Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/wWKYUMsUBMLwAcAaBxJQWTurS9w.roa
File: wWKYUMsUBMLwAcAaBxJQWTurS9w.roa (raw, json)
Hash identifier: Y9DOjWqYX7MX2J4njELl+NUTaXcyEq3NFHB7fsFFZ8k=
Subject key identifier: C1:62:98:50:CB:14:04:C2:F0:01:C0:1A:07:12:50:59:3B:AB:4B:DC
Certificate issuer: /CN=53052009ba7898d2361ca2ee7d130124f9d25125
Certificate serial: 019D239A2A71BD0CEE5B56AB8DF8718EEC89
Authority key identifier: 53:05:20:09:BA:78:98:D2:36:1C:A2:EE:7D:13:01:24:F9:D2:51:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UwUgCbp4mNI2HKLufRMBJPnSUSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/wWKYUMsUBMLwAcAaBxJQWTurS9w.roa
Signing time: Wed 25 Mar 2026 06:06:39 +0000
ROA not before: Wed 25 Mar 2026 06:06:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50881
IP address blocks: 91.228.164.0/24 maxlen: 24
91.228.165.0/24 maxlen: 24
91.228.166.0/24 maxlen: 24
91.228.167.0/24 maxlen: 24
185.94.156.0/24 maxlen: 24
185.94.157.0/24 maxlen: 24
185.94.158.0/24 maxlen: 24
185.94.159.0/24 maxlen: 24
2a05:e800:1::/48 maxlen: 48
2a05:e800:1001::/48 maxlen: 48
2a05:e800:1003::/48 maxlen: 48
2a05:e800:1007::/48 maxlen: 48
2a05:e800:1023::/48 maxlen: 48
2a05:e802:1005::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/UwUgCbp4mNI2HKLufRMBJPnSUSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/UwUgCbp4mNI2HKLufRMBJPnSUSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/UwUgCbp4mNI2HKLufRMBJPnSUSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:23:9a:2a:71:bd:0c:ee:5b:56:ab:8d:f8:71:8e:ec:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53052009ba7898d2361ca2ee7d130124f9d25125
Validity
Not Before: Mar 25 06:06:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c1629850cb1404c2f001c01a071250593bab4bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c6:9b:44:1a:84:02:ef:4c:6a:e7:43:f9:ac:
33:18:ca:26:62:6c:f6:00:92:4f:8f:bf:97:81:6d:
fa:2e:62:2a:ac:3e:de:f8:4e:6a:ec:50:fd:37:30:
27:0c:38:05:de:97:3e:42:71:93:3d:cf:6f:f0:7b:
5d:17:a3:b0:86:06:21:c9:39:37:52:8a:74:32:55:
8c:bb:60:97:94:cc:ed:c3:44:08:4f:7d:ab:f9:2c:
bc:9f:d2:ea:62:75:35:9a:ba:cb:a0:d0:f0:92:e1:
f7:4c:96:e2:56:18:c2:4f:3e:de:18:77:75:17:71:
aa:91:9d:16:c9:23:59:ef:3f:2b:40:ab:5c:c9:19:
0a:c1:6f:d0:a3:fa:43:e8:e3:85:84:5e:3e:2e:f6:
e7:2b:10:f6:a2:26:38:dd:50:03:05:c9:65:26:8b:
10:bc:15:07:be:09:d9:b6:ac:95:64:bf:c9:b8:a9:
6c:c7:5b:53:86:73:fb:04:2b:94:6d:3f:ed:93:c1:
41:4b:8d:7c:be:93:3f:c7:02:c6:bb:96:93:36:63:
f3:ed:01:69:9e:62:03:3e:d5:4b:06:b6:05:17:43:
49:04:e8:f2:74:18:9f:ca:c3:eb:56:bd:48:2d:cd:
41:c5:3b:d4:a3:45:2c:1b:0c:6e:f5:9c:51:65:a6:
6d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:62:98:50:CB:14:04:C2:F0:01:C0:1A:07:12:50:59:3B:AB:4B:DC
X509v3 Authority Key Identifier:
keyid:53:05:20:09:BA:78:98:D2:36:1C:A2:EE:7D:13:01:24:F9:D2:51:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UwUgCbp4mNI2HKLufRMBJPnSUSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/wWKYUMsUBMLwAcAaBxJQWTurS9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/938722-d415-4027-a0b3-a2aa286dc448/1/UwUgCbp4mNI2HKLufRMBJPnSUSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.164.0/22
