Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wtc8A7lo_TF0Pvw2UoqXGvJwpbc.roa
File: wtc8A7lo_TF0Pvw2UoqXGvJwpbc.roa (raw, json)
Hash identifier: i26AlQfRmFwzmB3G+URaZuwVjG8LOOUNAzK3g1FUyX8=
Subject key identifier: C2:D7:3C:03:B9:68:FD:31:74:3E:FC:36:52:8A:97:1A:F2:70:A5:B7
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019A482D0ECE6D060376C864EE3147C48E87
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wtc8A7lo_TF0Pvw2UoqXGvJwpbc.roa
Signing time: Mon 03 Nov 2025 05:25:03 +0000
ROA not before: Mon 03 Nov 2025 05:25:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137517
IP address blocks: 151.240.120.0/24 maxlen: 24
151.241.20.0/24 maxlen: 24
151.243.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:2d:0e:ce:6d:06:03:76:c8:64:ee:31:47:c4:8e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Nov 3 05:25:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2d73c03b968fd31743efc36528a971af270a5b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:d1:4b:18:cc:ae:f2:2d:92:25:94:bd:9e:
4e:23:27:34:0f:43:5e:d3:36:bf:5d:40:3d:98:69:
5a:54:1d:9a:16:3b:8e:2c:e3:e3:94:75:73:b2:4b:
35:70:49:a9:90:11:0d:4e:64:7c:6e:8b:7d:64:2b:
c1:3f:0e:02:b2:44:0a:ef:62:ba:6f:9f:11:9c:57:
9d:a4:ff:d3:f6:51:d0:d6:cb:a3:7a:a1:e5:1b:99:
b1:4d:d3:ac:f7:20:8f:2f:89:d3:9a:d4:64:ea:cb:
25:4a:aa:b3:4c:40:4a:c9:2e:59:cc:6f:3b:dd:b3:
dc:89:5b:0d:ce:cc:a4:54:17:fb:be:ca:9d:48:c5:
9a:d9:38:db:b7:af:b8:40:7e:c9:a6:93:4d:cb:d6:
f4:ee:fd:bd:ae:f1:a0:71:9c:da:fe:42:3a:4e:92:
c0:9f:49:9e:69:e4:ed:f0:33:be:a0:d3:a0:1f:ed:
00:cd:4c:72:ea:84:39:45:7d:a1:1e:83:15:58:50:
83:07:ce:cd:5a:29:cf:d5:6d:67:f9:49:cd:14:33:
eb:2e:78:0e:14:d6:1e:b7:1e:4a:36:5f:7b:ae:4b:
82:b3:87:c7:91:04:21:23:5a:ff:24:88:0a:39:c5:
85:b3:94:9a:3b:54:6f:b9:9e:3c:29:3f:61:ff:1a:
89:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D7:3C:03:B9:68:FD:31:74:3E:FC:36:52:8A:97:1A:F2:70:A5:B7
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wtc8A7lo_TF0Pvw2UoqXGvJwpbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.120.0/24
151.241.20.0/24
151.243.136.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:cf:2c:89:9f:8c:42:df:f1:05:34:05:e6:5b:85:01:89:44:
91:f6:49:01:7d:b9:67:87:8d:2f:28:d1:da:b3:ab:cf:b6:82:
8c:f1:96:c0:20:1d:87:94:e7:6d:95:1a:ee:e3:64:e4:0f:68:
5a:18:7a:86:90:76:2f:25:63:63:f0:94:94:68:ce:32:25:7d:
06:a8:14:af:95:39:e6:72:a9:43:1c:9b:0c:5c:64:37:93:67:
e9:b2:83:b4:da:6d:7f:72:67:e3:78:e5:85:36:1a:83:f1:e3:
98:85:fa:88:20:8e:b4:99:1d:48:f2:f8:68:3e:69:7e:29:73:
5a:41:a1:78:20:cf:c9:90:97:20:a7:c3:30:38:a6:a3:02:05:
51:71:9c:0e:bb:fb:e6:ff:4e:be:c4:dd:35:d2:e5:01:a0:89:
bb:93:92:37:bf:71:dc:a7:28:8e:95:b7:a4:54:44:bf:41:ac:
bc:35:66:bf:f6:1f:12:e6:8a:c7:22:94:39:91:7a:85:c3:fc:
9e:e2:33:05:d6:2d:88:28:5b:15:c5:ee:29:24:e7:4b:4b:dd:
22:8f:1a:44:86:c1:15:6c:c4:95:b4:cb:23:ff:4b:d7:a1:49:
1b:de:4f:6d:7a:a0:fa:1b:18:bb:85:65:34:85:28:0a:4e:f8:
a0:52:12:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZpILQ7ObQYDdshk7jFHxI6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMTAzMDUyNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmQ3M2MwM2I5NjhmZDMxNzQzZWZjMzY1MjhhOTcxYWYyNzBhNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMbRSxjMrvItkiWUvZ5OIyc0D0Ne
0za/XUA9mGlaVB2aFjuOLOPjlHVzsks1cEmpkBENTmR8bot9ZCvBPw4CskQK72K6
b58RnFedpP/T9lHQ1sujeqHlG5mxTdOs9yCPL4nTmtRk6sslSqqzTEBKyS5ZzG87
3bPciVsNzsykVBf7vsqdSMWa2Tjbt6+4QH7JppNNy9b07v29rvGgcZza/kI6TpLA
n0meaeTt8DO+oNOgH+0AzUxy6oQ5RX2hHoMVWFCDB87NWinP1W1n+UnNFDPrLngO
FNYetx5KNl97rkuCs4fHkQQhI1r/JIgKOcWFs5SaO1RvuZ48KT9h/xqJawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMLXPAO5aP0xdD78NlKKlxrycKW3MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvd3RjOEE3bG9fVEYwUHZ3MlVvcVhHdkp3cGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/B4AwQA
l/EUAwQAl/OIMA0GCSqGSIb3DQEBCwUAA4IBAQBLzyyJn4xC3/EFNAXmW4UBiUSR
9kkBfblnh40vKNHas6vPtoKM8ZbAIB2HlOdtlRru42TkD2haGHqGkHYvJWNj8JSU
aM4yJX0GqBSvlTnmcqlDHJsMXGQ3k2fpsoO02m1/cmfjeOWFNhqD8eOYhfqIII60
mR1I8vhoPml+KXNaQaF4IM/JkJcgp8MwOKajAgVRcZwOu/vm/06+xN010uUBoIm7
k5I3v3HcpyiOlbekVES/Qay8NWa/9h8S5orHIpQ5kXqFw/ye4jMF1i2IKFsVxe4p
JOdLS90ijxpEhsEVbMSVtMsj/0vXoUkb3k9teqD6Gxi7hWU0hSgKTvigUhLa
-----END CERTIFICATE-----
Generated at Tue Nov 4 08:01:12 2025 by rpki-client