Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Wz-CuiJfUzqRsGkKMc_PANgseeQ.roa
File: Wz-CuiJfUzqRsGkKMc_PANgseeQ.roa (raw, json)
Hash identifier: Hz/DB1yX6TNALaQj3H9UXpc/xUp4S9JB/h6qum3wSrQ=
Subject key identifier: 5B:3F:82:BA:22:5F:53:3A:91:B0:69:0A:31:CF:CF:00:D8:2C:79:E4
Certificate issuer: /CN=531d55a869f105af6abcdfa0ca406af1f49b24f1
Certificate serial: 0199DEF4F16219A0E74E64AE8047B0DC4751
Authority key identifier: 53:1D:55:A8:69:F1:05:AF:6A:BC:DF:A0:CA:40:6A:F1:F4:9B:24:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ux1VqGnxBa9qvN-gykBq8fSbJPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Wz-CuiJfUzqRsGkKMc_PANgseeQ.roa
Signing time: Mon 13 Oct 2025 19:03:38 +0000
ROA not before: Mon 13 Oct 2025 19:03:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199570
IP address blocks: 92.243.83.0/24 maxlen: 24
149.62.33.0/24 maxlen: 24
188.213.232.0/24 maxlen: 24
2a13:ad06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Ux1VqGnxBa9qvN-gykBq8fSbJPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Ux1VqGnxBa9qvN-gykBq8fSbJPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ux1VqGnxBa9qvN-gykBq8fSbJPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:de:f4:f1:62:19:a0:e7:4e:64:ae:80:47:b0:dc:47:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=531d55a869f105af6abcdfa0ca406af1f49b24f1
Validity
Not Before: Oct 13 19:03:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b3f82ba225f533a91b0690a31cfcf00d82c79e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8d:ba:bf:09:7e:97:7c:a8:8a:c3:f5:83:13:
7a:18:a7:28:fe:dd:68:70:90:09:3e:f4:7c:c5:e4:
d0:58:95:0b:af:f3:75:c1:47:18:88:09:30:78:61:
44:83:72:33:2a:ad:99:94:af:7f:08:6b:9b:e6:b2:
07:2f:3c:78:c9:43:ba:50:4d:6e:9b:d8:24:c6:2f:
19:4d:80:8c:18:25:95:c0:9f:1f:b2:ab:77:a8:42:
26:a1:64:32:dd:e2:ba:ab:1b:67:d1:6b:69:09:9f:
8c:c4:74:ef:33:96:be:98:90:46:5d:58:0e:bf:55:
66:fe:20:e3:f9:83:0c:5a:52:03:15:bc:a6:17:ce:
94:ad:18:d9:59:dc:d5:c6:d3:95:5f:56:a7:24:05:
f6:39:98:9c:fd:ac:32:2a:8b:54:55:65:71:ea:65:
01:20:f2:af:61:e2:9d:bf:3d:1b:4e:4a:e3:cb:19:
78:58:dd:8b:8f:01:d9:fd:f2:19:d8:53:7d:e2:94:
b6:fe:71:4b:da:85:6e:d7:1b:76:60:50:8d:fb:3e:
55:36:6b:77:53:1e:81:1c:36:96:75:ca:c7:f1:2e:
b2:e3:4c:6d:8a:f1:05:86:52:bb:f1:07:84:e0:ab:
f3:5f:0e:42:06:83:e0:55:e2:a6:a6:f7:f8:f0:c3:
76:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3F:82:BA:22:5F:53:3A:91:B0:69:0A:31:CF:CF:00:D8:2C:79:E4
X509v3 Authority Key Identifier:
keyid:53:1D:55:A8:69:F1:05:AF:6A:BC:DF:A0:CA:40:6A:F1:F4:9B:24:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ux1VqGnxBa9qvN-gykBq8fSbJPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Wz-CuiJfUzqRsGkKMc_PANgseeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Ux1VqGnxBa9qvN-gykBq8fSbJPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.243.83.0/24
