Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/efb2d1-c5cb-4143-aa88-610072d80115/1/WOuvyP9Ru77CyyJtiwhA1HRONs4.roa
File: WOuvyP9Ru77CyyJtiwhA1HRONs4.roa (raw, json)
Hash identifier: DGYz+wXrRKUUvRHVz1HMcW0FlBydsx065+6uwjHzCuE=
Subject key identifier: 58:EB:AF:C8:FF:51:BB:BE:C2:CB:22:6D:8B:08:40:D4:74:4E:36:CE
Certificate issuer: /CN=5be8fe8827bdc609355509e0c9e80eab21f9cdc3
Certificate serial: 019D25D487F7710CF992C54922C8B650563A
Authority key identifier: 5B:E8:FE:88:27:BD:C6:09:35:55:09:E0:C9:E8:0E:AB:21:F9:CD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-j-iCe9xgk1VQngyegOqyH5zcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/efb2d1-c5cb-4143-aa88-610072d80115/1/WOuvyP9Ru77CyyJtiwhA1HRONs4.roa
Signing time: Wed 25 Mar 2026 16:29:38 +0000
ROA not before: Wed 25 Mar 2026 16:29:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6802
IP address blocks: 194.141.0.0/16 maxlen: 16
194.141.0.0/24 maxlen: 24
194.141.1.0/24 maxlen: 24
194.141.2.0/24 maxlen: 24
194.141.3.0/24 maxlen: 24
194.141.4.0/24 maxlen: 24
194.141.5.0/24 maxlen: 24
194.141.6.0/24 maxlen: 24
194.141.8.0/23 maxlen: 23
194.141.8.0/24 maxlen: 24
194.141.9.0/24 maxlen: 24
194.141.12.0/24 maxlen: 24
194.141.15.0/24 maxlen: 24
194.141.16.0/22 maxlen: 22
194.141.22.0/24 maxlen: 24
194.141.24.0/21 maxlen: 21
194.141.32.0/22 maxlen: 22
194.141.37.0/24 maxlen: 24
194.141.38.0/23 maxlen: 23
194.141.40.0/24 maxlen: 24
194.141.41.0/24 maxlen: 24
194.141.43.0/24 maxlen: 24
194.141.44.0/23 maxlen: 23
194.141.47.0/24 maxlen: 24
194.141.51.0/24 maxlen: 24
194.141.52.0/22 maxlen: 22
194.141.56.0/23 maxlen: 23
194.141.64.0/23 maxlen: 23
194.141.66.0/24 maxlen: 24
194.141.67.0/24 maxlen: 24
194.141.68.0/24 maxlen: 24
194.141.69.0/24 maxlen: 24
194.141.72.0/22 maxlen: 22
194.141.76.0/23 maxlen: 23
194.141.78.0/24 maxlen: 24
194.141.79.0/24 maxlen: 24
194.141.84.0/24 maxlen: 24
194.141.86.0/24 maxlen: 24
194.141.88.0/21 maxlen: 21
194.141.104.0/21 maxlen: 21
194.141.112.0/24 maxlen: 24
194.141.113.0/24 maxlen: 24
194.141.116.0/22 maxlen: 22
194.141.116.0/23 maxlen: 23
194.141.118.0/24 maxlen: 24
194.141.119.0/24 maxlen: 24
194.141.221.0/24 maxlen: 24
194.141.222.0/24 maxlen: 24
194.141.225.0/24 maxlen: 24
194.141.226.0/24 maxlen: 24
194.141.227.0/24 maxlen: 24
194.141.228.0/22 maxlen: 22
194.141.232.0/21 maxlen: 21
194.141.240.0/24 maxlen: 24
194.141.241.0/24 maxlen: 24
194.141.242.0/24 maxlen: 24
