Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/WnjMNOoY6brOweXu-pLZPaVVJzQ.roa
File: WnjMNOoY6brOweXu-pLZPaVVJzQ.roa (raw, json)
Hash identifier: MdTzlHQJr2I5Kjg59vASTes+r3NsVPRu6qYqfhvACdM=
Subject key identifier: 5A:78:CC:34:EA:18:E9:BA:CE:C1:E5:EE:FA:92:D9:3D:A5:55:27:34
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 019DFE29C2796B50C09A4549E8EE63907CEC
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/WnjMNOoY6brOweXu-pLZPaVVJzQ.roa
Signing time: Wed 06 May 2026 16:40:42 +0000
ROA not before: Wed 06 May 2026 16:40:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13335
IP address blocks: 194.152.130.0/24 maxlen: 24
194.152.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fe:29:c2:79:6b:50:c0:9a:45:49:e8:ee:63:90:7c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: May 6 16:40:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5a78cc34ea18e9bacec1e5eefa92d93da5552734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e2:49:94:27:d8:70:5d:bc:51:36:2b:a2:54:
7a:fb:5d:38:3d:94:79:94:58:63:54:b3:96:a5:c4:
18:f4:fb:45:26:fe:5f:b9:11:48:c3:fe:8b:05:48:
0a:18:aa:51:59:87:d6:d9:eb:4a:c6:19:f7:09:a9:
11:52:cf:3d:77:1d:13:7a:44:e3:f2:14:cc:eb:97:
62:0c:56:49:a1:a6:7b:29:eb:d8:bc:f0:7e:65:93:
e1:08:ca:dd:54:83:c6:b1:03:8d:4b:40:78:67:4c:
86:f6:cc:78:18:a1:4f:52:43:1b:44:99:93:15:ff:
61:bd:87:f5:ce:9e:32:4d:ea:56:ea:32:6d:99:e9:
a5:ae:14:9f:dc:0f:e8:0c:78:3e:2b:9a:ae:09:ce:
74:0e:d3:6b:46:ec:79:b2:38:0b:f6:a0:1f:b7:8f:
88:dc:9c:b2:86:5f:7b:eb:74:12:ec:33:e6:d3:91:
f1:e7:c4:28:f7:45:ec:64:51:c9:c0:82:8e:ef:0c:
4d:2b:01:45:ca:72:00:4a:bc:b5:ef:9e:10:c5:08:
c5:4f:e9:35:a3:48:85:ce:bb:f7:c6:5d:1c:d4:b5:
fa:06:41:ee:c5:ff:1a:0a:6e:e7:cb:a2:50:dd:8a:
36:13:92:0b:ea:16:55:4a:a8:59:a3:98:90:6c:4a:
2c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:78:CC:34:EA:18:E9:BA:CE:C1:E5:EE:FA:92:D9:3D:A5:55:27:34
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/WnjMNOoY6brOweXu-pLZPaVVJzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.152.130.0/24
194.152.138.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:95:fb:f1:a7:66:9b:12:2d:20:27:91:7c:30:e6:a1:0d:0d:
b0:cf:8d:a7:de:c9:48:f4:09:fe:9a:18:7d:ae:b6:4e:9e:50:
8f:b7:d3:62:63:70:9c:c3:5b:25:cb:19:b3:30:85:51:a7:00:
fb:75:08:82:66:6c:62:af:d4:07:fc:a8:e7:21:53:b2:04:41:
ac:27:e2:33:ea:56:8f:90:ff:71:3b:6e:6f:d7:d5:24:44:85:
10:81:52:33:99:5e:76:eb:a8:07:ca:30:32:2f:c7:e6:c6:66:
a5:c7:a3:3f:16:37:3a:5d:f6:c8:f3:e3:4c:4d:ec:20:1f:37:
e1:73:9b:55:3a:98:3a:9b:33:41:dd:2e:9e:35:e6:c5:0f:ce:
68:6a:84:df:a6:1e:1b:a7:ea:17:25:83:d7:2d:66:05:07:4e:
b8:9a:af:0e:4c:c6:a5:83:67:58:25:fd:0c:82:91:2b:27:95:
da:c9:fd:f7:ac:79:4d:25:a2:79:54:78:aa:6c:d1:4e:ff:b2:
ef:8d:1b:90:1f:c9:18:71:9b:1e:e1:64:f6:25:4f:4f:cc:e5:
7a:bc:09:43:4e:e8:6b:20:85:e2:4e:3f:78:48:59:47:90:f1:
a7:99:af:82:34:c9:c2:c7:f6:3b:a6:da:03:a1:66:ae:1e:15:
97:0c:63:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3+KcJ5a1DAmkVJ6O5jkHzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjYwNTA2MTY0MDQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTc4Y2MzNGVhMThlOWJhY2VjMWU1ZWVmYTkyZDkzZGE1NTUyNzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+JJlCfYcF28UTYrolR6+104PZR5
lFhjVLOWpcQY9PtFJv5fuRFIw/6LBUgKGKpRWYfW2etKxhn3CakRUs89dx0TekTj
8hTM65diDFZJoaZ7KevYvPB+ZZPhCMrdVIPGsQONS0B4Z0yG9sx4GKFPUkMbRJmT
Ff9hvYf1zp4yTepW6jJtmemlrhSf3A/oDHg+K5quCc50DtNrRux5sjgL9qAft4+I
3Jyyhl9763QS7DPm05Hx58Qo90XsZFHJwIKO7wxNKwFFynIASry1754QxQjFT+k1
o0iFzrv3xl0c1LX6BkHuxf8aCm7ny6JQ3Yo2E5IL6hZVSqhZo5iQbEos2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFp4zDTqGOm6zsHl7vqS2T2lVSc0MB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvV25qTU5Pb1k2YnJPd2VYdS1wTFpQYVZWSnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwpiCAwQA
wpiKMA0GCSqGSIb3DQEBCwUAA4IBAQBflfvxp2abEi0gJ5F8MOahDQ2wz42n3slI
9An+mhh9rrZOnlCPt9NiY3Ccw1slyxmzMIVRpwD7dQiCZmxir9QH/KjnIVOyBEGs
J+Iz6laPkP9xO25v19UkRIUQgVIzmV5266gHyjAyL8fmxmalx6M/Fjc6XfbI8+NM
TewgHzfhc5tVOpg6mzNB3S6eNebFD85oaoTfph4bp+oXJYPXLWYFB064mq8OTMal
g2dYJf0MgpErJ5Xayf33rHlNJaJ5VHiqbNFO/7LvjRuQH8kYcZse4WT2JU9PzOV6
vAlDTuhrIIXiTj94SFlHkPGnma+CNMnCx/Y7ptoDoWauHhWXDGOM
-----END CERTIFICATE-----
Generated at Wed May 13 13:45:54 2026 by rpki-client