Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/wMPJLylt1ll63S3MrW2IkHP31bY.roa
File: wMPJLylt1ll63S3MrW2IkHP31bY.roa (raw, json)
Hash identifier: WHI/AcafVWTXaJ4wP1ApO3kymuMxH23X4WRNK0MlnyQ=
Subject key identifier: C0:C3:C9:2F:29:6D:D6:59:7A:DD:2D:CC:AD:6D:88:90:73:F7:D5:B6
Certificate issuer: /CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9
Certificate serial: 019DD31B1418AC968032E81938B2DCC093DE
Authority key identifier: 0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/wMPJLylt1ll63S3MrW2IkHP31bY.roa
Signing time: Tue 28 Apr 2026 08:01:00 +0000
ROA not before: Tue 28 Apr 2026 08:01:00 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12338
IP address blocks: 5.159.128.0/18 maxlen: 23
37.218.0.0/17 maxlen: 17
62.99.0.0/17 maxlen: 17
81.9.128.0/17 maxlen: 24
82.130.128.0/17 maxlen: 24
83.213.0.0/16 maxlen: 22
85.84.0.0/16 maxlen: 22
85.85.0.0/16 maxlen: 22
85.86.0.0/16 maxlen: 16
85.87.0.0/16 maxlen: 24
91.116.0.0/18 maxlen: 24
178.60.64.0/18 maxlen: 24
185.116.180.0/22 maxlen: 22
212.8.64.0/18 maxlen: 18
212.55.0.0/19 maxlen: 19
212.142.128.0/17 maxlen: 17
2a00:7b00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.mft
rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d3:1b:14:18:ac:96:80:32:e8:19:38:b2:dc:c0:93:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9
Validity
Not Before: Apr 28 08:01:00 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c0c3c92f296dd6597add2dccad6d889073f7d5b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:46:a2:8e:70:9a:10:60:14:81:74:01:b8:39:
ec:52:57:c7:1e:0c:40:f8:75:f7:d1:46:21:83:0b:
65:52:5f:1e:43:66:b1:67:b7:c4:d5:a9:aa:5a:e2:
f6:db:e6:dc:82:a7:b0:37:dd:56:fb:89:7c:e6:bd:
9e:34:38:e2:e6:80:41:97:b5:24:19:03:d7:03:4c:
df:d5:b1:8f:14:59:9f:a5:0e:8a:4f:7f:c4:68:65:
04:32:91:55:0b:aa:5a:d5:07:b5:9c:90:c4:31:0a:
2e:01:61:a0:d7:37:e7:c1:6e:cd:da:72:d1:29:6e:
22:99:65:e7:d1:e2:70:ce:b0:86:e0:c8:f2:8d:1e:
ae:fb:dd:42:55:98:a2:ed:ac:f9:ab:71:29:fd:19:
f0:61:bb:1f:2c:4f:bb:9c:c5:94:6b:0c:6f:22:e3:
3e:d0:af:4a:f9:53:a9:83:e0:86:93:84:0a:ba:a4:
0d:f2:e3:80:e0:a9:99:cf:2d:bc:39:9e:70:ea:09:
b7:dd:29:7c:c2:1f:9c:ee:d2:42:bd:e5:00:be:40:
c8:6d:2d:60:17:06:57:70:e9:d3:39:7a:6e:19:bb:
bf:54:63:7a:1b:71:01:36:95:fe:45:54:1a:ca:f0:
dc:c9:2c:81:4d:79:76:67:89:a0:f2:ba:7d:f9:0d:
dc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C3:C9:2F:29:6D:D6:59:7A:DD:2D:CC:AD:6D:88:90:73:F7:D5:B6
X509v3 Authority Key Identifier:
keyid:0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/wMPJLylt1ll63S3MrW2IkHP31bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.128.0/18
37.218.0.0/17
62.99.0.0/17
81.9.128.0/17
