Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/DWvg9H0cQkwglyqLhi1cgqTeLQQ.roa
File: DWvg9H0cQkwglyqLhi1cgqTeLQQ.roa (raw, json)
Hash identifier: s6/nPjU1fhrj96TJrCgdjqsDTFJoK8IP3IfdF8o0RGI=
Subject key identifier: 0D:6B:E0:F4:7D:1C:42:4C:20:97:2A:8B:86:2D:5C:82:A4:DE:2D:04
Certificate issuer: /CN=63883a79789d9f65815292f18d4980ba9c5ed221
Certificate serial: 019F04D8F90692350D51D39B8F891785E79B
Authority key identifier: 63:88:3A:79:78:9D:9F:65:81:52:92:F1:8D:49:80:BA:9C:5E:D2:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y4g6eXidn2WBUpLxjUmAupxe0iE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/DWvg9H0cQkwglyqLhi1cgqTeLQQ.roa
Signing time: Fri 26 Jun 2026 16:52:36 +0000
ROA not before: Fri 26 Jun 2026 16:52:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 262287
IP address blocks: 152.236.10.0/24 maxlen: 24
152.236.13.0/24 maxlen: 24
152.236.19.0/24 maxlen: 24
152.236.22.0/24 maxlen: 24
152.236.23.0/24 maxlen: 24
152.236.29.0/24 maxlen: 24
152.236.32.0/24 maxlen: 24
152.236.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/Y4g6eXidn2WBUpLxjUmAupxe0iE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/Y4g6eXidn2WBUpLxjUmAupxe0iE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y4g6eXidn2WBUpLxjUmAupxe0iE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:04:d8:f9:06:92:35:0d:51:d3:9b:8f:89:17:85:e7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63883a79789d9f65815292f18d4980ba9c5ed221
Validity
Not Before: Jun 26 16:52:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0d6be0f47d1c424c20972a8b862d5c82a4de2d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c4:1a:6f:0d:53:c7:a7:18:0f:b4:ab:26:f8:
b5:ef:f4:ba:4d:68:10:70:23:8b:e2:2c:ab:93:dd:
7f:2f:c1:9e:0a:4a:d8:96:62:9d:06:97:1d:7e:97:
83:3b:ca:24:a9:f3:d0:f7:65:5c:12:29:59:dd:b2:
7f:ea:5f:ac:b2:ba:a8:dc:ca:f5:08:1d:47:f7:cc:
e1:9a:0b:07:36:b5:c9:9f:0a:9a:d3:c4:69:e7:ab:
2f:b7:dc:9b:e6:cd:a4:e4:a1:5d:8b:ed:9b:1f:f2:
fc:6b:42:68:d8:63:e7:15:5b:9e:bf:09:8c:66:11:
fd:50:7c:26:5e:6c:4e:9e:f6:72:7c:db:87:49:5b:
41:fa:4d:41:89:b1:19:2f:a9:1b:15:ef:e4:8b:ea:
f3:91:27:cf:be:00:aa:37:a9:93:a2:ea:fc:69:18:
70:2b:7c:d5:29:54:50:5c:c2:70:93:58:39:c5:8b:
0d:b1:65:a3:05:6e:9e:84:d3:67:d7:d1:35:63:42:
17:7b:bd:a4:7d:41:21:27:89:ec:ec:93:35:da:2f:
f3:01:2a:2c:d9:a0:9b:1b:6b:28:05:75:7d:ac:83:
10:d8:d8:11:2c:61:d6:ed:11:d5:d2:90:f9:af:55:
da:ae:3b:e5:9d:b5:2e:07:8b:03:cd:e1:40:7d:40:
82:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6B:E0:F4:7D:1C:42:4C:20:97:2A:8B:86:2D:5C:82:A4:DE:2D:04
X509v3 Authority Key Identifier:
keyid:63:88:3A:79:78:9D:9F:65:81:52:92:F1:8D:49:80:BA:9C:5E:D2:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y4g6eXidn2WBUpLxjUmAupxe0iE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/DWvg9H0cQkwglyqLhi1cgqTeLQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/Y4g6eXidn2WBUpLxjUmAupxe0iE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.236.10.0/24
