Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/WlB9YLYhSliFMj5epuERd5qEZAE.roa
File: WlB9YLYhSliFMj5epuERd5qEZAE.roa (raw, json)
Hash identifier: Oedmof1Wu9NtwtMyhtlElFL2nm6OxYZaEnrIDhS86S4=
Subject key identifier: 5A:50:7D:60:B6:21:4A:58:85:32:3E:5E:A6:E1:11:77:9A:84:64:01
Certificate issuer: /CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Certificate serial: 019C1E5BACF3397B52036CCA57BED442C352
Authority key identifier: 70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/WlB9YLYhSliFMj5epuERd5qEZAE.roa
Signing time: Mon 02 Feb 2026 12:37:30 +0000
ROA not before: Mon 02 Feb 2026 12:37:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43824
IP address blocks: 78.40.176.0/24 maxlen: 24
78.40.177.0/24 maxlen: 24
78.40.178.0/24 maxlen: 24
78.40.179.0/24 maxlen: 24
78.40.180.0/24 maxlen: 24
78.40.181.0/24 maxlen: 24
78.40.182.0/24 maxlen: 24
78.40.183.0/24 maxlen: 24
185.87.168.0/24 maxlen: 24
185.87.170.0/24 maxlen: 24
185.87.171.0/24 maxlen: 24
185.87.171.248/30 maxlen: 30
185.160.224.0/24 maxlen: 24
185.160.225.0/24 maxlen: 24
185.160.226.0/24 maxlen: 24
185.160.227.0/24 maxlen: 24
2a0b:8e80::/48 maxlen: 48
2a0b:8e80:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:1e:5b:ac:f3:39:7b:52:03:6c:ca:57:be:d4:42:c3:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Validity
Not Before: Feb 2 12:37:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5a507d60b6214a5885323e5ea6e111779a846401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:56:70:fc:99:2a:52:d7:28:53:19:84:aa:d3:
b3:5d:27:1f:d2:cb:2e:2c:56:24:ec:0c:8b:fa:be:
32:ea:cb:bc:0c:8d:e1:8f:e7:43:62:47:3f:69:6c:
4b:ba:be:f0:8f:37:7f:3e:8c:0d:a8:5f:1b:2a:7a:
4a:ec:2b:0b:4a:0d:06:0d:62:11:c8:51:8a:bd:6d:
bd:b8:97:06:3d:77:8d:12:1f:da:9f:31:b9:80:02:
fb:8c:65:dd:95:36:90:a5:d4:72:fe:48:d0:2b:36:
d0:7c:ca:58:08:15:f0:1f:5a:fa:c1:77:4b:c4:0f:
df:d4:f8:18:e1:6a:00:8d:aa:da:97:09:b5:0b:4b:
8e:cb:de:56:8b:28:f5:66:20:c7:44:df:ee:c6:c7:
03:26:aa:fc:76:4a:d9:d7:d8:ee:b3:1d:20:10:73:
77:0a:7e:77:61:3c:29:59:4d:84:82:97:63:29:8d:
64:2b:fe:38:fd:ea:27:3e:0b:1f:bd:df:f8:9d:c5:
44:53:77:af:a8:dd:9b:4e:b3:68:80:c5:65:0b:e8:
ff:01:2b:3a:01:82:d2:aa:78:a5:45:d6:21:06:81:
30:5d:c1:4e:4c:2b:67:78:27:cc:38:ed:37:dd:d7:
c9:91:03:bb:b7:e5:04:cd:69:3c:94:75:5b:70:36:
59:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:50:7D:60:B6:21:4A:58:85:32:3E:5E:A6:E1:11:77:9A:84:64:01
X509v3 Authority Key Identifier:
keyid:70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/WlB9YLYhSliFMj5epuERd5qEZAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.176.0/21
