Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/WCsF66PA9S1TOale2_gjPHZiFEg.roa
File: WCsF66PA9S1TOale2_gjPHZiFEg.roa (raw, json)
Hash identifier: f4T960+J6F/ksqSdQ9f1iQQLFAEXYjALIzG45UEUz10=
Subject key identifier: 58:2B:05:EB:A3:C0:F5:2D:53:39:A9:5E:DB:F8:23:3C:76:62:14:48
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 019DBBE3E016FCB39B10E836C3E8FEC22861
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/WCsF66PA9S1TOale2_gjPHZiFEg.roa
Signing time: Thu 23 Apr 2026 19:49:26 +0000
ROA not before: Thu 23 Apr 2026 19:49:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62651
IP address blocks: 185.147.212.0/24 maxlen: 24
185.147.213.0/24 maxlen: 24
185.147.214.0/24 maxlen: 24
185.147.215.0/24 maxlen: 24
2a03:efc0:500::/40 maxlen: 40
2a03:efc0:700::/40 maxlen: 40
2a03:efc0:900::/40 maxlen: 40
2a03:efc0:1100::/40 maxlen: 40
2a03:efc0:1500::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2900::/40 maxlen: 40
2a03:efc0:3100::/40 maxlen: 40
2a03:efc0:3300::/40 maxlen: 40
2a03:efc0:3500::/40 maxlen: 40
2a03:efc0:3700::/40 maxlen: 40
2a03:efc0:4100::/40 maxlen: 40
2a03:efc0:5400::/40 maxlen: 40
2a03:efc0:6600::/40 maxlen: 40
2a03:efc0:7200::/40 maxlen: 40
2a03:efc0:7800::/40 maxlen: 40
2a03:efc0:8200::/40 maxlen: 40
2a03:efc0:8600::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bb:e3:e0:16:fc:b3:9b:10:e8:36:c3:e8:fe:c2:28:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Apr 23 19:49:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=582b05eba3c0f52d5339a95edbf8233c76621448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b8:1d:cd:af:6f:39:49:1e:2b:fc:52:99:8f:
2e:10:49:c1:42:4a:a2:e3:87:2b:e7:c1:3b:8b:cb:
c0:9d:e8:5b:74:21:24:4f:a8:a3:44:cf:23:d5:3b:
d2:52:15:a3:2c:7f:e2:59:58:47:d6:d2:f5:89:16:
3a:ca:09:c4:9c:35:e6:cc:38:c3:dd:d2:29:98:a5:
51:e0:07:cc:72:43:8e:53:90:3e:e3:dc:84:0f:2c:
8c:79:8c:ec:83:f8:91:32:d5:de:98:9c:72:ae:e4:
2b:f3:91:78:a7:60:4c:83:5f:a1:e9:45:ca:f1:f7:
2e:95:cb:3c:26:a8:19:6b:08:f6:38:31:43:db:e9:
b4:a9:5c:18:2d:b9:63:29:5f:14:15:ce:d9:0f:28:
11:c3:3d:6a:03:0d:16:90:2b:95:93:6b:b5:ed:f2:
5a:fe:76:7f:06:4d:1f:a8:54:e9:20:55:cc:24:25:
81:50:cd:52:7b:5b:49:0d:d8:d5:6b:bb:f3:48:38:
a1:1f:0c:b3:03:46:d9:29:70:f3:60:9a:2f:c4:2d:
99:2d:7b:f1:d0:4a:29:f8:9d:97:17:0e:2e:8a:ec:
cc:b2:03:41:30:f5:b4:89:aa:f6:1d:c7:e7:1f:bb:
a5:02:43:53:2b:89:5f:99:af:a3:4f:c2:43:04:70:
48:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:2B:05:EB:A3:C0:F5:2D:53:39:A9:5E:DB:F8:23:3C:76:62:14:48
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/WCsF66PA9S1TOale2_gjPHZiFEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.212.0/22
IPv6:
2a03:efc0:500::/40
2a03:efc0:700::/40
2a03:efc0:900::/40
2a03:efc0:1100::/40
2a03:efc0:1500::/40
