Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/b52c5d-95ba-4dd3-bba8-b7ca1f4728d0/1/WgwLxC9Yt1P2PQQqF-IM93F5MTI.roa
File: WgwLxC9Yt1P2PQQqF-IM93F5MTI.roa (raw, json)
Hash identifier: S99D2xo8pMLtxvntzLwaL0u806uFQaCV8frsIVvvpqo=
Subject key identifier: 5A:0C:0B:C4:2F:58:B7:53:F6:3D:04:2A:17:E2:0C:F7:71:79:31:32
Certificate issuer: /CN=f30e445195b64d799b822e99947792e0cab32b6d
Certificate serial: 019E73E59823B9376C159B72B578B0E141DD
Authority key identifier: F3:0E:44:51:95:B6:4D:79:9B:82:2E:99:94:77:92:E0:CA:B3:2B:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8w5EUZW2TXmbgi6ZlHeS4MqzK20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/b52c5d-95ba-4dd3-bba8-b7ca1f4728d0/1/WgwLxC9Yt1P2PQQqF-IM93F5MTI.roa
Signing time: Fri 29 May 2026 13:21:26 +0000
ROA not before: Fri 29 May 2026 13:21:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 154383
IP address blocks: 189.13.138.0/24 maxlen: 24
189.13.139.0/24 maxlen: 24
189.13.140.0/24 maxlen: 24
189.13.141.0/24 maxlen: 24
189.13.142.0/24 maxlen: 24
189.13.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/b52c5d-95ba-4dd3-bba8-b7ca1f4728d0/1/8w5EUZW2TXmbgi6ZlHeS4MqzK20.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/b52c5d-95ba-4dd3-bba8-b7ca1f4728d0/1/8w5EUZW2TXmbgi6ZlHeS4MqzK20.mft
rsync://rpki.ripe.net/repository/DEFAULT/8w5EUZW2TXmbgi6ZlHeS4MqzK20.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 23:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:e5:98:23:b9:37:6c:15:9b:72:b5:78:b0:e1:41:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f30e445195b64d799b822e99947792e0cab32b6d
Validity
Not Before: May 29 13:21:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5a0c0bc42f58b753f63d042a17e20cf771793132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3f:da:91:1d:1f:4b:37:53:ed:7e:97:4c:5a:
ca:37:5d:86:35:02:3d:63:ba:21:63:8f:d6:22:40:
67:3a:ea:60:7a:5d:31:eb:68:91:11:0c:b4:71:e0:
42:49:ad:65:b0:eb:d4:0a:54:50:b9:f3:db:9c:49:
4a:0b:c4:3f:19:16:60:e5:23:ba:d8:2d:b6:38:1d:
4d:25:0d:1e:0d:20:da:a5:c8:c5:e6:2f:18:9a:40:
74:4b:d6:9a:59:63:0f:f8:90:c3:fc:db:56:81:1c:
bb:18:34:f8:ca:af:1f:84:68:de:8c:9c:57:9f:ff:
bf:76:6b:f6:10:19:9f:04:ea:50:d7:8a:e8:c5:e1:
83:23:c1:a2:1a:29:e3:00:82:fe:e4:1d:16:46:f7:
b1:5d:ea:b9:4c:b7:c2:9f:88:17:65:35:9a:cc:ad:
54:b3:15:0b:69:9d:b2:c5:68:91:0f:31:5a:72:aa:
f8:8e:4f:26:e9:a5:31:f4:db:99:44:07:8e:66:fd:
ae:5b:5e:5f:23:94:11:5a:81:1b:80:c8:e2:7f:55:
ba:2b:85:11:cc:15:2a:28:bc:71:b5:b0:cb:e7:74:
45:88:27:4c:9a:06:b9:71:3e:61:fe:97:70:a2:8a:
ca:55:1c:d4:fc:ec:c9:62:d7:86:fb:e1:1b:54:05:
b9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:0C:0B:C4:2F:58:B7:53:F6:3D:04:2A:17:E2:0C:F7:71:79:31:32
X509v3 Authority Key Identifier:
