Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/wlpXGzu3dfl93-726IjHXozz6GI.roa
File: wlpXGzu3dfl93-726IjHXozz6GI.roa (raw, json)
Hash identifier: N3HfdwUpnsDk8b2RDKKHkw8WOf36AVRD8bciGLBdJfo=
Subject key identifier: C2:5A:57:1B:3B:B7:75:F9:7D:DF:EE:F6:E8:88:C7:5E:8C:F3:E8:62
Certificate issuer: /CN=7af57dd52c75fce39ffe2915469d9e656dbcb873
Certificate serial: 0198D07A2B76B95A748F9AE0029AE4E2F7DE
Authority key identifier: 7A:F5:7D:D5:2C:75:FC:E3:9F:FE:29:15:46:9D:9E:65:6D:BC:B8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/wlpXGzu3dfl93-726IjHXozz6GI.roa
Signing time: Fri 22 Aug 2025 06:32:04 +0000
ROA not before: Fri 22 Aug 2025 06:32:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 92.246.80.0/24 maxlen: 24
92.246.81.0/24 maxlen: 24
92.246.82.0/24 maxlen: 24
92.246.83.0/24 maxlen: 24
103.226.192.0/24 maxlen: 24
103.226.194.0/23 maxlen: 23
103.229.170.0/24 maxlen: 24
103.229.171.0/24 maxlen: 24
185.145.68.0/24 maxlen: 24
185.145.69.0/24 maxlen: 24
185.167.181.0/24 maxlen: 24
185.201.4.0/24 maxlen: 24
185.204.203.0/24 maxlen: 24
185.223.176.0/24 maxlen: 24
185.223.177.0/24 maxlen: 24
185.223.179.0/24 maxlen: 24
185.237.212.0/24 maxlen: 24
185.237.213.0/24 maxlen: 24
185.237.214.0/24 maxlen: 24
2a07:4640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d0:7a:2b:76:b9:5a:74:8f:9a:e0:02:9a:e4:e2:f7:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7af57dd52c75fce39ffe2915469d9e656dbcb873
Validity
Not Before: Aug 22 06:32:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c25a571b3bb775f97ddfeef6e888c75e8cf3e862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e5:9e:77:27:ce:57:b3:a0:48:6e:1e:96:94:
c7:ba:0d:f5:f7:96:88:c1:b0:99:28:c6:85:65:39:
b2:66:94:cf:5a:31:f9:e7:a3:01:f8:c8:c8:da:ae:
20:e2:8f:7d:e1:e5:20:5e:19:c7:8e:0f:39:94:39:
87:09:74:a8:c5:54:77:6c:0e:a6:61:76:99:ef:6b:
4e:ce:1b:4d:95:d0:d3:2d:e0:14:f9:ba:1d:41:11:
ec:be:8b:17:db:89:0f:c0:25:e4:46:7a:a4:9c:d1:
ed:e7:2f:72:1a:a7:a0:64:53:f4:78:67:10:d5:22:
54:70:ba:bd:50:eb:ac:5c:15:fc:f2:e0:25:5d:64:
f0:13:14:77:44:24:ec:8a:8d:5a:23:1e:5c:42:5a:
8b:44:2f:99:d2:b6:38:a7:aa:42:ce:90:47:d8:d7:
7a:d9:aa:60:86:b6:eb:4a:cc:03:ae:8f:91:68:9f:
f3:97:a4:9d:08:75:b5:45:ad:73:39:68:ef:43:23:
e1:77:32:14:77:25:1a:37:93:a1:6d:cc:4b:69:a4:
d1:73:5b:f6:a6:92:28:6f:ab:6c:8c:ae:8a:3d:6f:
6b:25:15:3d:8a:67:13:8e:87:2f:5b:33:2d:c1:dd:
12:9a:66:87:7b:8f:a2:ed:7f:1e:31:37:db:97:37:
bf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:5A:57:1B:3B:B7:75:F9:7D:DF:EE:F6:E8:88:C7:5E:8C:F3:E8:62
X509v3 Authority Key Identifier:
keyid:7A:F5:7D:D5:2C:75:FC:E3:9F:FE:29:15:46:9D:9E:65:6D:BC:B8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/wlpXGzu3dfl93-726IjHXozz6GI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.246.80.0/22
103.226.192.0/24
103.226.194.0/23
103.229.170.0/23
