Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/WPmLXYF-BE0083UZwXNVPt34dBs.roa
File: WPmLXYF-BE0083UZwXNVPt34dBs.roa (raw, json)
Hash identifier: At1Jx/jZgITNl99RWH5jhJUa3mwbbwaHO8L23qqplzU=
Subject key identifier: 58:F9:8B:5D:81:7E:04:4D:34:F3:75:19:C1:73:55:3E:DD:F8:74:1B
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 019D3F7223347707C15CE95CA1C9B7DCEB6E
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/WPmLXYF-BE0083UZwXNVPt34dBs.roa
Signing time: Mon 30 Mar 2026 15:52:17 +0000
ROA not before: Mon 30 Mar 2026 15:52:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43357
IP address blocks: 45.82.76.0/24 maxlen: 32
45.82.77.0/24 maxlen: 32
45.130.20.0/22 maxlen: 32
45.131.155.0/24 maxlen: 32
45.147.50.0/24 maxlen: 32
45.147.51.0/24 maxlen: 32
80.66.198.0/24 maxlen: 32
88.218.193.0/24 maxlen: 32
92.60.40.0/24 maxlen: 32
176.113.68.0/24 maxlen: 32
176.113.69.0/24 maxlen: 32
185.184.220.0/24 maxlen: 32
185.184.222.0/24 maxlen: 32
185.194.52.0/22 maxlen: 32
185.248.85.0/24 maxlen: 32
185.254.75.0/24 maxlen: 32
194.36.25.0/24 maxlen: 32
2a03:d9c0:3000::/48 maxlen: 128
2a03:d9c0:3001::/48 maxlen: 128
2a07:fe00:1::/48 maxlen: 128
2a09:7:2007::/48 maxlen: 48
2a0b:89c1:3::/48 maxlen: 128
2a0c:59c0:18::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3f:72:23:34:77:07:c1:5c:e9:5c:a1:c9:b7:dc:eb:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Mar 30 15:52:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=58f98b5d817e044d34f37519c173553eddf8741b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ff:29:0c:6f:69:7c:36:b3:c4:d3:c4:12:72:
bb:8d:fe:c3:65:6c:8e:97:18:64:87:3d:a3:c2:37:
47:44:f6:72:2b:39:79:e0:74:e3:e2:2e:99:22:da:
3f:3b:0c:84:e0:04:d2:ab:96:56:29:bb:cb:db:c8:
3c:60:ca:3c:da:ef:31:16:22:1d:96:d3:46:fa:23:
92:42:7d:b3:53:f3:09:3c:f2:71:88:88:e9:2d:9e:
88:85:32:cf:73:8d:40:83:3c:b7:69:12:9a:e0:f6:
31:9e:a4:19:51:5c:57:65:b6:f6:7f:50:ba:ec:e1:
49:ff:89:63:df:b9:59:e1:99:79:5a:c2:d1:1b:72:
b5:4d:d3:40:de:20:26:ca:99:b7:69:88:21:89:40:
a5:16:0f:4e:5d:ba:6b:ff:bf:6b:91:d0:ae:05:5e:
8e:b3:9d:31:16:ab:29:79:28:e1:08:42:7e:3e:41:
c3:77:59:c9:78:42:09:7a:e0:e2:58:d3:b4:e4:42:
40:2e:db:57:03:d2:9f:2a:30:0d:8c:3e:44:63:c4:
93:ed:2b:80:16:f4:52:52:51:ff:8a:fb:9c:e3:ad:
92:c1:4a:ea:e9:1f:38:db:66:42:82:de:74:74:77:
51:10:35:8d:b1:cf:9c:1e:b5:eb:4b:5c:cd:31:48:
88:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F9:8B:5D:81:7E:04:4D:34:F3:75:19:C1:73:55:3E:DD:F8:74:1B
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/WPmLXYF-BE0083UZwXNVPt34dBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.76.0/23
45.130.20.0/22
45.131.155.0/24
