Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/tA_5lUy51AWLQs5t-zl1uHZe8NA.roa
File: tA_5lUy51AWLQs5t-zl1uHZe8NA.roa (raw, json)
Hash identifier: 9AJDAHZpe6SJIjdQg3XJl4SWzd5q2VY6mENsQs8FAIQ=
Subject key identifier: B4:0F:F9:95:4C:B9:D4:05:8B:42:CE:6D:FB:39:75:B8:76:5E:F0:D0
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 019CC9FF719EFB6C38D736AB3B7F4A58210A
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/tA_5lUy51AWLQs5t-zl1uHZe8NA.roa
Signing time: Sat 07 Mar 2026 20:31:27 +0000
ROA not before: Sat 07 Mar 2026 20:31:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209827
IP address blocks: 94.198.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c9:ff:71:9e:fb:6c:38:d7:36:ab:3b:7f:4a:58:21:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: Mar 7 20:31:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b40ff9954cb9d4058b42ce6dfb3975b8765ef0d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:df:8c:b0:f1:d9:30:24:e4:73:a4:94:b3:5a:
82:34:e2:6d:44:d3:fc:e2:12:62:3e:75:6c:32:d1:
b0:d5:ed:59:09:2c:96:66:be:5d:9f:7d:a8:79:42:
91:13:22:60:75:6d:05:3e:52:4c:3e:59:90:23:11:
8e:a3:9b:16:83:f4:fc:05:5d:a9:87:f6:98:b4:c2:
25:80:34:2b:ac:3b:ac:87:92:60:89:8f:cf:f5:0e:
6a:81:cd:67:ad:3b:b2:f0:54:8c:63:65:63:7e:e6:
4e:bc:63:55:db:0a:85:85:93:48:d5:2e:98:43:08:
08:11:91:eb:d7:3a:8f:47:54:3d:71:ee:95:b4:b4:
ab:66:a8:ce:d6:90:19:12:69:b1:ee:e0:6f:3b:c5:
1e:fa:a0:73:68:f1:4f:59:26:aa:e5:b9:5a:35:79:
b0:e7:bd:c3:b1:2b:9e:eb:95:58:38:76:c4:33:31:
67:d3:8a:2b:f1:d9:72:f9:bd:5c:d4:c2:e4:8c:c9:
73:1a:0e:cf:31:28:98:87:f0:1d:dd:2b:a1:4f:23:
e9:01:b3:db:27:fa:ac:10:59:b5:86:56:8a:97:2e:
4f:68:a4:17:86:b0:1c:fb:bc:72:52:e1:ff:21:50:
c2:ac:83:a6:aa:9c:88:26:78:3f:8e:8b:33:b9:c8:
54:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0F:F9:95:4C:B9:D4:05:8B:42:CE:6D:FB:39:75:B8:76:5E:F0:D0
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/tA_5lUy51AWLQs5t-zl1uHZe8NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.184.0/24
Signature Algorithm: sha256WithRSAEncryption
24:8e:5b:b0:1f:92:ce:3b:c3:60:ce:6b:1f:dc:18:f6:4c:16:
2b:6d:ee:fc:21:08:62:cf:6f:d2:d5:94:07:19:fc:65:71:62:
1a:8c:b3:09:9c:77:2f:cf:de:2a:bc:cb:35:cd:51:fd:79:e1:
ad:48:f0:f4:0f:47:4c:f5:6a:be:d6:64:f2:4b:a8:01:70:15:
f7:b8:cf:bd:61:f8:d4:aa:aa:29:fa:07:f0:21:13:d1:6a:10:
02:ae:ac:3d:d6:0f:0c:44:45:7b:27:bc:25:bd:dc:30:2d:18:
7b:f8:1a:c5:9c:9a:2d:9e:a5:14:ef:3c:43:9a:05:b9:9a:72:
43:bc:41:25:f9:1c:d9:8c:2e:61:24:3c:51:29:a7:a4:aa:c7:
d6:84:0e:eb:33:6c:8e:26:2c:bf:f7:52:8e:46:70:e3:ae:f8:
a6:da:9b:21:ea:2d:de:71:35:ff:29:ce:83:51:fa:83:df:81:
64:5d:0e:0e:f0:88:af:7c:eb:a3:c8:35:c5:3d:6d:6d:90:44:
bb:ff:a8:7d:ce:b9:18:0e:0e:bc:44:1f:b6:65:3f:d2:22:1d:
52:6f:37:24:f7:52:f8:dc:ae:a8:8c:16:ac:f6:e7:59:a2:31:
16:eb:13:70:26:e6:66:5d:42:fe:07:94:c8:ad:0e:93:a4:78:
66:31:f5:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzJ/3Ge+2w41zarO39KWCEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjYwMzA3MjAzMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDBmZjk5NTRjYjlkNDA1OGI0MmNlNmRmYjM5NzViODc2NWVmMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN+MsPHZMCTkc6SUs1qCNOJtRNP8
4hJiPnVsMtGw1e1ZCSyWZr5dn32oeUKREyJgdW0FPlJMPlmQIxGOo5sWg/T8BV2p
h/aYtMIlgDQrrDush5JgiY/P9Q5qgc1nrTuy8FSMY2VjfuZOvGNV2wqFhZNI1S6Y
QwgIEZHr1zqPR1Q9ce6VtLSrZqjO1pAZEmmx7uBvO8Ue+qBzaPFPWSaq5blaNXmw
573DsSue65VYOHbEMzFn04or8dly+b1c1MLkjMlzGg7PMSiYh/Ad3SuhTyPpAbPb
J/qsEFm1hlaKly5PaKQXhrAc+7xyUuH/IVDCrIOmqpyIJng/joszuchUQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQP+ZVMudQFi0LObfs5dbh2XvDQMB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvdEFfNWxVeTUxQVdMUXM1dC16bDF1SFplOE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXsa4MA0G
CSqGSIb3DQEBCwUAA4IBAQAkjluwH5LOO8Ngzmsf3Bj2TBYrbe78IQhiz2/S1ZQH
GfxlcWIajLMJnHcvz94qvMs1zVH9eeGtSPD0D0dM9Wq+1mTyS6gBcBX3uM+9YfjU
qqop+gfwIRPRahACrqw91g8MREV7J7wlvdwwLRh7+BrFnJotnqUU7zxDmgW5mnJD
vEEl+RzZjC5hJDxRKaekqsfWhA7rM2yOJiy/91KORnDjrvim2psh6i3ecTX/Kc6D
UfqD34FkXQ4O8IivfOujyDXFPW1tkES7/6h9zrkYDg68RB+2ZT/SIh1Sbzck91L4
3K6ojBas9udZojEW6xNwJuZmXUL+B5TIrQ6TpHhmMfXg
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:01:59 2026 by rpki-client