Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/wGdRygE-fmgjVb0SpyM3zQsToW4.roa
File: wGdRygE-fmgjVb0SpyM3zQsToW4.roa (raw, json)
Hash identifier: 19ukp1DAWjDvOdfTj9qpU+4n20x2xbaE610z2YyRIrg=
Subject key identifier: C0:67:51:CA:01:3E:7E:68:23:55:BD:12:A7:23:37:CD:0B:13:A1:6E
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019DB8EA2ACA006EF76139E7B9DC992A11C2
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/wGdRygE-fmgjVb0SpyM3zQsToW4.roa
Signing time: Thu 23 Apr 2026 05:57:27 +0000
ROA not before: Thu 23 Apr 2026 05:57:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402187
IP address blocks: 147.90.229.0/24 maxlen: 24
158.173.215.0/24 maxlen: 24
158.173.220.0/24 maxlen: 24
158.173.221.0/24 maxlen: 24
158.173.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Apr 2026 12:24:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b8:ea:2a:ca:00:6e:f7:61:39:e7:b9:dc:99:2a:11:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 23 05:57:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c06751ca013e7e682355bd12a72337cd0b13a16e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b6:9a:6b:4d:a6:7b:f0:d0:dd:b5:cb:1d:9c:
cc:65:df:bd:c5:7a:db:6c:cb:1f:73:23:63:e9:54:
bf:21:a4:9e:2b:11:8a:c8:e8:2e:18:3e:b4:53:eb:
b6:18:c2:04:30:6b:5d:32:15:fc:8b:f6:85:37:ff:
1f:c4:74:65:d1:28:a3:94:97:78:e5:d5:1c:98:91:
85:9d:f7:3a:12:04:68:47:71:c7:3f:ad:e0:ac:f4:
5d:4d:af:8f:e4:76:59:38:c9:6e:fa:8d:84:a9:ad:
d9:21:b3:bb:fd:34:76:2c:8f:4f:95:a3:f0:09:a0:
02:56:c7:e7:83:9e:ae:d0:3e:d3:42:1a:b2:71:6c:
b0:16:09:ea:48:0c:67:60:54:9b:b0:ac:eb:64:9d:
79:29:64:dc:e1:68:f2:87:6a:a7:46:d0:19:90:ef:
c5:8c:8b:7d:5d:ad:b8:60:80:e9:8c:8a:21:2e:39:
b3:5e:af:26:42:12:e9:38:ac:18:f4:97:79:38:74:
0d:75:cd:36:1f:5f:a8:ca:bd:d1:6e:88:e3:06:a8:
d2:7a:52:8f:ba:0e:b9:d9:e1:2f:9f:24:f5:86:17:
9b:87:93:2e:02:af:55:ef:1e:da:51:a6:ce:51:25:
3a:35:f2:49:bd:4b:23:f8:be:20:ca:54:c0:07:15:
d5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:67:51:CA:01:3E:7E:68:23:55:BD:12:A7:23:37:CD:0B:13:A1:6E
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/wGdRygE-fmgjVb0SpyM3zQsToW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.229.0/24
158.173.215.0/24
158.173.220.0-158.173.222.255
Signature Algorithm: sha256WithRSAEncryption
ba:07:0e:e6:79:68:cc:ea:af:4b:fe:33:1b:84:68:a7:94:cc:
3a:c8:24:5b:fe:52:35:14:7f:c9:35:dc:2d:f1:a8:38:20:61:
0e:c0:14:6a:db:56:fe:78:a8:35:b2:1f:a7:99:a8:01:25:66:
94:86:7e:2d:ab:33:a7:15:db:65:bf:5c:97:d6:5c:b2:03:70:
37:45:60:d1:3a:14:e8:1e:37:0f:6d:c0:d1:a1:70:79:0b:63:
68:41:46:52:5e:0e:0f:89:47:ac:04:fb:b0:bb:87:1e:16:84:
ac:f4:b5:f4:ed:dd:b9:91:81:7f:43:40:72:74:af:6f:bb:c7:
6f:cc:bf:90:8b:f9:a3:0b:06:78:8a:46:12:5c:2a:70:bf:62:
ba:83:fc:e4:1f:ff:76:85:6c:bf:d3:90:33:3e:13:e6:95:c8:
03:9a:27:80:ba:88:57:f9:e6:9e:1e:12:72:53:a6:72:f4:f8:
fc:57:dc:3a:e7:6e:5d:41:04:bf:07:08:b7:59:53:42:a0:c4:
eb:19:b0:81:32:f4:80:d5:9c:14:aa:23:d0:6a:a6:9d:e5:31:
73:b6:bb:39:dd:70:42:2c:10:ca:01:8d:ae:3c:33:cc:46:fc:
c5:d0:37:72:c8:91:72:4a:60:2a:6b:96:81:8b:63:dd:a0:c9:
f6:88:a1:57
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ246irKAG73YTnnudyZKhHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNDIzMDU1NzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDY3NTFjYTAxM2U3ZTY4MjM1NWJkMTJhNzIzMzdjZDBiMTNhMTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybaaa02me/DQ3bXLHZzMZd+9xXrb
bMsfcyNj6VS/IaSeKxGKyOguGD60U+u2GMIEMGtdMhX8i/aFN/8fxHRl0SijlJd4
5dUcmJGFnfc6EgRoR3HHP63grPRdTa+P5HZZOMlu+o2Eqa3ZIbO7/TR2LI9PlaPw
CaACVsfng56u0D7TQhqycWywFgnqSAxnYFSbsKzrZJ15KWTc4Wjyh2qnRtAZkO/F
jIt9Xa24YIDpjIohLjmzXq8mQhLpOKwY9Jd5OHQNdc02H1+oyr3RbojjBqjSelKP
ug652eEvnyT1hhebh5MuAq9V7x7aUabOUSU6NfJJvUsj+L4gylTABxXVkwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMBnUcoBPn5oI1W9EqcjN80LE6FuMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvd0dkUnlnRS1mbWdqVmIwU3B5TTN6UXNUb1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAk1rlAwQA
nq3XMAwDBAKerdwDBACerd4wDQYJKoZIhvcNAQELBQADggEBALoHDuZ5aMzqr0v+
MxuEaKeUzDrIJFv+UjUUf8k13C3xqDggYQ7AFGrbVv54qDWyH6eZqAElZpSGfi2r
M6cV22W/XJfWXLIDcDdFYNE6FOgeNw9twNGhcHkLY2hBRlJeDg+JR6wE+7C7hx4W
hKz0tfTt3bmRgX9DQHJ0r2+7x2/Mv5CL+aMLBniKRhJcKnC/YrqD/OQf/3aFbL/T
kDM+E+aVyAOaJ4C6iFf55p4eEnJTpnL0+PxX3Drnbl1BBL8HCLdZU0KgxOsZsIEy
9IDVnBSqI9Bqpp3lMXO2uzndcEIsEMoBja48M8xG/MXQN3LIkXJKYCprloGLY92g
yfaIoVc=
-----END CERTIFICATE-----
Generated at Fri Apr 24 20:31:26 2026 by rpki-client