Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/pWXZtCsdY4YY3ukaTshaoyzjeSc.roa
File: pWXZtCsdY4YY3ukaTshaoyzjeSc.roa (raw, json)
Hash identifier: aOl1H4Qz0lJuDr1Yv2a145gjt3ffANHgu1PQv3jNCUg=
Subject key identifier: A5:65:D9:B4:2B:1D:63:86:18:DE:E9:1A:4E:C8:5A:A3:2C:E3:79:27
Certificate issuer: /CN=11e2a78ddc7f139f0c22a2a63662b4812ae5132e
Certificate serial: 019CB97177992ED7AA18ACBC594F96BCC32E
Authority key identifier: 11:E2:A7:8D:DC:7F:13:9F:0C:22:A2:A6:36:62:B4:81:2A:E5:13:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/pWXZtCsdY4YY3ukaTshaoyzjeSc.roa
Signing time: Wed 04 Mar 2026 15:22:26 +0000
ROA not before: Wed 04 Mar 2026 15:22:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 86.54.105.0/24 maxlen: 24
193.32.92.0/24 maxlen: 24
2a13:1000::/29 maxlen: 29
2a13:1000::/48 maxlen: 48
2a13:1002::/48 maxlen: 48
2a13:1002:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/EeKnjdx_E58MIqKmNmK0gSrlEy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/EeKnjdx_E58MIqKmNmK0gSrlEy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:71:77:99:2e:d7:aa:18:ac:bc:59:4f:96:bc:c3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11e2a78ddc7f139f0c22a2a63662b4812ae5132e
Validity
Not Before: Mar 4 15:22:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a565d9b42b1d638618dee91a4ec85aa32ce37927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b0:0a:af:57:95:93:49:5e:36:b0:d9:6a:72:
cb:14:a6:20:3a:56:7d:40:05:b6:52:c4:c2:90:da:
f9:dc:b5:28:46:1d:1a:b3:9b:61:da:e8:19:a0:a3:
cb:8d:b6:84:87:44:4c:dc:11:2d:26:ce:da:61:82:
a6:3b:87:a7:ef:43:64:9c:02:e7:c4:70:2f:06:a2:
f3:6a:e4:69:5e:56:04:79:49:04:7e:f9:4a:bd:ea:
f9:b4:03:fb:b5:dc:73:4f:b8:87:7d:cf:3d:42:3c:
ec:3d:da:98:f3:11:5b:44:22:25:d5:c3:76:07:6b:
68:f7:6e:31:ad:23:c0:60:5d:bb:5c:27:45:f5:83:
16:da:d7:b3:9d:d8:ea:ad:5b:11:7e:43:81:01:db:
2a:50:87:9f:0c:e4:67:b4:4d:66:6c:b6:79:be:a3:
9a:48:0b:3f:2b:d1:65:a5:84:d2:bf:6d:11:c7:24:
a8:34:0d:55:41:7e:15:6f:75:5c:fe:04:c5:60:4f:
c9:9d:74:f8:4e:fd:06:d7:e4:43:e6:b4:7e:09:65:
31:4a:39:85:9d:f7:2d:86:b4:fc:fb:4c:4f:4d:d4:
17:b3:d8:7f:aa:a0:d1:02:11:25:5e:0f:7c:c1:f0:
83:fa:a1:51:03:97:f3:cb:3a:2d:91:4d:e7:e5:9f:
c3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:65:D9:B4:2B:1D:63:86:18:DE:E9:1A:4E:C8:5A:A3:2C:E3:79:27
X509v3 Authority Key Identifier:
keyid:11:E2:A7:8D:DC:7F:13:9F:0C:22:A2:A6:36:62:B4:81:2A:E5:13:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/pWXZtCsdY4YY3ukaTshaoyzjeSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/EeKnjdx_E58MIqKmNmK0gSrlEy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.105.0/24
