Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/w_uGHMofXoJYiJS415EtglMpsAQ.roa
File: w_uGHMofXoJYiJS415EtglMpsAQ.roa (raw, json)
Hash identifier: 4Dj1ejCXBd1a2kG9qUJraTrI4j9tLZgkhRxC5dPA92c=
Subject key identifier: C3:FB:86:1C:CA:1F:5E:82:58:88:94:B8:D7:91:2D:82:53:29:B0:04
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 019DF7BF25E70D3A25F1DE28B936D2C06D59
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/w_uGHMofXoJYiJS415EtglMpsAQ.roa
Signing time: Tue 05 May 2026 10:46:32 +0000
ROA not before: Tue 05 May 2026 10:46:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205553
IP address blocks: 5.188.9.0/24 maxlen: 24
5.188.10.0/23 maxlen: 23
5.188.63.0/24 maxlen: 24
5.188.167.0/24 maxlen: 24
146.185.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 13:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f7:bf:25:e7:0d:3a:25:f1:de:28:b9:36:d2:c0:6d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: May 5 10:46:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c3fb861cca1f5e82588894b8d7912d825329b004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:11:14:01:b8:16:f7:18:bc:24:8c:89:73:d9:
a4:7f:c0:05:ea:0f:2d:63:4d:9c:f5:c9:cb:77:97:
66:c8:bc:a4:74:98:0e:37:c2:52:b7:0c:d2:56:e5:
d8:2a:e6:27:ef:4e:51:51:b6:3e:35:0f:05:fb:32:
c2:65:dc:21:cb:ce:54:ee:ba:4d:54:02:e5:08:58:
0b:b0:1e:99:74:ff:c9:eb:f1:b2:a1:06:00:31:cc:
53:ce:24:b3:36:dc:0a:43:ca:03:22:75:a5:f6:20:
ec:9c:e4:b4:ff:7d:fe:b7:b3:9a:5d:44:76:02:46:
3e:d8:a6:3e:8b:5b:0f:34:af:51:cc:12:8a:21:da:
dc:c1:db:e4:1f:b5:2e:ee:1b:4d:68:4b:78:69:aa:
e1:c2:b4:3e:27:1c:c7:4c:02:f2:b6:04:b5:94:8c:
52:cf:66:46:10:c9:01:fe:29:38:a8:e7:75:0c:ab:
36:0c:0b:cb:f9:90:f6:04:86:e4:57:24:a9:78:e2:
e9:27:9f:79:68:c3:20:e7:63:ec:d3:d4:32:b4:db:
23:46:00:5d:3f:aa:99:bb:dd:e6:b9:98:de:0e:7c:
ce:97:21:cf:93:f2:7b:c6:a5:89:0e:46:f8:7b:33:
ea:88:6e:b4:d7:c2:eb:24:a1:d4:70:0f:a7:e1:f0:
d5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:FB:86:1C:CA:1F:5E:82:58:88:94:B8:D7:91:2D:82:53:29:B0:04
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/w_uGHMofXoJYiJS415EtglMpsAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.9.0-5.188.11.255
5.188.63.0/24
5.188.167.0/24
146.185.234.0/24
Signature Algorithm: sha256WithRSAEncryption
70:e2:75:3b:a9:e2:d3:c4:af:84:58:ad:5a:77:e5:5c:33:40:
cd:2e:be:ab:43:c8:a2:14:b2:4f:c9:ae:c7:22:7a:23:9a:28:
ad:8f:f1:9b:c3:73:9d:3e:1c:19:89:b5:13:19:82:68:46:68:
c1:8e:db:cd:48:f0:e8:5d:09:ff:bd:c1:66:15:eb:0a:48:39:
47:12:d2:f5:d2:37:64:79:cb:61:52:4e:a3:47:80:8d:0c:fe:
f2:20:2d:1d:33:f1:47:53:37:28:10:9c:1d:a3:fd:21:a6:a0:
54:12:3c:88:00:39:9a:49:09:e5:ca:ec:0a:86:51:8c:31:78:
94:31:0c:36:dc:91:a7:3a:f5:77:93:99:ef:bf:59:f7:01:d9:
15:5f:cd:d2:3c:b7:3c:59:22:44:af:f0:ae:55:27:49:b0:53:
fb:07:21:9b:67:14:38:89:65:dd:ef:91:cd:52:29:30:e6:a6:
91:85:3a:20:82:f7:1f:94:c7:4b:a0:06:96:d5:82:a5:aa:e8:
b9:d1:7b:71:29:db:e7:04:40:39:cb:87:07:4b:35:19:8e:92:
7d:cc:be:0f:d4:fb:45:5d:91:7b:76:8a:ff:cd:eb:67:56:90:
43:93:63:a7:55:fb:89:7e:fb:b7:74:de:d0:21:31:f5:93:b6:
21:43:b0:54
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ33vyXnDTol8d4ouTbSwG1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjYwNTA1MTA0NjMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2ZiODYxY2NhMWY1ZTgyNTg4ODk0YjhkNzkxMmQ4MjUzMjliMDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxEUAbgW9xi8JIyJc9mkf8AF6g8t
Y02c9cnLd5dmyLykdJgON8JStwzSVuXYKuYn705RUbY+NQ8F+zLCZdwhy85U7rpN
VALlCFgLsB6ZdP/J6/GyoQYAMcxTziSzNtwKQ8oDInWl9iDsnOS0/33+t7OaXUR2
AkY+2KY+i1sPNK9RzBKKIdrcwdvkH7Uu7htNaEt4aarhwrQ+JxzHTALytgS1lIxS
z2ZGEMkB/ik4qOd1DKs2DAvL+ZD2BIbkVySpeOLpJ595aMMg52Ps09QytNsjRgBd
P6qZu93muZjeDnzOlyHPk/J7xqWJDkb4ezPqiG6018LrJKHUcA+n4fDVdQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMP7hhzKH16CWIiUuNeRLYJTKbAEMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvd191R0hNb2ZYb0pZaUpTNDE1RXRnbE1wc0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAFvAkD
BAIFvAgDBAAFvD8DBAAFvKcDBACSueowDQYJKoZIhvcNAQELBQADggEBAHDidTup
4tPEr4RYrVp35VwzQM0uvqtDyKIUsk/JrscieiOaKK2P8ZvDc50+HBmJtRMZgmhG
aMGO281I8OhdCf+9wWYV6wpIOUcS0vXSN2R5y2FSTqNHgI0M/vIgLR0z8UdTNygQ
nB2j/SGmoFQSPIgAOZpJCeXK7AqGUYwxeJQxDDbckac69XeTme+/WfcB2RVfzdI8
tzxZIkSv8K5VJ0mwU/sHIZtnFDiJZd3vkc1SKTDmppGFOiCC9x+Ux0ugBpbVgqWq
6LnRe3Ep2+cEQDnLhwdLNRmOkn3Mvg/U+0VdkXt2iv/N62dWkEOTY6dV+4l++7d0
3tAhMfWTtiFDsFQ=
-----END CERTIFICATE-----
Generated at Tue May 12 22:32:04 2026 by rpki-client