Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/WaELHuLYA_1cefIoTQf80xGonys.roa
File: WaELHuLYA_1cefIoTQf80xGonys.roa (raw, json)
Hash identifier: rib5YkFr/K/aT3PKl0IuD1KkixxMJnJUccJ5z3LdA80=
Subject key identifier: 59:A1:0B:1E:E2:D8:03:FD:5C:79:F2:28:4D:07:FC:D3:11:A8:9F:2B
Certificate issuer: /CN=2ee56d4d7b1d1a06ce89f746f79b656c7348c525
Certificate serial: 019DD436B82AF1FCA5A68B12F70DF36C5BB3
Authority key identifier: 2E:E5:6D:4D:7B:1D:1A:06:CE:89:F7:46:F7:9B:65:6C:73:48:C5:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LuVtTXsdGgbOifdG95tlbHNIxSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/WaELHuLYA_1cefIoTQf80xGonys.roa
Signing time: Tue 28 Apr 2026 13:10:49 +0000
ROA not before: Tue 28 Apr 2026 13:10:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206970
IP address blocks: 5.104.156.0/23 maxlen: 23
5.104.157.0/24 maxlen: 24
2a06:e381::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/LuVtTXsdGgbOifdG95tlbHNIxSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/LuVtTXsdGgbOifdG95tlbHNIxSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/LuVtTXsdGgbOifdG95tlbHNIxSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d4:36:b8:2a:f1:fc:a5:a6:8b:12:f7:0d:f3:6c:5b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ee56d4d7b1d1a06ce89f746f79b656c7348c525
Validity
Not Before: Apr 28 13:10:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=59a10b1ee2d803fd5c79f2284d07fcd311a89f2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fc:7c:7a:3c:f9:48:c0:4d:f0:2b:a0:07:64:
ee:66:91:40:a3:6a:0d:e7:c2:35:f0:15:ea:6d:5b:
af:17:6c:9e:2c:52:8b:b4:f9:d2:43:d7:4c:a1:d6:
02:3a:17:f3:b9:0c:9e:6d:9e:af:f3:f2:5c:1b:d7:
53:66:c0:70:00:0f:1b:6f:51:a8:5e:2d:1c:d9:49:
07:a8:2b:3b:7c:7d:d8:3c:a3:dd:40:b0:75:4c:02:
79:79:03:74:cd:ef:c2:4b:f3:40:98:75:6e:af:84:
ca:51:5c:b2:3a:0b:05:f4:8a:50:82:59:fe:2a:c8:
dd:1e:62:f7:bd:95:e8:59:ab:58:f3:05:1d:c7:0b:
44:d0:0f:57:1e:9d:52:20:25:c7:96:83:1a:2e:ff:
47:e7:37:ed:00:58:85:35:1b:92:f6:6a:55:e6:e1:
40:ae:ce:8e:91:0a:dc:79:30:1c:91:94:a1:93:49:
92:4d:00:87:ab:cb:71:4b:36:1b:e2:40:24:01:af:
b4:eb:97:27:42:a2:a7:06:d5:3e:f5:0d:d0:e5:39:
8d:43:d2:18:34:1b:87:49:25:ea:dc:68:4f:18:29:
15:ed:a5:5a:d8:5a:b6:aa:f3:4c:3a:e5:1a:18:46:
02:65:76:fd:0b:b8:a0:38:97:5f:65:e5:6b:28:e8:
be:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:A1:0B:1E:E2:D8:03:FD:5C:79:F2:28:4D:07:FC:D3:11:A8:9F:2B
X509v3 Authority Key Identifier:
keyid:2E:E5:6D:4D:7B:1D:1A:06:CE:89:F7:46:F7:9B:65:6C:73:48:C5:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LuVtTXsdGgbOifdG95tlbHNIxSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/WaELHuLYA_1cefIoTQf80xGonys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e0b67e-2690-4a88-9d16-22e98de26106/1/LuVtTXsdGgbOifdG95tlbHNIxSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.156.0/23
