Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/WbBFyru6K4YXxI31kbQe5srbl0A.roa
File: WbBFyru6K4YXxI31kbQe5srbl0A.roa (raw, json)
Hash identifier: 3TygJxEv7UrMr1o8h7f7sw0Uur3WVWLCSGcuaFnrWsY=
Subject key identifier: 59:B0:45:CA:BB:BA:2B:86:17:C4:8D:F5:91:B4:1E:E6:CA:DB:97:40
Certificate issuer: /CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Certificate serial: 019DC946B1DAFF52A91F4B35A530E9E892D7
Authority key identifier: 5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/WbBFyru6K4YXxI31kbQe5srbl0A.roa
Signing time: Sun 26 Apr 2026 10:12:26 +0000
ROA not before: Sun 26 Apr 2026 10:12:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214128
IP address blocks: 87.232.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c9:46:b1:da:ff:52:a9:1f:4b:35:a5:30:e9:e8:92:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fe53c0bfc3c8fb56b81191317144443e0e29d25
Validity
Not Before: Apr 26 10:12:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=59b045cabbba2b8617c48df591b41ee6cadb9740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0a:d1:ba:21:43:94:82:fb:61:06:7e:ef:3e:
39:57:b8:40:cc:2f:01:2d:03:8d:72:f7:af:e4:d5:
2d:f3:9d:de:23:73:68:a3:95:92:42:af:0f:c1:46:
69:ff:15:0f:39:67:e9:fe:fb:05:14:29:65:9e:8f:
be:e9:11:6c:83:fd:61:10:4c:1e:dd:c7:17:8c:fc:
0e:70:0e:b6:62:41:13:9a:f0:0c:c1:85:60:af:89:
7d:b3:4a:e4:dc:58:79:61:78:96:0d:07:c3:5e:de:
0a:f2:38:a4:3f:93:ed:f1:4e:ac:72:f8:bf:59:33:
fe:8a:86:af:d6:3f:b2:3a:4d:8d:5a:ac:34:63:f7:
d6:ad:01:26:4e:f9:e6:27:14:b8:94:66:2d:b5:3b:
d9:0b:b3:c0:9a:7c:eb:e0:3d:72:8d:2e:11:30:89:
39:26:39:e3:3b:c1:f7:fa:c0:69:d2:3c:03:9f:01:
d1:77:c9:21:80:0b:83:dc:6a:d5:0c:c5:9c:47:94:
f0:41:8e:f7:30:71:13:cf:64:62:1d:ee:04:64:52:
3a:cc:c7:04:ca:da:eb:7e:42:14:6d:94:b7:04:e0:
2e:09:e5:33:2a:41:6e:33:d3:30:58:eb:36:56:cf:
0e:9e:4f:df:bc:ab:87:1f:b9:3b:d2:80:d3:3b:6a:
e4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B0:45:CA:BB:BA:2B:86:17:C4:8D:F5:91:B4:1E:E6:CA:DB:97:40
X509v3 Authority Key Identifier:
keyid:5F:E5:3C:0B:FC:3C:8F:B5:6B:81:19:13:17:14:44:43:E0:E2:9D:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X-U8C_w8j7VrgRkTFxREQ-DinSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/WbBFyru6K4YXxI31kbQe5srbl0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bc6089-3d90-4529-bb47-5cf56ee435b3/1/X-U8C_w8j7VrgRkTFxREQ-DinSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.232.82.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:82:82:fb:73:18:9f:cd:8b:b1:5b:f6:25:c9:f1:6b:bb:bb:
12:92:11:68:86:22:1b:8e:01:8a:e8:a8:05:27:60:d3:a9:fe:
20:c2:2d:b0:c0:b7:6a:71:ce:d5:c2:ec:fb:82:53:d9:a4:57:
71:ec:37:f8:e4:e1:b5:f6:27:1b:f2:c6:c5:06:41:ef:c2:9a:
7c:24:d1:db:2d:dc:11:b8:30:20:25:6b:37:09:06:09:16:b9:
3a:ba:e0:a0:c2:1e:b6:05:18:1a:c6:77:a7:04:65:3a:73:39:
dc:6f:31:e0:8c:d4:8e:fe:40:e8:11:89:cf:81:4a:c8:61:5f:
a5:5c:16:f1:8a:3e:74:c5:cc:b0:30:c4:65:2e:2a:6f:f1:52:
b8:eb:f9:cc:07:c6:d5:ec:61:cf:fd:dd:19:c7:4f:3a:2f:d5:
98:e7:f2:25:a6:c5:84:4c:65:ba:b4:e6:4d:20:17:e7:f1:37:
90:c0:f2:f8:e7:77:b7:4b:04:a1:0f:83:0c:fc:92:bf:85:c2:
c9:6c:fd:05:e9:43:fa:a6:a9:e3:9f:da:12:aa:45:88:b3:25:
ab:6d:e0:e4:ce:07:0a:17:7b:38:12:81:7f:81:d9:9d:d6:38:
18:4e:36:bb:00:3b:65:e8:93:5f:2d:ca:8a:f5:eb:db:3a:50:
81:c8:a2:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3JRrHa/1KpH0s1pTDp6JLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZTUzYzBiZmMzYzhmYjU2YjgxMTkxMzE3MTQ0NDQzZTBl
MjlkMjUwHhcNMjYwNDI2MTAxMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWIwNDVjYWJiYmEyYjg2MTdjNDhkZjU5MWI0MWVlNmNhZGI5NzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvArRuiFDlIL7YQZ+7z45V7hAzC8B
LQONcvev5NUt853eI3Noo5WSQq8PwUZp/xUPOWfp/vsFFCllno++6RFsg/1hEEwe
3ccXjPwOcA62YkETmvAMwYVgr4l9s0rk3Fh5YXiWDQfDXt4K8jikP5Pt8U6scvi/
WTP+ioav1j+yOk2NWqw0Y/fWrQEmTvnmJxS4lGYttTvZC7PAmnzr4D1yjS4RMIk5
JjnjO8H3+sBp0jwDnwHRd8khgAuD3GrVDMWcR5TwQY73MHETz2RiHe4EZFI6zMcE
ytrrfkIUbZS3BOAuCeUzKkFuM9MwWOs2Vs8Onk/fvKuHH7k70oDTO2rk8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFmwRcq7uiuGF8SN9ZG0HubK25dAMB8GA1UdIwQY
MBaAFF/lPAv8PI+1a4EZExcUREPg4p0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDct
NWNmNTZlZTQzNWIzLzEvV2JCRnlydTZLNFlYeEkzMWtiUWU1c3JibDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iYzYwODktM2Q5MC00NTI5LWJiNDctNWNmNTZlZTQzNWIz
LzEvWC1VOENfdzhqN1ZyZ1JrVEZ4UkVRLURpblNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+hSMA0G
CSqGSIb3DQEBCwUAA4IBAQB+goL7cxifzYuxW/YlyfFru7sSkhFohiIbjgGK6KgF
J2DTqf4gwi2wwLdqcc7Vwuz7glPZpFdx7Df45OG19icb8sbFBkHvwpp8JNHbLdwR
uDAgJWs3CQYJFrk6uuCgwh62BRgaxnenBGU6czncbzHgjNSO/kDoEYnPgUrIYV+l
XBbxij50xcywMMRlLipv8VK46/nMB8bV7GHP/d0Zx086L9WY5/IlpsWETGW6tOZN
IBfn8TeQwPL453e3SwShD4MM/JK/hcLJbP0F6UP6pqnjn9oSqkWIsyWrbeDkzgcK
F3s4EoF/gdmd1jgYTja7ADtl6JNfLcqK9evbOlCByKKG
-----END CERTIFICATE-----
Generated at Mon Apr 27 14:44:35 2026 by rpki-client