Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/WmXmk7FetwWXkrpVtnegi9DCRpA.roa
File: WmXmk7FetwWXkrpVtnegi9DCRpA.roa (raw, json)
Hash identifier: ul9wH+lzfmZs85A6YIjPAZ/2JpdqnRA2p73riZtibOw=
Subject key identifier: 5A:65:E6:93:B1:5E:B7:05:97:92:BA:55:B6:77:A0:8B:D0:C2:46:90
Certificate issuer: /CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Certificate serial: 019DE0E6190B1D839065CFD25C2A462A4BF2
Authority key identifier: EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/WmXmk7FetwWXkrpVtnegi9DCRpA.roa
Signing time: Fri 01 May 2026 00:17:49 +0000
ROA not before: Fri 01 May 2026 00:17:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215120
IP address blocks: 91.227.33.0/24 maxlen: 24
91.244.70.0/24 maxlen: 24
91.244.71.0/24 maxlen: 24
93.157.138.0/24 maxlen: 24
93.157.139.0/24 maxlen: 24
157.173.28.0/24 maxlen: 24
193.178.186.0/24 maxlen: 24
2a07:cec0:5::/48 maxlen: 48
2a07:cec0:4300::/48 maxlen: 48
2a07:cec0:4500::/48 maxlen: 48
2a07:cec0:4600::/48 maxlen: 48
2a07:cec4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.mft
rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e0:e6:19:0b:1d:83:90:65:cf:d2:5c:2a:46:2a:4b:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Validity
Not Before: May 1 00:17:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5a65e693b15eb7059792ba55b677a08bd0c24690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e6:04:8f:57:d0:0c:f2:f3:95:31:68:4f:64:
96:27:15:39:9e:b4:3c:f7:7a:db:91:ee:5d:12:7d:
99:c1:86:45:34:2d:90:f8:a1:1e:52:46:e0:87:16:
f5:ee:29:04:66:f3:ec:0e:40:6c:e7:61:57:7f:11:
0f:cd:51:73:a9:ec:04:cb:39:dc:6f:c9:68:a1:c3:
1b:5d:fd:e8:1c:61:4d:87:65:bd:1f:36:ba:ca:6b:
ba:62:09:d5:b3:87:6d:35:c7:a8:00:eb:36:56:ab:
d6:3c:08:88:91:ba:8c:26:d2:c1:08:bc:a2:03:56:
23:4c:af:25:df:7c:2d:cd:05:5c:35:ba:42:7b:42:
ae:f6:ef:8b:df:63:d6:b1:bf:b4:d3:48:ff:74:19:
f1:d2:84:7b:1b:58:df:53:d0:11:2b:ad:13:86:0d:
26:7e:a5:34:be:30:e8:21:f1:23:04:27:10:88:9c:
cd:d0:b8:d5:2f:b3:2f:c9:49:d3:ad:54:14:29:4e:
ef:46:a3:1b:fc:28:53:bf:88:19:ff:97:b0:1f:29:
94:f8:34:bd:65:a7:37:02:bc:fb:f4:c2:3e:90:52:
82:53:69:63:de:cd:52:42:a9:ba:8f:7f:e5:a7:24:
d9:52:1f:66:20:03:60:9c:78:46:cf:e2:81:b2:6f:
92:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:65:E6:93:B1:5E:B7:05:97:92:BA:55:B6:77:A0:8B:D0:C2:46:90
X509v3 Authority Key Identifier:
keyid:EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/WmXmk7FetwWXkrpVtnegi9DCRpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.33.0/24
91.244.70.0/23
93.157.138.0/23
157.173.28.0/24
193.178.186.0/24
IPv6:
2a07:cec0:5::/48