185.145.68.0/23
185.167.181.0/24
185.201.4.0/24
185.204.203.0/24
185.223.176.0/23
185.223.179.0/24
185.237.212.0-185.237.214.255
IPv6:
2a07:4640::/29
Signature Algorithm: sha256WithRSAEncryption
ee:c8:70:a3:76:18:52:e4:79:32:ce:19:6e:a6:2c:7b:d7:b5:
31:05:70:14:f0:b1:c1:84:7d:95:94:22:3d:ca:75:97:59:85:
ad:f7:e7:aa:d3:8d:15:cd:cc:05:5c:04:3a:9d:ae:0f:d9:00:
32:25:a3:ac:89:8a:66:38:e2:b7:9d:26:9c:63:cb:dd:64:11:
ca:78:b6:52:be:6c:42:71:c5:60:ae:ce:15:3e:66:60:d6:9f:
52:7f:b5:da:e1:ae:a6:ef:3a:1e:84:72:c2:12:44:69:62:01:
bb:e8:e0:ea:da:86:cf:61:53:d7:04:2f:b4:9d:dc:c6:22:d0:
23:fc:6c:14:45:15:ee:cf:72:f2:f7:11:95:4f:76:af:d0:04:
59:50:f7:3e:24:7d:db:19:50:3d:e0:e6:a7:4d:ee:9f:22:d4:
22:d8:e3:02:b0:19:0e:52:63:01:bc:ce:4c:6f:0e:38:6b:66:
17:e8:1f:b3:4b:dd:b5:fa:aa:92:8c:6f:52:79:f3:94:12:dc:
67:3a:76:d5:2d:bb:32:84:07:35:fa:83:f7:d6:7a:11:01:ab:
33:60:72:e0:51:9d:53:ec:2b:68:71:7a:8b:b0:40:4d:07:93:
5c:77:2e:1f:cf:9f:d1:e4:86:4c:ee:74:54:54:9b:9f:60:3c:
0e:e3:41:5c
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZjQeit2uVp0j5rgAprk4vfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZjU3ZGQ1MmM3NWZjZTM5ZmZlMjkxNTQ2OWQ5ZTY1NmRi
Y2I4NzMwHhcNMjUwODIyMDYzMjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjVhNTcxYjNiYjc3NWY5N2RkZmVlZjZlODg4Yzc1ZThjZjNlODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuWedyfOV7OgSG4elpTHug3195aI
wbCZKMaFZTmyZpTPWjH556MB+MjI2q4g4o994eUgXhnHjg85lDmHCXSoxVR3bA6m
YXaZ72tOzhtNldDTLeAU+bodQRHsvosX24kPwCXkRnqknNHt5y9yGqegZFP0eGcQ
1SJUcLq9UOusXBX88uAlXWTwExR3RCTsio1aIx5cQlqLRC+Z0rY4p6pCzpBH2Nd6
2apghrbrSswDro+RaJ/zl6SdCHW1Ra1zOWjvQyPhdzIUdyUaN5OhbcxLaaTRc1v2
ppIob6tsjK6KPW9rJRU9imcTjocvWzMtwd0SmmaHe4+i7X8eMTfblze/wwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFMJaVxs7t3X5fd/u9uiIx16M8+hiMB8GA1UdIwQY
MBaAFHr1fdUsdfzjn/4pFUadnmVtvLhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZWOTFTeDFfT09mX2lrVlJwMmVaVzI4dUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84Nzk3ZGUtM2FlOS00ZTA1LTgwZmYt
YzI1MzQwOTZjNjBkLzEvd2xwWEd6dTNkZmw5My03MjZJakhYb3p6NkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84Nzk3ZGUtM2FlOS00ZTA1LTgwZmYtYzI1MzQwOTZjNjBk
LzEvZXZWOTFTeDFfT09mX2lrVlJwMmVaVzI4dUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQCXPZQAwQA
Z+LAAwQBZ+LCAwQBZ+WqAwQBuZFEAwQAuae1AwQAuckEAwQAuczLAwQBud+wAwQA
ud+zMAwDBAK57dQDBAC57dYwDQQCAAIwBwMFAyoHRkAwDQYJKoZIhvcNAQELBQAD
ggEBAO7IcKN2GFLkeTLOGW6mLHvXtTEFcBTwscGEfZWUIj3KdZdZha3356rTjRXN
zAVcBDqdrg/ZADIlo6yJimY44redJpxjy91kEcp4tlK+bEJxxWCuzhU+ZmDWn1J/
tdrhrqbvOh6EcsISRGliAbvo4Orahs9hU9cEL7Sd3MYi0CP8bBRFFe7PcvL3EZVP
dq/QBFlQ9z4kfdsZUD3g5qdN7p8i1CLY4wKwGQ5SYwG8zkxvDjhrZhfoH7NL3bX6
qpKMb1J585QS3Gc6dtUtuzKEBzX6g/fWehEBqzNgcuBRnVPsK2hxeouwQE0Hk1x3
Lh/Pn9HkhkzudFRUm59gPA7jQVw=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:45:45 2025 by rpki-client