Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/WyWvd5DKscfmEGMEL0PePzeUL4Q.roa
File: WyWvd5DKscfmEGMEL0PePzeUL4Q.roa (raw, json)
Hash identifier: nOMA0BNzPpF2Krmr5TJ7D4tPTZSUrzj+vWs01CDz30k=
Subject key identifier: 5B:25:AF:77:90:CA:B1:C7:E6:10:63:04:2F:43:DE:3F:37:94:2F:84
Certificate issuer: /CN=e15136feff3574ef9b2262de59b06a21908fab3e
Certificate serial: 0199BA50C946F02B939E80348992888E5F1C
Authority key identifier: E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/WyWvd5DKscfmEGMEL0PePzeUL4Q.roa
Signing time: Mon 06 Oct 2025 16:18:00 +0000
ROA not before: Mon 06 Oct 2025 16:18:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41227
IP address blocks: 87.247.168.0/23 maxlen: 23
87.247.170.0/23 maxlen: 24
87.247.174.0/23 maxlen: 23
87.247.178.0/24 maxlen: 24
87.247.184.0/21 maxlen: 24
194.34.160.0/24 maxlen: 24
194.34.161.0/24 maxlen: 24
194.34.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ba:50:c9:46:f0:2b:93:9e:80:34:89:92:88:8e:5f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15136feff3574ef9b2262de59b06a21908fab3e
Validity
Not Before: Oct 6 16:18:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b25af7790cab1c7e61063042f43de3f37942f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:be:78:61:34:2a:d5:c0:b1:22:fb:75:f8:cd:
e5:8d:07:62:97:ff:a4:95:e3:13:fc:e2:20:c4:58:
ef:8f:3c:bf:78:ac:19:b8:98:fc:23:be:61:ed:fb:
bd:60:36:e6:76:b0:3e:21:ae:46:40:a8:e0:e3:39:
6f:b4:33:69:8c:bf:f2:e8:5b:35:22:71:ce:54:3d:
d9:b3:2b:89:7b:f7:64:42:17:1e:8d:88:59:8f:45:
66:16:3e:64:69:b4:e4:14:aa:f3:29:cb:10:a3:5c:
05:1f:79:99:be:c7:47:65:b3:93:d7:87:e3:62:92:
72:81:59:57:29:4a:5f:0a:66:9c:ea:aa:0c:39:24:
e7:c0:72:3e:96:79:02:4a:09:15:94:1a:9e:ea:86:
c5:71:63:8d:f0:7f:22:a8:25:2d:90:4f:d4:7e:2a:
d7:d6:be:0e:11:e5:7f:7d:86:1d:07:ec:7b:15:bb:
07:6d:ec:75:2e:a6:7e:74:ef:cf:ef:10:f4:89:dd:
fa:ab:02:ca:ef:9c:45:ac:50:be:7a:6a:42:b7:4d:
50:e2:ff:e2:9d:3e:48:6d:29:61:a9:fb:45:8a:a8:
2c:e2:40:56:a8:7b:88:ba:f4:c7:d0:33:a6:dc:d1:
7e:8d:ab:a6:2d:3c:08:55:23:bc:64:69:47:56:6e:
cb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:25:AF:77:90:CA:B1:C7:E6:10:63:04:2F:43:DE:3F:37:94:2F:84
X509v3 Authority Key Identifier:
keyid:E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/WyWvd5DKscfmEGMEL0PePzeUL4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.168.0/22
87.247.174.0/23
87.247.178.0/24
87.247.184.0/21
194.34.160.0-194.34.162.255
