Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/wfzgDMRxuyayBLQPPxPuYGao92s.roa
File: wfzgDMRxuyayBLQPPxPuYGao92s.roa (raw, json)
Hash identifier: XLNXyipW2bdTh0IJx7RRnlgyXVVw+Yp3FUwpSXwkVJs=
Subject key identifier: C1:FC:E0:0C:C4:71:BB:26:B2:04:B4:0F:3F:13:EE:60:66:A8:F7:6B
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019C8E6803B29C0ACBCAB614E8F9478D9650
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/wfzgDMRxuyayBLQPPxPuYGao92s.roa
Signing time: Tue 24 Feb 2026 06:48:27 +0000
ROA not before: Tue 24 Feb 2026 06:48:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 37.148.128.0/22 maxlen: 24
93.88.157.0/24 maxlen: 24
93.88.158.0/24 maxlen: 24
95.155.128.0/23 maxlen: 24
95.155.128.0/24 maxlen: 24
95.155.129.0/24 maxlen: 24
95.155.133.0/24 maxlen: 24
95.155.134.0/24 maxlen: 24
95.155.137.0/24 maxlen: 24
95.155.139.0/24 maxlen: 24
95.155.146.0/23 maxlen: 24
95.155.146.0/24 maxlen: 24
95.155.147.0/24 maxlen: 24
95.155.148.0/23 maxlen: 24
95.155.149.0/24 maxlen: 24
95.155.150.0/24 maxlen: 24
95.155.152.0/22 maxlen: 24
95.155.152.0/23 maxlen: 24
95.155.154.0/23 maxlen: 24
95.155.160.0/20 maxlen: 24
95.155.176.0/21 maxlen: 24
152.89.84.0/24 maxlen: 24
152.89.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:68:03:b2:9c:0a:cb:ca:b6:14:e8:f9:47:8d:96:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Feb 24 06:48:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c1fce00cc471bb26b204b40f3f13ee6066a8f76b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d3:46:47:07:4d:f2:8c:0f:98:a9:c0:2f:32:
c4:c6:b2:10:f7:0d:9b:b9:29:ac:99:0f:7a:89:d4:
05:48:f9:3b:c4:59:26:d6:1b:e4:b6:d0:e2:11:db:
d7:b5:02:4e:93:88:d8:37:cc:c1:3d:d1:47:8f:73:
fd:15:78:77:f0:b2:84:9f:e5:a6:84:1c:57:6e:9c:
16:a6:cc:6c:b0:15:24:32:ab:84:cd:a4:29:cf:f7:
90:5a:d6:c3:fa:73:34:ff:5a:7d:27:0d:64:16:49:
8f:93:f2:f5:0e:22:56:f2:46:2e:8e:fa:78:e3:38:
14:41:c2:83:61:b3:4a:ca:41:9c:71:ba:8f:9b:76:
e3:4a:3e:1c:f2:f1:1e:da:10:1e:0f:0f:43:3d:ec:
c5:e2:da:d5:73:9d:6d:10:17:0f:74:68:d3:7c:28:
71:ad:c8:96:28:c4:65:7f:97:3b:1c:a8:f1:8d:53:
ea:6f:a8:db:15:97:89:ad:08:6f:83:5b:3f:39:c3:
e3:c0:0a:10:19:25:36:d3:52:66:04:a2:1b:7c:ec:
cc:27:18:ca:ca:00:20:5c:27:08:5e:9a:59:d5:60:
64:76:00:92:c5:f6:4c:79:15:5a:46:cc:20:43:c5:
18:9a:85:96:12:91:a4:29:92:7c:0b:57:f2:0f:d8:
5d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FC:E0:0C:C4:71:BB:26:B2:04:B4:0F:3F:13:EE:60:66:A8:F7:6B
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/wfzgDMRxuyayBLQPPxPuYGao92s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.128.0/22
