Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/W8YNXsX9yPDFPY_juFzIPJCKU_I.roa
File: W8YNXsX9yPDFPY_juFzIPJCKU_I.roa (raw, json)
Hash identifier: +blIAp8nmqZRBhHxpcV2UfhK4Uk56S7wQ9UO0lHBgcA=
Subject key identifier: 5B:C6:0D:5E:C5:FD:C8:F0:C5:3D:8F:E3:B8:5C:C8:3C:90:8A:53:F2
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 019E0757D38320964819A78574B694C000D4
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/W8YNXsX9yPDFPY_juFzIPJCKU_I.roa
Signing time: Fri 08 May 2026 11:27:36 +0000
ROA not before: Fri 08 May 2026 11:27:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 45.134.23.0/24 maxlen: 24
45.152.150.0/24 maxlen: 24
45.152.151.0/24 maxlen: 24
185.94.65.0/24 maxlen: 24
185.94.66.0/24 maxlen: 24
185.198.155.0/24 maxlen: 24
195.64.107.0/24 maxlen: 24
195.64.113.0/24 maxlen: 24
2a0b:3140::/29 maxlen: 32
2a0b:a040::/29 maxlen: 32
2a0c:f140::/29 maxlen: 32
2a11:740::/29 maxlen: 32
2a11:1180::/29 maxlen: 32
2a11:1b40::/29 maxlen: 32
2a11:2d40::/29 maxlen: 32
2a11:3e80::/29 maxlen: 32
2a11:4740::/29 maxlen: 32
2a11:5800::/29 maxlen: 32
2a11:5d40::/29 maxlen: 32
2a11:5d80::/29 maxlen: 32
2a11:6200::/29 maxlen: 32
2a11:7300::/29 maxlen: 32
2a11:8c00::/29 maxlen: 32
2a11:8e80::/29 maxlen: 32
2a11:9780::/29 maxlen: 32
2a11:9a00::/29 maxlen: 32
2a11:b340::/29 maxlen: 32
2a11:eb80::/29 maxlen: 32
2a11:ee00::/29 maxlen: 32
2a12:b80::/29 maxlen: 32
2a12:2a80::/29 maxlen: 32
2a12:9280::/29 maxlen: 32
2a12:9380::/29 maxlen: 32
2a12:9980::/29 maxlen: 32
2a12:c100::/29 maxlen: 32
2a12:de80::/29 maxlen: 32
2a12:e280::/29 maxlen: 32
2a12:e480::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:07:57:d3:83:20:96:48:19:a7:85:74:b6:94:c0:00:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: May 8 11:27:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5bc60d5ec5fdc8f0c53d8fe3b85cc83c908a53f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:92:9a:06:32:7c:a0:fb:fe:a5:08:74:e0:cf:
66:8b:7d:03:d4:2e:f5:82:f9:ce:b1:ce:8a:f9:eb:
5d:c9:de:d6:a8:3d:ff:53:0d:84:5b:79:0f:fe:bb:
32:f5:97:54:27:10:df:7c:bf:01:19:e7:64:f2:e7:
52:ea:ed:02:a8:58:15:c9:13:3c:21:e9:80:9b:40:
0e:38:02:12:c9:c3:85:20:13:58:2e:45:3c:d6:96:
4f:30:13:b8:fe:54:d8:0a:a3:0e:21:d0:1b:c9:8e:
ba:bc:2a:fb:61:3b:c3:9b:b2:33:f4:80:ba:26:4a:
89:ad:55:60:29:ef:be:f0:72:c5:b3:db:87:0d:2e:
4a:f5:f2:cc:7e:e4:16:9c:d5:bf:6e:2b:c0:4a:f3:
6c:7f:d5:5a:a6:ea:62:10:d8:fe:0e:a3:ef:24:ee:
61:f0:bb:e1:fa:15:d6:df:d6:72:9b:a2:e3:b5:b5:
57:24:77:e1:47:69:88:6a:71:65:f9:a9:9f:f3:f3:
6a:31:7f:f8:84:7f:1e:8e:09:63:85:a8:fd:05:f7:
2b:56:84:14:72:c5:d5:a8:7e:0a:53:66:7a:00:e2:
97:72:47:1e:22:8d:ff:00:84:f1:24:c3:db:e3:97:
e6:12:9b:f9:2b:1b:8f:67:00:b4:fc:27:a6:36:15:
ff:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C6:0D:5E:C5:FD:C8:F0:C5:3D:8F:E3:B8:5C:C8:3C:90:8A:53:F2
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/W8YNXsX9yPDFPY_juFzIPJCKU_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.23.0/24
45.152.150.0/23
185.94.65.0-185.94.66.255
185.198.155.0/24
195.64.107.0/24
