Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/x_UrSzT5bnYolRGENmeVczVCPdU.roa
File: x_UrSzT5bnYolRGENmeVczVCPdU.roa (raw, json)
Hash identifier: IOsOmkSdTZ/QstJ06oa7GIebzAwZkncHJ9unnjr0BfQ=
Subject key identifier: C7:F5:2B:4B:34:F9:6E:76:28:95:11:84:36:67:95:73:35:42:3D:D5
Certificate issuer: /CN=58c57c079e795a796b47a7ed32f072b058a93a6e
Certificate serial: 019D2113CC8CFC76A5478C423E28D10FCA67
Authority key identifier: 58:C5:7C:07:9E:79:5A:79:6B:47:A7:ED:32:F0:72:B0:58:A9:3A:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WMV8B555WnlrR6ftMvBysFipOm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/x_UrSzT5bnYolRGENmeVczVCPdU.roa
Signing time: Tue 24 Mar 2026 18:20:38 +0000
ROA not before: Tue 24 Mar 2026 18:20:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50784
IP address blocks: 185.159.168.0/22 maxlen: 22
185.159.168.0/24 maxlen: 24
185.159.169.0/24 maxlen: 24
185.159.170.0/24 maxlen: 24
185.159.171.0/24 maxlen: 24
2a07:b640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/WMV8B555WnlrR6ftMvBysFipOm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/WMV8B555WnlrR6ftMvBysFipOm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WMV8B555WnlrR6ftMvBysFipOm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:21:13:cc:8c:fc:76:a5:47:8c:42:3e:28:d1:0f:ca:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58c57c079e795a796b47a7ed32f072b058a93a6e
Validity
Not Before: Mar 24 18:20:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c7f52b4b34f96e76289511843667957335423dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ab:a9:1a:37:fa:a3:bd:dc:63:68:57:b1:bd:
d7:cd:86:82:fb:84:f4:37:0f:a6:f1:a6:48:1c:0b:
09:9f:a6:6a:8e:ef:d7:4f:89:c9:21:63:b7:33:f9:
52:13:ac:76:a3:bf:62:ed:29:d6:f9:6e:b7:1e:06:
6a:07:60:2b:d7:ed:4a:21:ae:05:b0:58:cb:1d:c3:
b6:8f:dd:8f:04:b4:59:a0:25:0d:e2:e6:98:70:fe:
ec:45:be:41:fa:5b:e7:94:8f:85:a4:c0:2c:f6:b3:
19:5d:21:a0:1d:a3:11:9d:f6:fd:be:1a:44:d0:96:
df:47:38:3a:25:a9:bf:78:b7:5e:fa:7a:50:4d:5d:
3c:2b:e2:51:d1:6f:45:b5:41:34:1c:ee:9c:1d:b8:
08:0b:94:4b:f7:a5:3d:7f:b7:86:b0:cb:ec:ee:78:
be:3f:7d:70:9e:51:f8:0a:b1:96:81:ef:98:7f:ab:
36:2e:2a:9e:37:9c:c1:0e:45:12:29:65:5f:6e:23:
74:c5:05:b6:af:06:6f:5b:2b:a6:c3:fc:24:2a:16:
dd:c5:ca:21:2e:2d:e4:f3:a7:59:7b:e6:1a:0c:0d:
d7:b2:07:c2:ba:1a:78:9a:06:b3:b3:7e:fc:8e:9b:
be:bb:e4:cc:7a:c5:44:c8:c3:78:d3:2c:c6:8a:48:
00:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F5:2B:4B:34:F9:6E:76:28:95:11:84:36:67:95:73:35:42:3D:D5
X509v3 Authority Key Identifier:
keyid:58:C5:7C:07:9E:79:5A:79:6B:47:A7:ED:32:F0:72:B0:58:A9:3A:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WMV8B555WnlrR6ftMvBysFipOm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/x_UrSzT5bnYolRGENmeVczVCPdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/WMV8B555WnlrR6ftMvBysFipOm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.168.0/22
