Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/W-U60YVs7yTjYiCL9vYAGYIzIug.roa
File: W-U60YVs7yTjYiCL9vYAGYIzIug.roa (raw, json)
Hash identifier: 61S6ojl0HsiDcP/GjECA3Ul0T4U17czlbC7JLzzn4vo=
Subject key identifier: 5B:E5:3A:D1:85:6C:EF:24:E3:62:20:8B:F6:F6:00:19:82:33:22:E8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019D77EA59D952F35375038293F745493692
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/W-U60YVs7yTjYiCL9vYAGYIzIug.roa
Signing time: Fri 10 Apr 2026 15:02:20 +0000
ROA not before: Fri 10 Apr 2026 15:02:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 45.90.236.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.196.41.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.202.207.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.17.0/24 maxlen: 24
185.218.19.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.236.24.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.142.0/24 maxlen: 24
185.250.181.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
194.48.140.0/23 maxlen: 24
194.48.143.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.210.0/24 maxlen: 24
194.124.211.0/24 maxlen: 24
194.146.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:77:ea:59:d9:52:f3:53:75:03:82:93:f7:45:49:36:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 10 15:02:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5be53ad1856cef24e362208bf6f60019823322e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:65:b9:52:e0:4a:70:69:fd:28:a7:1c:98:e2:
08:eb:92:32:5a:2e:6e:a7:a0:57:3c:aa:1a:01:3e:
a5:4a:f1:d4:fa:3e:06:2c:8c:ba:d9:26:d6:9f:41:
ec:0b:56:b7:2c:03:c9:63:ca:ff:36:7e:0a:a4:59:
45:38:57:5a:d3:17:94:d3:11:ef:e9:c9:d7:ff:4b:
08:ee:23:ad:ff:ad:6f:1c:e7:02:17:e7:34:09:09:
5b:33:eb:52:5b:f8:c1:9d:92:b5:03:f2:b6:01:5a:
52:cd:9f:78:b2:c0:3a:9b:e7:7f:5d:40:16:5e:4a:
04:21:d9:54:81:d9:a6:ba:c4:f1:e8:3d:29:ba:7d:
1e:30:ff:ff:29:ea:be:ac:e4:8e:08:46:e0:36:a4:
e3:db:7d:ac:72:bd:2b:73:00:72:58:25:f9:d7:c0:
2f:4d:0b:db:a4:26:4b:fa:d6:a6:fb:ac:ba:63:41:
27:ee:71:a1:35:de:81:d5:41:70:29:f2:36:37:07:
82:60:91:64:44:07:20:c9:85:8e:58:b6:e0:c9:11:
13:11:d4:ed:c5:05:06:a4:88:81:05:18:86:9f:11:
96:d5:3b:d9:56:08:58:30:53:48:a8:19:e2:b3:a4:
6a:b6:d1:b4:51:0b:d3:c7:57:b9:04:76:37:0c:20:
14:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E5:3A:D1:85:6C:EF:24:E3:62:20:8B:F6:F6:00:19:82:33:22:E8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/W-U60YVs7yTjYiCL9vYAGYIzIug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/24
45.131.135.0/24
185.121.13.0-185.121.14.255
185.196.41.0/24
185.199.158.0/24
185.202.207.0/24
185.214.108.0/24
