Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WKH10Qu7Un-kv7nnpQiyY6GSxTk.roa
File: WKH10Qu7Un-kv7nnpQiyY6GSxTk.roa (raw, json)
Hash identifier: dwRZmT9fKmjh/U7lMUakPBNfQSUBA94IYvMob1WbbUo=
Subject key identifier: 58:A1:F5:D1:0B:BB:52:7F:A4:BF:B9:E7:A5:08:B2:63:A1:92:C5:39
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019E72B9507B8D140723B5BAACC53CA98EA8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WKH10Qu7Un-kv7nnpQiyY6GSxTk.roa
Signing time: Fri 29 May 2026 07:53:27 +0000
ROA not before: Fri 29 May 2026 07:53:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61317
IP address blocks: 185.206.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jun 2026 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:72:b9:50:7b:8d:14:07:23:b5:ba:ac:c5:3c:a9:8e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 29 07:53:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=58a1f5d10bbb527fa4bfb9e7a508b263a192c539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7d:14:03:fa:86:d0:cd:d9:25:b8:df:75:6e:
27:08:b2:03:7f:3b:a9:f6:66:bc:c5:6b:7d:f9:ad:
ef:b1:a7:15:e6:df:47:fa:aa:79:77:4b:80:79:5a:
ab:47:9a:f9:f5:41:40:7c:ca:10:93:11:09:14:3c:
8e:2d:4c:74:09:86:02:96:97:c0:10:78:0a:d5:c2:
8b:51:cd:18:e0:8d:69:f1:50:ac:f0:b2:d5:ef:6c:
47:7c:b4:ff:bd:9e:95:61:4b:a3:9d:2c:b0:ed:81:
3d:d8:16:1c:3a:2d:58:41:42:43:b3:b8:54:57:7f:
f7:6f:fd:4e:11:ea:48:01:ea:81:69:e7:9a:31:18:
b5:5f:50:67:cc:1e:98:b9:57:57:94:9b:3b:41:80:
f8:82:4e:83:63:87:98:c1:a8:c5:68:30:7e:90:bf:
28:fb:29:13:c7:15:c6:79:54:3f:7d:dd:8d:d6:90:
64:a7:02:98:d1:e0:7d:15:bd:fb:e0:9d:23:64:d1:
8a:ff:05:24:0e:b7:36:1e:a7:97:09:7e:78:bc:4b:
56:3e:5b:d5:29:53:5b:25:7f:53:29:10:46:77:be:
3c:bf:97:af:7e:0b:9e:b7:9b:fd:d2:ca:b6:b4:d5:
f3:82:f8:b5:6f:a2:b9:5c:e0:b6:b7:82:35:a4:ed:
6c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A1:F5:D1:0B:BB:52:7F:A4:BF:B9:E7:A5:08:B2:63:A1:92:C5:39
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WKH10Qu7Un-kv7nnpQiyY6GSxTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.210.152.0/23
185.210.155.0/24
185.218.102.0/24
185.223.76.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e8:c2:61:1a:8a:d5:38:bd:fa:b3:c7:c7:ed:3c:cc:d3:4f:
49:4e:d6:e1:6f:5d:e8:fb:38:5a:07:12:49:83:c6:71:5c:20:
08:d2:d3:21:09:0c:c9:f8:1e:ce:1d:09:99:7b:17:65:a6:a2:
23:3e:6f:e0:1f:b8:f3:2e:d2:29:15:f5:24:58:55:cc:d6:27:
b9:89:35:a5:2c:67:98:8c:0a:58:a5:59:be:94:3d:fa:98:42:
f1:a9:d6:31:17:95:e6:39:40:5c:78:d0:dd:58:26:b3:61:fa:
bc:99:89:54:e9:52:8f:04:0b:47:43:6c:ab:49:40:dd:86:7e:
81:02:87:ea:f1:ff:07:2d:56:5a:11:c5:55:b6:e1:6c:d9:05:
7a:69:5b:44:a2:d6:9b:c0:03:03:29:c1:1f:21:f9:ca:2c:83:
71:e1:d9:dc:35:4c:45:72:b5:c1:13:1f:df:84:33:bb:01:5c:
ea:5a:d4:4e:19:9d:31:28:bc:fd:71:ee:60:a4:dd:f7:0f:f4:
83:c4:e7:dd:05:15:e9:1a:3a:d6:4b:bd:46:d9:55:fc:22:52:
d4:05:53:00:ca:a5:ca:98:c5:0d:94:14:c7:3b:cf:0d:3a:c1:
73:75:0f:29:7f:4d:95:ee:76:7d:9f:92:5a:9c:bc:73:72:56:
2f:c1:6b:56
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ5yuVB7jRQHI7W6rMU8qY6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNTI5MDc1MzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGExZjVkMTBiYmI1MjdmYTRiZmI5ZTdhNTA4YjI2M2ExOTJjNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn0UA/qG0M3ZJbjfdW4nCLIDfzup
9ma8xWt9+a3vsacV5t9H+qp5d0uAeVqrR5r59UFAfMoQkxEJFDyOLUx0CYYClpfA
EHgK1cKLUc0Y4I1p8VCs8LLV72xHfLT/vZ6VYUujnSyw7YE92BYcOi1YQUJDs7hU
V3/3b/1OEepIAeqBaeeaMRi1X1BnzB6YuVdXlJs7QYD4gk6DY4eYwajFaDB+kL8o
+ykTxxXGeVQ/fd2N1pBkpwKY0eB9Fb374J0jZNGK/wUkDrc2HqeXCX54vEtWPlvV
KVNbJX9TKRBGd748v5evfguet5v90sq2tNXzgvi1b6K5XOC2t4I1pO1swwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFih9dELu1J/pL+556UIsmOhksU5MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvV0tIMTBRdTdVbi1rdjdubnBRaXlZNkdTeFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAuc74AwQA
uc77AwQBudEkAwQBudKYAwQAudKbAwQAudpmAwQAud9MAwQAueORAwQCueoUAwQC
ue7kAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQBO6MJhGorVOL36s8fH7TzM009J
Ttbhb13o+zhaBxJJg8ZxXCAI0tMhCQzJ+B7OHQmZexdlpqIjPm/gH7jzLtIpFfUk
WFXM1ie5iTWlLGeYjApYpVm+lD36mELxqdYxF5XmOUBceNDdWCazYfq8mYlU6VKP
BAtHQ2yrSUDdhn6BAofq8f8HLVZaEcVVtuFs2QV6aVtEotabwAMDKcEfIfnKLINx
4dncNUxFcrXBEx/fhDO7AVzqWtROGZ0xKLz9ce5gpN33D/SDxOfdBRXpGjrWS71G
2VX8IlLUBVMAyqXKmMUNlBTHO88NOsFzdQ8pf02V7nZ9n5JanLxzclYvwWtW
-----END CERTIFICATE-----
Generated at Mon Jun 1 03:17:35 2026 by rpki-client