Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/wctakh6MbZAQ9a6QFbIr94pHwkI.roa
File: wctakh6MbZAQ9a6QFbIr94pHwkI.roa (raw, json)
Hash identifier: lYT29eFvKjLzub83kniNeffCXgKNHrPpMwyvMGS+Fao=
Subject key identifier: C1:CB:5A:92:1E:8C:6D:90:10:F5:AE:90:15:B2:2B:F7:8A:47:C2:42
Certificate issuer: /CN=0beb38e34bbe17e15772706c7a961a85e5d18b5c
Certificate serial: 019DAF66DAAC3AC50498FC34AE7F3012BD9D
Authority key identifier: 0B:EB:38:E3:4B:BE:17:E1:57:72:70:6C:7A:96:1A:85:E5:D1:8B:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/wctakh6MbZAQ9a6QFbIr94pHwkI.roa
Signing time: Tue 21 Apr 2026 09:37:26 +0000
ROA not before: Tue 21 Apr 2026 09:37:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201958
IP address blocks: 150.175.40.0/24 maxlen: 24
150.175.41.0/24 maxlen: 24
150.175.42.0/24 maxlen: 24
150.175.43.0/24 maxlen: 24
185.42.188.0/23 maxlen: 23
185.42.188.0/24 maxlen: 24
185.42.189.0/24 maxlen: 24
185.42.190.0/23 maxlen: 23
185.42.190.0/24 maxlen: 24
185.42.191.0/24 maxlen: 24
2a04:9140:3003::/48 maxlen: 48
2a04:9140:3043::/48 maxlen: 48
2a04:9140:3044::/48 maxlen: 48
2a04:9140:3104::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:af:66:da:ac:3a:c5:04:98:fc:34:ae:7f:30:12:bd:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0beb38e34bbe17e15772706c7a961a85e5d18b5c
Validity
Not Before: Apr 21 09:37:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c1cb5a921e8c6d9010f5ae9015b22bf78a47c242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:87:17:49:4b:b0:ed:41:8f:3f:5b:10:1c:33:
f4:d5:ae:67:66:a0:59:1f:7f:3f:e9:cd:0b:11:d3:
ae:47:60:3c:2c:b4:4f:7e:ab:46:68:a7:a9:d7:19:
37:61:5e:89:99:a1:f3:34:1b:4c:3b:a4:4c:4b:56:
0a:8b:0c:e3:3e:ac:41:fe:a2:7d:3e:4c:1f:59:c5:
e0:99:e5:83:f8:5b:35:9b:4c:06:4c:d8:05:2e:7b:
97:7d:69:82:b4:5c:c3:4a:cb:fb:e5:b3:56:26:ca:
c3:cf:c9:0d:0d:8a:49:a3:19:2b:10:e2:c7:e3:df:
1d:c9:93:62:08:8b:5f:02:93:d7:eb:75:d1:37:6f:
4d:80:03:72:0c:05:73:b6:3c:1c:57:d5:4f:05:13:
7e:3d:55:fa:1a:1f:6e:ce:99:a1:ec:92:00:e0:88:
1c:f6:24:48:65:67:92:e6:dd:30:11:6d:8b:f5:86:
40:3e:07:d8:94:c3:0f:da:c7:46:ff:e1:4f:03:09:
21:80:5d:dc:00:c4:b9:f4:f2:03:5e:15:b8:05:b0:
da:08:14:f3:af:ee:6d:b7:7b:94:c7:43:b5:92:8d:
45:e7:c9:01:d8:17:dd:2d:9b:66:c1:bd:d5:3a:a3:
fa:1d:94:f2:10:c6:8c:f1:8b:4e:0e:f8:62:d1:33:
db:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:CB:5A:92:1E:8C:6D:90:10:F5:AE:90:15:B2:2B:F7:8A:47:C2:42
X509v3 Authority Key Identifier:
keyid:0B:EB:38:E3:4B:BE:17:E1:57:72:70:6C:7A:96:1A:85:E5:D1:8B:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/wctakh6MbZAQ9a6QFbIr94pHwkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.175.40.0/22
185.42.188.0/22
IPv6:
2a04:9140:3003::/48