185.218.17.0/24
185.218.19.0/24
185.227.144.0/24
185.230.67.0/24
185.232.204.0/24
185.236.24.0/24
185.239.141.0-185.239.142.255
185.250.181.0/24
185.254.158.0/24
193.17.182.0/24
194.48.140.0/23
194.48.143.0/24
194.76.172.0/24
194.124.210.0/23
194.146.223.0/24
Signature Algorithm: sha256WithRSAEncryption
26:b3:80:cd:0b:ff:de:76:bb:93:c4:03:71:e8:92:0a:ed:6d:
81:60:12:98:fb:6c:69:13:0e:15:56:c0:8f:fa:51:fc:71:77:
02:26:ee:9d:c1:b3:f5:cb:e0:96:b4:23:8f:b4:ea:a4:00:b1:
a7:31:e2:61:65:5e:f6:19:ff:0a:b2:4a:cf:58:78:cb:50:8a:
de:77:a6:fd:36:bd:73:32:fe:b4:c8:22:7d:66:4c:26:56:b9:
6e:a9:bd:69:0d:45:f4:db:77:ca:80:7b:16:75:dd:72:c7:09:
14:ae:73:61:5d:69:9b:b1:90:5c:38:29:d3:9f:eb:24:64:55:
1b:8b:d5:ac:04:d9:2f:8b:18:41:6e:09:a6:ab:ba:0a:fc:3a:
f7:34:59:c6:30:d1:43:9a:49:59:b3:06:1c:7c:28:6e:c2:5d:
e5:a3:ef:30:eb:f1:a5:06:31:c5:2a:c9:c5:02:12:7d:61:32:
eb:b0:5a:c5:5f:1c:5e:6b:db:a4:a4:43:00:cb:83:00:8a:34:
cd:c3:4c:af:4b:c7:7c:ad:8d:9a:7b:6d:49:91:49:73:49:a5:
1d:e8:98:8f:6b:60:f0:7c:67:fd:89:f5:53:2a:22:5b:89:42:
a4:2a:ca:0b:54:89:6b:0d:d2:63:63:b4:cd:61:67:0c:12:ad:
dd:c8:b3:f8
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZ136lnZUvNTdQOCk/dFSTaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNDEwMTUwMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmU1M2FkMTg1NmNlZjI0ZTM2MjIwOGJmNmY2MDAxOTgyMzMyMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGW5UuBKcGn9KKccmOII65IyWi5u
p6BXPKoaAT6lSvHU+j4GLIy62SbWn0HsC1a3LAPJY8r/Nn4KpFlFOFda0xeU0xHv
6cnX/0sI7iOt/61vHOcCF+c0CQlbM+tSW/jBnZK1A/K2AVpSzZ94ssA6m+d/XUAW
XkoEIdlUgdmmusTx6D0pun0eMP//Keq+rOSOCEbgNqTj232scr0rcwByWCX518Av
TQvbpCZL+tam+6y6Y0En7nGhNd6B1UFwKfI2NweCYJFkRAcgyYWOWLbgyRETEdTt
xQUGpIiBBRiGnxGW1TvZVghYMFNIqBnis6RqttG0UQvTx1e5BHY3DCAUEwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFFvlOtGFbO8k42Igi/b2ABmCMyLoMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVy1VNjBZVnM3eVRqWWlDTDl2WUFHWUl6SXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAAt
WuwDBAAtg4cwDAMEALl5DQMEALl5DgMEALnEKQMEALnHngMEALnKzwMEALnWbAME
ALnaEQMEALnaEwMEALnjkAMEALnmQwMEALnozAMEALnsGDAMAwQAue+NAwQAue+O
AwQAufq1AwQAuf6eAwQAwRG2AwQBwjCMAwQAwjCPAwQAwkysAwQBwnzSAwQAwpLf
MA0GCSqGSIb3DQEBCwUAA4IBAQAms4DNC//edruTxANx6JIK7W2BYBKY+2xpEw4V
VsCP+lH8cXcCJu6dwbP1y+CWtCOPtOqkALGnMeJhZV72Gf8KskrPWHjLUIred6b9
Nr1zMv60yCJ9ZkwmVrluqb1pDUX023fKgHsWdd1yxwkUrnNhXWmbsZBcOCnTn+sk
ZFUbi9WsBNkvixhBbgmmq7oK/Dr3NFnGMNFDmklZswYcfChuwl3lo+8w6/GlBjHF
KsnFAhJ9YTLrsFrFXxxea9ukpEMAy4MAijTNw0yvS8d8rY2ae21JkUlzSaUd6JiP
a2DwfGf9ifVTKiJbiUKkKsoLVIlrDdJjY7TNYWcMEq3dyLP4
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:13:13 2026 by rpki-client