194.141.243.0/24 maxlen: 24
194.141.245.0/24 maxlen: 24
2001:4b58::/32 maxlen: 32
2001:4b58:8::/48 maxlen: 48
2001:4b58:22::/48 maxlen: 48
2001:4b58:37::/48 maxlen: 48
2001:4b58:38::/48 maxlen: 48
2001:4b58:86::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/efb2d1-c5cb-4143-aa88-610072d80115/1/W-j-iCe9xgk1VQngyegOqyH5zcM.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/efb2d1-c5cb-4143-aa88-610072d80115/1/W-j-iCe9xgk1VQngyegOqyH5zcM.mft
rsync://rpki.ripe.net/repository/DEFAULT/W-j-iCe9xgk1VQngyegOqyH5zcM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:d4:87:f7:71:0c:f9:92:c5:49:22:c8:b6:50:56:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5be8fe8827bdc609355509e0c9e80eab21f9cdc3
Validity
Not Before: Mar 25 16:29:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=58ebafc8ff51bbbec2cb226d8b0840d4744e36ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:62:2b:ff:e7:63:74:44:b5:a1:b0:79:57:ac:
26:80:21:3b:3f:f0:cc:0e:e4:72:55:ba:a7:b2:09:
c9:e1:da:ae:ad:4d:cf:dc:7e:99:ac:50:41:1d:ef:
0e:45:9e:c9:9b:e9:e0:05:77:5a:38:0b:d1:be:a6:
c6:12:13:9e:19:ed:63:6e:66:ce:a5:f6:3a:8a:9f:
b5:40:17:7e:fb:f8:b5:3b:9a:6f:6d:f8:7f:d0:9c:
ac:94:70:36:b7:a8:9f:40:9a:a1:5c:bf:53:8f:a6:
5d:4c:1d:96:b5:b7:cc:c7:3d:d7:20:24:f0:9e:10:
12:22:41:5e:a3:a2:ca:2d:d1:a1:23:37:9b:47:61:
b1:5c:c2:8e:fb:a4:7c:eb:8f:14:77:68:ab:a9:14:
5e:cd:92:84:18:ca:8f:b9:78:cb:9b:7a:9e:d5:7c:
be:5d:91:ee:e9:ee:27:85:c7:d1:ac:a2:e1:4d:a9:
0a:4d:9f:b3:dd:53:62:39:ee:2c:9d:f2:7f:5d:71:
d6:51:c0:5b:de:32:4f:11:8d:c7:83:23:0c:43:fc:
82:c4:bc:40:9d:08:d7:4c:53:7f:63:22:21:b2:59:
f8:17:40:cc:38:da:b9:d4:46:bf:83:a1:35:03:4b:
d8:a0:41:e3:10:8b:79:73:cf:57:4b:62:d3:77:88:
0c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:EB:AF:C8:FF:51:BB:BE:C2:CB:22:6D:8B:08:40:D4:74:4E:36:CE
X509v3 Authority Key Identifier:
keyid:5B:E8:FE:88:27:BD:C6:09:35:55:09:E0:C9:E8:0E:AB:21:F9:CD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-j-iCe9xgk1VQngyegOqyH5zcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/efb2d1-c5cb-4143-aa88-610072d80115/1/WOuvyP9Ru77CyyJtiwhA1HRONs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/efb2d1-c5cb-4143-aa88-610072d80115/1/W-j-iCe9xgk1VQngyegOqyH5zcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.141.0.0/16
IPv6:
2001:4b58::/32
Signature Algorithm: sha256WithRSAEncryption
62:d5:ea:9a:62:29:06:9d:6e:21:76:49:f7:e8:e2:c1:e4:54:
5d:f3:ce:07:5d:cb:19:f0:8c:25:bd:39:f3:fb:e0:85:46:c4:
