Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/WBH_fF6t3I2iXHzxgrxzCAX-XRA.roa
File: WBH_fF6t3I2iXHzxgrxzCAX-XRA.roa (raw, json)
Hash identifier: cYtszWc1seVCwv311jPJcm6UWAtEmkWFzWyQin67xig=
Subject key identifier: 58:11:FF:7C:5E:AD:DC:8D:A2:5C:7C:F1:82:BC:73:08:05:FE:5D:10
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 019BFF10CF79FC5458656C298768E3146BAC
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/WBH_fF6t3I2iXHzxgrxzCAX-XRA.roa
Signing time: Tue 27 Jan 2026 10:47:30 +0000
ROA not before: Tue 27 Jan 2026 10:47:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61102
IP address blocks: 89.38.31.0/24 maxlen: 24
103.95.118.0/24 maxlen: 24
185.136.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:ff:10:cf:79:fc:54:58:65:6c:29:87:68:e3:14:6b:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 27 10:47:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5811ff7c5eaddc8da25c7cf182bc730805fe5d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:23:fd:5a:fe:e4:ea:bf:59:34:ad:9c:20:
e0:be:8a:01:d2:30:eb:2d:1a:d5:2c:ef:96:8f:fd:
a3:90:fc:c6:7e:1a:15:54:de:fa:86:d5:23:b1:77:
49:35:2e:00:0d:41:dc:d8:fc:9a:fe:a9:82:bc:bb:
89:3e:29:5a:78:6f:d5:a3:12:18:b4:69:f2:ed:78:
47:42:4c:4e:f2:31:6b:93:fb:31:3f:14:59:70:2a:
3d:db:38:c1:2f:70:8e:5f:65:e1:b8:89:d1:6d:b0:
9e:fb:72:52:15:6d:64:b1:13:60:49:30:98:64:5d:
6a:6f:3b:a5:a3:7d:ff:7f:09:c1:a4:61:8b:60:c6:
0f:66:ac:c2:f0:b3:5b:4f:a9:af:8e:2b:17:ea:6c:
0e:ea:18:a2:76:a6:8a:8d:72:b1:ed:70:e8:ad:5e:
70:c5:33:a6:51:29:eb:74:53:56:27:d1:f6:6f:b3:
1b:7d:96:df:87:e5:61:e6:fd:98:bf:dd:f4:fb:50:
e9:0e:31:64:14:d9:66:47:e7:37:dd:55:50:51:6c:
9e:aa:f6:14:85:97:9f:1a:7f:5f:eb:26:0b:bb:00:
c2:00:b5:b9:81:39:c0:f6:bb:16:35:ec:0a:41:39:
21:eb:aa:ff:9a:fa:74:6c:bf:03:bd:7d:0d:74:b0:
b3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:11:FF:7C:5E:AD:DC:8D:A2:5C:7C:F1:82:BC:73:08:05:FE:5D:10
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/WBH_fF6t3I2iXHzxgrxzCAX-XRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.31.0/24
103.95.118.0/24
185.136.132.0/24
Signature Algorithm: sha256WithRSAEncryption
02:b7:e1:48:26:0c:dd:1d:b3:7c:1b:5f:ee:c4:b3:18:70:6f:
d5:6c:67:d8:05:7a:5a:39:aa:7e:61:48:1d:3a:a5:4d:50:87:
31:86:af:09:d6:78:2c:6c:ad:11:4a:83:c4:16:4b:2a:3f:56:
fa:74:9c:95:7e:5e:ba:ea:57:6b:b6:d9:77:14:72:2a:58:93:
5b:f8:74:29:32:50:7f:59:18:14:d4:36:8c:28:74:ae:46:53:
02:55:7d:55:80:fe:eb:09:5b:51:a7:f2:59:e0:1e:94:7f:d0:
fb:a3:4b:e0:e9:71:e7:a4:32:0f:e7:a3:db:7e:9a:44:6c:71:
9d:ef:81:df:0a:ce:ae:21:30:9f:c6:ad:2d:23:7d:24:eb:20:
19:80:b4:16:0b:a2:73:ee:27:77:7d:a9:52:90:fb:ea:da:da:
10:72:e9:31:18:04:e1:ad:39:66:3a:56:76:bc:de:20:3c:5e:
8a:61:d9:04:c0:6b:71:a3:0a:56:e4:2f:f9:14:cc:91:1c:07:
b2:c9:41:1e:2c:16:ea:e3:1d:2d:c4:28:cf:a2:d5:2f:18:fa:
69:cb:8a:c3:77:88:75:35:49:3c:b4:1f:69:7a:b7:47:05:ae:
02:f1:79:ac:39:e2:36:2f:3f:64:32:c2:4b:3c:7e:ce:75:33:
54:93:39:a1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZv/EM95/FRYZWwph2jjFGusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjYwMTI3MTA0NzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODExZmY3YzVlYWRkYzhkYTI1YzdjZjE4MmJjNzMwODA1ZmU1ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNgj/Vr+5Oq/WTStnCDgvooB0jDr
LRrVLO+Wj/2jkPzGfhoVVN76htUjsXdJNS4ADUHc2Pya/qmCvLuJPilaeG/VoxIY
tGny7XhHQkxO8jFrk/sxPxRZcCo92zjBL3COX2XhuInRbbCe+3JSFW1ksRNgSTCY
ZF1qbzulo33/fwnBpGGLYMYPZqzC8LNbT6mvjisX6mwO6hiidqaKjXKx7XDorV5w
xTOmUSnrdFNWJ9H2b7MbfZbfh+Vh5v2Yv930+1DpDjFkFNlmR+c33VVQUWyeqvYU
hZefGn9f6yYLuwDCALW5gTnA9rsWNewKQTkh66r/mvp0bL8DvX0NdLCzFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFgR/3xerdyNolx88YK8cwgF/l0QMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvV0JIX2ZGNnQzSTJpWEh6eGdyeHpDQVgtWFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSYfAwQA
Z192AwQAuYiEMA0GCSqGSIb3DQEBCwUAA4IBAQACt+FIJgzdHbN8G1/uxLMYcG/V
bGfYBXpaOap+YUgdOqVNUIcxhq8J1ngsbK0RSoPEFksqP1b6dJyVfl666ldrttl3
FHIqWJNb+HQpMlB/WRgU1DaMKHSuRlMCVX1VgP7rCVtRp/JZ4B6Uf9D7o0vg6XHn
pDIP56PbfppEbHGd74HfCs6uITCfxq0tI30k6yAZgLQWC6Jz7id3falSkPvq2toQ
cukxGAThrTlmOlZ2vN4gPF6KYdkEwGtxowpW5C/5FMyRHAeyyUEeLBbq4x0txCjP
otUvGPppy4rDd4h1NUk8tB9perdHBa4C8XmsOeI2Lz9kMsJLPH7OdTNUkzmh
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:27:38 2026 by rpki-client