193.32.92.0/24
IPv6:
2a13:1000::/29
Signature Algorithm: sha256WithRSAEncryption
35:1f:c0:c5:23:11:5c:5e:d0:2e:80:b1:fa:3f:ff:8e:de:83:
57:91:a3:0b:4e:80:ed:1b:6a:bb:06:36:b1:a6:30:37:04:ee:
3c:b3:54:5d:40:01:09:74:5e:e4:5f:e0:0a:6c:f3:54:97:7f:
e1:23:97:61:7a:d5:ff:6e:79:74:dd:16:ca:c4:92:c3:80:36:
cd:6b:48:e5:87:f2:5c:67:e8:70:fb:7b:d4:05:15:3c:72:c8:
eb:ce:b2:1c:d3:f5:35:6a:cf:2c:34:ed:a0:ff:10:e8:70:34:
51:56:26:c3:62:60:84:13:88:c0:87:ee:ae:56:3b:c1:ab:9e:
54:5a:ac:cf:57:38:58:03:30:d5:aa:a4:df:fa:8e:cb:ee:76:
ce:41:7e:c9:38:7d:fb:c8:45:7a:59:b5:74:95:f3:04:13:9c:
49:0e:1e:ca:1f:d6:ea:6a:21:c6:9d:41:d1:f8:79:67:96:11:
8d:eb:0a:05:80:27:57:84:e5:47:12:43:27:6a:67:c2:83:24:
ba:bb:f0:8e:22:fc:49:64:a0:0f:4d:f6:aa:f3:56:b1:60:b3:
d1:ba:49:ed:c7:4e:ea:03:67:a5:ae:78:5a:3d:1b:63:93:fd:
e7:3e:d4:6e:63:6e:80:dc:3c:82:25:57:14:e3:91:92:93:1d:
4d:67:68:49
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZy5cXeZLteqGKy8WU+WvMMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZTJhNzhkZGM3ZjEzOWYwYzIyYTJhNjM2NjJiNDgxMmFl
NTEzMmUwHhcNMjYwMzA0MTUyMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTY1ZDliNDJiMWQ2Mzg2MThkZWU5MWE0ZWM4NWFhMzJjZTM3OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7AKr1eVk0leNrDZanLLFKYgOlZ9
QAW2UsTCkNr53LUoRh0as5th2ugZoKPLjbaEh0RM3BEtJs7aYYKmO4en70NknALn
xHAvBqLzauRpXlYEeUkEfvlKver5tAP7tdxzT7iHfc89QjzsPdqY8xFbRCIl1cN2
B2to924xrSPAYF27XCdF9YMW2tezndjqrVsRfkOBAdsqUIefDORntE1mbLZ5vqOa
SAs/K9FlpYTSv20RxySoNA1VQX4Vb3Vc/gTFYE/JnXT4Tv0G1+RD5rR+CWUxSjmF
nfcthrT8+0xPTdQXs9h/qqDRAhElXg98wfCD+qFRA5fzyzotkU3n5Z/D4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKVl2bQrHWOGGN7pGk7IWqMs43knMB8GA1UdIwQY
MBaAFBHip43cfxOfDCKipjZitIEq5RMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWVLbmpkeF9FNThNSXFLbU5tSzBnU3JsRXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jZDE1YzctNDc2YS00YzU3LWJhZjQt
ZGU1ZjdiZjU5ODM5LzEvcFdYWnRDc2RZNFlZM3VrYVRzaGFveXpqZVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jZDE1YzctNDc2YS00YzU3LWJhZjQtZGU1ZjdiZjU5ODM5
LzEvRWVLbmpkeF9FNThNSXFLbU5tSzBnU3JsRXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAVjZpAwQA
wSBcMA0EAgACMAcDBQMqExAAMA0GCSqGSIb3DQEBCwUAA4IBAQA1H8DFIxFcXtAu
gLH6P/+O3oNXkaMLToDtG2q7BjaxpjA3BO48s1RdQAEJdF7kX+AKbPNUl3/hI5dh
etX/bnl03RbKxJLDgDbNa0jlh/JcZ+hw+3vUBRU8csjrzrIc0/U1as8sNO2g/xDo
cDRRVibDYmCEE4jAh+6uVjvBq55UWqzPVzhYAzDVqqTf+o7L7nbOQX7JOH37yEV6
WbV0lfMEE5xJDh7KH9bqaiHGnUHR+HlnlhGN6woFgCdXhOVHEkMnamfCgyS6u/CO
IvxJZKAPTfaq81axYLPRukntx07qA2elrnhaPRtjk/3nPtRuY26A3DyCJVcU45GS
kx1NZ2hJ
-----END CERTIFICATE-----
Generated at Fri Mar 13 02:17:57 2026 by rpki-client