Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/weL2fJbBEt1uCFRBtP6uDF_YZNc.roa
File: weL2fJbBEt1uCFRBtP6uDF_YZNc.roa (raw, json)
Hash identifier: uW+pX+iXHNh0QuRtyBXokgf1Q61aNDvMcUdZtoG4bxo=
Subject key identifier: C1:E2:F6:7C:96:C1:12:DD:6E:08:54:41:B4:FE:AE:0C:5F:D8:64:D7
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019E15B2C10BC7CB862966F9D6828B018693
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/weL2fJbBEt1uCFRBtP6uDF_YZNc.roa
Signing time: Mon 11 May 2026 06:21:36 +0000
ROA not before: Mon 11 May 2026 06:21:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 79.172.200.0/23 maxlen: 24
79.172.200.0/24 maxlen: 24
79.172.204.0/24 maxlen: 24
79.172.214.0/24 maxlen: 24
79.172.242.0/24 maxlen: 24
79.172.250.0/23 maxlen: 24
79.172.251.0/24 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.8.0/24 maxlen: 24
87.229.23.0/24 maxlen: 24
87.229.35.0/24 maxlen: 24
87.229.37.0/24 maxlen: 24
87.229.40.0/24 maxlen: 24
87.229.64.0/24 maxlen: 24
87.229.70.0/24 maxlen: 24
87.229.80.0/23 maxlen: 24
87.229.81.0/24 maxlen: 24
87.229.97.0/24 maxlen: 24
87.229.112.0/24 maxlen: 24
87.229.124.0/23 maxlen: 24
87.229.124.0/24 maxlen: 24
87.229.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:15:b2:c1:0b:c7:cb:86:29:66:f9:d6:82:8b:01:86:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: May 11 06:21:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c1e2f67c96c112dd6e085441b4feae0c5fd864d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e5:b3:ee:bf:51:2a:61:6c:cc:a7:80:59:a8:
5e:cb:48:cf:ef:7d:af:bf:48:71:6f:2d:7b:a6:1e:
c0:83:32:84:75:f1:8e:87:30:c5:5c:3e:7e:5c:36:
51:f5:b6:8a:d5:23:b9:0d:fb:a1:d9:97:10:d2:88:
21:d7:11:1f:a0:05:e9:15:7d:48:68:87:2a:5a:75:
af:f0:db:96:fc:35:df:cc:01:5f:3b:b4:92:00:e8:
6e:b5:69:15:54:e7:2b:34:38:98:39:e9:eb:b1:34:
02:f3:f1:6d:08:d2:3f:b8:27:ca:67:cc:3c:0d:6b:
21:c9:08:9b:89:a1:ea:65:89:a7:99:b3:31:60:c3:
45:23:0a:a0:ce:f5:b1:53:cf:c6:09:a5:67:56:ed:
87:2d:e1:76:5f:c2:b5:41:33:51:4d:c3:ee:55:e1:
9c:a0:9a:61:53:59:ea:3d:53:ac:30:db:34:9c:d5:
22:d1:83:a2:5e:54:14:dc:56:54:b3:d0:0c:23:ec:
97:67:24:8a:2d:39:16:4f:54:4d:cd:62:18:1b:a8:
ee:3f:48:c9:f0:4c:78:7b:0b:ca:91:9a:10:15:49:
2f:10:f8:27:2b:25:ad:78:f3:33:c8:ce:7d:80:d7:
0c:f3:d3:68:68:65:24:47:5f:15:df:0e:bf:74:ea:
83:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E2:F6:7C:96:C1:12:DD:6E:08:54:41:B4:FE:AE:0C:5F:D8:64:D7
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/weL2fJbBEt1uCFRBtP6uDF_YZNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.200.0/23