ef:15:c0:64:de:67:05:7a:33:7d:06:83:9f:fe:33:28:d6:12:
dd:6f:47:28:f8:83:db:18:70:23:8a:f1:88:04:e9:b9:7f:ba:
3d:5a:97:ea:1b:3f:d2:01:4a:fb:1c:18:87:23:84:c9:e4:93:
db:49:02:72:28:b8:cb:fb:e7:7c:79:ea:95:ae:1d:44:04:ee:
aa:d9:62:c3:e4:e6:c6:74:c8:7f:9f:67:ba:ad:b5:9f:25:60:
6d:c2:d1:21:18:1b:93:93:e2:40:d0:97:b7:6f:9b:b1:e4:1d:
78:e4:55:57:18:a4:2f:48:c2:5d:d6:0e:0b:54:d0:77:9f:f4:
31:e3:42:4b:cd:40:5c:8a:3e:bd:15:ad:40:99:5f:e2:64:b2:
02:87:e8:8d:90:95:c1:e1:8f:2d:2d:02:8c:10:5e:2e:bb:80:
7f:ca:bd:dd:f6:4d:e6:d0:44:75:e0:5c:2e:be:82:91:f1:56:
9f:66:43:52:55:50:b2:2d:1d:ca:f7:3d:14:da:52:6d:ed:00:
2b:a5:1c:b1:93:99:94:c4:65:fb:55:fa:fc:34:c0:26:c0:ef:
fe:40:cd:86
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ0l1If3cQz5ksVJIsi2UFY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZThmZTg4MjdiZGM2MDkzNTU1MDllMGM5ZTgwZWFiMjFm
OWNkYzMwHhcNMjYwMzI1MTYyOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGViYWZjOGZmNTFiYmJlYzJjYjIyNmQ4YjA4NDBkNDc0NGUzNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGIr/+djdES1obB5V6wmgCE7P/DM
DuRyVbqnsgnJ4dqurU3P3H6ZrFBBHe8ORZ7Jm+ngBXdaOAvRvqbGEhOeGe1jbmbO
pfY6ip+1QBd++/i1O5pvbfh/0JyslHA2t6ifQJqhXL9Tj6ZdTB2WtbfMxz3XICTw
nhASIkFeo6LKLdGhIzebR2GxXMKO+6R8648Ud2irqRRezZKEGMqPuXjLm3qe1Xy+
XZHu6e4nhcfRrKLhTakKTZ+z3VNiOe4snfJ/XXHWUcBb3jJPEY3HgyMMQ/yCxLxA
nQjXTFN/YyIhsln4F0DMONq51Ea/g6E1A0vYoEHjEIt5c89XS2LTd4gM3wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFjrr8j/Ubu+wssibYsIQNR0TjbOMB8GA1UdIwQY
MBaAFFvo/ognvcYJNVUJ4MnoDqsh+c3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1qLWlDZTl4Z2sxVlFuZ3llZ09xeUg1emNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9lZmIyZDEtYzVjYi00MTQzLWFhODgt
NjEwMDcyZDgwMTE1LzEvV091dnlQOVJ1NzdDeXlKdGl3aEExSFJPTnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9lZmIyZDEtYzVjYi00MTQzLWFhODgtNjEwMDcyZDgwMTE1
LzEvVy1qLWlDZTl4Z2sxVlFuZ3llZ09xeUg1emNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAwo0wDQQC
AAIwBwMFACABS1gwDQYJKoZIhvcNAQELBQADggEBAGLV6ppiKQadbiF2Sffo4sHk
VF3zzgddyxnwjCW9OfP74IVGxO8VwGTeZwV6M30Gg5/+MyjWEt1vRyj4g9sYcCOK
8YgE6bl/uj1al+obP9IBSvscGIcjhMnkk9tJAnIouMv753x56pWuHUQE7qrZYsPk
5sZ0yH+fZ7qttZ8lYG3C0SEYG5OT4kDQl7dvm7HkHXjkVVcYpC9Iwl3WDgtU0Hef
9DHjQkvNQFyKPr0VrUCZX+JksgKH6I2QlcHhjy0tAowQXi67gH/Kvd32TebQRHXg
XC6+gpHxVp9mQ1JVULItHcr3PRTaUm3tACulHLGTmZTEZftV+vw0wCbA7/5AzYY=
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:20:48 2026 by rpki-client