Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0WY6zSgX69W7LRU4BmfxGoSIKVA.roa
File: 0WY6zSgX69W7LRU4BmfxGoSIKVA.roa (raw, json)
Hash identifier: i47v55esqFHTYoS4uYHC5n2i4DZmnZeJnkLCw7WLA+A=
Subject key identifier: D1:66:3A:CD:28:17:EB:D5:BB:2D:15:38:06:67:F1:1A:84:88:29:50
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019D2370F9ADE58126BAAAC1717E7F0E0E43
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0WY6zSgX69W7LRU4BmfxGoSIKVA.roa
Signing time: Wed 25 Mar 2026 05:21:39 +0000
ROA not before: Wed 25 Mar 2026 05:21:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47585
IP address blocks: 5.175.136.0/24 maxlen: 24
89.144.10.0/24 maxlen: 24
89.144.20.0/24 maxlen: 24
2a02:2fc0:12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 15:32:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:23:70:f9:ad:e5:81:26:ba:aa:c1:71:7e:7f:0e:0e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 25 05:21:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d1663acd2817ebd5bb2d15380667f11a84882950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e1:85:c8:c6:37:34:e5:41:87:c9:58:4e:88:
8c:72:7d:ee:76:20:91:b0:ac:67:b4:c2:35:35:66:
72:87:cf:98:e2:c2:40:15:d4:f1:2c:4c:8d:ff:8f:
d9:bd:3d:ab:d1:32:87:b2:a2:c6:e8:31:c6:72:60:
87:14:ac:d0:5a:ea:5f:2c:46:59:80:97:b9:ee:d0:
3a:03:c6:ae:c1:9b:19:78:74:e7:37:92:0a:a5:94:
b4:2f:27:35:fc:fa:89:67:81:fc:e2:02:c7:b6:7a:
48:55:a0:0b:5e:3c:99:69:a3:dc:4f:da:4b:05:73:
4b:43:92:ea:24:f0:4c:43:77:d7:c8:fd:11:3c:15:
7f:27:c5:a4:b6:54:6c:56:c7:60:75:5a:2c:60:fe:
bc:65:3d:ee:a4:5e:db:77:e5:ea:19:9c:32:c9:83:
e1:ae:00:5f:4a:c3:b6:77:7d:0a:20:c7:b9:0e:bb:
39:f5:00:b6:8d:d7:f6:c5:ef:59:81:db:35:4b:29:
dd:f7:ca:98:f3:13:eb:a6:79:3d:2e:83:2a:f6:d2:
c0:9f:ff:d5:4a:f5:79:89:0e:49:94:af:9f:13:7f:
c0:0d:48:bf:3b:a2:02:34:95:3a:11:2c:ae:1d:9d:
a8:7f:c9:01:4f:12:2e:1a:45:60:ab:cf:13:61:18:
5a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:66:3A:CD:28:17:EB:D5:BB:2D:15:38:06:67:F1:1A:84:88:29:50
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0WY6zSgX69W7LRU4BmfxGoSIKVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.136.0/24
89.144.10.0/24
89.144.20.0/24
IPv6:
2a02:2fc0:12::/48
Signature Algorithm: sha256WithRSAEncryption
7d:93:7f:7f:c5:3d:72:51:a8:1d:31:4d:78:42:56:77:a1:07:
6f:9e:95:8a:92:9a:ab:9c:47:75:8b:34:4a:16:7d:da:b2:45:
fd:6b:3b:da:8a:e6:4b:15:b5:98:0e:bc:64:ac:fb:98:e4:18:
16:91:e6:d0:4d:15:25:ba:31:43:a9:a5:c8:e2:d0:57:d9:00:
61:28:c1:0b:eb:a0:b9:4b:c1:c8:f9:8a:6c:83:3f:0f:b6:f9:
61:62:fc:11:8a:e1:0f:9e:1a:e3:d9:ba:be:41:c8:9e:ac:15:
43:38:92:3d:6d:1a:95:58:b4:0e:50:fe:d6:68:3c:d8:93:11:
f6:8f:c2:77:1c:20:85:9e:ca:a4:ae:ae:1c:c9:9c:d5:b2:06:
f4:5a:83:6b:3c:a2:c5:fd:34:79:53:b3:14:c3:6e:85:50:1a:
9a:c2:2c:df:20:46:2e:d6:de:42:b6:3f:c7:e6:01:82:33:d7:
c0:61:fb:91:48:b6:8d:96:4b:09:68:a5:b4:13:77:3c:b8:fb:
7b:0e:9e:df:f8:fe:59:cb:3e:6d:9d:96:66:45:d2:f1:91:f6:
10:19:b0:f5:39:71:e1:85:30:c8:68:ad:3a:62:ae:34:54:92:
47:09:0c:45:91:b1:92:2c:e4:96:94:50:98:53:29:d0:19:a9:
45:ea:0a:2d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ0jcPmt5YEmuqrBcX5/Dg5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMzI1MDUyMTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTY2M2FjZDI4MTdlYmQ1YmIyZDE1MzgwNjY3ZjExYTg0ODgyOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseGFyMY3NOVBh8lYToiMcn3udiCR
sKxntMI1NWZyh8+Y4sJAFdTxLEyN/4/ZvT2r0TKHsqLG6DHGcmCHFKzQWupfLEZZ
gJe57tA6A8auwZsZeHTnN5IKpZS0Lyc1/PqJZ4H84gLHtnpIVaALXjyZaaPcT9pL
BXNLQ5LqJPBMQ3fXyP0RPBV/J8WktlRsVsdgdVosYP68ZT3upF7bd+XqGZwyyYPh
rgBfSsO2d30KIMe5Drs59QC2jdf2xe9Zgds1Synd98qY8xPrpnk9LoMq9tLAn//V
SvV5iQ5JlK+fE3/ADUi/O6ICNJU6ESyuHZ2of8kBTxIuGkVgq88TYRhazwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNFmOs0oF+vVuy0VOAZn8RqEiClQMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMFdZNnpTZ1g2OVc3TFJVNEJtZnhHb1NJS1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQABa+IAwQA
WZAKAwQAWZAUMA8EAgACMAkDBwAqAi/AABIwDQYJKoZIhvcNAQELBQADggEBAH2T
f3/FPXJRqB0xTXhCVnehB2+elYqSmqucR3WLNEoWfdqyRf1rO9qK5ksVtZgOvGSs
+5jkGBaR5tBNFSW6MUOppcji0FfZAGEowQvroLlLwcj5imyDPw+2+WFi/BGK4Q+e
GuPZur5ByJ6sFUM4kj1tGpVYtA5Q/tZoPNiTEfaPwnccIIWeyqSurhzJnNWyBvRa
g2s8osX9NHlTsxTDboVQGprCLN8gRi7W3kK2P8fmAYIz18Bh+5FIto2WSwlopbQT
dzy4+3sOnt/4/lnLPm2dlmZF0vGR9hAZsPU5ceGFMMhorTpirjRUkkcJDEWRsZIs
5JaUUJhTKdAZqUXqCi0=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:06:32 2026 by rpki-client