Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/wK1thNBNOi3cJ4C_cLUUCpyCeDg.roa
File: wK1thNBNOi3cJ4C_cLUUCpyCeDg.roa (raw, json)
Hash identifier: SYmUDWSPEMPAWWeOzzPct/i4L2oBAFG5xQ9Zk5i1914=
Subject key identifier: C0:AD:6D:84:D0:4D:3A:2D:DC:27:80:BF:70:B5:14:0A:9C:82:78:38
Certificate issuer: /CN=659c356633388e9bd897d000a3f38bc1e546ef4a
Certificate serial: 019CB51E9777D4157CE55F4D24296E4194BE
Authority key identifier: 65:9C:35:66:33:38:8E:9B:D8:97:D0:00:A3:F3:8B:C1:E5:46:EF:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/wK1thNBNOi3cJ4C_cLUUCpyCeDg.roa
Signing time: Tue 03 Mar 2026 19:13:26 +0000
ROA not before: Tue 03 Mar 2026 19:13:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1961
IP address blocks: 193.38.176.0/23 maxlen: 23
193.38.176.0/24 maxlen: 24
193.38.177.0/24 maxlen: 24
193.38.178.0/23 maxlen: 23
193.38.180.0/23 maxlen: 23
193.38.180.0/24 maxlen: 24
193.38.181.0/24 maxlen: 24
193.38.190.0/23 maxlen: 23
193.38.190.0/24 maxlen: 24
193.38.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 13:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b5:1e:97:77:d4:15:7c:e5:5f:4d:24:29:6e:41:94:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659c356633388e9bd897d000a3f38bc1e546ef4a
Validity
Not Before: Mar 3 19:13:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c0ad6d84d04d3a2ddc2780bf70b5140a9c827838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6f:24:cd:af:ae:7b:8e:87:2d:a3:72:d5:a3:
d2:8c:cd:a9:36:c7:98:bc:4f:b9:37:68:1d:4d:78:
0f:6d:70:07:fa:9a:02:29:44:b4:6c:29:89:5c:2d:
9c:bb:91:a7:7e:4a:6b:7a:09:50:f9:27:7d:fd:1e:
8e:6b:93:88:9a:07:c4:77:2d:5f:b3:e5:64:73:14:
56:57:f3:45:4a:46:8d:3c:20:bd:c1:79:44:d7:ac:
1b:86:c1:ff:f1:f7:c2:3b:ec:9d:0c:3f:14:84:a7:
d8:ab:e4:95:f6:7c:87:5d:b5:26:2b:82:24:85:e8:
47:73:d4:2e:57:65:ca:a3:6e:13:c2:1c:f5:f5:fb:
11:20:e3:0c:59:bc:e2:07:3f:6a:72:36:b8:97:d8:
ab:c1:98:96:f5:57:66:ce:b7:4f:1a:b7:43:0f:7a:
e7:a0:19:96:1f:27:ef:df:a8:9d:ff:63:9e:c5:95:
f8:b8:36:80:85:77:36:58:94:ce:a8:24:9a:36:42:
a2:40:9e:c4:81:ae:fc:47:3a:fc:2a:1b:cb:eb:97:
af:e2:52:73:54:55:92:e2:56:d3:01:87:90:89:5d:
b4:76:e3:c1:84:82:80:9f:e7:5e:df:9f:6f:36:28:
94:1b:85:9b:be:c0:b2:7c:cb:85:84:ba:0e:51:08:
b6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:AD:6D:84:D0:4D:3A:2D:DC:27:80:BF:70:B5:14:0A:9C:82:78:38
X509v3 Authority Key Identifier:
keyid:65:9C:35:66:33:38:8E:9B:D8:97:D0:00:A3:F3:8B:C1:E5:46:EF:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/wK1thNBNOi3cJ4C_cLUUCpyCeDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.176.0-193.38.181.255
