Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/Wga-eeL9nhEnXizPzV6ivlDvnxs.roa
File: Wga-eeL9nhEnXizPzV6ivlDvnxs.roa (raw, json)
Hash identifier: uKvj70ALSLDr6TIc9+kC/gs0jQJljNkA8QVKn25XNFY=
Subject key identifier: 5A:06:BE:79:E2:FD:9E:11:27:5E:2C:CF:CD:5E:A2:BE:50:EF:9F:1B
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 019A4EDB6D097E5501881DBDEF15F0334479
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/Wga-eeL9nhEnXizPzV6ivlDvnxs.roa
Signing time: Tue 04 Nov 2025 12:33:14 +0000
ROA not before: Tue 04 Nov 2025 12:33:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205866
IP address blocks: 2a11:a185::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:db:6d:09:7e:55:01:88:1d:bd:ef:15:f0:33:44:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Nov 4 12:33:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a06be79e2fd9e11275e2ccfcd5ea2be50ef9f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:71:0e:ba:ff:f8:da:0e:71:04:35:79:65:49:
c3:3c:fa:f3:68:d5:b9:3c:c0:a9:62:54:1f:54:10:
05:3e:32:5d:69:02:fa:e1:ce:a3:f6:eb:68:6e:84:
7a:ea:86:0b:e9:15:7a:fd:0d:69:d1:49:b4:e4:6c:
04:7c:76:b6:3e:20:e5:80:3b:55:3d:9f:de:58:f8:
8a:02:67:32:cd:30:0c:b7:be:4f:ee:84:dc:03:03:
91:7e:29:3b:d6:46:67:08:d1:23:6b:6a:6e:fb:57:
ef:b8:56:9b:1d:79:24:f6:c2:3e:67:de:d2:99:98:
2d:48:a1:f8:8a:e6:d5:ec:4a:d3:d8:92:0b:18:68:
8f:ee:05:d6:06:ce:01:70:bf:8d:b3:db:3a:72:9b:
5f:7d:4b:b6:ab:ca:76:81:81:a0:98:29:d3:2c:15:
8a:8b:ab:1f:17:83:4e:1a:31:c1:15:cf:87:60:1e:
2d:83:fb:07:5e:e4:b3:b7:90:7f:00:a0:47:ff:b6:
18:47:50:07:e4:0d:7a:a2:01:55:d9:8e:81:bd:8b:
88:c8:47:a8:80:6a:02:15:8c:33:85:ed:f4:22:4d:
35:d5:5b:68:ad:78:e9:67:8d:93:d3:c6:2f:b7:34:
41:f1:91:b6:63:b5:39:79:be:26:40:e0:96:a5:d6:
e0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:06:BE:79:E2:FD:9E:11:27:5E:2C:CF:CD:5E:A2:BE:50:EF:9F:1B
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/Wga-eeL9nhEnXizPzV6ivlDvnxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:a185::/32
Signature Algorithm: sha256WithRSAEncryption
49:8f:4c:34:1b:7d:1a:f4:50:8c:12:a5:73:b3:91:59:83:75:
64:21:9a:ce:b1:5f:96:83:d6:bb:87:20:2c:3d:e2:07:76:4c:
d7:34:16:25:d5:f8:5c:b6:20:8a:f8:ff:53:35:25:1b:e5:97:
61:52:4f:b2:5b:ce:9c:df:51:0d:11:08:43:af:ae:ea:de:f3:
83:71:8b:e6:73:86:40:6c:9b:de:88:a3:9e:52:4f:07:70:d4:
23:9c:9b:7b:6b:c1:a2:36:62:d2:17:a1:e6:14:a0:bf:1b:7d:
85:47:66:53:de:0c:96:6c:ad:5a:eb:21:08:e1:ae:65:56:e0:
2c:ff:ff:48:ec:5e:58:d3:8b:73:af:7a:80:6e:55:44:72:2f:
20:38:8f:65:5f:6d:18:74:00:b0:24:04:bc:57:7a:bd:0a:c9:
db:5a:be:b7:d7:7c:0b:39:ea:33:32:2a:69:c7:a1:4c:ef:63:
c9:68:b8:4c:61:a8:be:50:4e:24:50:68:a9:d9:23:7a:90:60:
a8:a9:07:65:bb:ab:39:91:91:43:aa:8d:27:24:96:49:d8:5f:
78:32:a6:bb:bf:f3:b1:da:0e:eb:13:4d:18:6a:f7:03:3d:89:
fc:7b:1e:25:12:1a:97:57:50:51:bb:93:73:6d:f6:27:7c:11:
b3:cf:54:a2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZpO220JflUBiB297xXwM0R5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUxMTA0MTIzMzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTA2YmU3OWUyZmQ5ZTExMjc1ZTJjY2ZjZDVlYTJiZTUwZWY5ZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nEOuv/42g5xBDV5ZUnDPPrzaNW5
PMCpYlQfVBAFPjJdaQL64c6j9utoboR66oYL6RV6/Q1p0Um05GwEfHa2PiDlgDtV
PZ/eWPiKAmcyzTAMt75P7oTcAwORfik71kZnCNEja2pu+1fvuFabHXkk9sI+Z97S
mZgtSKH4iubV7ErT2JILGGiP7gXWBs4BcL+Ns9s6cptffUu2q8p2gYGgmCnTLBWK
i6sfF4NOGjHBFc+HYB4tg/sHXuSzt5B/AKBH/7YYR1AH5A16ogFV2Y6BvYuIyEeo
gGoCFYwzhe30Ik011VtorXjpZ42T08YvtzRB8ZG2Y7U5eb4mQOCWpdbgnwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFoGvnni/Z4RJ14sz81eor5Q758bMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvV2dhLWVlTDluaEVuWGl6UHpWNml2bER2bnhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhGhhTAN
BgkqhkiG9w0BAQsFAAOCAQEASY9MNBt9GvRQjBKlc7ORWYN1ZCGazrFfloPWu4cg
LD3iB3ZM1zQWJdX4XLYgivj/UzUlG+WXYVJPslvOnN9RDREIQ6+u6t7zg3GL5nOG
QGyb3oijnlJPB3DUI5ybe2vBojZi0heh5hSgvxt9hUdmU94MlmytWushCOGuZVbg
LP//SOxeWNOLc696gG5VRHIvIDiPZV9tGHQAsCQEvFd6vQrJ21q+t9d8CznqMzIq
acehTO9jyWi4TGGovlBOJFBoqdkjepBgqKkHZburOZGRQ6qNJySWSdhfeDKmu7/z
sdoO6xNNGGr3Az2J/HseJRIal1dQUbuTc232J3wRs89Uog==
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:07:27 2025 by rpki-client