79.172.204.0/24
79.172.214.0/24
79.172.242.0/24
79.172.250.0/23
87.229.8.0/22
87.229.23.0/24
87.229.35.0/24
87.229.37.0/24
87.229.40.0/24
87.229.64.0/24
87.229.70.0/24
87.229.80.0/23
87.229.97.0/24
87.229.112.0/24
87.229.124.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:a1:ad:ea:5f:18:b3:5f:7b:7b:d1:2f:c5:3a:8e:bd:03:9d:
11:0f:f3:9f:c8:46:58:13:cd:9e:72:de:bb:57:c5:61:5e:70:
c4:ca:90:50:c9:64:75:22:16:7d:12:14:8f:60:77:80:54:17:
82:3a:3f:c1:ab:1a:20:e3:a4:a1:ad:c9:aa:40:8d:f8:d8:33:
92:5b:3d:e4:b0:bc:c0:db:fc:8c:f5:8c:70:90:53:51:5f:15:
a7:01:50:8d:23:0c:5d:b1:0a:58:b1:62:84:5f:cd:2a:c5:60:
77:c0:a6:8b:80:86:11:e5:58:45:5d:65:df:20:b6:41:1c:36:
90:7b:82:1c:7a:67:5f:d6:54:08:16:95:df:9a:7d:d0:68:e2:
b2:af:ea:22:ba:3d:26:7e:1b:04:54:ad:e1:7e:b1:12:15:e3:
d0:ac:08:ea:ff:6d:eb:3d:1e:47:47:c5:9b:7e:03:f5:e5:e3:
40:03:33:f1:45:75:e2:15:69:95:62:8c:4b:41:91:91:48:11:
7d:a0:28:3d:d0:90:8b:2c:fa:ea:ef:c9:97:85:60:be:53:02:
05:1a:ca:40:a7:b9:5f:c5:8d:d6:fd:1a:57:6b:e1:43:3c:71:
a9:27:32:6e:74:e3:0c:15:ec:7d:8c:41:4e:a0:08:38:89:16:
3f:41:9d:94
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZ4VssELx8uGKWb51oKLAYaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjYwNTExMDYyMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWUyZjY3Yzk2YzExMmRkNmUwODU0NDFiNGZlYWUwYzVmZDg2NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOWz7r9RKmFszKeAWahey0jP732v
v0hxby17ph7AgzKEdfGOhzDFXD5+XDZR9baK1SO5Dfuh2ZcQ0ogh1xEfoAXpFX1I
aIcqWnWv8NuW/DXfzAFfO7SSAOhutWkVVOcrNDiYOenrsTQC8/FtCNI/uCfKZ8w8
DWshyQibiaHqZYmnmbMxYMNFIwqgzvWxU8/GCaVnVu2HLeF2X8K1QTNRTcPuVeGc
oJphU1nqPVOsMNs0nNUi0YOiXlQU3FZUs9AMI+yXZySKLTkWT1RNzWIYG6juP0jJ
8Ex4ewvKkZoQFUkvEPgnKyWtePMzyM59gNcM89NoaGUkR18V3w6/dOqDrwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFMHi9nyWwRLdbghUQbT+rgxf2GTXMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvd2VMMmZKYkJFdDF1Q0ZSQnRQNnVERl9ZWk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBT6zIAwQA
T6zMAwQAT6zWAwQAT6zyAwQBT6z6AwQCV+UIAwQAV+UXAwQAV+UjAwQAV+UlAwQA
V+UoAwQAV+VAAwQAV+VGAwQBV+VQAwQAV+VhAwQAV+VwAwQBV+V8MA0GCSqGSIb3
DQEBCwUAA4IBAQBeoa3qXxizX3t70S/FOo69A50RD/OfyEZYE82ect67V8VhXnDE
ypBQyWR1IhZ9EhSPYHeAVBeCOj/Bqxog46ShrcmqQI342DOSWz3ksLzA2/yM9Yxw
kFNRXxWnAVCNIwxdsQpYsWKEX80qxWB3wKaLgIYR5VhFXWXfILZBHDaQe4Icemdf
1lQIFpXfmn3QaOKyr+oiuj0mfhsEVK3hfrESFePQrAjq/23rPR5HR8WbfgP15eNA
AzPxRXXiFWmVYoxLQZGRSBF9oCg90JCLLPrq78mXhWC+UwIFGspAp7lfxY3W/RpX
a+FDPHGpJzJudOMMFex9jEFOoAg4iRY/QZ2U
-----END CERTIFICATE-----
Generated at Tue May 12 22:05:49 2026 by rpki-client