193.38.190.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:07:67:4b:78:95:33:81:15:d2:15:9b:b1:90:dd:b3:71:4b:
66:d0:29:45:b3:aa:bf:d0:2f:d7:8e:2d:8d:57:29:f1:c7:2f:
24:38:28:22:43:94:b2:39:93:17:78:f8:b2:4d:f0:96:8b:bc:
31:cf:d1:a4:a3:1a:7f:38:06:96:3f:22:d3:58:84:b2:1f:a7:
aa:09:60:2e:ec:57:81:41:39:d5:11:84:79:64:b7:aa:f8:2d:
a9:0c:83:1a:f0:f2:28:7a:b9:3b:5e:ea:6c:da:1a:e6:85:85:
44:21:05:ab:9c:9f:ea:6b:8d:0a:28:a9:42:0c:1a:d2:b8:dd:
86:8a:8d:8e:9f:8a:73:38:2c:b3:a8:58:26:38:01:5e:16:13:
91:5e:1a:ca:10:9a:be:33:f0:18:63:9d:8e:17:c8:5c:8d:7a:
11:7c:68:eb:41:6e:a7:d6:91:25:20:c4:c9:4c:8e:b9:5f:72:
0b:5b:8b:8f:b8:6f:e0:e4:61:06:5b:d9:46:d7:59:22:cf:c3:
39:7e:89:ba:21:61:2d:6f:85:43:5b:d3:24:5a:ae:56:67:73:
22:ce:43:5d:05:45:8c:d2:71:21:49:31:f5:59:00:71:2c:a5:
bc:61:78:d1:2a:2f:66:cc:35:d9:06:5b:d5:20:b7:7e:99:02:
b7:77:21:76
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZy1Hpd31BV85V9NJCluQZS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWMzNTY2MzMzODhlOWJkODk3ZDAwMGEzZjM4YmMxZTU0
NmVmNGEwHhcNMjYwMzAzMTkxMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGFkNmQ4NGQwNGQzYTJkZGMyNzgwYmY3MGI1MTQwYTljODI3ODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq28kza+ue46HLaNy1aPSjM2pNseY
vE+5N2gdTXgPbXAH+poCKUS0bCmJXC2cu5GnfkpreglQ+Sd9/R6Oa5OImgfEdy1f
s+VkcxRWV/NFSkaNPCC9wXlE16wbhsH/8ffCO+ydDD8UhKfYq+SV9nyHXbUmK4Ik
hehHc9QuV2XKo24Twhz19fsRIOMMWbziBz9qcja4l9irwZiW9VdmzrdPGrdDD3rn
oBmWHyfv36id/2OexZX4uDaAhXc2WJTOqCSaNkKiQJ7Ega78Rzr8KhvL65ev4lJz
VFWS4lbTAYeQiV20duPBhIKAn+de359vNiiUG4WbvsCyfMuFhLoOUQi2hQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMCtbYTQTTot3CeAv3C1FAqcgng4MB8GA1UdIwQY
MBaAFGWcNWYzOI6b2JfQAKPzi8HlRu9KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlp3MVpqTTRqcHZZbDlBQW9fT0x3ZVZHNzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83Yzc4NTEtNTg1Yi00OWYxLThiZTkt
M2M3ZTRmOTNlNDJiLzEvd0sxdGhOQk5PaTNjSjRDX2NMVVVDcHlDZURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83Yzc4NTEtNTg1Yi00OWYxLThiZTktM2M3ZTRmOTNlNDJi
LzEvWlp3MVpqTTRqcHZZbDlBQW9fT0x3ZVZHNzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBATBJrAD
BAHBJrQDBAHBJr4wDQYJKoZIhvcNAQELBQADggEBAKkHZ0t4lTOBFdIVm7GQ3bNx
S2bQKUWzqr/QL9eOLY1XKfHHLyQ4KCJDlLI5kxd4+LJN8JaLvDHP0aSjGn84BpY/
ItNYhLIfp6oJYC7sV4FBOdURhHlkt6r4LakMgxrw8ih6uTte6mzaGuaFhUQhBauc
n+prjQooqUIMGtK43YaKjY6finM4LLOoWCY4AV4WE5FeGsoQmr4z8BhjnY4XyFyN
ehF8aOtBbqfWkSUgxMlMjrlfcgtbi4+4b+DkYQZb2UbXWSLPwzl+ibohYS1vhUNb
0yRarlZncyLOQ10FRYzScSFJMfVZAHEspbxheNEqL2bMNdkGW9Ugt36ZArd3IXY=
-----END CERTIFICATE-----
Generated at Wed Mar 4 17:58:48 2026 by rpki-client