Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/wZtpSjAJt4SmvvP0YnSsE7TQrWE.roa
File: wZtpSjAJt4SmvvP0YnSsE7TQrWE.roa (raw, json)
Hash identifier: 5MBdGENxe3OadAvEH+VeBbaYBKVIJ8gWBwpRTn1w1GM=
Subject key identifier: C1:9B:69:4A:30:09:B7:84:A6:BE:F3:F4:62:74:AC:13:B4:D0:AD:61
Certificate issuer: /CN=4f4b2aab1d67f6d4c058392b9137bd03228f7d2a
Certificate serial: 019E108B7C1BDFC4588862E7A159B93749F8
Authority key identifier: 4F:4B:2A:AB:1D:67:F6:D4:C0:58:39:2B:91:37:BD:03:22:8F:7D:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T0sqqx1n9tTAWDkrkTe9AyKPfSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/wZtpSjAJt4SmvvP0YnSsE7TQrWE.roa
Signing time: Sun 10 May 2026 06:20:37 +0000
ROA not before: Sun 10 May 2026 06:20:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44066
IP address blocks: 185.58.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/T0sqqx1n9tTAWDkrkTe9AyKPfSo.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/T0sqqx1n9tTAWDkrkTe9AyKPfSo.mft
rsync://rpki.ripe.net/repository/DEFAULT/T0sqqx1n9tTAWDkrkTe9AyKPfSo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:10:8b:7c:1b:df:c4:58:88:62:e7:a1:59:b9:37:49:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f4b2aab1d67f6d4c058392b9137bd03228f7d2a
Validity
Not Before: May 10 06:20:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c19b694a3009b784a6bef3f46274ac13b4d0ad61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ed:8c:7c:57:e6:6d:5f:2d:3d:a9:5d:85:74:
16:b6:85:78:74:01:e4:81:b8:c5:67:28:0c:84:76:
1d:38:2b:9a:ee:c4:78:32:6e:8e:8d:c7:26:ba:6c:
45:13:b5:2b:59:f9:79:97:f6:77:9f:d6:0d:39:61:
ef:19:b9:8e:4a:f6:3f:ca:2e:2b:a4:52:01:25:d7:
02:91:67:fc:32:52:d6:3a:3a:1c:f2:ae:d0:cd:db:
5f:74:fe:77:4f:ba:34:8c:6c:94:8e:44:9e:9d:f8:
c6:74:88:80:72:fb:fa:2a:6e:fa:eb:5e:08:e2:a9:
0c:24:0c:4b:24:36:cd:9c:93:cd:92:e3:97:d9:8e:
29:15:5f:19:cb:58:d7:c1:d4:72:b9:c7:17:39:ac:
3e:07:e9:83:c6:35:b3:6a:c1:6e:4d:96:59:e8:e4:
7c:65:f4:33:0b:76:ff:70:4e:1c:31:df:08:be:98:
e3:94:6c:d0:95:5f:00:26:30:c8:7a:6a:49:5b:93:
4a:10:21:b8:56:b1:2f:fc:b8:91:81:71:32:dd:96:
ae:32:77:08:fd:62:e9:d5:cc:b3:b0:9f:95:0f:de:
35:fd:55:14:c7:c0:57:92:0f:2e:e5:1d:39:ff:87:
4f:53:0f:ba:32:ca:ff:e0:f3:02:97:af:44:92:52:
79:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9B:69:4A:30:09:B7:84:A6:BE:F3:F4:62:74:AC:13:B4:D0:AD:61
X509v3 Authority Key Identifier:
keyid:4F:4B:2A:AB:1D:67:F6:D4:C0:58:39:2B:91:37:BD:03:22:8F:7D:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T0sqqx1n9tTAWDkrkTe9AyKPfSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/wZtpSjAJt4SmvvP0YnSsE7TQrWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/080e92-fffe-47d9-a6e2-c238eae0663b/1/T0sqqx1n9tTAWDkrkTe9AyKPfSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.2.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:c2:d7:83:9a:b6:9c:b6:5a:93:56:91:de:64:f8:3a:f3:7e:
0f:09:6e:91:84:73:4b:f0:61:56:b8:21:ca:c8:14:04:93:5b:
6c:5d:4c:a6:26:7a:1d:9c:4e:e7:17:d1:5b:6a:fd:9d:2c:d2:
57:9e:80:b9:91:b5:30:59:01:fd:1c:f2:30:64:3d:d3:40:97:
46:84:23:6c:7e:2a:13:77:80:1a:93:db:62:6a:54:51:68:86:
09:76:d7:8c:21:38:db:65:44:e4:46:99:15:26:90:90:bf:72:
fa:5d:9f:8c:77:1b:13:51:8a:26:79:90:ea:05:42:43:6e:4e:
8a:1d:12:18:7b:3a:33:73:3e:da:b7:4e:dd:6c:c1:5b:8c:fa:
b3:dd:71:21:ff:d6:0e:7c:c4:d0:e8:e8:33:49:8c:cd:1d:dd:
e5:c1:90:b2:9f:cc:a4:92:e7:6e:e8:bc:ca:e0:8f:0c:ba:4e:
5c:c9:7d:0a:df:83:df:2b:12:05:c5:f8:90:95:ac:f5:8f:6c:
5a:d8:20:ee:00:84:08:ef:d2:ee:d5:25:0d:b6:bd:52:9b:27:
fa:30:57:dd:3d:d5:f6:5b:f7:d7:ba:63:f5:7c:cc:a1:1e:59:
a6:0e:b1:be:f9:c9:90:5c:b1:5c:34:e6:7e:d3:9a:8f:ed:05:
29:08:c8:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4Qi3wb38RYiGLnoVm5N0n4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNGIyYWFiMWQ2N2Y2ZDRjMDU4MzkyYjkxMzdiZDAzMjI4
ZjdkMmEwHhcNMjYwNTEwMDYyMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTliNjk0YTMwMDliNzg0YTZiZWYzZjQ2Mjc0YWMxM2I0ZDBhZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO2MfFfmbV8tPaldhXQWtoV4dAHk
gbjFZygMhHYdOCua7sR4Mm6OjccmumxFE7UrWfl5l/Z3n9YNOWHvGbmOSvY/yi4r
pFIBJdcCkWf8MlLWOjoc8q7QzdtfdP53T7o0jGyUjkSenfjGdIiAcvv6Km76614I
4qkMJAxLJDbNnJPNkuOX2Y4pFV8Zy1jXwdRyuccXOaw+B+mDxjWzasFuTZZZ6OR8
ZfQzC3b/cE4cMd8IvpjjlGzQlV8AJjDIempJW5NKECG4VrEv/LiRgXEy3ZauMncI
/WLp1cyzsJ+VD941/VUUx8BXkg8u5R05/4dPUw+6Msr/4PMCl69EklJ5XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGbaUowCbeEpr7z9GJ0rBO00K1hMB8GA1UdIwQY
MBaAFE9LKqsdZ/bUwFg5K5E3vQMij30qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDBzcXF4MW45dFRBV0RrcmtUZTlBeUtQZlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8wODBlOTItZmZmZS00N2Q5LWE2ZTIt
YzIzOGVhZTA2NjNiLzEvd1p0cFNqQUp0NFNtdnZQMFluU3NFN1RRcldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8wODBlOTItZmZmZS00N2Q5LWE2ZTItYzIzOGVhZTA2NjNi
LzEvVDBzcXF4MW45dFRBV0RrcmtUZTlBeUtQZlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuToCMA0G
CSqGSIb3DQEBCwUAA4IBAQClwteDmractlqTVpHeZPg6834PCW6RhHNL8GFWuCHK
yBQEk1tsXUymJnodnE7nF9Fbav2dLNJXnoC5kbUwWQH9HPIwZD3TQJdGhCNsfioT
d4Aak9tialRRaIYJdteMITjbZUTkRpkVJpCQv3L6XZ+MdxsTUYomeZDqBUJDbk6K
HRIYezozcz7at07dbMFbjPqz3XEh/9YOfMTQ6OgzSYzNHd3lwZCyn8ykkudu6LzK
4I8Muk5cyX0K34PfKxIFxfiQlaz1j2xa2CDuAIQI79Lu1SUNtr1Smyf6MFfdPdX2
W/fXumP1fMyhHlmmDrG++cmQXLFcNOZ+05qP7QUpCMiE
-----END CERTIFICATE-----
Generated at Wed May 13 01:45:15 2026 by rpki-client