Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/wVwRBBKg_qqmE6JkJB31A40WjNE.roa
File: wVwRBBKg_qqmE6JkJB31A40WjNE.roa (raw, json)
Hash identifier: OA9hvxpthES0XysRM/F/5Ylo/8d1Xr+Owhaboeq5evA=
Subject key identifier: C1:5C:11:04:12:A0:FE:AA:A6:13:A2:64:24:1D:F5:03:8D:16:8C:D1
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019C9EAE93D42FA42734DEFBD62F08D4C535
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/wVwRBBKg_qqmE6JkJB31A40WjNE.roa
Signing time: Fri 27 Feb 2026 10:39:27 +0000
ROA not before: Fri 27 Feb 2026 10:39:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39855
IP address blocks: 168.199.1.0/24 maxlen: 24
168.199.2.0/23 maxlen: 24
168.199.5.0/24 maxlen: 24
168.199.6.0/23 maxlen: 24
168.199.9.0/24 maxlen: 24
168.199.10.0/23 maxlen: 24
168.199.13.0/24 maxlen: 24
168.199.14.0/23 maxlen: 24
168.199.17.0/24 maxlen: 24
168.199.22.0/23 maxlen: 24
168.199.24.0/24 maxlen: 24
168.199.25.0/24 maxlen: 24
168.199.26.0/24 maxlen: 24
168.199.27.0/24 maxlen: 24
168.199.28.0/24 maxlen: 24
168.199.29.0/24 maxlen: 24
168.199.30.0/24 maxlen: 24
168.199.31.0/24 maxlen: 24
168.199.32.0/24 maxlen: 24
168.199.33.0/24 maxlen: 24
168.199.34.0/24 maxlen: 24
168.199.35.0/24 maxlen: 24
168.199.36.0/24 maxlen: 24
168.199.37.0/24 maxlen: 24
168.199.38.0/24 maxlen: 24
168.199.39.0/24 maxlen: 24
168.199.40.0/24 maxlen: 24
168.199.41.0/24 maxlen: 24
168.199.42.0/24 maxlen: 24
168.199.43.0/24 maxlen: 24
168.199.44.0/24 maxlen: 24
168.199.45.0/24 maxlen: 24
168.199.46.0/24 maxlen: 24
168.199.47.0/24 maxlen: 24
168.199.48.0/23 maxlen: 24
168.199.51.0/24 maxlen: 24
168.199.52.0/23 maxlen: 24
168.199.55.0/24 maxlen: 24
168.199.56.0/23 maxlen: 24
168.199.59.0/24 maxlen: 24
168.199.60.0/23 maxlen: 24
168.199.63.0/24 maxlen: 24
168.199.96.0/24 maxlen: 24
168.199.97.0/24 maxlen: 24
168.199.98.0/24 maxlen: 24
168.199.99.0/24 maxlen: 24
168.199.100.0/24 maxlen: 24
168.199.101.0/24 maxlen: 24
168.199.102.0/24 maxlen: 24
168.199.103.0/24 maxlen: 24
168.199.104.0/24 maxlen: 24
168.199.105.0/24 maxlen: 24
168.199.106.0/24 maxlen: 24
168.199.107.0/24 maxlen: 24
168.199.108.0/24 maxlen: 24
168.199.109.0/24 maxlen: 24
168.199.110.0/24 maxlen: 24
168.199.111.0/24 maxlen: 24
168.199.112.0/23 maxlen: 24
168.199.115.0/24 maxlen: 24
168.199.116.0/23 maxlen: 24
168.199.119.0/24 maxlen: 24
168.199.120.0/23 maxlen: 24
168.199.123.0/24 maxlen: 24
168.199.124.0/23 maxlen: 24
168.199.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Feb 2026 16:45:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:ae:93:d4:2f:a4:27:34:de:fb:d6:2f:08:d4:c5:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Feb 27 10:39:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c15c110412a0feaaa613a264241df5038d168cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:14:7c:01:b5:28:e5:44:31:88:24:cb:6a:3b:
76:23:20:fc:97:45:8e:04:3b:14:02:e2:8c:62:90:
da:c7:b3:74:b6:e2:cd:e4:d3:cb:ae:11:0e:64:05:
93:21:c2:dd:eb:85:4c:1e:57:e4:b3:b8:6a:d3:89:
f2:5c:d8:ec:d6:b2:5d:38:ed:34:8a:45:55:30:d4:
7e:5e:92:80:89:32:e2:d2:08:0f:bb:46:65:60:c2:
36:49:ba:51:a0:20:23:7a:9c:fe:48:9d:02:cc:39:
14:0e:d4:a8:e9:f8:5d:c8:2d:39:c0:19:b3:db:1f:
47:54:ba:75:b1:ca:00:5f:ae:be:e9:15:a6:b1:ff:
31:31:bb:4c:36:90:74:71:de:52:99:b2:20:32:c9:
af:96:f9:f0:28:c7:d6:d0:ec:b5:cd:6a:a9:bc:53:
40:c6:ee:af:2e:64:95:8b:5c:ee:8a:8e:89:74:0a:
a7:0b:9a:8c:ca:20:73:fe:a2:5c:02:0e:6e:20:89:
90:14:7d:9f:99:2b:66:77:33:63:87:7b:bd:c7:40:
28:3e:27:2a:8c:e6:89:67:c5:61:5c:de:f2:45:9b:
67:cc:19:2c:42:da:95:74:45:e6:60:6f:aa:36:65:
a8:6a:de:40:b7:9f:49:d6:e3:19:46:d4:3f:77:2a:
ae:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:5C:11:04:12:A0:FE:AA:A6:13:A2:64:24:1D:F5:03:8D:16:8C:D1
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/wVwRBBKg_qqmE6JkJB31A40WjNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.1.0-168.199.3.255
168.199.5.0-168.199.7.255
168.199.9.0-168.199.11.255
168.199.13.0-168.199.15.255
168.199.17.0/24
168.199.22.0-168.199.49.255
168.199.51.0-168.199.53.255
168.199.55.0-168.199.57.255
168.199.59.0-168.199.61.255
168.199.63.0/24
168.199.96.0-168.199.113.255
168.199.115.0-168.199.117.255
168.199.119.0-168.199.121.255
168.199.123.0-168.199.125.255
168.199.127.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:74:82:0e:f3:b6:78:b8:37:cf:1a:24:5f:75:b7:7a:8b:68:
cd:2e:71:5a:49:f0:9f:6b:40:59:33:eb:b0:a6:f8:f6:92:86:
51:2b:c2:6e:b2:3d:d8:d3:3d:9f:08:d8:e7:f4:6a:93:aa:9a:
65:74:f1:48:d3:ef:1c:fe:56:2c:5a:1d:ae:5e:38:6c:34:24:
59:a9:f4:90:66:87:b8:b1:5e:c0:a0:c7:6a:0e:4e:11:28:02:
3b:20:67:3e:7f:46:61:63:d0:a8:c1:80:c5:61:23:01:a1:96:
64:a5:a7:5d:94:65:b8:c2:02:30:9d:6c:43:1b:7b:48:e6:30:
83:64:4d:80:18:2f:99:3f:0b:33:1e:85:1b:6c:ef:cc:2e:94:
b5:5c:82:61:b5:28:29:1b:68:18:06:67:51:65:5b:53:5f:0e:
81:03:0a:49:1e:4d:dc:21:5f:02:94:a0:b0:0f:65:d1:e4:4f:
54:d9:ad:50:76:11:fa:3e:eb:7e:a3:d0:bb:49:c2:a7:84:46:
93:8a:67:d6:d9:6a:e7:b6:3d:85:ef:23:ca:eb:e4:2b:f7:81:
2b:84:a4:6f:7d:39:9c:01:25:73:2f:e5:3a:4b:96:00:05:73:
cf:0c:c9:f2:ff:4d:fd:06:a6:ec:b5:ec:06:24:17:b8:2a:0b:
bc:b7:59:c9
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZyerpPUL6QnNN771i8I1MU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjYwMjI3MTAzOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTVjMTEwNDEyYTBmZWFhYTYxM2EyNjQyNDFkZjUwMzhkMTY4Y2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRR8AbUo5UQxiCTLajt2IyD8l0WO
BDsUAuKMYpDax7N0tuLN5NPLrhEOZAWTIcLd64VMHlfks7hq04nyXNjs1rJdOO00
ikVVMNR+XpKAiTLi0ggPu0ZlYMI2SbpRoCAjepz+SJ0CzDkUDtSo6fhdyC05wBmz
2x9HVLp1scoAX66+6RWmsf8xMbtMNpB0cd5SmbIgMsmvlvnwKMfW0Oy1zWqpvFNA
xu6vLmSVi1zuio6JdAqnC5qMyiBz/qJcAg5uIImQFH2fmStmdzNjh3u9x0AoPicq
jOaJZ8VhXN7yRZtnzBksQtqVdEXmYG+qNmWoat5At59J1uMZRtQ/dyquWwIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFMFcEQQSoP6qphOiZCQd9QONFozRMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvd1Z3UkJCS2dfcXFtRTZKa0pCMzFBNDBXak5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgbowDAME
AKjHAQMEAqjHADAMAwQAqMcFAwQDqMcAMAwDBACoxwkDBAKoxwgwDAMEAKjHDQME
BKjHAAMEAKjHETAMAwQBqMcWAwQBqMcwMAwDBACoxzMDBAGoxzQwDAMEAKjHNwME
AajHODAMAwQAqMc7AwQBqMc8AwQAqMc/MAwDBAWox2ADBAGox3AwDAMEAKjHcwME
AajHdDAMAwQAqMd3AwQBqMd4MAwDBACox3sDBAGox3wDBACox38wDQYJKoZIhvcN
AQELBQADggEBAE50gg7ztni4N88aJF91t3qLaM0ucVpJ8J9rQFkz67Cm+PaShlEr
wm6yPdjTPZ8I2Of0apOqmmV08UjT7xz+VixaHa5eOGw0JFmp9JBmh7ixXsCgx2oO
ThEoAjsgZz5/RmFj0KjBgMVhIwGhlmSlp12UZbjCAjCdbEMbe0jmMINkTYAYL5k/
CzMehRts78wulLVcgmG1KCkbaBgGZ1FlW1NfDoEDCkkeTdwhXwKUoLAPZdHkT1TZ
rVB2Efo+636j0LtJwqeERpOKZ9bZaue2PYXvI8rr5Cv3gSuEpG99OZwBJXMv5TpL
lgAFc88MyfL/Tf0Gpuy17AYkF7gqC7y3Wck=
-----END CERTIFICATE-----
Generated at Fri Feb 27 22:14:51 2026 by rpki-client