Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/3bcd4e-a541-4ce2-aa4f-72d091516193/1/W7kaUhASlYNkrMhJVklCrmbhwaM.roa
File: W7kaUhASlYNkrMhJVklCrmbhwaM.roa (raw, json)
Hash identifier: xNYEU03R+PSzs/IRWbK0wthdfu1uuUt0qLfMcyCb11o=
Subject key identifier: 5B:B9:1A:52:10:12:95:83:64:AC:C8:49:56:49:42:AE:66:E1:C1:A3
Certificate issuer: /CN=df9e849dd21c1d01b62d79e13fbe3face45222be
Certificate serial: 019C46C04B3CF04CCC582AC8CDE4339EBDAE
Authority key identifier: DF:9E:84:9D:D2:1C:1D:01:B6:2D:79:E1:3F:BE:3F:AC:E4:52:22:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/356EndIcHQG2LXnhP74_rORSIr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/3bcd4e-a541-4ce2-aa4f-72d091516193/1/W7kaUhASlYNkrMhJVklCrmbhwaM.roa
Signing time: Tue 10 Feb 2026 08:52:13 +0000
ROA not before: Tue 10 Feb 2026 08:52:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204165
IP address blocks: 185.102.96.0/22 maxlen: 24
185.112.164.0/22 maxlen: 24
2a00:d3c0::/32 maxlen: 32
2a06:6500::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/3bcd4e-a541-4ce2-aa4f-72d091516193/1/356EndIcHQG2LXnhP74_rORSIr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/3bcd4e-a541-4ce2-aa4f-72d091516193/1/356EndIcHQG2LXnhP74_rORSIr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/356EndIcHQG2LXnhP74_rORSIr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:46:c0:4b:3c:f0:4c:cc:58:2a:c8:cd:e4:33:9e:bd:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df9e849dd21c1d01b62d79e13fbe3face45222be
Validity
Not Before: Feb 10 08:52:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5bb91a521012958364acc849564942ae66e1c1a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:29:4f:d6:06:d9:53:5f:1f:54:37:ed:25:aa:
c1:1b:71:de:fe:14:8d:5b:23:b5:8e:7b:42:c4:f0:
8b:07:85:e1:06:d2:5e:76:0c:1f:cd:1f:97:dc:25:
e0:b4:61:ba:ef:56:12:30:cb:71:4e:a3:7b:d9:5a:
f0:33:78:26:4d:a4:0c:4e:c5:f2:91:60:cd:ad:19:
37:d3:9c:3b:ef:83:8f:81:77:3d:17:6a:65:b7:cf:
c9:be:f9:fb:13:4b:af:91:87:a5:25:55:6e:99:37:
01:1c:cb:d1:2c:1d:a9:07:da:81:f2:86:c6:a4:48:
ff:fe:eb:39:a9:ba:e2:2e:01:b4:95:77:b2:7b:1a:
a5:38:f1:d9:82:4c:26:0f:80:e8:62:06:09:5b:4e:
07:fe:78:ad:76:17:6c:4a:c1:c1:40:66:9b:f2:4c:
ef:39:f8:2e:f2:8c:bf:74:54:0e:e7:40:34:4f:4e:
3d:85:46:63:c4:02:21:09:5d:35:da:e0:85:40:64:
27:67:69:af:30:58:4b:a6:a4:51:d3:80:aa:6a:95:
fc:c2:2f:84:84:55:c6:7c:31:e9:f7:b2:31:ae:95:
3f:88:b2:26:b2:d9:59:d4:b3:f9:b0:df:d2:32:9b:
6a:5a:1b:d9:86:03:62:0a:7c:5a:5c:e5:31:13:04:
e9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B9:1A:52:10:12:95:83:64:AC:C8:49:56:49:42:AE:66:E1:C1:A3
X509v3 Authority Key Identifier:
keyid:DF:9E:84:9D:D2:1C:1D:01:B6:2D:79:E1:3F:BE:3F:AC:E4:52:22:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/356EndIcHQG2LXnhP74_rORSIr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/3bcd4e-a541-4ce2-aa4f-72d091516193/1/W7kaUhASlYNkrMhJVklCrmbhwaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/3bcd4e-a541-4ce2-aa4f-72d091516193/1/356EndIcHQG2LXnhP74_rORSIr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.96.0/22
