Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/weflHqQtyVZj_uEu1DLHJx2rH64.roa
File: weflHqQtyVZj_uEu1DLHJx2rH64.roa (raw, json)
Hash identifier: RiutezfBj45sCJfaAk+AyznQ+/ACbk7amdu0+8VwwO4=
Subject key identifier: C1:E7:E5:1E:A4:2D:C9:56:63:FE:E1:2E:D4:32:C7:27:1D:AB:1F:AE
Certificate issuer: /CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Certificate serial: 019E77BCDF1685D5642AB89A0323B11CDCE1
Authority key identifier: 60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/weflHqQtyVZj_uEu1DLHJx2rH64.roa
Signing time: Sat 30 May 2026 07:15:27 +0000
ROA not before: Sat 30 May 2026 07:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 399114
IP address blocks: 94.154.8.0/24 maxlen: 24
135.84.215.0/24 maxlen: 24
135.136.128.0/19 maxlen: 32
135.136.143.0/24 maxlen: 32
135.136.144.0/24 maxlen: 32
178.211.157.0/24 maxlen: 24
185.234.115.0/24 maxlen: 24
207.189.0.0/19 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 04:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:77:bc:df:16:85:d5:64:2a:b8:9a:03:23:b1:1c:dc:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Validity
Not Before: May 30 07:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c1e7e51ea42dc95663fee12ed432c7271dab1fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b8:43:17:08:16:db:51:db:25:a8:53:f6:c1:
31:13:c6:f7:a8:8d:30:2e:d0:d8:95:b3:b9:02:c6:
25:2c:f4:af:89:8f:e6:a5:06:72:db:e3:92:e7:3e:
f5:99:7e:c8:6c:75:4c:d1:8c:81:63:ec:a3:c7:a1:
52:91:ec:41:dc:c2:8c:c8:fb:00:cd:e7:70:14:aa:
b1:8a:5f:6c:97:c1:7a:54:ef:70:4f:e5:07:20:71:
51:66:04:67:9c:c9:f7:e9:b6:08:3e:2a:47:29:a1:
b3:09:09:6c:52:95:cf:34:b7:03:ed:06:39:d0:fd:
71:e7:12:a9:d1:dd:e1:84:2e:86:bb:d0:71:7a:5f:
3f:46:64:cd:b9:bb:c4:4c:85:76:1c:f7:8d:d1:4d:
fd:12:db:e4:5e:c2:0f:92:db:3e:d0:c1:65:b4:69:
90:53:fd:0e:70:96:3d:0e:bf:c4:9b:3e:98:9a:29:
f6:60:1c:52:ff:27:46:e9:91:36:1a:f7:4e:cc:57:
18:44:e0:5d:48:98:64:5f:44:04:98:78:98:8e:e5:
66:95:d2:24:60:e9:5f:e5:f1:1c:5d:d8:02:b5:29:
7e:e4:9a:7b:3c:01:52:c0:aa:57:da:ce:80:48:1a:
88:f8:9b:15:f9:d0:6a:90:d5:df:6c:67:61:80:73:
2e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E7:E5:1E:A4:2D:C9:56:63:FE:E1:2E:D4:32:C7:27:1D:AB:1F:AE
X509v3 Authority Key Identifier:
keyid:60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/weflHqQtyVZj_uEu1DLHJx2rH64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.8.0/24
135.84.215.0/24
135.136.128.0/19
178.211.157.0/24
