Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/WBOr032vSNgYYC_A2Y1RninsZjg.roa
File: WBOr032vSNgYYC_A2Y1RninsZjg.roa (raw, json)
Hash identifier: vfvYZ1O/MizJDwyoVO9PukvZ5FdZXLiOgnpAfd5lkCs=
Subject key identifier: 58:13:AB:D3:7D:AF:48:D8:18:60:2F:C0:D9:8D:51:9E:29:EC:66:38
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DABC16E3E9A4FCACC73C11DC6D3CB9BF1
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/WBOr032vSNgYYC_A2Y1RninsZjg.roa
Signing time: Mon 20 Apr 2026 16:37:53 +0000
ROA not before: Mon 20 Apr 2026 16:37:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 133150
IP address blocks: 2.27.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 18:14:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ab:c1:6e:3e:9a:4f:ca:cc:73:c1:1d:c6:d3:cb:9b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 20 16:37:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5813abd37daf48d818602fc0d98d519e29ec6638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:25:32:5a:14:9a:c5:ee:01:ab:d4:a8:9c:
10:51:9b:e8:3d:aa:c6:88:4f:e1:44:6a:10:8e:56:
f9:e7:03:37:19:74:44:b0:cb:45:9a:17:56:6a:57:
92:3b:da:7c:66:b1:de:bc:19:5c:ce:c8:0a:55:72:
25:5c:ac:a7:dc:fa:b6:59:94:2b:d1:bc:22:ab:64:
4b:ea:35:94:e2:5d:7a:dd:e8:3f:ae:87:c2:da:35:
05:23:f3:eb:18:d3:08:2a:7a:64:c2:18:c4:5f:f6:
e1:91:3e:a7:80:c3:8a:e1:2b:61:f2:0f:e8:53:42:
95:4a:2c:13:a8:0a:81:a7:b8:10:aa:39:0b:da:f9:
d7:e9:59:b9:cc:aa:3e:3e:d5:9c:80:e3:11:3d:63:
54:78:d8:60:f8:7c:df:41:c8:c5:ed:0e:40:ae:10:
ba:57:56:bf:0e:23:79:aa:d5:b7:12:4c:ef:a3:67:
aa:ca:3c:92:d7:20:c2:59:90:d0:da:2b:4f:de:0b:
02:9a:bb:e8:76:a9:79:9e:2b:20:47:76:ad:27:27:
95:3b:19:ce:37:b7:6e:0e:18:b1:76:b6:87:cb:7e:
30:c6:5d:e6:2d:e5:8b:cd:ee:31:68:a2:d5:ad:fa:
e5:0c:90:df:15:64:06:31:54:d3:47:5d:0a:25:c1:
51:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:13:AB:D3:7D:AF:48:D8:18:60:2F:C0:D9:8D:51:9E:29:EC:66:38
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/WBOr032vSNgYYC_A2Y1RninsZjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.107.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:1f:25:1a:f1:fe:3f:53:48:1f:7d:f2:3f:76:96:3a:05:49:
c4:e1:a5:58:41:7e:90:84:a0:97:a7:50:df:2d:fd:b3:66:79:
d7:dd:fb:70:be:77:90:d4:a3:cf:6f:5c:45:91:9a:78:be:6c:
c4:95:62:46:92:98:a6:a0:92:cc:36:85:70:1d:ec:7c:93:75:
9f:3c:83:46:4b:f0:0b:61:95:34:98:ae:67:dc:d9:0f:33:8b:
d1:b5:1c:a6:81:4b:b7:e5:23:e5:34:30:39:d0:fa:ff:8d:2a:
3b:d1:50:57:04:83:a2:6d:08:8f:5e:f9:e7:a9:82:d3:3e:36:
bb:f7:80:bf:3b:98:35:7e:9e:76:a6:7b:6d:cf:2a:d9:f6:b7:
cb:e1:3b:9d:99:ad:47:4d:92:11:2e:7d:95:ac:60:95:2f:cf:
f0:a4:5f:18:1f:f9:63:47:a9:cc:1a:3d:01:87:07:ce:50:15:
5f:67:25:1c:45:79:72:fa:00:ef:5a:7a:86:6e:7b:18:47:cc:
ff:c5:92:c4:7c:af:4c:a4:23:5a:ad:20:6f:9b:4d:bc:1d:f3:
41:56:ed:ea:37:bf:13:90:74:40:32:6a:31:e8:58:a1:d0:e7:
76:bf:a7:26:6b:a8:bd:b0:16:4f:5d:d5:45:cc:db:54:95:fd:
70:02:6e:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2rwW4+mk/KzHPBHcbTy5vxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDIwMTYzNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODEzYWJkMzdkYWY0OGQ4MTg2MDJmYzBkOThkNTE5ZTI5ZWM2NjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMklMloUmsXuAavUqJwQUZvoParG
iE/hRGoQjlb55wM3GXREsMtFmhdWaleSO9p8ZrHevBlczsgKVXIlXKyn3Pq2WZQr
0bwiq2RL6jWU4l163eg/rofC2jUFI/PrGNMIKnpkwhjEX/bhkT6ngMOK4Sth8g/o
U0KVSiwTqAqBp7gQqjkL2vnX6Vm5zKo+PtWcgOMRPWNUeNhg+HzfQcjF7Q5ArhC6
V1a/DiN5qtW3Ekzvo2eqyjyS1yDCWZDQ2itP3gsCmrvodql5nisgR3atJyeVOxnO
N7duDhixdraHy34wxl3mLeWLze4xaKLVrfrlDJDfFWQGMVTTR10KJcFRWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFgTq9N9r0jYGGAvwNmNUZ4p7GY4MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvV0JPcjAzMnZTTmdZWUNfQTJZMVJuaW5zWmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAhtrMA0G
CSqGSIb3DQEBCwUAA4IBAQBfHyUa8f4/U0gfffI/dpY6BUnE4aVYQX6QhKCXp1Df
Lf2zZnnX3ftwvneQ1KPPb1xFkZp4vmzElWJGkpimoJLMNoVwHex8k3WfPINGS/AL
YZU0mK5n3NkPM4vRtRymgUu35SPlNDA50Pr/jSo70VBXBIOibQiPXvnnqYLTPja7
94C/O5g1fp52pnttzyrZ9rfL4Tudma1HTZIRLn2VrGCVL8/wpF8YH/ljR6nMGj0B
hwfOUBVfZyUcRXly+gDvWnqGbnsYR8z/xZLEfK9MpCNarSBvm028HfNBVu3qN78T
kHRAMmox6Fih0Od2v6cma6i9sBZPXdVFzNtUlf1wAm74
-----END CERTIFICATE-----
Generated at Wed Apr 22 02:53:54 2026 by rpki-client