Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/w9mp4GF3yC-bSBQ9Lj_soykr8Ls.roa
File: w9mp4GF3yC-bSBQ9Lj_soykr8Ls.roa (raw, json)
Hash identifier: IyrOxcsBw284ef1oGFegKTu8cLCN6P0BZLtpdwl1Xxw=
Subject key identifier: C3:D9:A9:E0:61:77:C8:2F:9B:48:14:3D:2E:3F:EC:A3:29:2B:F0:BB
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019C2972ED7EE4ACA07857EC545D38605080
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/w9mp4GF3yC-bSBQ9Lj_soykr8Ls.roa
Signing time: Wed 04 Feb 2026 16:18:43 +0000
ROA not before: Wed 04 Feb 2026 16:18:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 53356
IP address blocks: 79.135.128.0/22 maxlen: 22
79.135.132.0/22 maxlen: 22
79.135.144.0/22 maxlen: 22
79.135.148.0/22 maxlen: 22
80.254.208.0/20 maxlen: 22
80.254.208.0/22 maxlen: 22
80.254.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:29:72:ed:7e:e4:ac:a0:78:57:ec:54:5d:38:60:50:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Feb 4 16:18:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c3d9a9e06177c82f9b48143d2e3feca3292bf0bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d3:a4:72:9d:e2:68:90:e9:05:c2:c1:74:8e:
b0:05:3d:bc:e2:9b:f7:49:e9:95:97:e8:22:92:c3:
27:75:ca:37:c6:fa:ab:b0:4b:cf:ab:68:53:31:f4:
7f:27:68:dc:38:ea:d0:aa:1c:ba:ca:c2:bb:5b:59:
c9:fa:95:80:8e:ba:69:e6:dd:32:b7:f3:a3:62:2b:
2b:5a:05:de:08:1e:93:9b:3f:df:3c:04:01:b2:84:
2f:32:10:f7:3f:a0:0d:91:9b:04:e9:0a:a6:6d:f4:
26:7b:8e:d8:9e:8c:ef:de:5a:97:9c:83:09:a2:b4:
35:b3:4c:1f:4e:7a:d4:09:df:8c:6b:d7:86:4f:07:
7b:3d:fc:e7:bc:9b:64:7f:9e:0d:8a:fc:e4:88:58:
4d:53:cb:b7:a2:4c:74:dd:75:73:0c:92:e0:5e:e6:
14:f7:79:05:56:49:7b:ed:03:af:3b:9b:69:5d:6a:
7c:55:9c:1c:2a:01:c3:bd:98:84:13:55:73:1c:46:
84:61:a3:09:f7:fb:71:6e:07:d7:4d:a1:34:cf:b1:
80:cb:f0:b5:3b:76:67:8b:e6:57:e2:3a:50:15:dd:
85:49:1e:82:fe:c2:d3:88:49:f4:3d:12:0c:40:58:
a6:d4:80:68:d5:a3:12:b1:c0:4c:3b:e2:91:26:88:
3a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D9:A9:E0:61:77:C8:2F:9B:48:14:3D:2E:3F:EC:A3:29:2B:F0:BB
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/w9mp4GF3yC-bSBQ9Lj_soykr8Ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.128.0/21
79.135.144.0/21
80.254.208.0/20
Signature Algorithm: sha256WithRSAEncryption
8d:53:81:df:97:b1:1a:db:ee:a5:1a:90:a1:7d:3b:09:27:73:
74:64:8e:9f:e6:75:17:03:1e:e2:68:ce:4c:26:5c:41:d6:9a:
2d:ed:36:5b:6e:4d:8d:62:ba:81:5e:d2:c3:48:b2:1e:9f:f7:
e7:2a:ab:38:03:20:11:af:7b:4b:01:e1:25:19:da:20:cb:81:
c4:0c:c8:8c:b6:c3:1e:d1:bb:7b:d3:3b:56:cd:ec:de:e8:31:
5f:73:a5:8d:17:14:d3:5f:6e:05:4c:d7:c6:b1:8b:e6:8c:dd:
b8:33:08:03:71:89:55:71:41:4a:95:e0:ba:82:a7:96:da:d7:
1b:2b:12:ba:af:4a:c3:a7:d0:21:a4:df:6a:ca:b4:3f:73:98:
01:6b:e6:a3:9c:e1:78:e9:3d:99:99:6a:3c:fe:0a:c5:30:1e:
1e:81:d1:f5:33:0e:2f:41:d7:42:47:5f:ad:ce:4a:4a:99:35:
ba:96:9a:2d:5a:df:83:44:62:37:6c:03:39:93:60:f2:33:15:
5a:d5:71:ce:ad:28:98:67:06:cd:9f:82:72:36:17:8b:b6:46:
8c:55:2a:ee:5a:92:82:1f:61:c8:fe:27:12:18:90:c2:4c:43:
d3:bf:98:8f:47:2a:10:34:cd:60:6e:c1:0c:d6:26:e0:c6:a5:
3f:9a:3d:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZwpcu1+5KygeFfsVF04YFCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwMjA0MTYxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Q5YTllMDYxNzdjODJmOWI0ODE0M2QyZTNmZWNhMzI5MmJmMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9Okcp3iaJDpBcLBdI6wBT284pv3
SemVl+giksMndco3xvqrsEvPq2hTMfR/J2jcOOrQqhy6ysK7W1nJ+pWAjrpp5t0y
t/OjYisrWgXeCB6Tmz/fPAQBsoQvMhD3P6ANkZsE6QqmbfQme47Ynozv3lqXnIMJ
orQ1s0wfTnrUCd+Ma9eGTwd7PfznvJtkf54NivzkiFhNU8u3okx03XVzDJLgXuYU
93kFVkl77QOvO5tpXWp8VZwcKgHDvZiEE1VzHEaEYaMJ9/txbgfXTaE0z7GAy/C1
O3Zni+ZX4jpQFd2FSR6C/sLTiEn0PRIMQFim1IBo1aMSscBMO+KRJog6BQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMPZqeBhd8gvm0gUPS4/7KMpK/C7MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvdzltcDRHRjN5Qy1iU0JROUxqX3NveWtyOExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDT4eAAwQD
T4eQAwQEUP7QMA0GCSqGSIb3DQEBCwUAA4IBAQCNU4Hfl7Ea2+6lGpChfTsJJ3N0
ZI6f5nUXAx7iaM5MJlxB1pot7TZbbk2NYrqBXtLDSLIen/fnKqs4AyARr3tLAeEl
Gdogy4HEDMiMtsMe0bt70ztWzeze6DFfc6WNFxTTX24FTNfGsYvmjN24MwgDcYlV
cUFKleC6gqeW2tcbKxK6r0rDp9AhpN9qyrQ/c5gBa+ajnOF46T2ZmWo8/grFMB4e
gdH1Mw4vQddCR1+tzkpKmTW6lpotWt+DRGI3bAM5k2DyMxVa1XHOrSiYZwbNn4Jy
NheLtkaMVSruWpKCH2HI/icSGJDCTEPTv5iPRyoQNM1gbsEM1ibgxqU/mj1c
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:25:59 2026 by rpki-client