAwcBKhEswAAIAwcBKhEswAAQAwcBKhEswAAg
MA0GCSqGSIb3DQEBCwUAA4IBAQATf4zZF4nR7U4f2TFi+5Oqn/m+UH/MOFhzy7I0
ta0UB7MMnB+N1k4rUbCIJ8rltrWBfFcrbYqcmxZwq03WZd+3e1giy8cuVB/6uY8e
11jmOQ9gZ3d1SGRfq4CRQ4Jn6X3feOZQ67diKbTxD576ZxVm79wybB997MOtqtMd
BgCeFNBV/L5c3+iIm179VW7T2GY9L32lQXNM27W/lyiluZ+n5UTS9sd9K39KJegR
kxtycRk/o+qr90QfpVNKOQDEiGtCnQhAFFd3T0VtX115wH9JbtV+0gqM0Xrda7nb
/eRmV6970tuKvgP3gL9E+rNPWbpj16QhCfOPidwBkwCWj/VG
-----END CERTIFICATE-----
Generated at Wed May 13 14:40:10 2026 by rpki-client