Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/wfh-UOAZf8zXcfnGgtljGrgtW4Y.roa
File: wfh-UOAZf8zXcfnGgtljGrgtW4Y.roa (raw, json)
Hash identifier: v/XrCw+3zSPx3FlcLzuKPWemLUh1+me4/h0qQHJfqdU=
Subject key identifier: C1:F8:7E:50:E0:19:7F:CC:D7:71:F9:C6:82:D9:63:1A:B8:2D:5B:86
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 019DC379B58D69546EA3B5F68B4435B3A4CB
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/wfh-UOAZf8zXcfnGgtljGrgtW4Y.roa
Signing time: Sat 25 Apr 2026 07:10:26 +0000
ROA not before: Sat 25 Apr 2026 07:10:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 399955
IP address blocks: 45.149.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c3:79:b5:8d:69:54:6e:a3:b5:f6:8b:44:35:b3:a4:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Apr 25 07:10:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c1f87e50e0197fccd771f9c682d9631ab82d5b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:49:fc:ef:e5:27:62:bf:98:3e:43:3c:53:fc:
5f:2c:2d:5f:d7:c4:ac:8e:f2:4d:13:d0:ed:92:7f:
0c:17:b0:39:7e:09:54:86:16:39:2c:ed:56:e6:55:
f5:59:5b:8d:f7:b6:ca:3f:d9:31:e7:b9:33:74:01:
ec:02:8f:95:91:b6:bc:83:c6:cd:7e:ec:0e:a8:7d:
9c:4f:63:90:91:fe:bb:2b:a5:cd:e6:18:46:2d:86:
72:35:7c:a1:f4:a1:ba:56:3a:61:ef:38:d8:be:c1:
a4:1e:01:98:c6:f5:87:ad:86:de:3e:8e:3e:83:d4:
6f:96:c4:d6:d1:48:c7:05:3f:26:06:da:a8:fc:6c:
a6:6c:fc:ff:3a:95:4f:06:0b:ca:ee:a8:45:fd:cd:
f2:90:be:ec:6a:62:be:38:3c:20:e2:d0:b8:7d:3a:
a0:ac:3f:c4:78:1d:89:e9:a8:57:ab:63:90:fe:d4:
f1:e1:0c:22:55:17:81:54:77:4f:96:f7:98:11:b2:
b6:a3:55:30:84:3d:33:b0:16:97:87:ac:5f:6b:84:
47:59:6a:00:d2:03:f7:d1:27:30:3f:9b:e6:1f:d1:
62:84:d1:70:ba:25:74:c1:fc:10:96:3a:04:ce:af:
dd:9a:6b:5a:38:5d:58:3f:1e:0a:ab:23:53:bf:47:
33:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F8:7E:50:E0:19:7F:CC:D7:71:F9:C6:82:D9:63:1A:B8:2D:5B:86
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/wfh-UOAZf8zXcfnGgtljGrgtW4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.7.0/24
Signature Algorithm: sha256WithRSAEncryption
56:5c:d4:9d:a8:af:48:35:d2:ae:31:8e:1a:6e:3a:f1:da:c4:
79:ba:b9:03:48:82:9a:9e:4a:81:dc:f9:34:33:d7:b5:a4:89:
09:66:30:70:6a:51:28:39:4e:c0:5c:61:cd:10:c2:8e:33:7b:
04:39:2f:fa:cb:bc:3c:49:83:8a:c6:e6:0a:1a:51:7d:e9:04:
6b:39:4f:ec:20:01:08:b4:e9:d9:57:a1:57:4f:38:d0:3c:b9:
32:78:2e:d7:a6:b5:bd:45:84:ab:ea:02:6a:b5:4c:95:e5:ec:
1e:22:ca:ad:98:00:36:01:4b:31:39:30:a9:ae:2f:b0:c9:06:
0b:62:53:ed:fd:f6:e8:fe:89:05:9a:c1:cb:06:61:c0:60:4c:
d4:65:92:53:ed:a9:d2:3e:71:01:7e:19:eb:4d:53:e1:92:75:
41:ac:64:8e:da:d1:c9:cf:c4:b8:c7:d5:80:ed:9d:26:2b:d5:
46:26:a6:43:31:5a:8f:d9:9a:ae:51:3c:12:aa:93:e6:45:eb:
a6:ed:db:fa:7d:e3:92:bf:fc:d7:d4:44:9c:56:dd:04:01:fa:
4d:4b:8f:20:7e:a3:5c:fd:28:72:41:47:55:06:c1:c1:03:01:
16:42:86:fb:08:f3:50:f1:b8:15:cf:9d:63:b2:24:e9:43:1a:
48:7f:52:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3DebWNaVRuo7X2i0Q1s6TLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjYwNDI1MDcxMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWY4N2U1MGUwMTk3ZmNjZDc3MWY5YzY4MmQ5NjMxYWI4MmQ1Yjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEn87+UnYr+YPkM8U/xfLC1f18Ss
jvJNE9Dtkn8MF7A5fglUhhY5LO1W5lX1WVuN97bKP9kx57kzdAHsAo+Vkba8g8bN
fuwOqH2cT2OQkf67K6XN5hhGLYZyNXyh9KG6Vjph7zjYvsGkHgGYxvWHrYbePo4+
g9RvlsTW0UjHBT8mBtqo/GymbPz/OpVPBgvK7qhF/c3ykL7samK+ODwg4tC4fTqg
rD/EeB2J6ahXq2OQ/tTx4QwiVReBVHdPlveYEbK2o1UwhD0zsBaXh6xfa4RHWWoA
0gP30ScwP5vmH9FihNFwuiV0wfwQljoEzq/dmmtaOF1YPx4KqyNTv0czIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMH4flDgGX/M13H5xoLZYxq4LVuGMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvd2ZoLVVPQVpmOHpYY2ZuR2d0bGpHcmd0VzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZUHMA0G
CSqGSIb3DQEBCwUAA4IBAQBWXNSdqK9INdKuMY4abjrx2sR5urkDSIKankqB3Pk0
M9e1pIkJZjBwalEoOU7AXGHNEMKOM3sEOS/6y7w8SYOKxuYKGlF96QRrOU/sIAEI
tOnZV6FXTzjQPLkyeC7XprW9RYSr6gJqtUyV5eweIsqtmAA2AUsxOTCpri+wyQYL
YlPt/fbo/okFmsHLBmHAYEzUZZJT7anSPnEBfhnrTVPhknVBrGSO2tHJz8S4x9WA
7Z0mK9VGJqZDMVqP2ZquUTwSqpPmReum7dv6feOSv/zX1EScVt0EAfpNS48gfqNc
/ShyQUdVBsHBAwEWQob7CPNQ8bgVz51jsiTpQxpIf1J1
-----END CERTIFICATE-----
Generated at Wed May 13 05:36:26 2026 by rpki-client