Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/WMztSrM9WH6_B2jYyND7vogeoak.roa
File: WMztSrM9WH6_B2jYyND7vogeoak.roa (raw, json)
Hash identifier: qkZXV6hlhG+/bjTk0s5ZCuj7+/Exx9l0vry2uFfuJGs=
Subject key identifier: 58:CC:ED:4A:B3:3D:58:7E:BF:07:68:D8:C8:D0:FB:BE:88:1E:A1:A9
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 019C6BE14B6BB3C7D1CB303D86F66C96C1B7
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/WMztSrM9WH6_B2jYyND7vogeoak.roa
Signing time: Tue 17 Feb 2026 13:54:12 +0000
ROA not before: Tue 17 Feb 2026 13:54:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43180
IP address blocks: 45.11.57.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
45.12.0.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
91.222.172.0/22 maxlen: 24
91.222.172.0/24 maxlen: 24
91.222.173.0/24 maxlen: 24
91.222.174.0/23 maxlen: 23
176.97.112.0/23 maxlen: 23
176.97.116.0/22 maxlen: 22
176.97.120.0/23 maxlen: 23
176.119.31.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
194.42.196.0/23 maxlen: 23
194.42.198.0/24 maxlen: 24
194.42.199.0/24 maxlen: 24
194.42.204.0/24 maxlen: 24
194.42.206.0/23 maxlen: 23
195.66.210.0/24 maxlen: 24
195.128.248.0/23 maxlen: 24
212.86.122.0/23 maxlen: 23
2a09:2dc2::/32 maxlen: 32
2a09:2dc3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6b:e1:4b:6b:b3:c7:d1:cb:30:3d:86:f6:6c:96:c1:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Feb 17 13:54:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=58cced4ab33d587ebf0768d8c8d0fbbe881ea1a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1f:59:69:51:49:1d:04:37:0d:2f:a6:ad:33:
f7:54:e9:02:70:ae:10:47:2a:e3:d3:5c:5c:17:87:
8e:d1:46:b0:08:61:b3:08:20:d5:7c:1a:51:4e:1f:
54:75:bc:1c:12:9d:38:e5:b2:38:46:1f:d6:95:13:
ba:6f:4f:94:a8:83:03:be:e4:db:ec:88:24:de:9a:
de:52:50:40:82:a1:70:b1:97:93:8a:24:94:68:fd:
44:90:ed:20:b3:f9:f8:b4:15:bd:b7:74:70:d8:fd:
81:b7:6e:b3:89:e4:d8:cc:e9:6b:0d:22:09:05:7a:
26:60:86:3e:cd:e2:e7:a0:c6:75:fd:9f:39:f0:18:
65:7e:c0:8a:cb:f9:a0:b7:71:a3:ba:da:7a:21:c2:
90:eb:09:92:dc:a9:5c:cf:26:84:1e:8e:8a:88:6c:
04:09:37:44:f0:a0:ee:86:0e:61:fa:54:74:37:63:
04:fa:ea:39:02:53:9f:54:b9:ef:60:71:83:bd:5e:
e0:d1:89:37:a2:ed:56:bd:95:58:3a:02:27:76:e9:
e0:a1:2c:0e:6d:39:af:f2:80:e7:d3:52:69:fa:64:
a2:69:6b:e5:39:a4:03:1e:b6:71:21:e8:dd:d5:af:
81:d0:b7:f4:cf:6c:1f:17:b8:02:3e:31:0d:7b:8c:
98:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CC:ED:4A:B3:3D:58:7E:BF:07:68:D8:C8:D0:FB:BE:88:1E:A1:A9
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/WMztSrM9WH6_B2jYyND7vogeoak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.57.0/24
