Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WjX9tNOiSE1Z4buYGaR2AF00bJ0.roa
File: WjX9tNOiSE1Z4buYGaR2AF00bJ0.roa (raw, json)
Hash identifier: WaKkf7OCMVa9fiSV5PcbBq2KoMmR8NyuIQOom3zH+C0=
Subject key identifier: 5A:35:FD:B4:D3:A2:48:4D:59:E1:BB:98:19:A4:76:00:5D:34:6C:9D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D065C00D5533CC3B86B4ED9CCCB7EAF6C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WjX9tNOiSE1Z4buYGaR2AF00bJ0.roa
Signing time: Thu 19 Mar 2026 13:49:45 +0000
ROA not before: Thu 19 Mar 2026 13:49:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 45.87.243.0/24 maxlen: 24
45.146.128.0/24 maxlen: 24
2a06:1180:100::/48 maxlen: 48
2a09:17c0:1000::/48 maxlen: 48
2a0e:c785:1::/48 maxlen: 48
2a0f:e6c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:5c:00:d5:53:3c:c3:b8:6b:4e:d9:cc:cb:7e:af:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 19 13:49:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5a35fdb4d3a2484d59e1bb9819a476005d346c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:96:0d:02:4f:31:8e:b7:cb:6a:08:aa:1f:48:
d2:b6:db:77:9b:fb:c8:4a:0a:95:26:70:d9:cb:95:
69:90:0e:32:2c:bd:d5:61:73:f5:d6:e8:d0:cd:df:
4f:0b:62:c8:ce:14:a2:53:b8:54:1e:69:76:2a:ca:
24:da:0e:89:c3:ec:0d:74:53:00:ac:ad:bd:fb:71:
b3:6b:40:61:5c:b4:07:95:0d:71:12:4a:ca:2c:4e:
53:0c:b6:fd:fc:d4:04:53:ed:85:48:f4:1a:32:2e:
f3:86:b8:9d:24:04:fc:06:58:e4:90:67:35:f9:7c:
7e:d4:33:9a:4b:ca:6f:93:49:44:24:c5:85:82:48:
f9:b1:89:3b:c3:c3:83:d5:b3:4f:e1:10:ab:18:79:
f7:5d:10:40:91:ea:99:75:26:86:89:70:ce:76:96:
a7:ba:21:d8:51:4a:22:3b:5d:e4:3e:a9:9d:57:00:
bb:62:7e:f7:e0:f7:ad:ca:a4:49:9c:6d:39:88:40:
52:35:4c:d1:91:1c:4d:9b:43:1c:be:a1:a8:0d:0d:
c9:07:34:a3:7d:d4:1c:00:40:9d:d8:f1:74:88:3c:
be:34:2e:4e:3d:1b:71:26:38:ac:db:76:8e:8b:ec:
8e:58:79:17:f6:2b:51:b7:8a:c5:30:96:c8:81:5e:
2b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:35:FD:B4:D3:A2:48:4D:59:E1:BB:98:19:A4:76:00:5D:34:6C:9D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WjX9tNOiSE1Z4buYGaR2AF00bJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.243.0/24
45.146.128.0/24
IPv6:
2a06:1180:100::/48
2a09:17c0:1000::/48
2a0e:c785:1::/48
2a0f:e6c7::/32
Signature Algorithm: sha256WithRSAEncryption
2f:af:f7:1a:0a:27:5b:a7:b2:c9:c7:3b:91:43:c5:9e:7d:9e:
43:72:71:e1:be:d6:51:94:d6:dd:a1:5b:da:8a:ae:3e:67:ee:
13:f7:c0:4c:ab:5c:1b:d1:f5:0b:eb:5c:60:d2:1e:59:4e:ae:
03:bd:59:06:6d:14:fc:ee:32:49:22:f3:dd:73:42:12:18:31:
0d:0c:96:f7:29:31:c6:8f:da:95:0f:4a:c9:cd:9d:28:c1:23:
4a:86:37:80:ef:25:f5:f3:57:ea:b3:a0:56:26:c5:c0:8f:27:
a6:1e:7b:74:6b:35:8a:8b:0b:e5:4d:94:d2:60:49:aa:d6:88:
be:a4:2b:ab:88:96:e6:45:ad:f1:66:69:59:42:28:82:fd:06:
3a:4b:fa:6b:11:69:c0:96:dd:76:13:7e:5c:c9:86:c7:d7:40:
39:5e:17:84:2d:08:61:12:3c:7f:37:22:70:59:f3:dc:9e:d7:
af:ba:48:7e:7a:53:f3:06:0c:f4:18:e6:0d:81:c6:ea:65:a5:
be:cb:4a:6f:6a:36:f6:b2:37:73:2b:72:78:02:f3:31:2e:41:
25:9e:83:64:7f:a9:7e:d0:24:0e:5f:e8:7c:0b:fa:ef:60:4d:
8f:8c:1a:29:9c:a6:c6:d7:c0:d9:19:15:d6:c7:da:3b:e1:5c:
f3:fc:49:ce
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ0GXADVUzzDuGtO2czLfq9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzE5MTM0OTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTM1ZmRiNGQzYTI0ODRkNTllMWJiOTgxOWE0NzYwMDVkMzQ2YzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpYNAk8xjrfLagiqH0jSttt3m/vI
SgqVJnDZy5VpkA4yLL3VYXP11ujQzd9PC2LIzhSiU7hUHml2Ksok2g6Jw+wNdFMA
rK29+3Gza0BhXLQHlQ1xEkrKLE5TDLb9/NQEU+2FSPQaMi7zhridJAT8BljkkGc1
+Xx+1DOaS8pvk0lEJMWFgkj5sYk7w8OD1bNP4RCrGHn3XRBAkeqZdSaGiXDOdpan
uiHYUUoiO13kPqmdVwC7Yn734PetyqRJnG05iEBSNUzRkRxNm0McvqGoDQ3JBzSj
fdQcAECd2PF0iDy+NC5OPRtxJjis23aOi+yOWHkX9itRt4rFMJbIgV4r/wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFo1/bTTokhNWeG7mBmkdgBdNGydMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvV2pYOXROT2lTRTFaNGJ1WUdhUjJBRjAwYkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjASBAIAATAMAwQALVfzAwQA
LZKAMCgEAgACMCIDBwAqBhGAAQADBwAqCRfAEAADBwAqDseFAAEDBQAqD+bHMA0G
CSqGSIb3DQEBCwUAA4IBAQAvr/caCidbp7LJxzuRQ8WefZ5DcnHhvtZRlNbdoVva
iq4+Z+4T98BMq1wb0fUL61xg0h5ZTq4DvVkGbRT87jJJIvPdc0ISGDENDJb3KTHG
j9qVD0rJzZ0owSNKhjeA7yX181fqs6BWJsXAjyemHnt0azWKiwvlTZTSYEmq1oi+
pCuriJbmRa3xZmlZQiiC/QY6S/prEWnAlt12E35cyYbH10A5XheELQhhEjx/NyJw
WfPcntevukh+elPzBgz0GOYNgcbqZaW+y0pvajb2sjdzK3J4AvMxLkElnoNkf6l+
0CQOX+h8C/rvYE2PjBopnKbG18DZGRXWx9o74Vzz/EnO
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:48:35 2026 by rpki-client