Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/WC6Ef1SCRQayQUNZTkL1DetJbX8.roa
File: WC6Ef1SCRQayQUNZTkL1DetJbX8.roa (raw, json)
Hash identifier: 4h6GY4Zr2br6zf+r8RfMh+KsFft90+z3WOx8A/kJ8Qg=
Subject key identifier: 58:2E:84:7F:54:82:45:06:B2:41:43:59:4E:42:F5:0D:EB:49:6D:7F
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019DDE28D2E07FC13472F14CE7C5A185DE22
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/WC6Ef1SCRQayQUNZTkL1DetJbX8.roa
Signing time: Thu 30 Apr 2026 11:31:50 +0000
ROA not before: Thu 30 Apr 2026 11:31:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39640
IP address blocks: 167.160.31.0/24 maxlen: 24
178.19.32.0/23 maxlen: 23
185.216.131.0/24 maxlen: 24
201.49.188.0/22 maxlen: 22
206.203.0.0/18 maxlen: 18
213.236.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:de:28:d2:e0:7f:c1:34:72:f1:4c:e7:c5:a1:85:de:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Apr 30 11:31:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=582e847f54824506b24143594e42f50deb496d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a4:d7:62:58:61:b2:1e:eb:ca:68:5b:df:2c:
7c:9b:52:94:52:fa:ef:ce:be:75:bf:a9:00:6e:8e:
de:b2:ad:66:20:47:7f:6b:f6:af:26:b6:9d:40:af:
5d:ac:b0:ba:30:c9:70:12:e6:dd:9e:6c:e3:c6:85:
de:4d:61:cf:2c:9e:89:6d:a1:f4:b5:05:42:e3:30:
43:f1:b7:90:25:20:e8:3e:d5:d2:b0:db:71:e7:da:
77:a6:e9:a6:24:e3:5c:c2:2e:ce:cb:3b:32:ff:d2:
3c:96:d9:4c:76:29:35:e1:06:8b:bc:1c:79:a5:73:
c6:49:86:79:35:da:3b:9c:a5:1c:71:93:7c:ae:6f:
26:f0:68:43:4a:d2:69:fe:3c:df:67:fa:f0:f4:94:
e3:a2:a3:a5:e2:fb:d9:f4:27:d0:86:c5:c8:01:58:
94:bd:17:5e:3a:74:5e:da:89:1c:8c:9c:f5:4f:3b:
dc:78:a5:78:37:5a:03:7e:2d:28:f9:42:e0:88:ff:
0f:8d:c6:64:df:9a:0c:d7:ec:be:dc:99:a8:5c:44:
b6:d3:84:68:33:aa:36:60:b9:47:f1:2e:1b:dc:cd:
a9:48:98:1e:89:44:f3:88:13:a6:1a:97:2f:88:e2:
d6:e5:6a:f6:9f:cf:2c:6a:b4:4d:ee:81:b3:e7:3a:
b1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:2E:84:7F:54:82:45:06:B2:41:43:59:4E:42:F5:0D:EB:49:6D:7F
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/WC6Ef1SCRQayQUNZTkL1DetJbX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.31.0/24
178.19.32.0/23
185.216.131.0/24
201.49.188.0/22
206.203.0.0/18
213.236.16.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:e1:83:78:fb:f8:bf:43:9f:af:bf:70:4d:db:7a:9b:9b:a8:
7c:00:f2:8b:7b:fa:f3:77:62:40:09:00:39:cf:10:d9:60:20:
cb:fb:90:7c:ee:69:5f:55:43:b4:16:5a:34:3a:2b:8e:c3:9f:
57:25:e3:c5:dc:62:29:0d:67:22:8f:b8:9f:ea:f8:d4:96:4d:
a9:dc:67:eb:cf:3f:3c:6a:63:90:89:c6:04:4a:8d:28:21:b6:
09:73:7c:f0:52:4e:2a:91:49:48:66:ee:a4:ec:16:ba:92:63:
d3:36:28:b4:b0:66:86:aa:a9:26:0d:1f:e4:28:01:2c:fc:be:
17:2b:51:65:4a:cb:d8:ca:63:49:af:14:60:b8:eb:c9:f8:52:
35:01:6b:d2:f3:ed:c9:38:c2:a3:49:b6:c5:51:a4:6f:06:a2:
1c:98:99:86:d3:e5:23:24:97:71:0b:88:28:83:cd:5c:fa:5b:
28:b1:ea:6a:72:3a:82:7a:62:0d:29:9e:19:f9:29:2c:94:09:
98:ab:29:b3:4d:45:a6:e4:53:ac:ef:99:3c:ed:0a:83:1e:a4:
65:19:8c:83:47:1a:14:5e:c6:63:01:5c:a4:29:a8:6d:15:52:
15:ba:28:f0:28:ae:1d:2f:0a:df:e4:86:ac:d9:89:06:36:91:
8e:f9:4f:7f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ3eKNLgf8E0cvFM58Whhd4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwNDMwMTEzMTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODJlODQ3ZjU0ODI0NTA2YjI0MTQzNTk0ZTQyZjUwZGViNDk2ZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7aTXYlhhsh7rymhb3yx8m1KUUvrv
zr51v6kAbo7esq1mIEd/a/avJradQK9drLC6MMlwEubdnmzjxoXeTWHPLJ6JbaH0
tQVC4zBD8beQJSDoPtXSsNtx59p3pummJONcwi7Oyzsy/9I8ltlMdik14QaLvBx5
pXPGSYZ5Ndo7nKUccZN8rm8m8GhDStJp/jzfZ/rw9JTjoqOl4vvZ9CfQhsXIAViU
vRdeOnRe2okcjJz1TzvceKV4N1oDfi0o+ULgiP8PjcZk35oM1+y+3JmoXES204Ro
M6o2YLlH8S4b3M2pSJgeiUTziBOmGpcviOLW5Wr2n88sarRN7oGz5zqxMwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFguhH9UgkUGskFDWU5C9Q3rSW1/MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvV0M2RWYxU0NSUWF5UVVOWlRrTDFEZXRKYlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAp6AfAwQB
shMgAwQAudiDAwQCyTG8AwQGzssAAwQC1ewQMA0GCSqGSIb3DQEBCwUAA4IBAQCh
4YN4+/i/Q5+vv3BN23qbm6h8APKLe/rzd2JACQA5zxDZYCDL+5B87mlfVUO0Flo0
OiuOw59XJePF3GIpDWcij7if6vjUlk2p3Gfrzz88amOQicYESo0oIbYJc3zwUk4q
kUlIZu6k7Ba6kmPTNii0sGaGqqkmDR/kKAEs/L4XK1FlSsvYymNJrxRguOvJ+FI1
AWvS8+3JOMKjSbbFUaRvBqIcmJmG0+UjJJdxC4gog81c+lsosepqcjqCemINKZ4Z
+SkslAmYqymzTUWm5FOs75k87QqDHqRlGYyDRxoUXsZjAVykKahtFVIVuijwKK4d
Lwrf5Ias2YkGNpGO+U9/
-----END CERTIFICATE-----
Generated at Wed May 13 08:45:31 2026 by rpki-client