149.62.33.0/24
188.213.232.0/24
IPv6:
2a13:ad06::/32
Signature Algorithm: sha256WithRSAEncryption
2f:d0:21:49:50:96:7e:d9:3e:47:ea:99:ef:7c:59:16:8c:d6:
08:ac:32:de:a3:97:5e:1b:e2:d7:92:5d:2e:c7:6d:43:25:71:
d7:11:4e:49:3f:07:72:7c:64:e0:66:5e:fb:14:1c:20:10:8f:
1d:c0:cf:cc:2c:05:66:07:65:ed:6f:74:94:3b:01:d4:76:8b:
8e:05:24:81:33:45:18:68:d8:34:70:ea:38:2b:17:bd:76:ab:
86:7b:0f:47:40:44:91:5c:21:5d:92:84:b7:95:e2:32:1d:d2:
d1:73:74:c8:dd:60:08:ec:41:2d:78:56:ee:ff:7c:c3:33:13:
10:57:f1:98:2b:01:bd:d3:0a:df:e2:a2:35:57:a0:7d:7b:01:
98:cc:1a:8a:44:dd:4e:7a:a1:61:be:a1:bb:c1:bd:c5:cb:52:
c0:35:9b:24:15:6a:55:02:af:58:a3:a2:2e:93:6a:97:f6:07:
b0:5d:5a:1e:4f:15:ea:9c:bb:66:4e:09:4f:87:a1:68:ea:30:
ca:4b:91:9b:bc:98:e2:ce:14:14:96:e5:7b:2f:2a:df:1d:11:
d0:56:d3:40:63:7a:80:06:a0:a4:ab:c1:c6:75:84:70:ad:dc:
ff:ab:26:84:c6:85:7c:4b:9d:75:57:ba:44:76:6b:68:a9:20:
26:4e:b5:8a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZne9PFiGaDnTmSugEew3EdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMWQ1NWE4NjlmMTA1YWY2YWJjZGZhMGNhNDA2YWYxZjQ5
YjI0ZjEwHhcNMjUxMDEzMTkwMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjNmODJiYTIyNWY1MzNhOTFiMDY5MGEzMWNmY2YwMGQ4MmM3OWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI26vwl+l3yoisP1gxN6GKco/t1o
cJAJPvR8xeTQWJULr/N1wUcYiAkweGFEg3IzKq2ZlK9/CGub5rIHLzx4yUO6UE1u
m9gkxi8ZTYCMGCWVwJ8fsqt3qEImoWQy3eK6qxtn0WtpCZ+MxHTvM5a+mJBGXVgO
v1Vm/iDj+YMMWlIDFbymF86UrRjZWdzVxtOVX1anJAX2OZic/awyKotUVWVx6mUB
IPKvYeKdvz0bTkrjyxl4WN2LjwHZ/fIZ2FN94pS2/nFL2oVu1xt2YFCN+z5VNmt3
Ux6BHDaWdcrH8S6y40xtivEFhlK78QeE4KvzXw5CBoPgVeKmpvf48MN2uwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFs/groiX1M6kbBpCjHPzwDYLHnkMB8GA1UdIwQY
MBaAFFMdVahp8QWvarzfoMpAavH0myTxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXgxVnFHbnhCYTlxdk4tZ3lrQnE4ZlNiSlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lZWMyY2QtMzZkZS00Zjk2LTlmYjIt
NGRjMWVmODkwNDRiLzEvV3otQ3VpSmZVenFSc0drS01jX1BBTmdzZWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9lZWMyY2QtMzZkZS00Zjk2LTlmYjItNGRjMWVmODkwNDRi
LzEvVXgxVnFHbnhCYTlxdk4tZ3lrQnE4ZlNiSlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXPNTAwQA
lT4hAwQAvNXoMA0EAgACMAcDBQAqE60GMA0GCSqGSIb3DQEBCwUAA4IBAQAv0CFJ
UJZ+2T5H6pnvfFkWjNYIrDLeo5deG+LXkl0ux21DJXHXEU5JPwdyfGTgZl77FBwg
EI8dwM/MLAVmB2Xtb3SUOwHUdouOBSSBM0UYaNg0cOo4Kxe9dquGew9HQESRXCFd
koS3leIyHdLRc3TI3WAI7EEteFbu/3zDMxMQV/GYKwG90wrf4qI1V6B9ewGYzBqK
RN1OeqFhvqG7wb3Fy1LANZskFWpVAq9Yo6Iuk2qX9gewXVoeTxXqnLtmTglPh6Fo
6jDKS5GbvJjizhQUluV7LyrfHRHQVtNAY3qABqCkq8HGdYRwrdz/qyaExoV8S511
V7pEdmtoqSAmTrWK
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:06 2025 by rpki-client