Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/WAeLgGdzqW62R3XT1JnNrx8DFw0.roa
File: WAeLgGdzqW62R3XT1JnNrx8DFw0.roa (raw, json)
Hash identifier: u2qcj3/aGyotDnZkp7n2BDjtQTbTd2cHSPO2kqQnPxc=
Subject key identifier: 58:07:8B:80:67:73:A9:6E:B6:47:75:D3:D4:99:CD:AF:1F:03:17:0D
Certificate issuer: /CN=4c261919b55c2c08f72a5ab1d0eb185ee12bdff7
Certificate serial: 019B7FF078745B3B9770FE6F68A954978843
Authority key identifier: 4C:26:19:19:B5:5C:2C:08:F7:2A:5A:B1:D0:EB:18:5E:E1:2B:DF:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCYZGbVcLAj3Klqx0OsYXuEr3_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/WAeLgGdzqW62R3XT1JnNrx8DFw0.roa
Signing time: Fri 02 Jan 2026 18:20:24 +0000
ROA not before: Fri 02 Jan 2026 18:20:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51515
IP address blocks: 46.45.0.0/22 maxlen: 22
46.45.4.0/22 maxlen: 22
46.45.8.0/22 maxlen: 22
46.45.12.0/23 maxlen: 23
46.45.14.0/24 maxlen: 24
46.45.15.0/24 maxlen: 24
46.45.16.0/24 maxlen: 24
46.45.17.0/24 maxlen: 24
46.45.18.0/24 maxlen: 24
46.45.19.0/24 maxlen: 24
46.45.20.0/24 maxlen: 24
46.45.21.0/24 maxlen: 24
46.45.22.0/24 maxlen: 24
46.45.23.0/24 maxlen: 24
46.45.24.0/24 maxlen: 24
46.45.25.0/24 maxlen: 24
46.45.26.0/24 maxlen: 24
46.45.27.0/24 maxlen: 24
46.45.28.0/24 maxlen: 24
46.45.29.0/24 maxlen: 24
46.45.30.0/24 maxlen: 24
46.45.31.0/24 maxlen: 24
46.45.32.0/24 maxlen: 24
46.45.33.0/24 maxlen: 24
46.45.34.0/23 maxlen: 23
46.45.36.0/23 maxlen: 23
46.45.38.0/23 maxlen: 23
46.45.40.0/22 maxlen: 22
46.45.44.0/22 maxlen: 22
46.45.48.0/24 maxlen: 24
46.45.51.0/24 maxlen: 24
46.45.52.0/24 maxlen: 24
46.45.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/TCYZGbVcLAj3Klqx0OsYXuEr3_c.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/TCYZGbVcLAj3Klqx0OsYXuEr3_c.mft
rsync://rpki.ripe.net/repository/DEFAULT/TCYZGbVcLAj3Klqx0OsYXuEr3_c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:f0:78:74:5b:3b:97:70:fe:6f:68:a9:54:97:88:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c261919b55c2c08f72a5ab1d0eb185ee12bdff7
Validity
Not Before: Jan 2 18:20:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=58078b806773a96eb64775d3d499cdaf1f03170d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:00:b1:1d:4a:c0:02:72:ce:f9:51:df:e7:d4:
5d:85:dc:0d:2c:76:6b:7c:fc:99:63:3c:d6:f2:a9:
4a:78:38:b0:33:cf:52:51:92:51:7f:23:f2:42:4b:
c1:95:b1:88:46:dd:12:4e:ef:7b:93:c4:ec:c9:c5:
2d:75:1d:69:92:45:05:23:4e:9e:ad:17:f9:e4:39:
82:a1:60:06:74:da:a4:9d:f3:ae:93:de:44:5c:63:
6d:ba:c0:7e:8f:6a:0e:9a:4c:92:49:a1:23:17:87:
83:4f:52:2e:62:0d:8e:19:d9:e1:22:48:5c:46:58:
41:df:13:c3:76:59:3c:24:ad:e6:b1:0f:24:9b:80:
ab:0b:bf:27:b2:a5:ab:62:c4:47:70:e9:cd:18:a2:
9f:0b:c5:86:37:26:44:20:0c:79:5c:a6:87:7c:9b:
a5:9e:f2:5f:28:11:ee:9e:83:db:6c:d2:0d:d9:ae:
b6:a9:0e:6a:69:b3:f4:b2:0a:e5:d6:ab:bf:37:05:
b6:00:e9:fe:d2:f9:2c:61:f8:91:78:67:97:da:46:
3a:11:1d:51:62:22:2a:5d:06:10:59:cb:55:8d:f4:
a4:57:66:bf:62:25:f6:4d:26:7d:e7:5c:0c:71:fd:
f8:72:11:a6:eb:ed:36:37:24:40:0c:da:84:aa:09:
69:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:07:8B:80:67:73:A9:6E:B6:47:75:D3:D4:99:CD:AF:1F:03:17:0D
