Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/wea1j7CCiOwKhbp9xRs9xEsak8o.roa
File: wea1j7CCiOwKhbp9xRs9xEsak8o.roa (raw, json)
Hash identifier: hckz/qMoMAZzO9HmBfzADkSbkz16uEss9Ro4N3hyVDs=
Subject key identifier: C1:E6:B5:8F:B0:82:88:EC:0A:85:BA:7D:C5:1B:3D:C4:4B:1A:93:CA
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 019E684F70AE2440981D983E313FDF6A1C53
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/wea1j7CCiOwKhbp9xRs9xEsak8o.roa
Signing time: Wed 27 May 2026 07:21:37 +0000
ROA not before: Wed 27 May 2026 07:21:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8708
IP address blocks: 93.113.128.0/24 maxlen: 24
185.118.6.0/23 maxlen: 24
188.213.35.0/24 maxlen: 24
188.214.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:68:4f:70:ae:24:40:98:1d:98:3e:31:3f:df:6a:1c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: May 27 07:21:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c1e6b58fb08288ec0a85ba7dc51b3dc44b1a93ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e7:38:4d:7a:94:e2:7a:06:92:b9:f1:14:f8:
66:81:17:ad:ba:df:ab:70:93:67:2c:72:31:ea:54:
4e:5d:c0:e5:9a:56:17:f0:ff:be:28:5b:bb:bf:e0:
6a:d9:48:0e:9b:b8:6c:91:f7:d8:d3:f5:64:af:18:
49:dc:90:2b:6f:e0:65:12:42:a9:9f:77:de:a9:d9:
ac:c0:93:04:86:2f:5e:24:37:e9:93:51:90:bf:45:
c8:2b:f0:1a:d2:41:99:64:18:34:a2:b4:f4:ae:c8:
bc:e8:84:91:2f:eb:b6:d2:80:c9:ed:4a:ee:76:a5:
cc:72:2a:7f:06:ac:85:30:5b:f4:35:bf:74:6b:51:
2d:18:8d:c0:49:1d:b5:c2:2f:eb:e5:f2:92:57:bf:
46:e2:d4:03:8d:1e:b9:cc:9a:e1:56:3a:06:67:36:
0f:ed:ae:89:e6:86:bb:db:9f:06:90:14:4c:6f:12:
f7:07:48:1d:da:ff:b4:d5:03:7c:f2:ad:ee:a6:a6:
e2:7f:80:75:b0:4e:96:13:ed:46:5b:98:92:d7:78:
14:29:ac:51:25:1f:cd:2f:77:22:2a:41:52:15:d7:
c6:18:21:05:bf:55:e5:7b:b2:db:36:7b:7c:2f:db:
2c:3c:bb:46:85:47:16:7f:48:84:03:c4:f7:16:e3:
96:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E6:B5:8F:B0:82:88:EC:0A:85:BA:7D:C5:1B:3D:C4:4B:1A:93:CA
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/wea1j7CCiOwKhbp9xRs9xEsak8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.128.0/24
185.118.6.0/23
188.213.35.0/24
188.214.150.0/24
Signature Algorithm: sha256WithRSAEncryption
01:2a:7e:28:1f:23:f8:0b:5e:50:d3:fe:42:09:7a:18:b6:ba:
24:84:82:7f:3f:60:f8:df:a9:9b:fb:cd:26:72:04:31:34:8e:
4c:ab:c7:40:06:e4:15:f6:ac:4b:90:1b:9c:26:7b:64:09:e9:
c7:fe:a0:9e:16:5c:f8:f9:be:bf:fe:08:85:55:34:22:ba:6b:
2b:e4:21:1f:c7:a8:84:8c:15:1d:02:d9:61:a8:be:5b:67:4a:
c2:1c:3d:b3:1b:c3:b2:45:6b:89:5a:ed:1b:7a:25:36:4d:77:
6f:ba:5c:3a:0b:87:0c:01:3a:a1:a3:e8:1e:4a:5c:51:1a:98:
14:3e:06:eb:61:3e:8f:e4:60:c6:96:47:da:91:78:64:a5:a9:
17:6e:4d:dc:e7:9e:de:b9:70:be:38:52:0e:5c:a8:f9:62:a4:
84:25:53:cd:3c:c9:d7:70:3f:bf:94:8d:65:93:b2:73:aa:20:
2e:fd:01:43:92:46:04:f6:a3:72:d3:23:32:bc:fc:3b:34:d9:
5f:7c:d5:59:56:a3:0c:b4:95:99:d2:37:2a:51:a7:84:85:05:
d6:67:7e:ce:7b:8d:a2:af:6f:c6:7c:80:f2:3a:fc:a0:66:e3:
07:ba:8f:28:52:3a:9c:be:bf:a1:fa:71:f9:b9:2a:71:15:cd:
8b:6d:e0:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5oT3CuJECYHZg+MT/fahxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjYwNTI3MDcyMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU2YjU4ZmIwODI4OGVjMGE4NWJhN2RjNTFiM2RjNDRiMWE5M2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuc4TXqU4noGkrnxFPhmgRetut+r
cJNnLHIx6lROXcDlmlYX8P++KFu7v+Bq2UgOm7hskffY0/VkrxhJ3JArb+BlEkKp
n3feqdmswJMEhi9eJDfpk1GQv0XIK/Aa0kGZZBg0orT0rsi86ISRL+u20oDJ7Uru
dqXMcip/BqyFMFv0Nb90a1EtGI3ASR21wi/r5fKSV79G4tQDjR65zJrhVjoGZzYP
7a6J5oa7258GkBRMbxL3B0gd2v+01QN88q3upqbif4B1sE6WE+1GW5iS13gUKaxR
JR/NL3ciKkFSFdfGGCEFv1Xle7LbNnt8L9ssPLtGhUcWf0iEA8T3FuOWfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMHmtY+wgojsCoW6fcUbPcRLGpPKMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvd2VhMWo3Q0NpT3dLaGJwOXhSczl4RXNhazhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXXGAAwQB
uXYGAwQAvNUjAwQAvNaWMA0GCSqGSIb3DQEBCwUAA4IBAQABKn4oHyP4C15Q0/5C
CXoYtrokhIJ/P2D436mb+80mcgQxNI5Mq8dABuQV9qxLkBucJntkCenH/qCeFlz4
+b6//giFVTQiumsr5CEfx6iEjBUdAtlhqL5bZ0rCHD2zG8OyRWuJWu0beiU2TXdv
ulw6C4cMATqho+geSlxRGpgUPgbrYT6P5GDGlkfakXhkpakXbk3c557euXC+OFIO
XKj5YqSEJVPNPMnXcD+/lI1lk7JzqiAu/QFDkkYE9qNy0yMyvPw7NNlffNVZVqMM
tJWZ0jcqUaeEhQXWZ37Oe42ir2/GfIDyOvygZuMHuo8oUjqcvr+h+nH5uSpxFc2L
beCm
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:19:34 2026 by rpki-client