Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/c666bf-c8d6-48ad-8076-c3fd9ae81012/1/WCLjKmeCgQtKXh-2kHar0wTFzVQ.roa
File: WCLjKmeCgQtKXh-2kHar0wTFzVQ.roa (raw, json)
Hash identifier: zRn4amqc3pIfm/L+/ojA95gE8hnWdpUc7Yqxx7Eldy0=
Subject key identifier: 58:22:E3:2A:67:82:81:0B:4A:5E:1F:B6:90:76:AB:D3:04:C5:CD:54
Certificate issuer: /CN=78b1dbe2faf2a6e7dfa574ce55190963015f1c53
Certificate serial: 019B77C731D90EB28E60CC5C4A2B871EEFA4
Authority key identifier: 78:B1:DB:E2:FA:F2:A6:E7:DF:A5:74:CE:55:19:09:63:01:5F:1C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eLHb4vrypuffpXTOVRkJYwFfHFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/c666bf-c8d6-48ad-8076-c3fd9ae81012/1/WCLjKmeCgQtKXh-2kHar0wTFzVQ.roa
Signing time: Thu 01 Jan 2026 04:18:21 +0000
ROA not before: Thu 01 Jan 2026 04:18:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25355
IP address blocks: 82.144.64.0/19 maxlen: 29
82.144.64.0/24 maxlen: 24
82.144.65.0/24 maxlen: 24
82.144.66.0/24 maxlen: 24
82.144.67.0/24 maxlen: 24
82.144.68.0/24 maxlen: 24
82.144.69.0/24 maxlen: 24
82.144.70.0/24 maxlen: 24
82.144.71.0/24 maxlen: 24
82.144.72.0/24 maxlen: 24
82.144.73.0/24 maxlen: 24
82.144.74.0/24 maxlen: 24
82.144.75.0/24 maxlen: 24
82.144.76.0/24 maxlen: 24
82.144.77.0/24 maxlen: 24
82.144.78.0/24 maxlen: 24
82.144.79.0/24 maxlen: 24
82.144.80.0/24 maxlen: 24
82.144.81.0/24 maxlen: 24
82.144.82.0/24 maxlen: 24
82.144.83.0/24 maxlen: 24
82.144.84.0/24 maxlen: 24
82.144.85.0/24 maxlen: 24
82.144.86.0/24 maxlen: 24
82.144.87.0/24 maxlen: 24
82.144.88.0/24 maxlen: 24
82.144.89.0/24 maxlen: 24
82.144.90.0/24 maxlen: 24
82.144.91.0/24 maxlen: 24
82.144.92.0/24 maxlen: 24
82.144.93.0/24 maxlen: 24
82.144.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/c666bf-c8d6-48ad-8076-c3fd9ae81012/1/eLHb4vrypuffpXTOVRkJYwFfHFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/c666bf-c8d6-48ad-8076-c3fd9ae81012/1/eLHb4vrypuffpXTOVRkJYwFfHFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/eLHb4vrypuffpXTOVRkJYwFfHFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 19:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:c7:31:d9:0e:b2:8e:60:cc:5c:4a:2b:87:1e:ef:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78b1dbe2faf2a6e7dfa574ce55190963015f1c53
Validity
Not Before: Jan 1 04:18:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5822e32a6782810b4a5e1fb69076abd304c5cd54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:99:f0:b4:b1:53:96:67:65:5e:62:d3:f3:ed:
18:9b:f4:1f:c6:8f:48:9c:bb:c5:2a:23:c6:c8:eb:
07:23:24:96:cd:cd:77:92:2b:a8:1f:29:f6:5d:d5:
5f:f3:7a:8e:82:d9:eb:0e:de:03:a2:14:06:6d:32:
f7:71:3e:00:0b:d5:b3:2f:4f:80:42:73:4b:a9:4a:
98:47:b0:a8:41:a1:6e:4c:94:2c:dc:6f:85:1e:b6:
e9:35:76:ee:8d:21:15:cc:ab:8d:cf:7b:53:1e:cc:
0d:eb:3f:bc:66:9e:de:e1:a4:11:f9:3c:90:b5:6c:
7b:48:fd:f9:e4:3e:9d:ec:d8:9e:21:19:51:19:fc:
ee:10:8a:1f:ab:c1:bb:36:e7:77:d8:7c:06:c0:61:
15:11:74:62:fd:b3:69:09:d4:68:1a:3d:fd:4f:71:
26:be:63:99:8e:0e:ad:85:4d:25:0e:4f:f5:3b:4e:
f2:0d:68:fa:cb:e5:ff:45:40:9a:61:2d:26:5c:8d:
94:85:d8:5e:de:38:44:6c:d7:4c:22:80:5f:06:ba:
ef:a0:ae:96:cb:89:45:6e:1b:14:36:42:12:6d:ab:
2c:cf:d1:af:36:a0:d0:d5:ef:42:ec:0f:96:42:bb:
81:41:ea:3a:12:b4:6d:c4:90:66:b6:b7:4b:a9:bf:
2e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:22:E3:2A:67:82:81:0B:4A:5E:1F:B6:90:76:AB:D3:04:C5:CD:54
X509v3 Authority Key Identifier:
keyid:78:B1:DB:E2:FA:F2:A6:E7:DF:A5:74:CE:55:19:09:63:01:5F:1C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eLHb4vrypuffpXTOVRkJYwFfHFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c666bf-c8d6-48ad-8076-c3fd9ae81012/1/WCLjKmeCgQtKXh-2kHar0wTFzVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c666bf-c8d6-48ad-8076-c3fd9ae81012/1/eLHb4vrypuffpXTOVRkJYwFfHFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.144.64.0/19
Signature Algorithm: sha256WithRSAEncryption
75:8a:3a:cb:7d:db:ec:14:26:af:1b:60:da:ea:72:e8:1c:d5:
09:4f:5a:10:31:fd:43:48:60:6c:2c:ae:23:86:24:31:be:e9:
ba:67:2c:b7:c8:9c:0d:07:d2:d6:20:0e:03:0f:28:84:ba:c6:
50:a6:0b:e3:06:d3:38:fe:11:ba:21:63:a8:36:24:e4:9f:31:
89:4d:77:48:40:27:61:a5:f1:14:8d:3a:af:08:b2:37:ce:52:
fb:c7:26:f9:b6:53:45:af:32:61:34:46:58:30:fe:03:0e:9a:
b5:cd:d7:b2:15:b2:58:03:7e:29:4e:ce:50:f6:f4:db:5a:7f:
b2:2e:d7:23:e5:7e:cd:14:0a:1f:14:5c:25:04:c7:1a:8b:3f:
f3:18:39:a4:d6:c5:ef:4e:82:16:87:a0:bc:1f:a2:2f:cd:e9:
cb:e8:69:c8:fe:3e:9d:0d:2b:db:18:c8:9f:74:bf:d5:1c:79:
20:85:74:74:ab:08:cc:9d:ce:dd:0a:6f:66:08:4d:09:a2:2e:
70:b2:54:5a:df:99:93:33:b0:8e:e8:52:f1:fe:70:5a:2d:09:
75:09:6e:fd:a9:3d:09:f0:58:f0:62:e7:e3:5a:d5:1a:fd:be:
4f:d7:ce:42:99:18:ca:78:91:fe:a2:87:df:a9:29:66:71:3c:
03:97:2d:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3xzHZDrKOYMxcSiuHHu+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4YjFkYmUyZmFmMmE2ZTdkZmE1NzRjZTU1MTkwOTYzMDE1
ZjFjNTMwHhcNMjYwMTAxMDQxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODIyZTMyYTY3ODI4MTBiNGE1ZTFmYjY5MDc2YWJkMzA0YzVjZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JnwtLFTlmdlXmLT8+0Ym/Qfxo9I
nLvFKiPGyOsHIySWzc13kiuoHyn2XdVf83qOgtnrDt4DohQGbTL3cT4AC9WzL0+A
QnNLqUqYR7CoQaFuTJQs3G+FHrbpNXbujSEVzKuNz3tTHswN6z+8Zp7e4aQR+TyQ
tWx7SP355D6d7NieIRlRGfzuEIofq8G7Nud32HwGwGEVEXRi/bNpCdRoGj39T3Em
vmOZjg6thU0lDk/1O07yDWj6y+X/RUCaYS0mXI2Uhdhe3jhEbNdMIoBfBrrvoK6W
y4lFbhsUNkISbassz9GvNqDQ1e9C7A+WQruBQeo6ErRtxJBmtrdLqb8u8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFgi4ypngoELSl4ftpB2q9MExc1UMB8GA1UdIwQY
MBaAFHix2+L68qbn36V0zlUZCWMBXxxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUxIYjR2cnlwdWZmcFhUT1ZSa0pZd0ZmSEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jNjY2YmYtYzhkNi00OGFkLTgwNzYt
YzNmZDlhZTgxMDEyLzEvV0NMakttZUNnUXRLWGgtMmtIYXIwd1RGelZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jNjY2YmYtYzhkNi00OGFkLTgwNzYtYzNmZDlhZTgxMDEy
LzEvZUxIYjR2cnlwdWZmcFhUT1ZSa0pZd0ZmSEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFUpBAMA0G
CSqGSIb3DQEBCwUAA4IBAQB1ijrLfdvsFCavG2Da6nLoHNUJT1oQMf1DSGBsLK4j
hiQxvum6Zyy3yJwNB9LWIA4DDyiEusZQpgvjBtM4/hG6IWOoNiTknzGJTXdIQCdh
pfEUjTqvCLI3zlL7xyb5tlNFrzJhNEZYMP4DDpq1zdeyFbJYA34pTs5Q9vTbWn+y
Ltcj5X7NFAofFFwlBMcaiz/zGDmk1sXvToIWh6C8H6IvzenL6GnI/j6dDSvbGMif
dL/VHHkghXR0qwjMnc7dCm9mCE0Joi5wslRa35mTM7CO6FLx/nBaLQl1CW79qT0J
8FjwYufjWtUa/b5P185CmRjKeJH+ooffqSlmcTwDly1K
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:08:29 2026 by rpki-client