X509v3 Authority Key Identifier:
keyid:4C:26:19:19:B5:5C:2C:08:F7:2A:5A:B1:D0:EB:18:5E:E1:2B:DF:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCYZGbVcLAj3Klqx0OsYXuEr3_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/WAeLgGdzqW62R3XT1JnNrx8DFw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/c1d940-044d-49c4-a7a1-a0076679be60/1/TCYZGbVcLAj3Klqx0OsYXuEr3_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.45.0.0-46.45.48.255
46.45.51.0-46.45.53.255
Signature Algorithm: sha256WithRSAEncryption
60:ea:c1:05:8f:2c:82:4d:12:73:c4:ca:de:73:a8:c4:bf:e3:
f1:3b:f1:02:c9:4c:12:e0:1a:ae:ed:43:50:3f:c9:b4:37:03:
a2:c6:27:30:b4:29:23:a8:e8:49:ce:c4:6d:33:1f:b0:05:2a:
74:fa:5e:e7:c2:fa:1b:21:26:14:d4:ca:5c:a7:43:a1:fe:5f:
3b:cf:42:36:b6:f5:89:c3:5c:4b:6a:a9:d4:9b:6e:5f:4e:2b:
7d:85:d4:6f:b7:88:76:dd:d6:95:11:a6:6a:68:90:dd:d7:24:
06:5d:e2:11:97:9c:56:a1:38:56:d5:43:ee:5c:cd:c9:a2:4a:
94:23:7d:04:1b:f0:6e:be:c4:81:90:9d:76:2f:04:64:a0:c2:
fd:96:78:45:8c:c1:15:b5:97:1e:c7:70:4f:e8:ff:e4:71:1e:
68:52:77:80:0a:5d:07:4c:47:98:6e:63:1d:0c:b1:15:bb:96:
f6:a8:65:e7:15:4f:b3:8e:d0:69:12:4e:1f:c9:30:85:32:4e:
d9:9d:b4:b3:5a:c2:c9:3d:22:a9:66:b3:6a:20:6c:10:51:70:
f8:c1:27:57:35:32:e6:99:4b:ac:25:2c:8d:58:bc:c5:83:95:
4a:d3:e2:87:21:b3:9f:fd:92:a4:ae:71:8b:ab:f7:c7:e2:2d:
eb:92:bf:66
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt/8Hh0WzuXcP5vaKlUl4hDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMjYxOTE5YjU1YzJjMDhmNzJhNWFiMWQwZWIxODVlZTEy
YmRmZjcwHhcNMjYwMTAyMTgyMDI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODA3OGI4MDY3NzNhOTZlYjY0Nzc1ZDNkNDk5Y2RhZjFmMDMxNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wCxHUrAAnLO+VHf59RdhdwNLHZr
fPyZYzzW8qlKeDiwM89SUZJRfyPyQkvBlbGIRt0STu97k8TsycUtdR1pkkUFI06e
rRf55DmCoWAGdNqknfOuk95EXGNtusB+j2oOmkySSaEjF4eDT1IuYg2OGdnhIkhc
RlhB3xPDdlk8JK3msQ8km4CrC78nsqWrYsRHcOnNGKKfC8WGNyZEIAx5XKaHfJul
nvJfKBHunoPbbNIN2a62qQ5qabP0sgrl1qu/NwW2AOn+0vksYfiReGeX2kY6ER1R
YiIqXQYQWctVjfSkV2a/YiX2TSZ951wMcf34chGm6+02NyRADNqEqglp1QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFgHi4Bnc6lutkd109SZza8fAxcNMB8GA1UdIwQY
MBaAFEwmGRm1XCwI9ypasdDrGF7hK9/3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVENZWkdiVmNMQWozS2xxeDBPc1lYdUVyM19jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9jMWQ5NDAtMDQ0ZC00OWM0LWE3YTEt
YTAwNzY2NzliZTYwLzEvV0FlTGdHZHpxVzYyUjNYVDFKbk5yeDhERncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9jMWQ5NDAtMDQ0ZC00OWM0LWE3YTEtYTAwNzY2NzliZTYw
LzEvVENZWkdiVmNMQWozS2xxeDBPc1lYdUVyM19jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDAwAuLQME
AC4tMDAMAwQALi0zAwQBLi00MA0GCSqGSIb3DQEBCwUAA4IBAQBg6sEFjyyCTRJz
xMrec6jEv+PxO/ECyUwS4Bqu7UNQP8m0NwOixicwtCkjqOhJzsRtMx+wBSp0+l7n
wvobISYU1Mpcp0Oh/l87z0I2tvWJw1xLaqnUm25fTit9hdRvt4h23daVEaZqaJDd
1yQGXeIRl5xWoThW1UPuXM3JokqUI30EG/BuvsSBkJ12LwRkoML9lnhFjMEVtZce
x3BP6P/kcR5oUneACl0HTEeYbmMdDLEVu5b2qGXnFU+zjtBpEk4fyTCFMk7ZnbSz
WsLJPSKpZrNqIGwQUXD4wSdXNTLmmUusJSyNWLzFg5VK0+KHIbOf/ZKkrnGLq/fH
4i3rkr9m
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:18:04 2026 by rpki-client