93.88.157.0-93.88.158.255
95.155.128.0/23
95.155.133.0-95.155.134.255
95.155.137.0/24
95.155.139.0/24
95.155.146.0-95.155.150.255
95.155.152.0/22
95.155.160.0-95.155.183.255
152.89.84.0/24
152.89.87.0/24
Signature Algorithm: sha256WithRSAEncryption
33:3f:d1:3f:b0:0d:56:d7:ad:81:1c:fc:70:3f:b0:d1:9f:3d:
c2:71:96:11:88:0d:5a:83:74:9f:db:95:98:7a:8e:bc:8a:ba:
89:46:84:10:26:0b:c2:19:22:e0:bf:fa:a4:b9:b5:d8:b1:aa:
72:a4:e1:6a:24:df:1c:11:a8:d8:f7:c5:fc:b9:d9:ec:e4:c7:
40:06:5c:6a:42:ee:44:29:a4:d3:34:a2:e5:ec:ac:20:c1:38:
f8:80:8f:6a:36:45:3f:7a:c8:65:d2:6c:a4:a5:6d:75:ff:a7:
97:90:c2:e2:73:11:3b:c4:7d:5b:be:ac:59:3e:41:34:f8:f1:
9e:58:cc:21:d9:3e:d0:53:3e:78:91:cd:32:25:4e:ee:90:92:
5c:16:4b:67:dd:c4:18:c4:ba:ff:02:7c:af:b9:c1:6e:be:03:
60:38:05:28:73:de:36:89:51:a5:3f:77:49:28:45:e3:33:00:
ee:89:0d:6c:e9:e8:af:3a:11:c5:27:d5:04:1a:80:3f:ab:fd:
55:00:f8:9f:eb:4e:67:33:ab:ba:17:ff:cb:0b:2b:c0:dc:33:
b2:cb:47:28:e8:b9:0f:3b:e7:64:26:fb:71:3a:9c:4c:69:8d:
37:1b:6b:f3:ef:86:a7:7e:5c:dd:c1:91:d4:fc:11:b5:ed:39:
bb:ef:86:42
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZyOaAOynArLyrYU6PlHjZZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjYwMjI0MDY0ODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWZjZTAwY2M0NzFiYjI2YjIwNGI0MGYzZjEzZWU2MDY2YThmNzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9NGRwdN8owPmKnALzLExrIQ9w2b
uSmsmQ96idQFSPk7xFkm1hvkttDiEdvXtQJOk4jYN8zBPdFHj3P9FXh38LKEn+Wm
hBxXbpwWpsxssBUkMquEzaQpz/eQWtbD+nM0/1p9Jw1kFkmPk/L1DiJW8kYujvp4
4zgUQcKDYbNKykGccbqPm3bjSj4c8vEe2hAeDw9DPezF4trVc51tEBcPdGjTfChx
rciWKMRlf5c7HKjxjVPqb6jbFZeJrQhvg1s/OcPjwAoQGSU201JmBKIbfOzMJxjK
ygAgXCcIXppZ1WBkdgCSxfZMeRVaRswgQ8UYmoWWEpGkKZJ8C1fyD9hd8QIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFMH84AzEcbsmsgS0Dz8T7mBmqPdrMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvd2Z6Z0RNUnh1eWF5QkxRUFB4UHVZR2FvOTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQCJZSAMAwD
BABdWJ0DBABdWJ4DBAFfm4AwDAMEAF+bhQMEAF+bhgMEAF+biQMEAF+bizAMAwQB
X5uSAwQAX5uWAwQCX5uYMAwDBAVfm6ADBANfm7ADBACYWVQDBACYWVcwDQYJKoZI
hvcNAQELBQADggEBADM/0T+wDVbXrYEc/HA/sNGfPcJxlhGIDVqDdJ/blZh6jryK
uolGhBAmC8IZIuC/+qS5tdixqnKk4Wok3xwRqNj3xfy52ezkx0AGXGpC7kQppNM0
ouXsrCDBOPiAj2o2RT96yGXSbKSlbXX/p5eQwuJzETvEfVu+rFk+QTT48Z5YzCHZ
PtBTPniRzTIlTu6QklwWS2fdxBjEuv8CfK+5wW6+A2A4BShz3jaJUaU/d0koReMz
AO6JDWzp6K86EcUn1QQagD+r/VUA+J/rTmczq7oX/8sLK8DcM7LLRyjouQ8752Qm
+3E6nExpjTcba/Pvhqd+XN3BkdT8EbXtObvvhkI=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:22:36 2026 by rpki-client