Signature Algorithm: sha256WithRSAEncryption
11:66:8e:e9:e4:3d:cc:ba:47:12:39:07:d6:a1:2c:0c:1c:e4:
ce:f9:91:59:8c:61:21:21:52:65:7d:db:12:36:5f:7a:56:46:
77:e6:40:3a:bb:e9:dc:4a:db:9b:ca:37:ba:13:3f:ec:48:d0:
ae:2b:a6:96:0e:f1:eb:e4:d9:cd:9c:08:86:68:16:81:2d:d6:
dc:a0:8d:b8:91:b6:cd:ea:c1:ef:5c:38:8c:f8:c3:28:69:79:
25:92:18:4a:71:f9:5c:37:49:ae:f7:62:05:66:cb:32:2e:ba:
18:e5:c0:f5:05:c0:cd:01:02:0b:ca:a2:30:1c:e5:77:a1:30:
89:64:47:d4:30:89:24:a2:86:58:eb:7f:c3:e5:69:80:e5:1a:
57:6c:c5:84:b4:74:26:ca:8d:18:6b:c7:3d:02:f7:c4:b2:20:
1f:aa:63:4d:9c:9a:ec:d5:6c:32:dc:6b:ce:83:d2:97:e3:df:
dc:6c:0b:bb:82:9d:d8:3e:e6:1c:5e:42:06:57:91:ce:04:00:
54:e4:b0:57:c4:97:a8:de:49:c9:b4:69:f9:bb:38:72:6d:03:
8b:1b:92:30:83:f4:c9:04:10:02:df:0f:ff:c5:de:1b:e8:4c:
ea:3d:12:83:ee:58:7e:03:29:7d:58:6a:9e:9a:9c:0a:7e:74:
92:3e:2f:05
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZm6UMlG8CuTnoA0iZKIjl8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTEzNmZlZmYzNTc0ZWY5YjIyNjJkZTU5YjA2YTIxOTA4
ZmFiM2UwHhcNMjUxMDA2MTYxODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjI1YWY3NzkwY2FiMWM3ZTYxMDYzMDQyZjQzZGUzZjM3OTQyZjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs754YTQq1cCxIvt1+M3ljQdil/+k
leMT/OIgxFjvjzy/eKwZuJj8I75h7fu9YDbmdrA+Ia5GQKjg4zlvtDNpjL/y6Fs1
InHOVD3ZsyuJe/dkQhcejYhZj0VmFj5kabTkFKrzKcsQo1wFH3mZvsdHZbOT14fj
YpJygVlXKUpfCmac6qoMOSTnwHI+lnkCSgkVlBqe6obFcWON8H8iqCUtkE/UfirX
1r4OEeV/fYYdB+x7FbsHbex1LqZ+dO/P7xD0id36qwLK75xFrFC+empCt01Q4v/i
nT5IbSlhqftFiqgs4kBWqHuIuvTH0DOm3NF+jaumLTwIVSO8ZGlHVm7L/QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFslr3eQyrHH5hBjBC9D3j83lC+EMB8GA1UdIwQY
MBaAFOFRNv7/NXTvmyJi3lmwaiGQj6s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMt
MDQxMzEyMjQyZmYzLzEvV3lXdmQ1REtzY2ZtRUdNRUwwUGVQemVVTDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMtMDQxMzEyMjQyZmYz
LzEvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCV/eoAwQB
V/euAwQAV/eyAwQDV/e4MAwDBAXCIqADBADCIqIwDQYJKoZIhvcNAQELBQADggEB
ABFmjunkPcy6RxI5B9ahLAwc5M75kVmMYSEhUmV92xI2X3pWRnfmQDq76dxK25vK
N7oTP+xI0K4rppYO8evk2c2cCIZoFoEt1tygjbiRts3qwe9cOIz4wyhpeSWSGEpx
+Vw3Sa73YgVmyzIuuhjlwPUFwM0BAgvKojAc5XehMIlkR9QwiSSihljrf8PlaYDl
GldsxYS0dCbKjRhrxz0C98SyIB+qY02cmuzVbDLca86D0pfj39xsC7uCndg+5hxe
QgZXkc4EAFTksFfEl6jeScm0afm7OHJtA4sbkjCD9MkEEALfD//F3hvoTOo9EoPu
WH4DKX1Yap6anAp+dJI+LwU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:00:00 2025 by rpki-client