keyid:F3:0E:44:51:95:B6:4D:79:9B:82:2E:99:94:77:92:E0:CA:B3:2B:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8w5EUZW2TXmbgi6ZlHeS4MqzK20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/b52c5d-95ba-4dd3-bba8-b7ca1f4728d0/1/WgwLxC9Yt1P2PQQqF-IM93F5MTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/b52c5d-95ba-4dd3-bba8-b7ca1f4728d0/1/8w5EUZW2TXmbgi6ZlHeS4MqzK20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
189.13.138.0-189.13.143.255
Signature Algorithm: sha256WithRSAEncryption
a6:e1:94:32:ee:75:a2:7c:54:c0:a7:a7:88:9d:88:a7:5d:46:
f6:1b:8e:a8:01:9b:5e:13:93:fa:8c:22:29:fb:7a:f5:3e:c3:
ea:59:e1:51:aa:b3:de:f6:21:b7:8e:54:c0:7c:bb:ae:83:08:
81:63:05:9f:17:96:21:9a:02:91:98:3c:ac:3b:3c:42:ab:e4:
78:23:cb:29:07:12:2e:7d:9c:c5:24:6d:4a:ee:0b:15:a3:c4:
80:73:4a:ba:9a:2e:93:e2:61:57:1b:9f:7f:ee:b5:f7:27:78:
68:e5:5e:84:8b:f4:bb:95:8a:fd:fc:0f:76:64:88:66:6a:fb:
7e:6b:f8:aa:5a:ad:ac:f7:da:bc:9d:29:a9:b6:48:00:f0:0d:
a9:f9:97:26:80:db:50:8c:07:7e:6b:88:20:d2:67:6c:97:43:
22:36:60:d4:b1:0a:fc:83:78:12:5e:90:60:b3:af:24:9e:67:
1e:b6:5d:6b:ef:1f:7e:83:1a:f1:1b:77:11:37:9c:78:0e:82:
f2:46:28:fd:24:cb:72:de:0f:4b:51:c1:d7:91:20:0e:9a:fc:
71:c8:e9:d7:0d:bc:82:b6:e9:96:4c:83:0c:62:ff:c0:6c:9a:
eb:ea:dc:7f:09:93:3d:d3:4d:7b:aa:cd:f5:eb:c3:6f:73:fe:
a4:a1:a5:ef
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ5z5ZgjuTdsFZtytXiw4UHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMGU0NDUxOTViNjRkNzk5YjgyMmU5OTk0Nzc5MmUwY2Fi
MzJiNmQwHhcNMjYwNTI5MTMyMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTBjMGJjNDJmNThiNzUzZjYzZDA0MmExN2UyMGNmNzcxNzkzMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj/akR0fSzdT7X6XTFrKN12GNQI9
Y7ohY4/WIkBnOupgel0x62iREQy0ceBCSa1lsOvUClRQufPbnElKC8Q/GRZg5SO6
2C22OB1NJQ0eDSDapcjF5i8YmkB0S9aaWWMP+JDD/NtWgRy7GDT4yq8fhGjejJxX
n/+/dmv2EBmfBOpQ14roxeGDI8GiGinjAIL+5B0WRvexXeq5TLfCn4gXZTWazK1U
sxULaZ2yxWiRDzFacqr4jk8m6aUx9NuZRAeOZv2uW15fI5QRWoEbgMjif1W6K4UR
zBUqKLxxtbDL53RFiCdMmga5cT5h/pdwoorKVRzU/OzJYteG++EbVAW5oQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFoMC8QvWLdT9j0EKhfiDPdxeTEyMB8GA1UdIwQY
MBaAFPMORFGVtk15m4IumZR3kuDKsyttMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHc1RVVaVzJUWG1iZ2k2WmxIZVM0TXF6SzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iNTJjNWQtOTViYS00ZGQzLWJiYTgt
YjdjYTFmNDcyOGQwLzEvV2d3THhDOVl0MVAyUFFRcUYtSU05M0Y1TVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iNTJjNWQtOTViYS00ZGQzLWJiYTgtYjdjYTFmNDcyOGQw
LzEvOHc1RVVaVzJUWG1iZ2k2WmxIZVM0TXF6SzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAG9DYoD
BAS9DYAwDQYJKoZIhvcNAQELBQADggEBAKbhlDLudaJ8VMCnp4idiKddRvYbjqgB
m14Tk/qMIin7evU+w+pZ4VGqs972IbeOVMB8u66DCIFjBZ8XliGaApGYPKw7PEKr
5HgjyykHEi59nMUkbUruCxWjxIBzSrqaLpPiYVcbn3/utfcneGjlXoSL9LuViv38
D3ZkiGZq+35r+Kparaz32rydKam2SADwDan5lyaA21CMB35riCDSZ2yXQyI2YNSx
CvyDeBJekGCzrySeZx62XWvvH36DGvEbdxE3nHgOgvJGKP0ky3LeD0tRwdeRIA6a
/HHI6dcNvIK26ZZMgwxi/8Bsmuvq3H8Jkz3TTXuqzfXrw29z/qShpe8=
-----END CERTIFICATE-----
Generated at Wed Jun 3 09:00:05 2026 by rpki-client