Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/Wbq7Ok0yF85jLwjgt89q4ddf2aQ.roa
File: Wbq7Ok0yF85jLwjgt89q4ddf2aQ.roa (raw, json)
Hash identifier: GTUajXsE/JkQFkUisKJPXVFO/HOVdC4Jka6OQslN+MA=
Subject key identifier: 59:BA:BB:3A:4D:32:17:CE:63:2F:08:E0:B7:CF:6A:E1:D7:5F:D9:A4
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 019CBF939908BD47B6F8180DAADCE25BE67F
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/Wbq7Ok0yF85jLwjgt89q4ddf2aQ.roa
Signing time: Thu 05 Mar 2026 19:57:26 +0000
ROA not before: Thu 05 Mar 2026 19:57:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215103
IP address blocks: 2a0d:d940:200f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 20:09:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bf:93:99:08:bd:47:b6:f8:18:0d:aa:dc:e2:5b:e6:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Mar 5 19:57:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=59babb3a4d3217ce632f08e0b7cf6ae1d75fd9a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:87:34:0a:f1:5a:0e:e9:bc:75:5e:2f:f9:66:
6d:1c:ac:dc:4b:95:2c:4e:a1:0a:56:a6:b4:00:e9:
b3:40:16:14:d4:fb:45:42:66:b0:fd:6e:3a:78:b0:
42:ee:c7:9b:53:7e:de:d4:d5:83:c2:c9:16:2c:8d:
0c:2f:af:61:8e:a9:a5:ee:db:71:54:79:b0:80:e2:
91:66:09:be:c8:dc:f1:3e:18:02:5b:ed:06:98:a9:
5a:86:16:4e:37:b6:1b:1a:61:a6:34:3f:b8:88:d2:
bc:21:fa:3b:90:0a:03:c5:c9:9d:de:79:0f:27:74:
f9:36:4b:37:b7:8c:2a:d9:36:35:f8:7a:34:7c:8d:
b3:b1:29:49:1b:26:e7:bf:58:2f:d5:b3:a3:97:fe:
98:92:30:6c:a4:3b:63:a1:a6:ea:fb:a3:fa:9f:5d:
32:b6:6d:75:2c:99:12:ec:f8:4a:84:64:d2:ec:a1:
3f:77:01:3b:b1:4b:a4:b2:fb:6e:63:26:d9:eb:42:
8d:cc:d7:ae:0d:a7:ed:53:be:a8:95:fe:b2:7d:eb:
ba:9a:a5:61:0b:2e:a8:9e:24:04:35:38:6c:29:d3:
65:1a:78:39:7c:79:1d:06:95:ad:ab:9d:bd:15:32:
07:cd:23:78:17:77:84:2a:c7:26:53:cf:df:b9:aa:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BA:BB:3A:4D:32:17:CE:63:2F:08:E0:B7:CF:6A:E1:D7:5F:D9:A4
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/Wbq7Ok0yF85jLwjgt89q4ddf2aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:200f::/48
Signature Algorithm: sha256WithRSAEncryption
95:1d:19:ca:3f:5b:3e:e2:54:63:6a:76:6f:de:7c:03:0d:92:
7f:96:fe:48:09:22:1f:bf:92:44:96:5d:5b:7c:a7:3b:4a:fc:
96:cd:bf:0c:be:61:8f:f2:4b:55:bd:ee:92:b1:10:25:e2:ba:
e1:43:15:ef:3f:19:91:42:37:5f:db:59:1a:26:a1:58:c6:5e:
ee:23:1a:fd:eb:03:b1:ef:62:03:06:b1:b6:2b:5b:7a:10:42:
cc:c1:cd:6a:db:26:35:85:06:39:7f:ab:f4:93:b5:36:09:0d:
11:03:56:a9:99:08:7a:44:63:83:35:4a:8d:77:b8:8d:0f:bd:
a1:0c:86:5d:13:99:17:a4:f3:17:64:1f:96:96:20:46:c5:46:
1d:d5:5d:91:cf:f6:29:93:d6:22:14:ff:93:59:dc:b5:3c:fb:
a0:8a:c0:5f:ec:f3:0a:fb:2b:95:7e:b9:e3:45:b0:b2:c9:bf:
89:be:4f:8f:85:3f:a4:fd:a1:d1:c0:9b:5e:47:26:83:e5:a9:
57:14:24:2c:9d:ff:cd:e3:93:5e:55:ee:6b:2d:92:11:10:a1:
38:a0:ec:83:f6:08:3c:6d:34:96:dc:44:42:69:92:f8:ac:bb:
e8:b4:81:6d:b5:eb:dc:4d:f3:32:07:a9:6b:8a:4d:2e:03:dc:
e9:e8:8d:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZy/k5kIvUe2+BgNqtziW+Z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjYwMzA1MTk1NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWJhYmIzYTRkMzIxN2NlNjMyZjA4ZTBiN2NmNmFlMWQ3NWZkOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYc0CvFaDum8dV4v+WZtHKzcS5Us
TqEKVqa0AOmzQBYU1PtFQmaw/W46eLBC7sebU37e1NWDwskWLI0ML69hjqml7ttx
VHmwgOKRZgm+yNzxPhgCW+0GmKlahhZON7YbGmGmND+4iNK8Ifo7kAoDxcmd3nkP
J3T5Nks3t4wq2TY1+Ho0fI2zsSlJGybnv1gv1bOjl/6YkjBspDtjoabq+6P6n10y
tm11LJkS7PhKhGTS7KE/dwE7sUuksvtuYybZ60KNzNeuDaftU76olf6yfeu6mqVh
Cy6oniQENThsKdNlGng5fHkdBpWtq529FTIHzSN4F3eEKscmU8/fuarzEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFm6uzpNMhfOYy8I4LfPauHXX9mkMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvV2JxN09rMHlGODVqTHdqZ3Q4OXE0ZGRmMmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg3ZQCAP
MA0GCSqGSIb3DQEBCwUAA4IBAQCVHRnKP1s+4lRjanZv3nwDDZJ/lv5ICSIfv5JE
ll1bfKc7SvyWzb8MvmGP8ktVve6SsRAl4rrhQxXvPxmRQjdf21kaJqFYxl7uIxr9
6wOx72IDBrG2K1t6EELMwc1q2yY1hQY5f6v0k7U2CQ0RA1apmQh6RGODNUqNd7iN
D72hDIZdE5kXpPMXZB+WliBGxUYd1V2Rz/Ypk9YiFP+TWdy1PPugisBf7PMK+yuV
frnjRbCyyb+Jvk+PhT+k/aHRwJteRyaD5alXFCQsnf/N45NeVe5rLZIREKE4oOyD
9gg8bTSW3ERCaZL4rLvotIFttevcTfMyB6lrik0uA9zp6I0Q
-----END CERTIFICATE-----
Generated at Sun Mar 8 03:27:44 2026 by rpki-client