Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/PwhUXZL6CNCiqFG6X40fxTprwe8.roa
File: PwhUXZL6CNCiqFG6X40fxTprwe8.roa (raw, json)
Hash identifier: yC+P1a5oySp6096bFMvxZorw2eJsVR/SJkzLwcbEByE=
Subject key identifier: 3F:08:54:5D:92:FA:08:D0:A2:A8:51:BA:5F:8D:1F:C5:3A:6B:C1:EF
Certificate issuer: /CN=4593b9ac0a486b0037765d605c8b1c8104046f0a
Certificate serial: 019E6A190C72A829694FC3089298DAAA4560
Authority key identifier: 45:93:B9:AC:0A:48:6B:00:37:76:5D:60:5C:8B:1C:81:04:04:6F:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/PwhUXZL6CNCiqFG6X40fxTprwe8.roa
Signing time: Wed 27 May 2026 15:41:26 +0000
ROA not before: Wed 27 May 2026 15:41:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13335
IP address blocks: 144.124.208.0/24 maxlen: 24
144.124.210.0/24 maxlen: 24
144.124.211.0/24 maxlen: 24
144.124.212.0/24 maxlen: 24
144.124.213.0/24 maxlen: 24
144.124.214.0/24 maxlen: 24
158.94.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/RZO5rApIawA3dl1gXIscgQQEbwo.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/RZO5rApIawA3dl1gXIscgQQEbwo.mft
rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6a:19:0c:72:a8:29:69:4f:c3:08:92:98:da:aa:45:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4593b9ac0a486b0037765d605c8b1c8104046f0a
Validity
Not Before: May 27 15:41:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3f08545d92fa08d0a2a851ba5f8d1fc53a6bc1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4f:c7:6f:14:56:24:41:90:83:a6:90:4a:08:
f4:8c:3d:6f:4c:73:91:6d:b5:dd:fe:16:ca:8c:5b:
03:81:d4:51:bf:46:05:d1:b7:75:ba:29:80:65:db:
c5:3b:b0:e0:15:ab:81:8b:ee:fe:19:cf:b2:33:81:
7f:e9:ae:79:86:cd:4b:b0:85:b4:1e:b7:e4:80:d8:
75:d8:bb:17:72:99:4d:2d:9e:10:47:52:5c:45:31:
8d:45:b8:a6:fa:24:56:25:e6:41:e6:6c:84:63:69:
25:e1:9d:8e:66:42:e7:a4:06:6c:59:e1:09:68:d4:
71:0d:52:4e:bc:93:98:70:d3:c5:7e:3a:68:f3:62:
09:de:cd:53:ea:99:49:69:25:95:4c:31:77:c5:e0:
ce:53:23:84:ba:32:12:e7:51:1b:6c:96:6b:4e:61:
8b:3c:73:5b:1b:7c:31:d1:22:e4:d0:7f:d9:13:a1:
77:30:24:f1:79:c5:00:91:4f:5d:96:f0:bf:cc:93:
07:fd:ec:a0:73:47:f2:51:27:2f:15:98:d5:66:d0:
81:b3:db:03:b3:47:97:0a:de:a7:e4:50:cc:75:65:
79:46:ad:38:bd:80:24:80:34:0e:d5:f2:59:fe:dd:
dc:97:53:08:4e:87:2c:1c:79:ee:32:a6:15:db:5d:
f4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:08:54:5D:92:FA:08:D0:A2:A8:51:BA:5F:8D:1F:C5:3A:6B:C1:EF
X509v3 Authority Key Identifier:
keyid:45:93:B9:AC:0A:48:6B:00:37:76:5D:60:5C:8B:1C:81:04:04:6F:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZO5rApIawA3dl1gXIscgQQEbwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/PwhUXZL6CNCiqFG6X40fxTprwe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b0d2-16ba-4d71-a218-43e6bff9a25e/1/RZO5rApIawA3dl1gXIscgQQEbwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.124.208.0/24