185.94.156.0/22
IPv6:
2a05:e800:1::/48
2a05:e800:1001::/48
2a05:e800:1003::/48
2a05:e800:1007::/48
2a05:e800:1023::/48
2a05:e802:1005::/48
Signature Algorithm: sha256WithRSAEncryption
9e:f2:0e:05:5b:7e:83:6f:fe:0e:87:8a:f8:f4:c7:59:e7:e5:
37:3c:21:33:cb:59:f0:41:bf:26:41:29:e5:41:13:54:06:23:
3e:ed:bc:bd:d2:5c:ea:71:8c:66:6e:92:4f:4a:9d:86:2e:b4:
e8:9c:03:96:14:f1:ef:d0:fe:ab:e7:f0:00:0c:6a:0e:35:bf:
5b:ae:f6:07:1b:2c:41:92:f6:0d:0d:f5:6f:11:68:32:44:23:
6e:13:55:5d:ee:64:4f:98:a3:fd:36:76:ba:1a:03:ea:7b:09:
98:4a:48:fc:e4:76:85:9a:d0:b2:5d:14:94:c8:bf:0d:1f:41:
19:77:e0:56:73:c9:e9:20:d9:68:14:62:6e:df:24:6d:c5:ea:
69:3e:07:bf:4c:a1:44:ce:d2:46:46:08:fa:cd:43:df:03:6d:
a7:be:c5:b6:c4:de:0d:36:45:aa:6f:32:a3:51:de:dd:67:e9:
ce:08:c7:ed:12:b6:64:c6:b9:28:68:07:f8:00:a8:82:ed:cf:
21:cf:02:7f:3c:aa:59:fd:95:85:af:bb:a7:ae:46:fe:59:2c:
aa:0d:f7:00:10:e9:32:3a:29:cb:7d:bb:e8:00:34:ea:7f:4f:
66:be:e0:60:c4:1f:cd:83:66:db:53:69:db:be:d1:91:5f:57:
12:57:fc:ee
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZ0jmipxvQzuW1arjfhxjuyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMDUyMDA5YmE3ODk4ZDIzNjFjYTJlZTdkMTMwMTI0Zjlk
MjUxMjUwHhcNMjYwMzI1MDYwNjM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTYyOTg1MGNiMTQwNGMyZjAwMWMwMWEwNzEyNTA1OTNiYWI0YmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsabRBqEAu9MaudD+awzGMomYmz2
AJJPj7+XgW36LmIqrD7e+E5q7FD9NzAnDDgF3pc+QnGTPc9v8HtdF6OwhgYhyTk3
Uop0MlWMu2CXlMztw0QIT32r+Sy8n9LqYnU1mrrLoNDwkuH3TJbiVhjCTz7eGHd1
F3GqkZ0WySNZ7z8rQKtcyRkKwW/Qo/pD6OOFhF4+LvbnKxD2oiY43VADBcllJosQ
vBUHvgnZtqyVZL/JuKlsx1tThnP7BCuUbT/tk8FBS418vpM/xwLGu5aTNmPz7QFp
nmIDPtVLBrYFF0NJBOjydBifysPrVr1ILc1BxTvUo0UsGwxu9ZxRZaZtyQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFMFimFDLFATC8AHAGgcSUFk7q0vcMB8GA1UdIwQY
MBaAFFMFIAm6eJjSNhyi7n0TAST50lElMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXdVZ0NicDRtTkkySEtMdWZSTUJKUG5TVVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC85Mzg3MjItZDQxNS00MDI3LWEwYjMt
YTJhYTI4NmRjNDQ4LzEvd1dLWVVNc1VCTUx3QWNBYUJ4SlFXVHVyUzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC85Mzg3MjItZDQxNS00MDI3LWEwYjMtYTJhYTI4NmRjNDQ4
LzEvVXdVZ0NicDRtTkkySEtMdWZSTUJKUG5TVVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjASBAIAATAMAwQCW+SkAwQC
uV6cMDwEAgACMDYDBwAqBegAAAEDBwAqBegAEAEDBwAqBegAEAMDBwAqBegAEAcD
BwAqBegAECMDBwAqBegCEAUwDQYJKoZIhvcNAQELBQADggEBAJ7yDgVbfoNv/g6H
ivj0x1nn5Tc8ITPLWfBBvyZBKeVBE1QGIz7tvL3SXOpxjGZukk9KnYYutOicA5YU
8e/Q/qvn8AAMag41v1uu9gcbLEGS9g0N9W8RaDJEI24TVV3uZE+Yo/02droaA+p7
CZhKSPzkdoWa0LJdFJTIvw0fQRl34FZzyekg2WgUYm7fJG3F6mk+B79MoUTO0kZG
CPrNQ98Dbae+xbbE3g02RapvMqNR3t1n6c4Ix+0StmTGuShoB/gAqILtzyHPAn88
qln9lYWvu6euRv5ZLKoN9wAQ6TI6Kct9u+gANOp/T2a+4GDEH82DZttTadu+0ZFf
VxJX/O4=
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:18:44 2026 by rpki-client