185.112.164.0/22
IPv6:
2a00:d3c0::/32
2a06:6500::/29
Signature Algorithm: sha256WithRSAEncryption
01:33:08:90:51:5b:cb:c6:6d:2f:4c:31:9e:29:b4:99:d0:9b:
69:63:47:ab:83:70:4d:95:d1:23:3e:54:ff:98:99:22:4d:30:
17:3f:26:0a:95:41:93:a3:bb:f9:81:93:19:5b:41:65:7b:28:
cb:fd:3b:23:18:17:95:87:73:bb:6e:b5:c2:cd:59:fa:09:ee:
17:c5:08:38:ef:6f:4a:80:21:c5:45:05:fa:0a:8b:3d:02:8a:
11:4c:6a:37:42:9a:52:d3:f5:a0:2a:11:b3:b0:c9:0f:da:73:
87:75:6e:de:8c:c4:12:4b:f9:21:ba:69:c2:37:d1:f7:45:9e:
0a:b8:1d:88:a8:68:31:be:f6:29:f9:b2:51:fc:64:3b:d3:18:
39:35:99:ad:43:09:45:78:a2:b0:36:5b:f9:4c:f1:3c:07:ae:
80:81:ae:45:d2:15:0f:a3:94:cf:21:0f:4c:90:39:45:2a:1d:
37:03:08:5a:da:f4:bb:ab:74:01:7e:18:10:b5:c6:91:3e:68:
2e:9c:55:46:9b:10:3c:2f:d1:39:6d:eb:b1:55:94:66:a3:fa:
cd:b5:20:56:bf:97:e5:f7:06:d8:6b:0d:03:ad:46:23:df:00:
4c:38:33:5b:e6:23:17:a7:c9:90:ab:e6:12:2b:e8:fb:0c:1d:
b5:18:cd:3a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZxGwEs88EzMWCrIzeQznr2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWU4NDlkZDIxYzFkMDFiNjJkNzllMTNmYmUzZmFjZTQ1
MjIyYmUwHhcNMjYwMjEwMDg1MjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI5MWE1MjEwMTI5NTgzNjRhY2M4NDk1NjQ5NDJhZTY2ZTFjMWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoClP1gbZU18fVDftJarBG3He/hSN
WyO1jntCxPCLB4XhBtJedgwfzR+X3CXgtGG671YSMMtxTqN72VrwM3gmTaQMTsXy
kWDNrRk305w774OPgXc9F2plt8/Jvvn7E0uvkYelJVVumTcBHMvRLB2pB9qB8obG
pEj//us5qbriLgG0lXeyexqlOPHZgkwmD4DoYgYJW04H/nitdhdsSsHBQGab8kzv
Ofgu8oy/dFQO50A0T049hUZjxAIhCV012uCFQGQnZ2mvMFhLpqRR04CqapX8wi+E
hFXGfDHp97IxrpU/iLImstlZ1LP5sN/SMptqWhvZhgNiCnxaXOUxEwTphQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFu5GlIQEpWDZKzISVZJQq5m4cGjMB8GA1UdIwQY
MBaAFN+ehJ3SHB0Bti154T++P6zkUiK+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzU2RW5kSWNIUUcyTFhuaFA3NF9yT1JTSXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zYmNkNGUtYTU0MS00Y2UyLWFhNGYt
NzJkMDkxNTE2MTkzLzEvVzdrYVVoQVNsWU5rck1oSlZrbENybWJod2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zYmNkNGUtYTU0MS00Y2UyLWFhNGYtNzJkMDkxNTE2MTkz
LzEvMzU2RW5kSWNIUUcyTFhuaFA3NF9yT1JTSXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuWZgAwQC
uXCkMBQEAgACMA4DBQAqANPAAwUDKgZlADANBgkqhkiG9w0BAQsFAAOCAQEAATMI
kFFby8ZtL0wxnim0mdCbaWNHq4NwTZXRIz5U/5iZIk0wFz8mCpVBk6O7+YGTGVtB
ZXsoy/07IxgXlYdzu261ws1Z+gnuF8UIOO9vSoAhxUUF+gqLPQKKEUxqN0KaUtP1
oCoRs7DJD9pzh3Vu3ozEEkv5IbppwjfR90WeCrgdiKhoMb72KfmyUfxkO9MYOTWZ
rUMJRXiisDZb+UzxPAeugIGuRdIVD6OUzyEPTJA5RSodNwMIWtr0u6t0AX4YELXG
kT5oLpxVRpsQPC/ROW3rsVWUZqP6zbUgVr+X5fcG2GsNA61GI98ATDgzW+YjF6fJ
kKvmEivo+wwdtRjNOg==
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:55:06 2026 by rpki-client