195.64.113.0/24
IPv6:
2a0b:3140::/29
2a0b:a040::/29
2a0c:f140::/29
2a11:740::/29
2a11:1180::/29
2a11:1b40::/29
2a11:2d40::/29
2a11:3e80::/29
2a11:4740::/29
2a11:5800::/29
2a11:5d40::/29
2a11:5d80::/29
2a11:6200::/29
2a11:7300::/29
2a11:8c00::/29
2a11:8e80::/29
2a11:9780::/29
2a11:9a00::/29
2a11:b340::/29
2a11:eb80::/29
2a11:ee00::/29
2a12:b80::/29
2a12:2a80::/29
2a12:9280::/29
2a12:9380::/29
2a12:9980::/29
2a12:c100::/29
2a12:de80::/29
2a12:e280::/29
2a12:e480::/29
Signature Algorithm: sha256WithRSAEncryption
8c:67:81:fc:1a:1c:01:07:49:3b:00:40:49:5a:43:4b:d3:f3:
5f:f9:33:ca:ca:4d:25:ce:ed:83:70:6f:5b:40:7e:2d:62:52:
8e:57:fe:e0:cd:b3:0f:f6:fb:7d:b2:94:b2:96:21:d0:69:75:
5b:89:e1:fd:e1:98:74:22:90:72:d2:41:c2:44:18:ea:be:09:
41:40:ea:ff:f3:da:71:5f:70:ce:3b:88:f3:46:68:bc:ce:e5:
19:84:38:2d:97:80:e6:81:1a:38:7c:48:4f:47:9d:1d:87:79:
d9:b0:97:47:e7:46:76:f5:0c:25:d0:8b:ba:0e:e8:e5:5b:a6:
86:90:c9:ed:6c:7f:51:9d:3a:77:ab:60:d5:b1:49:38:4e:f5:
46:9b:56:c7:02:99:68:c2:81:8b:34:88:ad:f8:36:80:18:8b:
6e:18:2d:77:40:82:03:cc:29:51:f6:92:65:7a:75:98:df:51:
42:48:33:c3:be:f4:80:1f:54:ee:e4:49:11:be:96:ab:d7:00:
06:7b:69:23:3a:b5:b0:94:87:be:92:e5:e5:3b:17:70:7b:43:
71:49:6a:cb:75:6b:b6:5f:2d:a3:a6:3b:f8:6e:41:29:51:76:
27:59:a2:4e:81:69:1d:56:f2:8c:34:f8:1f:52:1c:7c:e1:c5:
ed:b1:c2:3a
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZ4HV9ODIJZIGaeFdLaUwADUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjYwNTA4MTEyNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmM2MGQ1ZWM1ZmRjOGYwYzUzZDhmZTNiODVjYzgzYzkwOGE1M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JKaBjJ8oPv+pQh04M9mi30D1C71
gvnOsc6K+etdyd7WqD3/Uw2EW3kP/rsy9ZdUJxDffL8BGedk8udS6u0CqFgVyRM8
IemAm0AOOAISycOFIBNYLkU81pZPMBO4/lTYCqMOIdAbyY66vCr7YTvDm7Iz9IC6
JkqJrVVgKe++8HLFs9uHDS5K9fLMfuQWnNW/bivASvNsf9VapupiENj+DqPvJO5h
8Lvh+hXW39Zym6LjtbVXJHfhR2mIanFl+amf8/NqMX/4hH8ejgljhaj9BfcrVoQU
csXVqH4KU2Z6AOKXckceIo3/AITxJMPb45fmEpv5KxuPZwC0/CemNhX/lwIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFFvGDV7F/cjwxT2P47hcyDyQilPyMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvVzhZTlhzWDl5UERGUFlfanVGeklQSkNLVV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDAyBAIAATAsAwQA
LYYXAwQBLZiWMAwDBAC5XkEDBAC5XkIDBAC5xpsDBADDQGsDBADDQHEwgdkEAgAC
MIHSAwUDKgsxQAMFAyoLoEADBQMqDPFAAwUDKhEHQAMFAyoREYADBQMqERtAAwUD
KhEtQAMFAyoRPoADBQMqEUdAAwUDKhFYAAMFAyoRXUADBQMqEV2AAwUDKhFiAAMF
AyoRcwADBQMqEYwAAwUDKhGOgAMFAyoRl4ADBQMqEZoAAwUDKhGzQAMFAyoR64AD
BQMqEe4AAwUDKhILgAMFAyoSKoADBQMqEpKAAwUDKhKTgAMFAyoSmYADBQMqEsEA
AwUDKhLegAMFAyoS4oADBQMqEuSAMA0GCSqGSIb3DQEBCwUAA4IBAQCMZ4H8GhwB
B0k7AEBJWkNL0/Nf+TPKyk0lzu2DcG9bQH4tYlKOV/7gzbMP9vt9spSyliHQaXVb
ieH94Zh0IpBy0kHCRBjqvglBQOr/89pxX3DOO4jzRmi8zuUZhDgtl4DmgRo4fEhP
R50dh3nZsJdH50Z29Qwl0Iu6DujlW6aGkMntbH9RnTp3q2DVsUk4TvVGm1bHAplo
woGLNIit+DaAGItuGC13QIIDzClR9pJlenWY31FCSDPDvvSAH1Tu5EkRvpar1wAG
e2kjOrWwlIe+kuXlOxdwe0NxSWrLdWu2Xy2jpjv4bkEpUXYnWaJOgWkdVvKMNPgf
Uhx84cXtscI6
-----END CERTIFICATE-----
Generated at Wed May 13 02:47:59 2026 by rpki-client