Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/woSGWIKQYj2fwrUpkm3Ix7e4uuI.roa
File: woSGWIKQYj2fwrUpkm3Ix7e4uuI.roa (raw, json)
Hash identifier: +tXPvde6o4N0Lc12WU1uhZdrn1jrPiXBVqSZmgf/BGA=
Subject key identifier: C2:84:86:58:82:90:62:3D:9F:C2:B5:29:92:6D:C8:C7:B7:B8:BA:E2
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 019E307A38B97EF85BE42D4AF411183DB7B9
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/woSGWIKQYj2fwrUpkm3Ix7e4uuI.roa
Signing time: Sat 16 May 2026 11:09:36 +0000
ROA not before: Sat 16 May 2026 11:09:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50810
IP address blocks: 37.98.104.0/21 maxlen: 22
37.98.112.0/21 maxlen: 24
93.119.208.0/20 maxlen: 24
178.131.0.0/18 maxlen: 24
178.131.64.0/19 maxlen: 22
178.131.96.0/20 maxlen: 22
178.131.112.0/21 maxlen: 22
178.131.128.0/18 maxlen: 24
188.211.0.0/20 maxlen: 24
188.211.15.0/24 maxlen: 24
188.212.240.0/21 maxlen: 24
188.213.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 11:09:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:7a:38:b9:7e:f8:5b:e4:2d:4a:f4:11:18:3d:b7:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: May 16 11:09:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c28486588290623d9fc2b529926dc8c7b7b8bae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:59:61:49:bd:e4:5d:4c:c2:36:ee:d5:2a:9e:
18:c5:f0:b1:a8:3a:21:35:c3:11:68:94:f4:58:86:
25:32:d0:30:6b:96:72:78:e4:f4:59:c7:81:06:9d:
f7:58:ac:f4:4a:1e:9f:4c:98:8f:98:17:96:f9:73:
e6:4a:66:09:fb:05:ef:d5:8e:e4:1a:84:87:71:62:
42:ee:74:25:c4:3c:fe:1f:48:00:63:ff:1d:2e:d9:
cc:78:db:34:57:8c:ee:3c:b8:a6:23:04:bb:9c:2e:
e0:a5:5e:3f:f8:72:32:cc:45:e4:e6:4a:af:fc:7d:
51:71:4f:6f:69:e2:d5:09:25:a9:8f:e5:35:3a:a0:
2d:d4:6a:57:55:4f:f7:38:48:1a:8b:e2:3e:5a:93:
cb:93:31:39:20:74:91:68:c7:e9:95:cd:2b:41:f3:
b9:c7:a1:39:7d:37:82:da:ca:d9:34:04:c4:6f:af:
d4:07:2c:b0:53:e3:22:6e:fb:f7:4b:1b:c0:aa:3e:
f1:e5:06:62:55:b8:c6:71:46:98:ae:c1:a3:fd:32:
3e:3b:76:60:26:04:60:df:43:31:17:d5:98:7f:b8:
7c:c5:b8:fb:ef:12:5e:81:62:1c:80:4f:96:d9:37:
8b:f6:5a:86:f3:b2:db:75:d9:a5:a3:b5:31:dc:ce:
d1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:84:86:58:82:90:62:3D:9F:C2:B5:29:92:6D:C8:C7:B7:B8:BA:E2
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/woSGWIKQYj2fwrUpkm3Ix7e4uuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.104.0-37.98.119.255