2a07:cec0:4300::/48
2a07:cec0:4500::/48
2a07:cec0:4600::/48
2a07:cec4::/30
Signature Algorithm: sha256WithRSAEncryption
1e:88:18:34:43:cc:9e:0b:4c:05:47:94:d7:f3:4a:97:d6:9c:
dd:ca:a3:30:50:d2:29:18:8c:92:43:0f:f0:c6:78:5a:b3:62:
7d:58:4d:a6:24:61:e8:b4:2b:44:65:b8:47:35:a1:c7:ec:ac:
82:03:8b:d7:79:b8:1b:67:9f:5e:a7:4c:f1:0d:80:43:17:e0:
70:34:52:45:82:0b:93:a2:e4:e7:cd:73:31:8c:43:01:a3:aa:
74:cf:9d:a9:0a:67:b6:c4:b2:e6:f7:c9:e8:3e:b6:64:49:6a:
97:8e:41:66:d5:ad:88:71:7c:eb:c3:be:5f:2a:e1:83:1c:a3:
49:4a:28:91:59:3c:ae:67:99:ec:6a:f6:30:18:3e:de:f6:cb:
45:dc:3f:0b:ed:e6:dd:96:45:68:fb:37:28:41:f5:b6:26:51:
9b:f4:a3:fe:79:43:1e:a0:7f:23:a0:1f:ff:2f:92:09:4b:dc:
9a:45:c0:0f:af:b3:7a:a3:3f:4f:43:e9:2a:16:5d:1e:83:ad:
e0:2c:3d:c1:5e:83:15:48:bf:17:b5:d5:d0:89:65:8b:ce:b5:
cc:3b:46:4d:70:d6:b0:04:49:04:8e:6f:79:cf:44:02:8b:7b:
9d:43:e8:7d:65:d5:33:43:ae:55:b0:0e:a9:23:bc:b9:f6:8c:
dd:ed:fa:e7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZ3g5hkLHYOQZc/SXCpGKkvyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTViNjIzNDdhMWI2NGNlYTQ5YTJhYjNhYjQ5ODNjMzQ4
NjFmYjIwHhcNMjYwNTAxMDAxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTY1ZTY5M2IxNWViNzA1OTc5MmJhNTViNjc3YTA4YmQwYzI0NjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+YEj1fQDPLzlTFoT2SWJxU5nrQ8
93rbke5dEn2ZwYZFNC2Q+KEeUkbghxb17ikEZvPsDkBs52FXfxEPzVFzqewEyznc
b8loocMbXf3oHGFNh2W9Hza6ymu6YgnVs4dtNceoAOs2VqvWPAiIkbqMJtLBCLyi
A1YjTK8l33wtzQVcNbpCe0Ku9u+L32PWsb+000j/dBnx0oR7G1jfU9ARK60Thg0m
fqU0vjDoIfEjBCcQiJzN0LjVL7MvyUnTrVQUKU7vRqMb/ChTv4gZ/5ewHymU+DS9
Zac3Arz79MI+kFKCU2lj3s1SQqm6j3/lpyTZUh9mIANgnHhGz+KBsm+SSwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFFpl5pOxXrcFl5K6VbZ3oIvQwkaQMB8GA1UdIwQY
MBaAFO+ltiNHobZM6kmiqzq0mDw0hh+yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQt
MDEzZDJhMTFjMGE1LzEvV21YbWs3RmV0d1dYa3JwVnRuZWdpOURDUnBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQtMDEzZDJhMTFjMGE1
LzEvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTAkBAIAATAeAwQAW+MhAwQB
W/RGAwQBXZ2KAwQAna0cAwQAwbK6MDEEAgACMCsDBwAqB87AAAUDBwAqB87AQwAD
BwAqB87ARQADBwAqB87ARgADBQIqB87EMA0GCSqGSIb3DQEBCwUAA4IBAQAeiBg0
Q8yeC0wFR5TX80qX1pzdyqMwUNIpGIySQw/wxnhas2J9WE2mJGHotCtEZbhHNaHH
7KyCA4vXebgbZ59ep0zxDYBDF+BwNFJFgguTouTnzXMxjEMBo6p0z52pCme2xLLm
98noPrZkSWqXjkFm1a2IcXzrw75fKuGDHKNJSiiRWTyuZ5nsavYwGD7e9stF3D8L
7ebdlkVo+zcoQfW2JlGb9KP+eUMeoH8joB//L5IJS9yaRcAPr7N6oz9PQ+kqFl0e
g63gLD3BXoMVSL8XtdXQiWWLzrXMO0ZNcNawBEkEjm95z0QCi3udQ+h9ZdUzQ65V
sA6pI7y59ozd7frn
-----END CERTIFICATE-----
Generated at Fri May 8 17:18:41 2026 by rpki-client