82.130.128.0/17
83.213.0.0/16
85.84.0.0/14
91.116.0.0/18
178.60.64.0/18
185.116.180.0/22
212.8.64.0/18
212.55.0.0/19
212.142.128.0/17
IPv6:
2a00:7b00::/29
Signature Algorithm: sha256WithRSAEncryption
58:d1:b7:b7:29:90:21:36:3f:bc:a7:6f:98:e6:ba:f5:e5:43:
ff:55:f8:7a:a1:ae:79:a3:4e:48:a1:ae:a2:59:3a:7e:4d:08:
7d:bf:1d:3e:46:20:38:a5:75:9f:91:d5:fa:8f:c0:02:4b:a3:
87:3e:d8:5c:1a:f0:24:33:ed:18:b9:84:12:ca:98:82:9c:79:
84:6a:37:2b:bc:7b:8e:a0:a1:e5:c6:e1:3d:c0:ef:03:4f:1e:
07:cd:ef:15:d5:7e:9e:f4:85:6d:52:2a:4b:05:ac:0a:9c:04:
38:87:7b:ce:f6:f9:50:61:99:85:a2:9b:95:1a:00:be:48:bc:
be:4d:44:19:da:4f:1e:aa:14:0d:52:53:b2:ac:c1:da:a0:83:
6c:7c:17:c8:0d:ae:55:fc:37:98:46:7f:74:25:9f:8e:f4:dd:
96:65:e6:8a:5b:8e:88:0f:3e:e2:9d:ab:0d:a7:17:d3:89:09:
18:51:d6:b5:6e:3c:f2:09:98:2c:43:9c:a1:23:e1:e6:6d:22:
b0:b9:6a:48:cf:41:53:3f:9c:db:e7:3d:01:c3:b5:fc:81:1b:
51:3b:f9:b3:4e:22:b3:36:e2:72:f2:10:cd:8a:12:1e:93:a8:
3e:53:90:f0:62:0a:b3:06:b7:63:9a:ca:a9:58:7a:08:da:a2:
00:2f:d7:0d
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZ3TGxQYrJaAMugZOLLcwJPeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZTM5YjQxMDc0YzdkNmFkYzhlZTI3NGUyMzlmN2I4ZWIz
NTg1ZTkwHhcNMjYwNDI4MDgwMTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGMzYzkyZjI5NmRkNjU5N2FkZDJkY2NhZDZkODg5MDczZjdkNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEaijnCaEGAUgXQBuDnsUlfHHgxA
+HX30UYhgwtlUl8eQ2axZ7fE1amqWuL22+bcgqewN91W+4l85r2eNDji5oBBl7Uk
GQPXA0zf1bGPFFmfpQ6KT3/EaGUEMpFVC6pa1Qe1nJDEMQouAWGg1zfnwW7N2nLR
KW4imWXn0eJwzrCG4MjyjR6u+91CVZii7az5q3Ep/RnwYbsfLE+7nMWUawxvIuM+
0K9K+VOpg+CGk4QKuqQN8uOA4KmZzy28OZ5w6gm33Sl8wh+c7tJCveUAvkDIbS1g
FwZXcOnTOXpuGbu/VGN6G3EBNpX+RVQayvDcySyBTXl2Z4mg8rp9+Q3cuwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFMDDyS8pbdZZet0tzK1tiJBz99W2MB8GA1UdIwQY
MBaAFA/jm0EHTH1q3I7idOI597jrNYXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUt
MDRlODEyZDQ4ZTcyLzEvd01QSkx5bHQxbGw2M1MzTXJXMklrSFAzMWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUtMDRlODEyZDQ4ZTcy
LzEvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQGBZ+AAwQH
JdoAAwQHPmMAAwQHUQmAAwQHUoKAAwMAU9UDAwJVVAMEBlt0AAMEBrI8QAMEArl0
tAMEBtQIQAMEBdQ3AAMEB9SOgDANBAIAAjAHAwUDKgB7ADANBgkqhkiG9w0BAQsF
AAOCAQEAWNG3tymQITY/vKdvmOa69eVD/1X4eqGueaNOSKGuolk6fk0Ifb8dPkYg
OKV1n5HV+o/AAkujhz7YXBrwJDPtGLmEEsqYgpx5hGo3K7x7jqCh5cbhPcDvA08e
B83vFdV+nvSFbVIqSwWsCpwEOId7zvb5UGGZhaKblRoAvki8vk1EGdpPHqoUDVJT
sqzB2qCDbHwXyA2uVfw3mEZ/dCWfjvTdlmXmiluOiA8+4p2rDacX04kJGFHWtW48
8gmYLEOcoSPh5m0isLlqSM9BUz+c2+c9AcO1/IEbUTv5s04iszbicvIQzYoSHpOo
PlOQ8GIKswa3Y5rKqVh6CNqiAC/XDQ==
-----END CERTIFICATE-----
Generated at Wed May 13 07:41:23 2026 by rpki-client