Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/94c919-e6ea-4e18-af12-ed5b01d2528c/1/sa1FCOwdYEhXP2Yqu8QUEbQCNNk.roa
File: sa1FCOwdYEhXP2Yqu8QUEbQCNNk.roa (raw, json)
Hash identifier: PDV4iugBxeLtcYe10Uig6VDBEuMBPXKSjxyLopQU5QM=
Subject key identifier: B1:AD:45:08:EC:1D:60:48:57:3F:66:2A:BB:C4:14:11:B4:02:34:D9
Certificate issuer: /CN=5ab1996515884434b87882b5b972a6e529ffb00b
Certificate serial: 019EE001653150835F552B226FFE9F77522B
Authority key identifier: 5A:B1:99:65:15:88:44:34:B8:78:82:B5:B9:72:A6:E5:29:FF:B0:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WrGZZRWIRDS4eIK1uXKm5Sn_sAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/94c919-e6ea-4e18-af12-ed5b01d2528c/1/sa1FCOwdYEhXP2Yqu8QUEbQCNNk.roa
Signing time: Fri 19 Jun 2026 13:10:48 +0000
ROA not before: Fri 19 Jun 2026 13:10:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209103
IP address blocks: 185.159.157.0/24 maxlen: 24
185.159.159.0/24 maxlen: 24
2a07:b941:e10::/44 maxlen: 44
2a07:b941:e20::/44 maxlen: 44
2a07:b941:e40::/44 maxlen: 44
2a07:b941:f00::/44 maxlen: 44
2a07:b941:f10::/44 maxlen: 44
2a07:b941:f20::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/94c919-e6ea-4e18-af12-ed5b01d2528c/1/WrGZZRWIRDS4eIK1uXKm5Sn_sAs.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/94c919-e6ea-4e18-af12-ed5b01d2528c/1/WrGZZRWIRDS4eIK1uXKm5Sn_sAs.mft
rsync://rpki.ripe.net/repository/DEFAULT/WrGZZRWIRDS4eIK1uXKm5Sn_sAs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 22:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e0:01:65:31:50:83:5f:55:2b:22:6f:fe:9f:77:52:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ab1996515884434b87882b5b972a6e529ffb00b
Validity
Not Before: Jun 19 13:10:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b1ad4508ec1d6048573f662abbc41411b40234d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8d:1c:75:42:89:ca:c6:ec:99:f9:eb:70:d2:
ad:fa:93:f8:b0:0b:c0:d1:d4:a2:54:f4:42:f3:1d:
89:5d:9c:a8:4d:9e:97:0a:aa:18:4e:22:17:6f:36:
11:55:b5:7b:db:23:f0:f0:08:18:cd:65:57:65:29:
e9:13:f6:0f:45:53:93:61:07:f1:82:25:b7:28:12:
d1:0d:4e:ed:da:f8:c5:71:67:81:d2:89:09:5c:c4:
53:35:3d:3d:41:32:92:b1:7e:11:27:c8:af:c6:91:
de:26:40:b1:a5:c7:43:bd:f6:9f:c5:56:db:14:b4:
d3:78:fc:ce:63:51:ab:1d:df:bd:55:44:26:9f:90:
8f:77:04:06:ce:1c:14:aa:2d:81:08:b0:2d:8c:3c:
ef:4a:d1:f0:78:27:79:39:d5:72:96:b8:38:01:c0:
41:62:a3:9f:c8:40:56:ca:02:64:a6:2b:2a:fd:ec:
c0:ea:60:b3:7e:99:14:11:d5:56:d5:8a:32:4f:e4:
07:8a:0a:7f:f5:7d:78:c7:b3:29:33:cf:85:12:81:
81:e7:ff:39:8e:80:66:d4:04:d6:dc:7a:a2:f7:f6:
b3:1c:57:fe:9d:b9:c1:dd:2a:ef:ed:3f:b0:8a:29:
73:96:d7:ac:a9:0f:7a:4f:b6:b0:50:a4:a5:1a:00:
f9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AD:45:08:EC:1D:60:48:57:3F:66:2A:BB:C4:14:11:B4:02:34:D9
X509v3 Authority Key Identifier:
keyid:5A:B1:99:65:15:88:44:34:B8:78:82:B5:B9:72:A6:E5:29:FF:B0:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrGZZRWIRDS4eIK1uXKm5Sn_sAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/94c919-e6ea-4e18-af12-ed5b01d2528c/1/sa1FCOwdYEhXP2Yqu8QUEbQCNNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/94c919-e6ea-4e18-af12-ed5b01d2528c/1/WrGZZRWIRDS4eIK1uXKm5Sn_sAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.157.0/24
185.159.159.0/24
IPv6:
2a07:b941:e10::-2a07:b941:e2f:ffff:ffff:ffff:ffff:ffff
2a07:b941:e40::/44
2a07:b941:f00::-2a07:b941:f2f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:01:38:35:d0:f9:28:d5:82:49:9c:c1:9f:df:01:a9:6e:67:
c5:44:9c:a6:38:5a:42:76:d9:15:d5:59:aa:70:e0:04:71:d6:
b5:3e:63:5c:85:fa:3c:ab:d8:e1:b1:91:d7:a8:9d:cf:6d:68:
f1:e1:63:59:b9:ff:2b:65:d6:85:dc:57:57:2c:bf:f9:4d:37:
97:24:af:62:1e:7a:a2:c3:27:97:77:a4:34:d6:a3:c2:0a:e5:
a2:86:45:db:a7:17:2f:ba:57:02:62:f1:8a:6d:ac:3d:e1:98:
65:ac:68:dc:e9:9e:d1:61:23:96:cc:13:b5:6b:62:00:fe:ac:
d1:4a:9c:6f:b9:fe:3a:73:f4:12:9f:62:3c:aa:94:1c:6d:28:
a9:c2:56:40:27:0a:e3:21:9b:80:9d:20:89:aa:12:c9:28:cc:
be:45:89:bc:9e:57:c9:2d:7c:f5:3a:e3:79:9d:30:21:23:43:
66:37:48:c4:4b:14:ab:04:0b:b7:61:67:0a:6c:bd:bc:0e:3e:
57:eb:81:a3:8c:cd:d9:90:e5:79:96:64:94:a7:64:0b:9c:11:
65:4f:bc:0d:7b:aa:38:6e:f8:e6:37:4f:31:50:9a:e6:24:ed:
50:83:a1:c5:9f:5f:ff:38:7c:7c:cd:c1:0f:e5:fd:77:0a:b6:
a0:24:e5:21
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ7gAWUxUINfVSsib/6fd1IrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjE5OTY1MTU4ODQ0MzRiODc4ODJiNWI5NzJhNmU1Mjlm
ZmIwMGIwHhcNMjYwNjE5MTMxMDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFkNDUwOGVjMWQ2MDQ4NTczZjY2MmFiYmM0MTQxMWI0MDIzNGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo0cdUKJysbsmfnrcNKt+pP4sAvA
0dSiVPRC8x2JXZyoTZ6XCqoYTiIXbzYRVbV72yPw8AgYzWVXZSnpE/YPRVOTYQfx
giW3KBLRDU7t2vjFcWeB0okJXMRTNT09QTKSsX4RJ8ivxpHeJkCxpcdDvfafxVbb
FLTTePzOY1GrHd+9VUQmn5CPdwQGzhwUqi2BCLAtjDzvStHweCd5OdVylrg4AcBB
YqOfyEBWygJkpisq/ezA6mCzfpkUEdVW1YoyT+QHigp/9X14x7MpM8+FEoGB5/85
joBm1ATW3Hqi9/azHFf+nbnB3Srv7T+wiilzltesqQ96T7awUKSlGgD5JQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLGtRQjsHWBIVz9mKrvEFBG0AjTZMB8GA1UdIwQY
MBaAFFqxmWUViEQ0uHiCtblypuUp/7ALMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JHWlpSV0lSRFM0ZUlLMXVYS201U25fc0FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85NGM5MTktZTZlYS00ZTE4LWFmMTIt
ZWQ1YjAxZDI1MjhjLzEvc2ExRkNPd2RZRWhYUDJZcXU4UVVFYlFDTk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85NGM5MTktZTZlYS00ZTE4LWFmMTItZWQ1YjAxZDI1Mjhj
LzEvV3JHWlpSV0lSRFM0ZUlLMXVYS201U25fc0FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDASBAIAATAMAwQAuZ+dAwQA
uZ+fMDYEAgACMDAwEgMHBCoHuUEOEAMHBCoHuUEOIAMHBCoHuUEOQDARAwYAKge5
QQ8DBwQqB7lBDyAwDQYJKoZIhvcNAQELBQADggEBAJ4BODXQ+SjVgkmcwZ/fAalu
Z8VEnKY4WkJ22RXVWapw4ARx1rU+Y1yF+jyr2OGxkdeonc9taPHhY1m5/ytl1oXc
V1csv/lNN5ckr2IeeqLDJ5d3pDTWo8IK5aKGRdunFy+6VwJi8YptrD3hmGWsaNzp
ntFhI5bME7VrYgD+rNFKnG+5/jpz9BKfYjyqlBxtKKnCVkAnCuMhm4CdIImqEsko
zL5FibyeV8ktfPU643mdMCEjQ2Y3SMRLFKsEC7dhZwpsvbwOPlfrgaOMzdmQ5XmW
ZJSnZAucEWVPvA17qjhu+OY3TzFQmuYk7VCDocWfX/84fHzNwQ/l/XcKtqAk5SE=
-----END CERTIFICATE-----
Generated at Sat Jun 20 06:30:01 2026 by rpki-client