IPv6:
2a06:e381::/32
Signature Algorithm: sha256WithRSAEncryption
38:31:9a:79:fa:39:82:4e:ba:0f:d8:1e:44:e9:c4:48:44:77:
81:55:52:a2:a5:3c:82:3e:bd:22:dd:d1:99:57:83:54:b5:22:
54:86:a9:56:21:b6:07:46:7c:52:c6:f2:8d:72:3b:60:4a:1c:
51:c4:6a:72:52:16:f7:1c:43:d1:4c:3b:b9:68:bc:47:0e:6b:
a5:76:2c:c2:f9:76:ea:24:50:5f:2c:ef:f2:e1:80:8c:98:84:
cc:73:bc:3e:d9:b2:3c:35:1f:55:dc:dc:7b:b3:91:c4:6f:bb:
a8:94:8b:e0:7a:18:2b:ca:35:17:d4:36:c9:cc:cf:f7:c8:df:
20:de:11:fa:b7:e0:f1:e5:be:4f:ff:37:ae:0f:3e:68:a6:cf:
34:b2:a6:37:5a:c0:60:21:d9:1c:3e:60:a0:87:7f:44:29:52:
3d:84:e7:9f:eb:9a:e3:f2:de:6f:64:c6:a1:d9:c1:9e:7d:89:
3f:74:b0:3a:c7:f3:20:42:55:76:05:b2:9b:e4:5f:36:01:07:
38:67:5a:4d:8d:22:96:68:9b:14:7b:8e:d0:f9:2c:de:ba:b7:
18:ff:3a:db:8c:58:18:6a:49:77:71:66:ab:28:64:f5:63:b8:
7d:f3:12:e2:e6:50:0b:86:c0:63:32:37:fe:38:5d:4b:ac:b9:
4b:d3:fc:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ3UNrgq8fylposS9w3zbFuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZTU2ZDRkN2IxZDFhMDZjZTg5Zjc0NmY3OWI2NTZjNzM0
OGM1MjUwHhcNMjYwNDI4MTMxMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWExMGIxZWUyZDgwM2ZkNWM3OWYyMjg0ZDA3ZmNkMzExYTg5ZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPx8ejz5SMBN8CugB2TuZpFAo2oN
58I18BXqbVuvF2yeLFKLtPnSQ9dModYCOhfzuQyebZ6v8/JcG9dTZsBwAA8bb1Go
Xi0c2UkHqCs7fH3YPKPdQLB1TAJ5eQN0ze/CS/NAmHVur4TKUVyyOgsF9IpQgln+
KsjdHmL3vZXoWatY8wUdxwtE0A9XHp1SICXHloMaLv9H5zftAFiFNRuS9mpV5uFA
rs6OkQrceTAckZShk0mSTQCHq8txSzYb4kAkAa+065cnQqKnBtU+9Q3Q5TmNQ9IY
NBuHSSXq3GhPGCkV7aVa2Fq2qvNMOuUaGEYCZXb9C7igOJdfZeVrKOi+CwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFmhCx7i2AP9XHnyKE0H/NMRqJ8rMB8GA1UdIwQY
MBaAFC7lbU17HRoGzon3RvebZWxzSMUlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHVWdFRYc2RHZ2JPaWZkRzk1dGxiSE5JeFNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lMGI2N2UtMjY5MC00YTg4LTlkMTYt
MjJlOThkZTI2MTA2LzEvV2FFTEh1TFlBXzFjZWZJb1RRZjgweEdvbnlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9lMGI2N2UtMjY5MC00YTg4LTlkMTYtMjJlOThkZTI2MTA2
LzEvTHVWdFRYc2RHZ2JPaWZkRzk1dGxiSE5JeFNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBBWicMA0E
AgACMAcDBQAqBuOBMA0GCSqGSIb3DQEBCwUAA4IBAQA4MZp5+jmCTroP2B5E6cRI
RHeBVVKipTyCPr0i3dGZV4NUtSJUhqlWIbYHRnxSxvKNcjtgShxRxGpyUhb3HEPR
TDu5aLxHDmuldizC+XbqJFBfLO/y4YCMmITMc7w+2bI8NR9V3Nx7s5HEb7uolIvg
ehgryjUX1DbJzM/3yN8g3hH6t+Dx5b5P/zeuDz5ops80sqY3WsBgIdkcPmCgh39E
KVI9hOef65rj8t5vZMah2cGefYk/dLA6x/MgQlV2BbKb5F82AQc4Z1pNjSKWaJsU
e47Q+SzeurcY/zrbjFgYakl3cWarKGT1Y7h98xLi5lALhsBjMjf+OF1LrLlL0/zF
-----END CERTIFICATE-----
Generated at Wed May 13 14:09:26 2026 by rpki-client