45.11.59.0/24
45.12.0.0/23
45.12.3.0/24
91.208.115.0/24
91.222.172.0/22
176.97.112.0/23
176.97.116.0-176.97.121.255
176.119.31.0/24
185.254.199.0/24
194.42.196.0/22
194.42.204.0/24
194.42.206.0/23
195.66.210.0/24
195.128.248.0/23
212.86.122.0/23
IPv6:
2a09:2dc2::/31
Signature Algorithm: sha256WithRSAEncryption
48:99:23:18:9c:9e:5d:06:8c:b1:dd:70:9d:49:d1:9f:d4:ca:
ca:f0:73:9d:5a:d1:1c:3e:20:05:d5:16:18:6a:bc:de:34:6e:
32:2b:8d:04:68:8d:f3:b0:e7:8b:b8:4b:a6:46:a7:26:5c:6b:
01:c7:c7:94:58:d0:0c:45:4b:92:78:41:04:f1:39:e1:78:8e:
54:13:02:c3:06:06:6b:8c:ac:31:50:57:e3:29:34:d0:82:df:
df:71:ce:f4:07:2b:83:af:9d:e5:91:61:6a:87:53:41:09:d4:
dd:7d:f3:0e:cd:6b:86:0b:73:a8:a0:38:9d:31:fe:1d:0a:e5:
a9:8e:54:c8:5f:e5:b8:b5:0b:f4:c5:8c:d8:47:65:08:06:62:
93:aa:a5:a2:90:d0:c5:c6:81:71:6b:3b:65:10:51:30:b9:e9:
0a:ac:c3:b0:39:16:48:4a:60:d9:65:9f:ff:63:57:74:c8:51:
69:b3:37:97:29:45:ce:1e:42:9a:26:46:bc:be:44:d1:56:c6:
48:64:83:81:3c:ed:f7:64:ba:4c:8a:a2:00:2a:4a:39:38:ea:
bd:9c:d4:0f:05:e2:a4:1e:80:1a:06:de:05:02:21:80:89:d5:
5d:24:e4:34:7e:a2:1f:d1:36:ea:3d:e7:22:17:a7:a2:9c:a3:
92:26:79:a9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZxr4Utrs8fRyzA9hvZslsG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjYwMjE3MTM1NDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGNjZWQ0YWIzM2Q1ODdlYmYwNzY4ZDhjOGQwZmJiZTg4MWVhMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB9ZaVFJHQQ3DS+mrTP3VOkCcK4Q
Ryrj01xcF4eO0UawCGGzCCDVfBpRTh9UdbwcEp045bI4Rh/WlRO6b0+UqIMDvuTb
7Igk3preUlBAgqFwsZeTiiSUaP1EkO0gs/n4tBW9t3Rw2P2Bt26zieTYzOlrDSIJ
BXomYIY+zeLnoMZ1/Z858BhlfsCKy/mgt3Gjutp6IcKQ6wmS3KlczyaEHo6KiGwE
CTdE8KDuhg5h+lR0N2ME+uo5AlOfVLnvYHGDvV7g0Yk3ou1WvZVYOgIndungoSwO
bTmv8oDn01Jp+mSiaWvlOaQDHrZxIejd1a+B0Lf0z2wfF7gCPjENe4yYqwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFFjM7UqzPVh+vwdo2MjQ+76IHqGpMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvV016dFNyTTlXSDZfQjJqWXlORDd2b2dlb2FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAAtCzkD
BAAtCzsDBAEtDAADBAAtDAMDBABb0HMDBAJb3qwDBAGwYXAwDAMEArBhdAMEAbBh
eAMEALB3HwMEALn+xwMEAsIqxAMEAMIqzAMEAcIqzgMEAMNC0gMEAcOA+AMEAdRW
ejANBAIAAjAHAwUBKgktwjANBgkqhkiG9w0BAQsFAAOCAQEASJkjGJyeXQaMsd1w
nUnRn9TKyvBznVrRHD4gBdUWGGq83jRuMiuNBGiN87Dni7hLpkanJlxrAcfHlFjQ
DEVLknhBBPE54XiOVBMCwwYGa4ysMVBX4yk00ILf33HO9Acrg6+d5ZFhaodTQQnU
3X3zDs1rhgtzqKA4nTH+HQrlqY5UyF/luLUL9MWM2EdlCAZik6qlopDQxcaBcWs7
ZRBRMLnpCqzDsDkWSEpg2WWf/2NXdMhRabM3lylFzh5CmiZGvL5E0VbGSGSDgTzt
92S6TIqiACpKOTjqvZzUDwXipB6AGgbeBQIhgInVXSTkNH6iH9E26j3nIhenopyj
kiZ5qQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:58:37 2026 by rpki-client