Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/9WKN0gCb48l5bHUNl8dV6tRmYSc.roa
File: 9WKN0gCb48l5bHUNl8dV6tRmYSc.roa (raw, json)
Hash identifier: v965nXSnshTWQQghLNVOqzkDYtxXR/Xwp0hDztEcPr0=
Subject key identifier: F5:62:8D:D2:00:9B:E3:C9:79:6C:75:0D:97:C7:55:EA:D4:66:61:27
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 019DE96AE2136FB3A417B13DC16A138B87B6
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/9WKN0gCb48l5bHUNl8dV6tRmYSc.roa
Signing time: Sat 02 May 2026 15:59:49 +0000
ROA not before: Sat 02 May 2026 15:59:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62257
IP address blocks: 91.243.119.0/24 maxlen: 24
185.105.238.0/24 maxlen: 24
194.36.172.0/23 maxlen: 23
194.180.208.0/23 maxlen: 23
194.180.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e9:6a:e2:13:6f:b3:a4:17:b1:3d:c1:6a:13:8b:87:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: May 2 15:59:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f5628dd2009be3c9796c750d97c755ead4666127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e6:74:18:c4:38:a2:d3:f5:b6:d8:0d:51:16:
31:08:5a:91:34:13:07:ff:3b:42:ee:33:e9:74:14:
6a:b3:21:6a:e4:1c:d3:d0:ec:42:f7:e4:64:8c:70:
dc:88:79:80:ec:88:7e:88:00:12:84:74:96:e0:a9:
9f:f4:b0:71:19:ed:5c:54:85:81:c8:7b:eb:59:ac:
1f:e2:e2:80:ce:92:cb:6b:a8:db:d7:e7:1d:36:58:
87:79:9a:b4:e3:47:4d:51:3d:68:ed:41:99:8c:35:
d1:d6:74:c5:a9:8b:d1:35:09:b2:bb:2b:f9:b1:4f:
91:09:35:0d:a1:33:08:27:80:ab:93:e8:06:29:c3:
88:b6:60:a0:6c:51:d0:77:a2:59:bb:62:dd:24:cf:
b3:a4:64:a3:6c:74:58:f0:be:2b:bb:b3:1e:6d:d7:
e0:54:76:fa:1a:53:1b:fb:5e:ea:aa:fa:75:67:90:
14:6c:94:2e:6f:33:54:7a:cb:80:76:fc:ef:17:e9:
ff:4e:fb:ad:77:03:96:91:f0:34:3a:00:ac:d3:2f:
4c:16:fd:8f:2a:9b:e1:98:3e:67:c9:64:95:3a:15:
51:e2:d0:d4:58:d8:19:24:c5:bb:18:d6:78:84:77:
87:cc:c6:79:a2:0a:47:db:fb:e0:6b:a0:80:6a:b9:
b0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:62:8D:D2:00:9B:E3:C9:79:6C:75:0D:97:C7:55:EA:D4:66:61:27
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/9WKN0gCb48l5bHUNl8dV6tRmYSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.119.0/24
185.105.238.0/24
194.36.172.0/23
194.180.208.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:7a:6c:60:12:2d:39:2b:fa:b0:fa:e7:79:f0:f4:7c:fc:26:
86:a5:57:39:06:67:26:d4:75:0b:51:23:4e:6d:d2:0c:8f:bd:
0f:82:62:3b:dc:cd:57:d0:ef:82:6a:10:05:2b:a4:00:ab:ce:
37:2e:03:bb:d4:85:b0:92:04:0d:2f:03:94:36:07:ae:48:53:
2a:4d:43:ce:37:57:15:b8:9f:3c:b5:c0:4d:19:3a:28:ec:d6:
d1:34:09:22:35:40:06:7d:b2:61:1f:f2:71:86:5d:60:25:58:
77:13:b4:87:1b:33:05:0c:ac:6e:a6:64:e9:1b:5e:85:bf:35:
f6:46:bd:cd:89:11:a1:cb:b6:59:56:ef:60:42:30:a3:12:30:
fa:03:01:d5:34:6c:70:da:11:9f:c0:ae:ff:33:3c:2e:e0:79:
aa:fd:de:30:f4:03:06:3d:21:13:c2:71:c2:63:7a:13:79:59:
6f:0e:94:5e:59:0d:52:e0:f4:d7:8b:79:b3:2b:23:2c:88:d7:
a4:30:d5:ef:f5:df:ec:fa:06:77:91:f1:8d:68:06:85:90:91:
60:39:ba:6d:9e:9b:a2:eb:c7:d6:d2:f6:01:1d:4b:6b:af:dc:
a9:bf:84:94:b9:c1:13:3c:68:52:00:70:95:5a:f3:b0:68:09:
96:e0:68:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3pauITb7OkF7E9wWoTi4e2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjYwNTAyMTU1OTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTYyOGRkMjAwOWJlM2M5Nzk2Yzc1MGQ5N2M3NTVlYWQ0NjY2MTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Z0GMQ4otP1ttgNURYxCFqRNBMH
/ztC7jPpdBRqsyFq5BzT0OxC9+RkjHDciHmA7Ih+iAAShHSW4Kmf9LBxGe1cVIWB
yHvrWawf4uKAzpLLa6jb1+cdNliHeZq040dNUT1o7UGZjDXR1nTFqYvRNQmyuyv5
sU+RCTUNoTMIJ4Crk+gGKcOItmCgbFHQd6JZu2LdJM+zpGSjbHRY8L4ru7Mebdfg
VHb6GlMb+17qqvp1Z5AUbJQubzNUesuAdvzvF+n/TvutdwOWkfA0OgCs0y9MFv2P
KpvhmD5nyWSVOhVR4tDUWNgZJMW7GNZ4hHeHzMZ5ogpH2/vga6CAarmwGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPVijdIAm+PJeWx1DZfHVerUZmEnMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvOVdLTjBnQ2I0OGw1YkhVTmw4ZFY2dFJtWVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW/N3AwQA
uWnuAwQBwiSsAwQBwrTQMA0GCSqGSIb3DQEBCwUAA4IBAQA/emxgEi05K/qw+ud5
8PR8/CaGpVc5Bmcm1HULUSNObdIMj70PgmI73M1X0O+CahAFK6QAq843LgO71IWw
kgQNLwOUNgeuSFMqTUPON1cVuJ88tcBNGToo7NbRNAkiNUAGfbJhH/Jxhl1gJVh3
E7SHGzMFDKxupmTpG16FvzX2Rr3NiRGhy7ZZVu9gQjCjEjD6AwHVNGxw2hGfwK7/
Mzwu4Hmq/d4w9AMGPSETwnHCY3oTeVlvDpReWQ1S4PTXi3mzKyMsiNekMNXv9d/s
+gZ3kfGNaAaFkJFgObptnpui68fW0vYBHUtrr9ypv4SUucETPGhSAHCVWvOwaAmW
4Gh4
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:00 2026 by rpki-client