185.87.168.0/24
185.87.170.0/23
185.160.224.0/22
IPv6:
2a0b:8e80::/47
Signature Algorithm: sha256WithRSAEncryption
77:73:f0:6b:78:e8:c6:cc:af:0b:72:c5:57:b4:e8:bd:a4:33:
fd:b2:86:80:90:a0:10:ff:4b:89:30:57:02:37:da:79:09:0d:
68:bf:a8:71:cd:ff:72:16:cd:60:d7:d1:ad:f1:16:26:c5:06:
7f:55:c1:ce:90:1b:d4:db:d9:49:01:53:4e:7f:9a:35:c5:07:
83:6c:f8:21:e7:37:ba:56:1d:48:7f:5d:a7:0d:78:10:fb:53:
8d:d0:3a:e1:9b:6c:d9:ab:f4:05:3d:21:75:af:0c:30:74:9a:
59:2f:79:eb:0f:c5:5e:ae:ee:11:64:c1:55:8e:a4:a1:6c:8d:
b6:16:7d:28:9a:ec:79:68:e4:4c:fc:e3:b2:25:28:99:fa:46:
82:31:a7:f8:b3:f1:17:10:85:7d:41:81:46:94:ba:eb:34:c8:
9b:63:ab:e2:4c:59:21:c3:ab:75:eb:1e:6b:36:b8:40:08:e9:
19:cf:69:30:0e:f8:33:a9:49:ff:63:eb:a2:c0:c7:e7:9e:4c:
fb:7e:9a:56:9f:92:4a:ba:d5:b0:69:56:72:e4:53:3c:cf:b8:
6f:72:b2:c7:b2:9e:14:91:29:c9:48:46:7d:12:80:57:60:ab:
8b:28:10:8c:51:ee:98:a1:19:2b:02:c3:1c:90:23:17:12:2b:
2a:1a:aa:d8
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZweW6zzOXtSA2zKV77UQsNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmI3ZmVhOGFkMzUxMTFjYTY4N2E5Y2QwMGE0OWY5YTRm
MDQ1OWIwHhcNMjYwMjAyMTIzNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTUwN2Q2MGI2MjE0YTU4ODUzMjNlNWVhNmUxMTE3NzlhODQ2NDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1Zw/JkqUtcoUxmEqtOzXScf0ssu
LFYk7AyL+r4y6su8DI3hj+dDYkc/aWxLur7wjzd/PowNqF8bKnpK7CsLSg0GDWIR
yFGKvW29uJcGPXeNEh/anzG5gAL7jGXdlTaQpdRy/kjQKzbQfMpYCBXwH1r6wXdL
xA/f1PgY4WoAjaralwm1C0uOy95Wiyj1ZiDHRN/uxscDJqr8dkrZ19jusx0gEHN3
Cn53YTwpWU2EgpdjKY1kK/44/eonPgsfvd/4ncVEU3evqN2bTrNogMVlC+j/ASs6
AYLSqnilRdYhBoEwXcFOTCtneCfMOO033dfJkQO7t+UEzWk8lHVbcDZZcQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFpQfWC2IUpYhTI+XqbhEXeahGQBMB8GA1UdIwQY
MBaAFHBrf+qK01ERymh6nNAKSfmk8EWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4Mjct
MjYwYzM3N2EzMTRhLzEvV2xCOVlMWWhTbGlGTWo1ZXB1RVJkNXFFWkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4MjctMjYwYzM3N2EzMTRh
LzEvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQDTiiwAwQA
uVeoAwQBuVeqAwQCuaDgMA8EAgACMAkDBwEqC46AAAAwDQYJKoZIhvcNAQELBQAD
ggEBAHdz8Gt46MbMrwtyxVe06L2kM/2yhoCQoBD/S4kwVwI32nkJDWi/qHHN/3IW
zWDX0a3xFibFBn9Vwc6QG9Tb2UkBU05/mjXFB4Ns+CHnN7pWHUh/XacNeBD7U43Q
OuGbbNmr9AU9IXWvDDB0mlkveesPxV6u7hFkwVWOpKFsjbYWfSia7Hlo5Ez847Il
KJn6RoIxp/iz8RcQhX1BgUaUuus0yJtjq+JMWSHDq3XrHms2uEAI6RnPaTAO+DOp
Sf9j66LAx+eeTPt+mlafkkq61bBpVnLkUzzPuG9ysseynhSRKclIRn0SgFdgq4so
EIxR7pihGSsCwxyQIxcSKyoaqtg=
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:54:34 2026 by rpki-client