2a04:9140:3043::-2a04:9140:3044:ffff:ffff:ffff:ffff:ffff
2a04:9140:3104::/48
Signature Algorithm: sha256WithRSAEncryption
86:19:b5:6a:be:e5:a6:ba:cf:36:ea:60:ae:7f:ed:32:f5:88:
1f:8f:9e:a6:05:87:79:59:87:e6:6f:8b:2d:b1:ba:87:a1:4a:
94:c5:51:c1:8c:35:27:b5:fc:e8:84:d4:96:ac:7b:03:6a:1c:
c9:76:5e:4b:be:7a:85:14:e1:b5:43:ba:7f:73:48:79:a1:b5:
15:35:2f:19:b1:06:1e:63:b0:b7:45:16:65:0b:26:14:41:af:
62:7d:ae:68:50:6a:30:b3:55:88:cc:8d:5e:b3:af:15:8e:23:
e7:f4:f3:d4:d1:8c:3e:55:2b:dd:0a:f0:1f:bf:3a:87:63:6d:
5d:6c:2d:ce:b0:27:b9:f7:84:3d:ab:38:69:2e:b9:d6:41:c3:
02:dd:af:db:35:58:35:f7:ec:73:f1:f3:92:d8:64:9a:bf:6f:
51:b4:e7:ca:57:7f:dd:d5:a9:f1:ec:fb:fb:18:8b:63:2a:08:
52:f6:39:2a:b8:d2:73:17:86:90:15:7e:7a:4f:9e:64:7b:37:
35:8a:39:34:36:ac:2a:3b:a7:5f:1f:44:a4:24:50:23:3d:13:
5b:ed:c1:02:71:9c:31:80:36:37:89:71:7d:8d:77:de:bc:51:
0e:14:7a:29:b6:bc:55:f6:60:80:f8:65:14:e1:47:7f:a1:8b:
d0:3a:81:0c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ2vZtqsOsUEmPw0rn8wEr2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZWIzOGUzNGJiZTE3ZTE1NzcyNzA2YzdhOTYxYTg1ZTVk
MThiNWMwHhcNMjYwNDIxMDkzNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWNiNWE5MjFlOGM2ZDkwMTBmNWFlOTAxNWIyMmJmNzhhNDdjMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4cXSUuw7UGPP1sQHDP01a5nZqBZ
H38/6c0LEdOuR2A8LLRPfqtGaKep1xk3YV6JmaHzNBtMO6RMS1YKiwzjPqxB/qJ9
PkwfWcXgmeWD+Fs1m0wGTNgFLnuXfWmCtFzDSsv75bNWJsrDz8kNDYpJoxkrEOLH
498dyZNiCItfApPX63XRN29NgANyDAVztjwcV9VPBRN+PVX6Gh9uzpmh7JIA4Igc
9iRIZWeS5t0wEW2L9YZAPgfYlMMP2sdG/+FPAwkhgF3cAMS59PIDXhW4BbDaCBTz
r+5tt3uUx0O1ko1F58kB2BfdLZtmwb3VOqP6HZTyEMaM8YtODvhi0TPbeQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFMHLWpIejG2QEPWukBWyK/eKR8JCMB8GA1UdIwQY
MBaAFAvrOONLvhfhV3JwbHqWGoXl0YtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQy1zNDQwdS1GLUZYY25Cc2VwWWFoZVhSaTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zNzMxNDYtMmM5ZC00NWNjLTg1Y2Mt
OWI3OTk3NDgxZjcyLzEvd2N0YWtoNk1iWkFROWE2UUZiSXI5NHBId2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zNzMxNDYtMmM5ZC00NWNjLTg1Y2MtOWI3OTk3NDgxZjcy
LzEvQy1zNDQwdS1GLUZYY25Cc2VwWWFoZVhSaTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjASBAIAATAMAwQClq8oAwQC
uSq8MCwEAgACMCYDBwAqBJFAMAMwEgMHACoEkUAwQwMHACoEkUAwRAMHACoEkUAx
BDANBgkqhkiG9w0BAQsFAAOCAQEAhhm1ar7lprrPNupgrn/tMvWIH4+epgWHeVmH
5m+LLbG6h6FKlMVRwYw1J7X86ITUlqx7A2ocyXZeS756hRThtUO6f3NIeaG1FTUv
GbEGHmOwt0UWZQsmFEGvYn2uaFBqMLNViMyNXrOvFY4j5/Tz1NGMPlUr3QrwH786
h2NtXWwtzrAnufeEPas4aS651kHDAt2v2zVYNffsc/Hzkthkmr9vUbTnyld/3dWp
8ez7+xiLYyoIUvY5KrjScxeGkBV+ek+eZHs3NYo5NDasKjunXx9EpCRQIz0TW+3B
AnGcMYA2N4lxfY133rxRDhR6Kba8VfZggPhlFOFHf6GL0DqBDA==
-----END CERTIFICATE-----
Generated at Wed May 13 05:44:30 2026 by rpki-client