Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/WK05YePVGxSCv79B0TteFVaq850.roa
File: WK05YePVGxSCv79B0TteFVaq850.roa (raw, json)
Hash identifier: 7rkUo5wVVBbfcYbpJlI0gu7ML8kJLZ10lGjYdqs1Wuo=
Subject key identifier: 58:AD:39:61:E3:D5:1B:14:82:BF:BF:41:D1:3B:5E:15:56:AA:F3:9D
Certificate issuer: /CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Certificate serial: 019B7C7F174FBD9156F79222606B9988D302
Authority key identifier: 51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/WK05YePVGxSCv79B0TteFVaq850.roa
Signing time: Fri 02 Jan 2026 02:17:42 +0000
ROA not before: Fri 02 Jan 2026 02:17:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208366
IP address blocks: 45.142.220.0/22 maxlen: 22
45.142.220.0/24 maxlen: 24
45.142.221.0/24 maxlen: 24
45.142.222.0/24 maxlen: 24
45.142.223.0/24 maxlen: 24
2a0e:dbc0::/29 maxlen: 29
2a0e:dbc0::/48 maxlen: 48
2a0e:dbc0:1::/48 maxlen: 48
2a0e:dbc0:2::/48 maxlen: 48
2a0e:dbc0:3::/48 maxlen: 48
2a0e:dbc0:4::/48 maxlen: 48
2a0e:dbc0:5::/48 maxlen: 48
2a0e:dbc0:6::/48 maxlen: 48
2a0e:dbc0:7::/48 maxlen: 48
2a0e:dbc0:8::/48 maxlen: 48
2a0e:dbc0:9::/48 maxlen: 48
2a0e:dbc0:a::/48 maxlen: 48
2a0e:dbc0:b::/48 maxlen: 48
2a0e:dbc0:c::/48 maxlen: 48
2a0e:dbc0:d::/48 maxlen: 48
2a0e:dbc0:e::/48 maxlen: 48
2a0e:dbc0:f::/48 maxlen: 48
2a0e:dbc0:1000::/48 maxlen: 48
2a0e:dbc0:1001::/48 maxlen: 48
2a0e:dbc0:1002::/48 maxlen: 48
2a0e:dbc0:1003::/48 maxlen: 48
2a0e:dbc0:1004::/48 maxlen: 48
2a0e:dbc0:1005::/48 maxlen: 48
2a0e:dbc0:1006::/48 maxlen: 48
2a0e:dbc0:1007::/48 maxlen: 48
2a0e:dbc0:1008::/48 maxlen: 48
2a0e:dbc0:1009::/48 maxlen: 48
2a0e:dbc0:100a::/48 maxlen: 48
2a0e:dbc0:100b::/48 maxlen: 48
2a0e:dbc0:100c::/48 maxlen: 48
2a0e:dbc0:100d::/48 maxlen: 48
2a0e:dbc0:100e::/48 maxlen: 48
2a0e:dbc0:100f::/48 maxlen: 48
2a0e:dbc0:2000::/48 maxlen: 48
2a0e:dbc0:2001::/48 maxlen: 48
2a0e:dbc0:2002::/48 maxlen: 48
2a0e:dbc0:2003::/48 maxlen: 48
2a0e:dbc0:2004::/48 maxlen: 48
2a0e:dbc0:2005::/48 maxlen: 48
2a0e:dbc0:2006::/48 maxlen: 48
2a0e:dbc0:2007::/48 maxlen: 48
2a0e:dbc0:2008::/48 maxlen: 48
2a0e:dbc0:2009::/48 maxlen: 48
2a0e:dbc0:200a::/48 maxlen: 48
2a0e:dbc0:200b::/48 maxlen: 48
2a0e:dbc0:200c::/48 maxlen: 48
2a0e:dbc0:200d::/48 maxlen: 48
2a0e:dbc0:200e::/48 maxlen: 48
2a0e:dbc0:200f::/48 maxlen: 48
2a0e:dbc0:3000::/48 maxlen: 48
2a0e:dbc0:3001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 17:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:7f:17:4f:bd:91:56:f7:92:22:60:6b:99:88:d3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Validity
Not Before: Jan 2 02:17:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=58ad3961e3d51b1482bfbf41d13b5e1556aaf39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cd:06:c4:9c:ce:19:ec:01:4b:16:9e:6c:a4:
9f:74:1b:7f:ed:f4:c5:ad:87:f1:a5:9a:bb:f1:f6:
cc:7f:e1:74:f0:ee:c9:86:b2:14:b8:19:13:f6:25:
65:80:09:68:87:66:c8:31:58:42:62:40:a5:a9:16:
6d:77:f3:d1:fc:f9:74:7c:02:e2:b3:e8:8b:27:04:
d7:cb:33:40:e7:7e:aa:39:31:82:10:74:1f:cf:ba:
53:95:a1:66:17:0d:3b:9f:26:d4:40:40:d8:28:10:
aa:73:aa:f1:82:36:16:74:07:8c:33:44:77:2c:60:
7d:40:40:89:46:44:25:71:be:40:1f:31:42:e6:6d:
a9:94:16:a2:f8:b7:ba:a2:e0:2b:4a:b8:4b:ee:ce:
82:39:b3:27:20:c6:91:33:00:f0:ae:8e:ff:a6:6c:
3c:13:b0:5e:87:7b:98:f2:35:9b:48:e7:e2:7d:a0:
4f:3b:f2:6f:61:6f:2a:06:0c:9d:ae:73:e8:0d:0f:
43:50:8e:fc:6f:f4:df:ec:59:80:7d:3d:01:8e:f1:
af:c7:3c:8b:f6:56:87:93:f1:16:0b:00:d2:39:cb:
89:b2:a7:cc:4f:2e:63:76:4e:0e:c5:86:65:5e:fd:
17:7a:f0:87:3e:e8:3d:ab:59:9f:17:5d:da:68:43:
bd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:AD:39:61:E3:D5:1B:14:82:BF:BF:41:D1:3B:5E:15:56:AA:F3:9D
X509v3 Authority Key Identifier:
keyid:51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/WK05YePVGxSCv79B0TteFVaq850.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.220.0/22
IPv6:
2a0e:dbc0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:84:82:d8:cf:1d:51:26:0f:11:c4:92:54:a6:70:1a:19:7c:
0f:06:1e:fe:c9:41:0a:2f:13:2a:3c:d1:62:82:7d:34:22:81:
30:9f:2b:76:4c:fb:7b:3f:b1:bb:ea:54:da:63:29:b3:d3:33:
fb:95:5c:f9:91:15:4c:bc:3d:9b:92:44:0c:a1:e7:0f:52:9e:
43:f2:52:93:89:88:eb:74:a5:fa:b8:4b:99:fb:59:92:a4:a1:
e8:9d:18:60:05:4f:01:e5:97:d9:89:a3:f2:b2:19:f8:13:2f:
ca:c4:e2:be:3f:68:5e:05:04:31:26:d3:eb:3b:6e:31:a0:0d:
de:61:f3:b1:95:13:c4:0c:c6:ca:7d:75:40:be:77:56:eb:af:
7c:0c:be:f3:2d:55:d8:87:dc:a4:4a:44:a0:83:4d:c5:18:ea:
7c:8e:b4:d2:eb:09:7e:cb:1f:63:65:c2:22:82:55:83:8d:6d:
df:25:c6:7a:66:87:29:0b:25:55:05:5d:3b:18:8c:ad:26:a0:
0a:4b:a9:e1:30:b2:e0:6f:5c:17:b9:f6:fd:ad:d8:34:9b:96:
66:67:3b:b2:a6:40:b1:46:9a:b9:66:5f:2f:1d:cf:02:35:43:
39:f2:49:63:78:3c:28:76:4b:07:9a:f7:7f:68:10:d2:c5:0a:
b2:de:14:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt8fxdPvZFW95IiYGuZiNMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxODhkZWRhY2RjMjQwYjRiMmY3ODZmMTIzNDJlMGE4M2Q4
YWU4MGYwHhcNMjYwMTAyMDIxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGFkMzk2MWUzZDUxYjE0ODJiZmJmNDFkMTNiNWUxNTU2YWFmMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys0GxJzOGewBSxaebKSfdBt/7fTF
rYfxpZq78fbMf+F08O7JhrIUuBkT9iVlgAloh2bIMVhCYkClqRZtd/PR/Pl0fALi
s+iLJwTXyzNA536qOTGCEHQfz7pTlaFmFw07nybUQEDYKBCqc6rxgjYWdAeMM0R3
LGB9QECJRkQlcb5AHzFC5m2plBai+Le6ouArSrhL7s6CObMnIMaRMwDwro7/pmw8
E7Beh3uY8jWbSOfifaBPO/JvYW8qBgydrnPoDQ9DUI78b/Tf7FmAfT0BjvGvxzyL
9laHk/EWCwDSOcuJsqfMTy5jdk4OxYZlXv0XevCHPug9q1mfF13aaEO9TQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFitOWHj1RsUgr+/QdE7XhVWqvOdMB8GA1UdIwQY
MBaAFFGI3trNwkC0sveG8SNC4Kg9iugPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQt
NzliM2RiNjU5ZGZjLzEvV0swNVllUFZHeFNDdjc5QjBUdGVGVmFxODUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQtNzliM2RiNjU5ZGZj
LzEvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY7cMA0E
AgACMAcDBQMqDtvAMA0GCSqGSIb3DQEBCwUAA4IBAQBuhILYzx1RJg8RxJJUpnAa
GXwPBh7+yUEKLxMqPNFign00IoEwnyt2TPt7P7G76lTaYymz0zP7lVz5kRVMvD2b
kkQMoecPUp5D8lKTiYjrdKX6uEuZ+1mSpKHonRhgBU8B5ZfZiaPyshn4Ey/KxOK+
P2heBQQxJtPrO24xoA3eYfOxlRPEDMbKfXVAvndW6698DL7zLVXYh9ykSkSgg03F
GOp8jrTS6wl+yx9jZcIiglWDjW3fJcZ6ZocpCyVVBV07GIytJqAKS6nhMLLgb1wX
ufb9rdg0m5ZmZzuypkCxRpq5Zl8vHc8CNUM58kljeDwodksHmvd/aBDSxQqy3hTq
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:55:09 2026 by rpki-client