93.119.208.0/20
178.131.0.0-178.131.119.255
178.131.128.0/18
188.211.0.0/20
188.212.240.0/21
188.213.192.0/22
Signature Algorithm: sha256WithRSAEncryption
02:8b:f0:b7:9c:27:4d:51:65:de:c4:a2:d7:c6:e3:65:64:db:
01:ae:95:ff:82:11:54:83:0e:ad:a4:1c:b4:53:21:37:42:d6:
e5:3a:8f:0a:f3:e7:79:4c:26:83:41:cf:db:32:4e:31:9e:09:
e6:15:ca:72:83:1b:d4:3b:b4:ee:96:76:89:bc:df:05:dd:41:
05:fe:1b:85:78:1d:91:48:8c:b2:c7:3d:c9:a8:c9:3b:d5:56:
70:90:d7:d4:de:5f:97:1a:a5:91:dd:2b:ae:c7:e0:f5:4f:99:
c8:eb:a4:69:c9:a3:1d:73:6f:91:b0:7d:0b:e6:8c:85:56:a0:
89:25:f7:f4:15:0e:3c:2c:6c:c4:8b:d6:4c:98:e1:a9:92:88:
0e:42:54:ec:22:fd:b0:44:a2:25:2a:47:d4:bf:bf:03:d2:b3:
22:9a:df:94:ee:4f:ee:01:b3:97:5f:a8:eb:0f:78:87:79:10:
64:4f:18:f1:59:4e:3b:ea:cd:9e:16:cc:04:1c:d1:95:61:13:
61:87:43:8f:f6:98:e6:1c:a3:76:5f:9c:61:da:d3:8a:82:53:
f8:25:85:b2:96:ce:bb:1a:27:26:33:b4:74:96:9d:ed:e5:8b:
bd:85:d4:0f:ae:41:ca:00:83:55:ee:c9:66:b1:39:b4:5b:3b:
0a:dd:47:94
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZ4weji5fvhb5C1K9BEYPbe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjYwNTE2MTEwOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjg0ODY1ODgyOTA2MjNkOWZjMmI1Mjk5MjZkYzhjN2I3YjhiYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21lhSb3kXUzCNu7VKp4YxfCxqDoh
NcMRaJT0WIYlMtAwa5ZyeOT0WceBBp33WKz0Sh6fTJiPmBeW+XPmSmYJ+wXv1Y7k
GoSHcWJC7nQlxDz+H0gAY/8dLtnMeNs0V4zuPLimIwS7nC7gpV4/+HIyzEXk5kqv
/H1RcU9vaeLVCSWpj+U1OqAt1GpXVU/3OEgai+I+WpPLkzE5IHSRaMfplc0rQfO5
x6E5fTeC2srZNATEb6/UByywU+Mibvv3SxvAqj7x5QZiVbjGcUaYrsGj/TI+O3Zg
JgRg30MxF9WYf7h8xbj77xJegWIcgE+W2TeL9lqG87Lbddmlo7Ux3M7RKQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMKEhliCkGI9n8K1KZJtyMe3uLriMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvd29TR1dJS1FZajJmd3JVcGttM0l4N2U0dXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAATA5MAwDBAMlYmgD
BAMlYnADBARdd9AwCwMDALKDAwQDsoNwAwQGsoOAAwQEvNMAAwQDvNTwAwQCvNXA
MA0GCSqGSIb3DQEBCwUAA4IBAQACi/C3nCdNUWXexKLXxuNlZNsBrpX/ghFUgw6t
pBy0UyE3QtblOo8K8+d5TCaDQc/bMk4xngnmFcpygxvUO7TulnaJvN8F3UEF/huF
eB2RSIyyxz3JqMk71VZwkNfU3l+XGqWR3Suux+D1T5nI66RpyaMdc2+RsH0L5oyF
VqCJJff0FQ48LGzEi9ZMmOGpkogOQlTsIv2wRKIlKkfUv78D0rMimt+U7k/uAbOX
X6jrD3iHeRBkTxjxWU476s2eFswEHNGVYRNhh0OP9pjmHKN2X5xh2tOKglP4JYWy
ls67GicmM7R0lp3t5Yu9hdQPrkHKAINV7slmsTm0WzsK3UeU
-----END CERTIFICATE-----
Generated at Sat May 16 21:11:24 2026 by rpki-client