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
2a03:efc0:2900::/40
2a03:efc0:3100::/40
2a03:efc0:3300::/40
2a03:efc0:3500::/40
2a03:efc0:3700::/40
2a03:efc0:4100::/40
2a03:efc0:5400::/40
2a03:efc0:6600::/40
2a03:efc0:7200::/40
2a03:efc0:7800::/40
2a03:efc0:8200::/40
2a03:efc0:8600::/40
Signature Algorithm: sha256WithRSAEncryption
c2:8c:ed:7d:c8:1c:b9:7c:f2:24:93:a0:b1:ad:cc:7e:95:29:
20:84:20:bb:13:79:a6:65:78:55:0e:9c:e6:04:50:62:40:fa:
dd:5d:4e:a5:58:67:0f:ab:ce:97:ca:22:7b:af:3c:f7:0b:43:
f2:f5:0b:c8:cc:ee:20:42:9c:cc:63:5a:e7:0d:e5:82:ef:11:
b3:18:59:25:0b:4e:00:9d:6c:f3:d5:67:79:8b:eb:71:5f:62:
16:29:ca:9b:aa:98:25:4f:98:2d:8e:61:fe:e9:85:61:40:c9:
8c:b3:49:07:c1:8f:b4:02:b2:8c:57:7c:ba:0f:77:55:9a:5a:
51:b9:96:dc:f5:d3:de:40:66:0d:c6:31:ac:16:46:95:0d:a4:
91:67:11:c9:0f:79:f4:85:d2:d2:b7:75:84:11:69:68:fe:55:
14:ab:5f:38:20:71:7b:64:69:d9:1f:3b:cc:a9:3d:bc:06:4c:
14:da:30:bd:f2:23:9f:a3:54:b5:18:b6:0a:94:f8:7a:2d:6e:
bb:05:ac:f7:b5:06:86:4d:77:22:0d:5b:1b:4c:10:30:85:0e:
0f:8f:41:bd:f8:10:d7:37:69:41:67:61:35:ab:6c:6b:5f:69:
a5:cd:a1:9d:6a:ec:c4:93:0e:b6:f8:de:5a:e4:fc:4b:63:84:
b0:37:78:bf
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZ274+AW/LObEOg2w+j+wihhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjYwNDIzMTk0OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODJiMDVlYmEzYzBmNTJkNTMzOWE5NWVkYmY4MjMzYzc2NjIxNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLgdza9vOUkeK/xSmY8uEEnBQkqi
44cr58E7i8vAnehbdCEkT6ijRM8j1TvSUhWjLH/iWVhH1tL1iRY6ygnEnDXmzDjD
3dIpmKVR4AfMckOOU5A+49yEDyyMeYzsg/iRMtXemJxyruQr85F4p2BMg1+h6UXK
8fculcs8JqgZawj2ODFD2+m0qVwYLbljKV8UFc7ZDygRwz1qAw0WkCuVk2u17fJa
/nZ/Bk0fqFTpIFXMJCWBUM1Se1tJDdjVa7vzSDihHwyzA0bZKXDzYJovxC2ZLXvx
0Eop+J2XFw4uiuzMsgNBMPW0iar2HcfnH7ulAkNTK4lfma+jT8JDBHBI2wIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFFgrBeujwPUtUzmpXtv4Izx2YhRIMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvV0NzRjY2UEE5UzFUT2FsZTJfZ2pQSFppRkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDAMBAIAATAGAwQCuZPU
MIGvBAIAAjCBqAMGACoD78AFAwYAKgPvwAcDBgAqA+/ACQMGACoD78ARAwYAKgPv
wBUDBgAqA+/AFwMGACoD78AjAwYAKgPvwCUDBgAqA+/AJwMGACoD78ApAwYAKgPv
wDEDBgAqA+/AMwMGACoD78A1AwYAKgPvwDcDBgAqA+/AQQMGACoD78BUAwYAKgPv
wGYDBgAqA+/AcgMGACoD78B4AwYAKgPvwIIDBgAqA+/AhjANBgkqhkiG9w0BAQsF
AAOCAQEAwoztfcgcuXzyJJOgsa3MfpUpIIQguxN5pmV4VQ6c5gRQYkD63V1OpVhn
D6vOl8oie6889wtD8vULyMzuIEKczGNa5w3lgu8RsxhZJQtOAJ1s89VneYvrcV9i
FinKm6qYJU+YLY5h/umFYUDJjLNJB8GPtAKyjFd8ug93VZpaUbmW3PXT3kBmDcYx
rBZGlQ2kkWcRyQ959IXS0rd1hBFpaP5VFKtfOCBxe2Rp2R87zKk9vAZMFNowvfIj
n6NUtRi2CpT4ei1uuwWs97UGhk13Ig1bG0wQMIUOD49BvfgQ1zdpQWdhNatsa19p
pc2hnWrsxJMOtvjeWuT8S2OEsDd4vw==
-----END CERTIFICATE-----
Generated at Wed May 6 01:09:10 2026 by rpki-client