144.124.210.0-144.124.214.255
158.94.212.0/24
Signature Algorithm: sha256WithRSAEncryption
39:3a:25:d2:11:db:f9:7f:ad:35:51:d9:4c:3b:ae:b8:4e:1e:
01:e4:ed:20:b0:6b:3e:c4:c9:a1:20:ed:d2:36:0a:28:88:3c:
49:3d:37:b9:4d:2b:f5:2b:c4:95:c5:3e:13:a7:7b:0b:5f:94:
5b:8a:24:3d:47:5c:6f:04:d8:64:50:a8:e3:f5:0b:1c:ad:5c:
55:e7:09:da:61:52:36:90:73:af:76:fa:f7:79:9f:3a:ef:7d:
ac:22:f1:c5:7c:c5:9d:44:ea:6f:29:b1:ab:81:ad:74:0f:d9:
5f:2f:bc:01:fe:b0:fd:c9:3c:61:0a:49:f8:59:3c:34:b0:b6:
9f:50:d4:81:d7:49:60:f9:a2:a8:d0:dd:b7:0f:5c:7a:f5:3e:
73:d0:31:f5:da:e1:1b:6a:39:33:5f:f0:2f:77:84:ee:c2:39:
c2:36:1c:ea:12:03:c9:a7:ce:45:1e:00:4a:5b:53:55:f6:da:
3c:9a:c7:3b:67:a0:bb:fb:37:c7:ba:18:5e:d6:3b:96:bf:a2:
ce:c0:d5:5b:c5:d1:e2:7d:18:ec:1c:d7:b3:f6:fe:39:7d:b9:
d7:5e:6e:d5:07:5c:1c:76:1a:8a:39:78:91:73:7a:63:0d:f7:
70:3e:4b:53:7e:a8:2f:94:ee:4a:79:0d:75:9b:97:ab:17:42:
fd:c5:86:80
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ5qGQxyqClpT8MIkpjaqkVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OTNiOWFjMGE0ODZiMDAzNzc2NWQ2MDVjOGIxYzgxMDQw
NDZmMGEwHhcNMjYwNTI3MTU0MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjA4NTQ1ZDkyZmEwOGQwYTJhODUxYmE1ZjhkMWZjNTNhNmJjMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE/HbxRWJEGQg6aQSgj0jD1vTHOR
bbXd/hbKjFsDgdRRv0YF0bd1uimAZdvFO7DgFauBi+7+Gc+yM4F/6a55hs1LsIW0
HrfkgNh12LsXcplNLZ4QR1JcRTGNRbim+iRWJeZB5myEY2kl4Z2OZkLnpAZsWeEJ
aNRxDVJOvJOYcNPFfjpo82IJ3s1T6plJaSWVTDF3xeDOUyOEujIS51EbbJZrTmGL
PHNbG3wx0SLk0H/ZE6F3MCTxecUAkU9dlvC/zJMH/eygc0fyUScvFZjVZtCBs9sD
s0eXCt6n5FDMdWV5Rq04vYAkgDQO1fJZ/t3cl1MITocsHHnuMqYV2130YQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD8IVF2S+gjQoqhRul+NH8U6a8HvMB8GA1UdIwQY
MBaAFEWTuawKSGsAN3ZdYFyLHIEEBG8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlpPNXJBcElhd0EzZGwxZ1hJc2NnUVFFYndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWIwZDItMTZiYS00ZDcxLWEyMTgt
NDNlNmJmZjlhMjVlLzEvUHdoVVhaTDZDTkNpcUZHNlg0MGZ4VHByd2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWIwZDItMTZiYS00ZDcxLWEyMTgtNDNlNmJmZjlhMjVl
LzEvUlpPNXJBcElhd0EzZGwxZ1hJc2NnUVFFYndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAkHzQMAwD
BAGQfNIDBACQfNYDBACeXtQwDQYJKoZIhvcNAQELBQADggEBADk6JdIR2/l/rTVR
2Uw7rrhOHgHk7SCwaz7EyaEg7dI2CiiIPEk9N7lNK/UrxJXFPhOnewtflFuKJD1H
XG8E2GRQqOP1CxytXFXnCdphUjaQc692+vd5nzrvfawi8cV8xZ1E6m8psauBrXQP
2V8vvAH+sP3JPGEKSfhZPDSwtp9Q1IHXSWD5oqjQ3bcPXHr1PnPQMfXa4RtqOTNf
8C93hO7COcI2HOoSA8mnzkUeAEpbU1X22jyaxztnoLv7N8e6GF7WO5a/os7A1VvF
0eJ9GOwc17P2/jl9uddebtUHXBx2Goo5eJFzemMN93A+S1N+qC+U7kp5DXWbl6sX
Qv3FhoA=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:36:09 2026 by rpki-client