Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wjFZTvFQ0fCp0M9GzAyvNX61pTE.roa
File: wjFZTvFQ0fCp0M9GzAyvNX61pTE.roa (raw, json)
Hash identifier: pQVcBYhMzepo5RcL0iMoG7RPtPhcz7u/evJfkoV6w84=
Subject key identifier: C2:31:59:4E:F1:50:D1:F0:A9:D0:CF:46:CC:0C:AF:35:7E:B5:A5:31
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019CB7E50BBB75E36213D03DD9202380A1E8
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wjFZTvFQ0fCp0M9GzAyvNX61pTE.roa
Signing time: Wed 04 Mar 2026 08:09:27 +0000
ROA not before: Wed 04 Mar 2026 08:09:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60949
IP address blocks: 89.34.26.0/24 maxlen: 24
89.42.84.0/24 maxlen: 24
89.42.94.0/24 maxlen: 24
89.47.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 14:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b7:e5:0b:bb:75:e3:62:13:d0:3d:d9:20:23:80:a1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 4 08:09:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c231594ef150d1f0a9d0cf46cc0caf357eb5a531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d0:b1:43:33:a9:32:50:4e:09:30:06:5b:d1:
8e:aa:af:ee:d3:92:95:67:9a:31:7b:fa:ca:be:8b:
d9:58:7c:ce:4e:4f:cd:85:d7:eb:40:e4:7a:fc:a2:
fb:2b:fe:bf:ec:d8:45:59:51:66:4c:0c:02:c8:b7:
0b:db:22:11:95:7f:be:f3:f6:db:b8:97:61:66:fa:
10:e2:41:92:ac:d3:08:4d:78:4f:1f:cd:93:78:47:
b1:00:3e:43:24:ee:ac:9e:d7:21:9c:0e:0a:2f:24:
de:fe:c6:63:af:05:a1:63:06:0c:e0:5f:e0:ba:0b:
09:ad:eb:c8:e7:66:87:d4:23:ec:9a:4d:df:ba:6c:
f4:cc:e4:c8:ac:19:b9:19:13:4f:00:4c:61:32:da:
2f:68:7d:91:3e:6f:78:ca:e4:6c:bb:cb:1c:97:94:
92:f1:50:5a:a1:6b:38:04:18:74:7d:ca:66:af:da:
38:a7:8a:1d:81:b9:85:43:06:da:4c:8d:a5:75:56:
07:2e:f1:ad:bf:9b:56:98:d8:90:5a:53:81:24:4f:
c4:91:74:a0:bf:bd:63:89:ea:16:c5:4c:a3:7e:9b:
7c:3c:71:8a:b3:a7:e7:3f:7b:62:e6:9f:26:9e:b0:
ea:c0:9b:04:37:54:08:f3:62:a3:2d:6b:b1:bf:5c:
d0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:31:59:4E:F1:50:D1:F0:A9:D0:CF:46:CC:0C:AF:35:7E:B5:A5:31
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wjFZTvFQ0fCp0M9GzAyvNX61pTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.26.0/24
89.42.84.0/24
89.42.94.0/24
89.47.112.0/24
Signature Algorithm: sha256WithRSAEncryption
67:12:89:f4:b5:9e:fd:82:41:e7:8b:6f:fb:65:d2:5c:00:6f:
e1:5f:e7:3b:f8:a5:65:f9:b3:07:b7:cf:65:c1:32:d7:59:1d:
53:2b:a8:34:33:56:23:a1:d3:f5:a1:56:cd:a4:43:12:88:6c:
3c:3f:82:0d:24:a6:b2:82:6b:cf:6b:13:5d:2b:7e:34:32:99:
ce:2e:42:bb:3b:b2:87:d8:95:83:17:e4:88:80:69:be:ab:82:
6e:04:81:5c:94:50:e7:cf:9c:c2:20:f7:b3:a4:a5:05:69:5f:
a2:44:3f:f0:62:9b:c3:32:20:86:9a:5b:90:fa:13:6c:2b:da:
f4:50:8f:d3:3f:c6:f0:b1:50:a2:4e:d8:4b:18:a2:8b:63:5b:
92:e7:8a:8f:3a:7e:b5:7e:20:02:df:a1:d6:1a:86:9b:ae:0f:
21:4b:88:cb:7d:55:d4:74:a2:25:20:f3:4f:88:f2:5b:69:56:
6e:d5:80:af:a2:00:23:2a:52:4c:0b:d0:a8:d1:46:22:09:be:
9a:b6:d1:3f:fb:5d:31:3b:aa:d2:4f:aa:82:67:f4:e3:20:28:
f7:41:ff:aa:fc:8b:bd:14:e3:9f:1d:10:52:96:35:1a:cc:72:
60:e3:ce:0d:9f:87:6f:d1:77:f1:e6:51:35:eb:94:b5:3c:77:
35:f7:5a:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZy35Qu7deNiE9A92SAjgKHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjYwMzA0MDgwOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjMxNTk0ZWYxNTBkMWYwYTlkMGNmNDZjYzBjYWYzNTdlYjVhNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdCxQzOpMlBOCTAGW9GOqq/u05KV
Z5oxe/rKvovZWHzOTk/NhdfrQOR6/KL7K/6/7NhFWVFmTAwCyLcL2yIRlX++8/bb
uJdhZvoQ4kGSrNMITXhPH82TeEexAD5DJO6sntchnA4KLyTe/sZjrwWhYwYM4F/g
ugsJrevI52aH1CPsmk3fumz0zOTIrBm5GRNPAExhMtovaH2RPm94yuRsu8scl5SS
8VBaoWs4BBh0fcpmr9o4p4odgbmFQwbaTI2ldVYHLvGtv5tWmNiQWlOBJE/EkXSg
v71jieoWxUyjfpt8PHGKs6fnP3ti5p8mnrDqwJsEN1QI82KjLWuxv1zQ3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMIxWU7xUNHwqdDPRswMrzV+taUxMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvd2pGWlR2RlEwZkNwME05R3pBeXZOWDYxcFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSIaAwQA
WSpUAwQAWSpeAwQAWS9wMA0GCSqGSIb3DQEBCwUAA4IBAQBnEon0tZ79gkHni2/7
ZdJcAG/hX+c7+KVl+bMHt89lwTLXWR1TK6g0M1YjodP1oVbNpEMSiGw8P4INJKay
gmvPaxNdK340MpnOLkK7O7KH2JWDF+SIgGm+q4JuBIFclFDnz5zCIPezpKUFaV+i
RD/wYpvDMiCGmluQ+hNsK9r0UI/TP8bwsVCiTthLGKKLY1uS54qPOn61fiAC36HW
Goabrg8hS4jLfVXUdKIlIPNPiPJbaVZu1YCvogAjKlJMC9Co0UYiCb6attE/+10x
O6rST6qCZ/TjICj3Qf+q/Iu9FOOfHRBSljUazHJg484Nn4dv0Xfx5lE165S1PHc1
91qd
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:39:18 2026 by rpki-client