152.236.13.0/24
152.236.19.0/24
152.236.22.0/23
152.236.29.0/24
152.236.32.0/24
152.236.34.0/24
Signature Algorithm: sha256WithRSAEncryption
28:da:4c:72:82:cf:9b:75:0a:2c:55:15:44:32:b0:3b:70:63:
0c:c7:60:bf:8f:47:56:32:2e:35:3b:69:3f:e9:c4:f4:f4:73:
e2:5c:b8:4b:64:6f:27:40:b8:69:01:99:b7:99:dc:a0:d7:40:
7f:a7:40:7c:3c:d5:2f:01:26:94:8f:8a:e5:1b:f1:4b:0a:9f:
f4:bf:06:ee:0a:b4:3d:58:db:da:40:89:b8:30:91:d4:db:2f:
8f:b5:1e:80:91:19:9e:96:a0:d5:20:be:a4:61:1d:2d:62:d6:
12:f1:1a:2c:15:c6:2a:a4:fe:3c:f0:09:12:5c:0a:74:4e:9f:
c0:08:fa:31:a9:ad:9c:f0:0a:af:88:b8:22:e1:cb:f1:d3:84:
c5:1c:95:5f:14:c1:49:d9:e8:8d:86:3e:0f:82:bc:17:43:16:
c4:f3:8f:64:3f:9a:3e:23:13:0f:18:ab:93:aa:56:73:e7:d7:
30:78:a4:8f:43:5a:65:86:8f:af:60:af:b5:7b:bf:ab:4a:db:
ba:e8:50:f6:21:4a:cb:fb:34:66:30:99:65:34:98:ba:a7:a8:
bb:20:86:29:5d:f7:a5:5f:55:ca:4e:0f:b7:52:08:0d:5d:c5:
e1:78:09:ed:0d:5c:a7:9d:3a:c7:64:de:d3:29:0e:ab:37:2a:
f1:dc:dc:f3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ8E2PkGkjUNUdObj4kXheebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzODgzYTc5Nzg5ZDlmNjU4MTUyOTJmMThkNDk4MGJhOWM1
ZWQyMjEwHhcNMjYwNjI2MTY1MjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDZiZTBmNDdkMWM0MjRjMjA5NzJhOGI4NjJkNWM4MmE0ZGUyZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycQabw1Tx6cYD7SrJvi17/S6TWgQ
cCOL4iyrk91/L8GeCkrYlmKdBpcdfpeDO8okqfPQ92VcEilZ3bJ/6l+ssrqo3Mr1
CB1H98zhmgsHNrXJnwqa08Rp56svt9yb5s2k5KFdi+2bH/L8a0Jo2GPnFVuevwmM
ZhH9UHwmXmxOnvZyfNuHSVtB+k1BibEZL6kbFe/ki+rzkSfPvgCqN6mTour8aRhw
K3zVKVRQXMJwk1g5xYsNsWWjBW6ehNNn19E1Y0IXe72kfUEhJ4ns7JM12i/zASos
2aCbG2soBXV9rIMQ2NgRLGHW7RHV0pD5r1XarjvlnbUuB4sDzeFAfUCCOwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFA1r4PR9HEJMIJcqi4YtXIKk3i0EMB8GA1UdIwQY
MBaAFGOIOnl4nZ9lgVKS8Y1JgLqcXtIhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTRnNmVYaWRuMldCVXBMeGpVbUF1cHhlMGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jYTAyMjgtNTdlZS00ZjY1LTk2MmYt
MzVkMDU5NWUxMmYwLzEvRFd2ZzlIMGNRa3dnbHlxTGhpMWNncVRlTFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jYTAyMjgtNTdlZS00ZjY1LTk2MmYtMzVkMDU5NWUxMmYw
LzEvWTRnNmVYaWRuMldCVXBMeGpVbUF1cHhlMGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAmOwKAwQA
mOwNAwQAmOwTAwQBmOwWAwQAmOwdAwQAmOwgAwQAmOwiMA0GCSqGSIb3DQEBCwUA
A4IBAQAo2kxygs+bdQosVRVEMrA7cGMMx2C/j0dWMi41O2k/6cT09HPiXLhLZG8n
QLhpAZm3mdyg10B/p0B8PNUvASaUj4rlG/FLCp/0vwbuCrQ9WNvaQIm4MJHU2y+P
tR6AkRmelqDVIL6kYR0tYtYS8RosFcYqpP488AkSXAp0Tp/ACPoxqa2c8AqviLgi
4cvx04TFHJVfFMFJ2eiNhj4PgrwXQxbE849kP5o+IxMPGKuTqlZz59cweKSPQ1pl
ho+vYK+1e7+rStu66FD2IUrL+zRmMJllNJi6p6i7IIYpXfelX1XKTg+3UggNXcXh
eAntDVynnTrHZN7TKQ6rNyrx3Nzz
-----END CERTIFICATE-----
Generated at Sun Jun 28 00:18:58 2026 by rpki-client