45.147.50.0/23
80.66.198.0/24
88.218.193.0/24
92.60.40.0/24
176.113.68.0/23
185.184.220.0/24
185.184.222.0/24
185.194.52.0/22
185.248.85.0/24
185.254.75.0/24
194.36.25.0/24
IPv6:
2a03:d9c0:3000::/47
2a07:fe00:1::/48
2a09:7:2007::/48
2a0b:89c1:3::/48
2a0c:59c0:18::/48
Signature Algorithm: sha256WithRSAEncryption
1b:be:29:1d:89:4c:15:4b:b6:fc:95:1d:14:14:77:76:dd:6d:
77:eb:44:c5:df:fe:d5:84:fc:97:b5:78:83:6d:3b:f7:ea:2c:
32:4a:35:b9:6d:39:04:53:c7:44:e5:20:51:38:ba:d6:c9:33:
77:9d:0d:19:03:9e:da:8c:04:c9:d3:ba:e7:32:4c:1e:96:46:
71:71:06:ee:f2:9b:c0:54:5c:bd:1a:47:c3:dd:63:29:98:19:
9d:a9:79:56:9e:69:df:89:59:c5:a5:23:45:5d:c4:fc:87:c0:
2e:4f:00:c2:a0:89:9d:03:cf:65:f6:90:c6:33:df:9e:08:30:
3d:28:bd:76:42:8d:a4:13:15:21:05:6c:17:55:e7:82:9d:1b:
d6:2f:f7:84:8c:b8:de:c2:cf:e8:b5:1d:f3:97:76:54:7a:b5:
7c:bb:7f:2b:cd:af:af:38:32:a2:05:28:77:e2:93:b7:c5:d1:
58:d6:39:ec:ce:a0:60:4d:42:d8:56:07:67:2e:86:f4:33:99:
fd:23:b3:3e:80:58:a6:73:0e:ce:e2:e0:e7:40:51:3e:79:9f:
b4:36:5a:fd:5f:6b:bf:66:df:56:0b:d8:19:54:a6:59:86:42:
f4:a2:58:39:ef:2a:75:a8:32:45:43:8b:e1:c5:79:fd:b3:55:
ee:26:9b:06
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAZ0/ciM0dwfBXOlcocm33OtuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjYwMzMwMTU1MjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGY5OGI1ZDgxN2UwNDRkMzRmMzc1MTljMTczNTUzZWRkZjg3NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/8pDG9pfDazxNPEEnK7jf7DZWyO
lxhkhz2jwjdHRPZyKzl54HTj4i6ZIto/OwyE4ATSq5ZWKbvL28g8YMo82u8xFiId
ltNG+iOSQn2zU/MJPPJxiIjpLZ6IhTLPc41Agzy3aRKa4PYxnqQZUVxXZbb2f1C6
7OFJ/4lj37lZ4Zl5WsLRG3K1TdNA3iAmypm3aYghiUClFg9OXbpr/79rkdCuBV6O
s50xFqspeSjhCEJ+PkHDd1nJeEIJeuDiWNO05EJALttXA9KfKjANjD5EY8ST7SuA
FvRSUlH/ivuc462SwUrq6R8422ZCgt50dHdREDWNsc+cHrXrS1zNMUiInQIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFFj5i12BfgRNNPN1GcFzVT7d+HQbMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvV1BtTFhZRi1CRTAwODNVWndYTlZQdDM0ZEJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTBaBAIAATBUAwQBLVJM
AwQCLYIUAwQALYObAwQBLZMyAwQAUELGAwQAWNrBAwQAXDwoAwQBsHFEAwQAubjc
AwQAubjeAwQCucI0AwQAufhVAwQAuf5LAwQAwiQZMDMEAgACMC0DBwEqA9nAMAAD
BwAqB/4AAAEDBwAqCQAHIAcDBwAqC4nBAAMDBwAqDFnAABgwDQYJKoZIhvcNAQEL
BQADggEBABu+KR2JTBVLtvyVHRQUd3bdbXfrRMXf/tWE/Je1eINtO/fqLDJKNblt
OQRTx0TlIFE4utbJM3edDRkDntqMBMnTuucyTB6WRnFxBu7ym8BUXL0aR8PdYymY
GZ2peVaead+JWcWlI0VdxPyHwC5PAMKgiZ0Dz2X2kMYz354IMD0ovXZCjaQTFSEF
bBdV54KdG9Yv94SMuN7Cz+i1HfOXdlR6tXy7fyvNr684MqIFKHfik7fF0VjWOezO
oGBNQthWB2cuhvQzmf0jsz6AWKZzDs7i4OdAUT55n7Q2Wv1fa79m31YL2BlUplmG
QvSiWDnvKnWoMkVDi+HFef2zVe4mmwY=
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:07:05 2026 by rpki-client