IPv6:
2a07:b640::/29
Signature Algorithm: sha256WithRSAEncryption
11:1d:49:98:9e:26:a8:24:f5:44:01:0b:0c:0b:bb:ff:aa:df:
59:ce:43:8b:7c:34:15:84:e5:ca:7e:4e:7b:ec:e1:a2:17:2a:
99:df:45:57:42:2b:59:f3:6c:92:cc:ee:8b:73:07:d1:ac:dc:
a9:ee:85:58:35:50:1e:f6:3a:05:70:7a:6a:10:bd:6e:9d:31:
29:c2:e1:c7:08:bf:fd:ef:95:f2:6d:67:86:59:07:89:f3:fd:
85:de:b5:e9:da:47:62:5b:9f:6d:f4:2f:54:50:8a:4a:63:ee:
e0:7c:5f:c0:d0:51:b6:84:dd:3f:9a:cc:58:b0:70:a8:95:40:
52:9b:57:bb:6e:6f:a2:95:4a:c9:24:83:79:8d:9a:c9:0e:c6:
95:e9:86:fc:01:c8:d0:d3:7c:03:20:71:af:ae:02:5d:5d:b2:
85:c1:95:f7:d4:d7:47:f6:7d:36:26:9c:a8:b5:32:7e:1f:e3:
f0:a8:25:69:94:f5:4c:04:bc:cb:86:e2:a7:84:fa:c9:e2:c3:
91:b4:ea:2a:2a:ee:38:60:60:8c:30:f7:37:16:75:93:61:8d:
6f:9f:94:95:d1:b1:34:64:79:84:0a:43:2f:79:01:5e:4a:99:
f8:de:44:cc:a6:cc:69:03:8a:0e:5d:4f:43:c8:80:cf:1b:62:
c5:9b:b2:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ0hE8yM/HalR4xCPijRD8pnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YzU3YzA3OWU3OTVhNzk2YjQ3YTdlZDMyZjA3MmIwNThh
OTNhNmUwHhcNMjYwMzI0MTgyMDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Y1MmI0YjM0Zjk2ZTc2Mjg5NTExODQzNjY3OTU3MzM1NDIzZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6upGjf6o73cY2hXsb3XzYaC+4T0
Nw+m8aZIHAsJn6Zqju/XT4nJIWO3M/lSE6x2o79i7SnW+W63HgZqB2Ar1+1KIa4F
sFjLHcO2j92PBLRZoCUN4uaYcP7sRb5B+lvnlI+FpMAs9rMZXSGgHaMRnfb9vhpE
0JbfRzg6Jam/eLde+npQTV08K+JR0W9FtUE0HO6cHbgIC5RL96U9f7eGsMvs7ni+
P31wnlH4CrGWge+Yf6s2LiqeN5zBDkUSKWVfbiN0xQW2rwZvWyumw/wkKhbdxcoh
Li3k86dZe+YaDA3XsgfCuhp4mgazs378jpu+u+TMesVEyMN40yzGikgACQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMf1K0s0+W52KJURhDZnlXM1Qj3VMB8GA1UdIwQY
MBaAFFjFfAeeeVp5a0en7TLwcrBYqTpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV01WOEI1NTVXbmxyUjZmdE12QnlzRmlwT200LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iMzU3NDYtOGU0Mi00ZDgwLWI3NmQt
NTc1MjkyYmMzOTQxLzEveF9VclN6VDVibllvbFJHRU5tZVZjelZDUGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iMzU3NDYtOGU0Mi00ZDgwLWI3NmQtNTc1MjkyYmMzOTQx
LzEvV01WOEI1NTVXbmxyUjZmdE12QnlzRmlwT200LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ+oMA0E
AgACMAcDBQMqB7ZAMA0GCSqGSIb3DQEBCwUAA4IBAQARHUmYniaoJPVEAQsMC7v/
qt9ZzkOLfDQVhOXKfk577OGiFyqZ30VXQitZ82ySzO6LcwfRrNyp7oVYNVAe9joF
cHpqEL1unTEpwuHHCL/975XybWeGWQeJ8/2F3rXp2kdiW59t9C9UUIpKY+7gfF/A
0FG2hN0/msxYsHColUBSm1e7bm+ilUrJJIN5jZrJDsaV6Yb8AcjQ03wDIHGvrgJd
XbKFwZX31NdH9n02JpyotTJ+H+PwqCVplPVMBLzLhuKnhPrJ4sORtOoqKu44YGCM
MPc3FnWTYY1vn5SV0bE0ZHmECkMveQFeSpn43kTMpsxpA4oOXU9DyIDPG2LFm7IY
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:45:40 2026 by rpki-client