Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/wt2DOsIjQpgp2l7Q_pSKwcoRY2E.roa
File: wt2DOsIjQpgp2l7Q_pSKwcoRY2E.roa (raw, json)
Hash identifier: 7AYtG2nFDl4ujZEtKQSAO5TMzop5XFqwAcTcS8bellc=
Subject key identifier: C2:DD:83:3A:C2:23:42:98:29:DA:5E:D0:FE:94:8A:C1:CA:11:63:61
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019DA63A711EA10625CD4DF4B7477D2463DE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/wt2DOsIjQpgp2l7Q_pSKwcoRY2E.roa
Signing time: Sun 19 Apr 2026 14:52:21 +0000
ROA not before: Sun 19 Apr 2026 14:52:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25198
IP address blocks: 45.128.78.0/24 maxlen: 24
84.21.188.0/24 maxlen: 24
2a0f:e841::/32 maxlen: 32
2a10:7500::/29 maxlen: 29
2a13:8c85::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 21:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a6:3a:71:1e:a1:06:25:cd:4d:f4:b7:47:7d:24:63:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 19 14:52:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c2dd833ac223429829da5ed0fe948ac1ca116361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9e:9c:40:0b:68:24:9a:2e:46:3b:a9:84:bf:
08:c1:bf:09:74:1e:32:87:4c:d0:a5:50:f8:eb:e8:
05:a3:8d:12:b4:4e:3b:29:23:75:9e:31:0a:7a:87:
a9:52:c3:0d:5f:33:84:2d:0f:eb:b3:5f:6d:41:95:
a2:4b:2b:13:02:7e:03:01:50:c2:02:2e:cf:92:19:
14:7f:dc:2d:1e:e2:ef:96:d1:04:b9:6b:e6:db:35:
5a:c9:9a:c3:48:99:f6:56:f1:dd:a6:c9:85:bd:15:
90:a0:21:0e:fd:46:1e:2a:2b:49:f7:58:89:88:af:
01:11:04:38:32:6a:65:4b:4e:a2:bf:12:08:41:45:
d7:7d:5c:f1:17:93:e7:19:01:83:05:b6:93:a1:07:
c9:fc:3e:4a:b5:91:23:eb:88:6b:4a:81:f5:83:00:
6f:54:45:fc:cb:95:84:c8:24:d1:a9:73:50:02:c1:
40:bc:30:14:91:d8:63:03:ff:6d:eb:3e:a0:66:3f:
9f:7d:bd:34:ed:56:ad:8f:f5:05:4a:ab:67:4b:c2:
a9:a7:b2:7a:02:a8:a9:9b:7d:aa:51:5f:b9:a2:17:
e8:a5:e7:5a:e4:a0:6b:18:03:bd:73:e0:85:a2:6e:
eb:f8:92:ab:36:47:f7:7c:41:b8:29:11:45:9c:84:
9e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DD:83:3A:C2:23:42:98:29:DA:5E:D0:FE:94:8A:C1:CA:11:63:61
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/wt2DOsIjQpgp2l7Q_pSKwcoRY2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.78.0/24
84.21.188.0/24
IPv6:
2a0f:e841::/32
2a10:7500::/29
2a13:8c85::/32
Signature Algorithm: sha256WithRSAEncryption
86:c9:a8:41:04:d6:4e:df:8b:0e:43:df:40:20:83:47:e7:dd:
84:13:a5:9e:37:e5:cf:57:20:b4:2e:24:7c:1a:b0:ba:cc:e6:
9f:bb:d8:10:80:10:7d:66:4a:c6:c6:fe:27:91:fb:63:9f:57:
e1:de:b0:c0:aa:d5:59:ae:2e:63:ca:da:95:a1:e8:17:07:39:
76:2c:85:52:58:9d:53:eb:f7:b0:ff:c1:0c:bc:6b:b1:6c:67:
17:54:8e:13:11:66:31:36:e6:24:bb:f7:c1:57:b6:2e:79:2a:
28:3f:ad:af:44:c0:02:5b:ef:29:12:43:78:0c:ee:80:8e:d8:
16:73:0e:14:37:0c:40:06:8f:aa:af:a1:b5:9d:34:90:12:81:
9e:d1:28:02:9d:a3:c8:07:2e:c5:a2:b3:f2:5e:1e:2d:9e:a2:
3d:18:c8:2e:a7:3c:90:40:85:96:ab:4b:3b:7f:22:2b:49:68:
b3:13:f5:6b:c6:5a:73:05:3e:7c:85:e5:5a:fd:eb:85:e5:8c:
fd:a8:62:7a:a0:9c:44:89:3c:2d:09:25:e2:1d:c3:b2:d6:95:
b2:c1:2a:84:cf:c3:11:dd:4e:a0:6f:c9:87:00:ef:2b:88:09:
69:58:65:ca:2f:e6:88:cb:45:81:2f:ad:f5:8b:f1:05:1b:1c:
4d:d8:3d:e0
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZ2mOnEeoQYlzU30t0d9JGPeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNDE5MTQ1MjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmRkODMzYWMyMjM0Mjk4MjlkYTVlZDBmZTk0OGFjMWNhMTE2MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop6cQAtoJJouRjuphL8Iwb8JdB4y
h0zQpVD46+gFo40StE47KSN1njEKeoepUsMNXzOELQ/rs19tQZWiSysTAn4DAVDC
Ai7PkhkUf9wtHuLvltEEuWvm2zVayZrDSJn2VvHdpsmFvRWQoCEO/UYeKitJ91iJ
iK8BEQQ4MmplS06ivxIIQUXXfVzxF5PnGQGDBbaToQfJ/D5KtZEj64hrSoH1gwBv
VEX8y5WEyCTRqXNQAsFAvDAUkdhjA/9t6z6gZj+ffb007Vatj/UFSqtnS8Kpp7J6
Aqipm32qUV+5ohfopeda5KBrGAO9c+CFom7r+JKrNkf3fEG4KRFFnISeNQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMLdgzrCI0KYKdpe0P6UisHKEWNhMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvd3QyRE9zSWpRcGdwMmw3UV9wU0t3Y29SWTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQALYBOAwQA
VBW8MBsEAgACMBUDBQAqD+hBAwUDKhB1AAMFACoTjIUwDQYJKoZIhvcNAQELBQAD
ggEBAIbJqEEE1k7fiw5D30Agg0fn3YQTpZ435c9XILQuJHwasLrM5p+72BCAEH1m
SsbG/ieR+2OfV+HesMCq1VmuLmPK2pWh6BcHOXYshVJYnVPr97D/wQy8a7FsZxdU
jhMRZjE25iS798FXti55Kig/ra9EwAJb7ykSQ3gM7oCO2BZzDhQ3DEAGj6qvobWd
NJASgZ7RKAKdo8gHLsWis/JeHi2eoj0YyC6nPJBAhZarSzt/IitJaLMT9WvGWnMF
PnyF5Vr964XljP2oYnqgnESJPC0JJeIdw7LWlbLBKoTPwxHdTqBvyYcA7yuICWlY
Zcov5ojLRYEvrfWL8QUbHE3YPeA=
-----END CERTIFICATE-----
Generated at Mon Apr 20 01:48:46 2026 by rpki-client