Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/WeJgs7A95jwqtwLgB758IcXv4EU.roa
File: WeJgs7A95jwqtwLgB758IcXv4EU.roa (raw, json)
Hash identifier: 84hLdtwmT7VOnkUt9Z3ak3sP5MNYReF+bmVuaSuUp4c=
Subject key identifier: 59:E2:60:B3:B0:3D:E6:3C:2A:B7:02:E0:07:BE:7C:21:C5:EF:E0:45
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 019D19ACB4AA1FD0BFD356EBB7E23B4A0F5B
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/WeJgs7A95jwqtwLgB758IcXv4EU.roa
Signing time: Mon 23 Mar 2026 07:50:42 +0000
ROA not before: Mon 23 Mar 2026 07:50:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48294
IP address blocks: 45.86.222.0/23 maxlen: 23
45.91.36.0/22 maxlen: 22
84.252.104.0/24 maxlen: 24
91.132.128.0/22 maxlen: 22
185.124.0.0/22 maxlen: 22
185.126.160.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:19:ac:b4:aa:1f:d0:bf:d3:56:eb:b7:e2:3b:4a:0f:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Mar 23 07:50:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=59e260b3b03de63c2ab702e007be7c21c5efe045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0d:fc:c7:7a:1c:f3:d3:f0:20:0e:d3:3f:61:
1a:94:86:e7:ad:a7:41:e0:c4:b0:3c:c0:77:01:f5:
a7:fb:03:b2:db:1c:2f:58:bb:98:a4:dc:6c:42:40:
e3:f5:3c:e4:8b:43:e6:fe:49:85:5e:d7:b1:65:c5:
bb:49:e9:ec:78:9c:cd:e9:8d:2c:6e:7b:b3:38:55:
8c:fa:48:d3:ad:04:2f:09:79:ef:e5:aa:53:2e:36:
52:bb:a5:46:95:f8:94:8a:9a:52:32:83:14:6c:19:
e2:f9:c4:28:86:8e:c3:e4:e8:38:d9:c1:04:6a:4e:
9e:a6:6e:35:29:97:c0:8a:ca:d5:63:50:86:41:cb:
53:4a:18:2e:00:c2:75:20:b9:7d:78:61:22:56:51:
89:b7:27:37:62:30:3f:ec:7e:06:8f:6a:74:9a:7c:
f2:a6:61:6c:e1:6d:f5:e9:39:87:0a:49:2e:52:c6:
d8:ad:c9:ed:03:0b:0f:70:6a:a1:d7:a0:c2:23:e0:
0e:d1:cf:85:09:35:e5:14:8f:dd:a0:6b:dd:bd:33:
af:c8:40:49:d4:e5:3b:50:eb:47:d1:2a:1a:64:0c:
5e:81:78:11:5a:c3:da:1a:ba:fa:b5:4a:96:02:7c:
98:53:4d:b0:c1:12:72:14:b6:ad:a5:10:ef:e2:c7:
f9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E2:60:B3:B0:3D:E6:3C:2A:B7:02:E0:07:BE:7C:21:C5:EF:E0:45
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/WeJgs7A95jwqtwLgB758IcXv4EU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.222.0/23
45.91.36.0/22
84.252.104.0/24
91.132.128.0/22
185.124.0.0/22
185.126.160.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:05:98:cc:08:54:62:9f:8f:fd:65:83:2c:b4:75:05:cd:a4:
45:12:bf:34:b2:d0:4a:09:5c:9a:23:96:d1:f3:fe:b4:9b:33:
86:43:7a:04:b8:a1:53:c5:12:ce:a3:a2:88:6d:7a:29:b1:1f:
14:41:f5:86:ca:ed:89:c8:ef:ea:a4:1b:7c:32:c9:98:12:3f:
0c:37:9f:b3:5c:28:00:b0:d1:fa:bf:e6:2f:c3:b1:2b:78:2a:
2e:79:fa:3e:02:03:c7:10:e8:0a:aa:1a:39:f8:fe:b7:5b:95:
13:44:85:c0:fa:c2:b2:c4:68:1e:71:be:bb:0b:d4:1d:ff:02:
75:95:aa:65:77:9a:3c:03:de:51:34:81:c6:5b:ae:67:8d:69:
f0:f0:08:5a:5c:a2:c1:21:ab:d6:f0:10:2a:8e:c3:4c:ab:08:
7a:df:d8:88:8a:73:a7:be:8b:4e:4e:f3:f1:cd:0d:8f:fd:af:
fc:31:ee:1c:f8:e6:98:c6:f5:8e:85:23:26:04:b8:10:ea:c3:
2a:e9:98:87:ed:18:b9:f3:3f:56:79:23:a7:53:42:68:93:2d:
66:a1:2b:9d:72:fd:ad:e4:3a:32:9d:bb:3e:ee:58:ed:a8:4c:
da:eb:a1:f6:f5:1d:e4:29:b5:34:08:4d:8c:8b:46:9d:66:21:
2b:8e:fc:f2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ0ZrLSqH9C/01brt+I7Sg9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjYwMzIzMDc1MDQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWUyNjBiM2IwM2RlNjNjMmFiNzAyZTAwN2JlN2MyMWM1ZWZlMDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg38x3oc89PwIA7TP2EalIbnradB
4MSwPMB3AfWn+wOy2xwvWLuYpNxsQkDj9Tzki0Pm/kmFXtexZcW7SenseJzN6Y0s
bnuzOFWM+kjTrQQvCXnv5apTLjZSu6VGlfiUippSMoMUbBni+cQoho7D5Og42cEE
ak6epm41KZfAisrVY1CGQctTShguAMJ1ILl9eGEiVlGJtyc3YjA/7H4Gj2p0mnzy
pmFs4W316TmHCkkuUsbYrcntAwsPcGqh16DCI+AO0c+FCTXlFI/doGvdvTOvyEBJ
1OU7UOtH0SoaZAxegXgRWsPaGrr6tUqWAnyYU02wwRJyFLatpRDv4sf5yQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFniYLOwPeY8KrcC4Ae+fCHF7+BFMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvV2VKZ3M3QTk1andxdHdMZ0I3NThJY1h2NEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLVbeAwQC
LVskAwQAVPxoAwQCW4SAAwQCuXwAAwQCuX6gMA0GCSqGSIb3DQEBCwUAA4IBAQAq
BZjMCFRin4/9ZYMstHUFzaRFEr80stBKCVyaI5bR8/60mzOGQ3oEuKFTxRLOo6KI
bXopsR8UQfWGyu2JyO/qpBt8MsmYEj8MN5+zXCgAsNH6v+Yvw7EreCouefo+AgPH
EOgKqho5+P63W5UTRIXA+sKyxGgecb67C9Qd/wJ1lapld5o8A95RNIHGW65njWnw
8AhaXKLBIavW8BAqjsNMqwh639iIinOnvotOTvPxzQ2P/a/8Me4c+OaYxvWOhSMm
BLgQ6sMq6ZiH7Ri58z9WeSOnU0Joky1moSudcv2t5Doynbs+7ljtqEza66H29R3k
KbU0CE2Mi0adZiErjvzy
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:23:47 2026 by rpki-client