185.234.115.0/24
207.189.0.0/19
Signature Algorithm: sha256WithRSAEncryption
22:74:d3:55:e6:48:c2:44:67:5a:52:2e:47:df:00:ee:a8:2f:
63:0a:1c:6f:69:c0:9a:ec:b0:c0:4e:ec:29:b6:dd:6c:80:14:
47:07:46:c9:9f:74:ca:c4:4a:61:76:2d:8e:b8:4e:be:99:a9:
28:3d:a4:ee:9c:5e:40:19:d6:5e:8d:43:25:4c:52:0c:d2:8a:
2b:98:07:89:f1:6a:59:19:6e:b7:89:f4:83:b8:a0:cb:7d:2e:
8e:ed:37:96:cc:01:21:2f:42:6c:1b:f5:01:d9:28:db:28:fa:
de:63:b4:29:9c:f8:36:5d:64:31:f6:ce:f1:4d:4b:ab:32:b5:
66:dd:98:35:22:ab:e6:d7:38:cc:ed:11:a6:e5:d0:b2:f3:92:
ad:17:af:b8:10:1a:5e:c4:75:3e:0e:8d:05:f3:83:28:14:e8:
8a:39:db:17:b8:41:26:15:30:18:b6:a4:4c:17:7c:28:5a:0e:
9a:d0:86:dc:bb:e9:0f:c3:ee:24:80:05:ee:a6:4e:0d:05:f9:
94:4d:74:42:f3:a9:df:4c:eb:d0:52:5f:1c:69:0c:02:31:11:
0b:58:b9:2c:65:94:a8:76:41:50:e8:f3:8c:fc:d6:34:c6:aa:
62:32:2c:de:7f:3f:00:cd:70:19:a9:de:ee:df:03:b6:4f:b4:
4d:31:a0:9e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ53vN8WhdVkKriaAyOxHNzhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTU0MGNlNDUwNDU2MzQ1ZWM4ZTA5OGVmNGY1MzYzNGQ3
NGJmMWYwHhcNMjYwNTMwMDcxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU3ZTUxZWE0MmRjOTU2NjNmZWUxMmVkNDMyYzcyNzFkYWIxZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrhDFwgW21HbJahT9sExE8b3qI0w
LtDYlbO5AsYlLPSviY/mpQZy2+OS5z71mX7IbHVM0YyBY+yjx6FSkexB3MKMyPsA
zedwFKqxil9sl8F6VO9wT+UHIHFRZgRnnMn36bYIPipHKaGzCQlsUpXPNLcD7QY5
0P1x5xKp0d3hhC6Gu9Bxel8/RmTNubvETIV2HPeN0U39EtvkXsIPkts+0MFltGmQ
U/0OcJY9Dr/Emz6Ymin2YBxS/ydG6ZE2GvdOzFcYROBdSJhkX0QEmHiYjuVmldIk
YOlf5fEcXdgCtSl+5Jp7PAFSwKpX2s6ASBqI+JsV+dBqkNXfbGdhgHMuIQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMHn5R6kLclWY/7hLtQyxycdqx+uMB8GA1UdIwQY
MBaAFGClQM5FBFY0XsjgmO9PU2NNdL8fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEt
ZTQ3MzUzMWY2ZmU4LzEvd2VmbEhxUXR5VlpqX3VFdTFETEhKeDJySDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEtZTQ3MzUzMWY2ZmU4
LzEvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXpoIAwQA
h1TXAwQFh4iAAwQAstOdAwQAuepzAwQFz70AMA0GCSqGSIb3DQEBCwUAA4IBAQAi
dNNV5kjCRGdaUi5H3wDuqC9jChxvacCa7LDATuwptt1sgBRHB0bJn3TKxEphdi2O
uE6+makoPaTunF5AGdZejUMlTFIM0oormAeJ8WpZGW63ifSDuKDLfS6O7TeWzAEh
L0JsG/UB2SjbKPreY7QpnPg2XWQx9s7xTUurMrVm3Zg1Iqvm1zjM7RGm5dCy85Kt
F6+4EBpexHU+Do0F84MoFOiKOdsXuEEmFTAYtqRMF3woWg6a0Ibcu+kPw+4kgAXu
pk4NBfmUTXRC86nfTOvQUl8caQwCMRELWLksZZSodkFQ6POM/NY0xqpiMizefz8A
zXAZqd7u3wO2T7RNMaCe
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:00:09 2026 by rpki-client