Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/w4XR7nwro5wjJE5JtKRUqOgZf5k.roa
File: w4XR7nwro5wjJE5JtKRUqOgZf5k.roa (raw, json)
Hash identifier: KiumyrEOqBPi+erguwa4/UEHEHESuukLcClHJxfKhnI=
Subject key identifier: C3:85:D1:EE:7C:2B:A3:9C:23:24:4E:49:B4:A4:54:A8:E8:19:7F:99
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 019EBB8A203E6AA8EBA034A530FA2E760E9F
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/w4XR7nwro5wjJE5JtKRUqOgZf5k.roa
Signing time: Fri 12 Jun 2026 11:14:12 +0000
ROA not before: Fri 12 Jun 2026 11:14:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30870
IP address blocks: 83.98.136.0/23 maxlen: 23
83.98.148.0/24 maxlen: 24
83.98.154.0/23 maxlen: 23
83.98.167.0/24 maxlen: 24
83.98.209.0/24 maxlen: 24
83.98.216.0/24 maxlen: 24
83.98.217.0/24 maxlen: 24
83.98.218.0/23 maxlen: 23
83.98.220.0/23 maxlen: 23
89.30.150.0/23 maxlen: 23
89.30.154.0/23 maxlen: 23
89.30.156.0/24 maxlen: 24
89.30.157.0/24 maxlen: 24
213.247.54.0/23 maxlen: 24
213.247.55.0/24 maxlen: 24
213.247.57.0/24 maxlen: 24
213.247.62.0/23 maxlen: 23
2001:16f8:15::/48 maxlen: 48
2001:16f8:666::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bb:8a:20:3e:6a:a8:eb:a0:34:a5:30:fa:2e:76:0e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: Jun 12 11:14:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c385d1ee7c2ba39c23244e49b4a454a8e8197f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dd:92:5c:4f:2f:0f:3e:86:98:09:ec:bd:bc:
8b:ed:74:b6:80:52:8a:00:9f:4b:34:a4:8e:0a:14:
04:5f:30:6e:a6:ca:7b:55:41:79:b9:ec:43:f9:dd:
39:c4:7c:56:77:3c:f0:69:31:b8:72:86:8b:7f:72:
56:ca:89:46:00:00:d6:21:80:ec:fd:fe:9b:71:16:
dd:90:4a:26:3c:77:8b:d0:79:94:c6:27:7d:2e:12:
48:94:f3:b3:43:7a:5b:fc:75:96:ab:ac:dd:29:7a:
af:bd:82:ef:90:8f:c7:91:6b:3a:18:e1:ee:5a:0a:
51:02:0c:15:81:f1:ba:24:d7:bb:85:ab:24:bc:1f:
51:1d:b7:97:43:05:9f:f2:8e:ee:3f:ad:63:84:a6:
7e:b5:5d:fc:33:a9:87:b2:0b:49:a5:0f:6a:5f:be:
fd:27:f6:6a:13:ec:64:22:79:46:f3:0a:58:c5:c4:
c8:df:9f:85:fb:1f:43:c6:10:dc:78:00:b6:60:f2:
6f:16:c5:b0:66:24:f2:9e:96:02:d9:7a:97:a1:f3:
c8:3c:c9:c2:84:1e:0c:36:48:2f:41:22:d0:7f:19:
20:92:9d:17:72:6e:1b:1d:d5:67:a6:64:49:8b:ee:
5d:6a:39:f9:f7:38:c5:f7:65:bd:2e:c0:af:bc:bf:
3c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:85:D1:EE:7C:2B:A3:9C:23:24:4E:49:B4:A4:54:A8:E8:19:7F:99
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/w4XR7nwro5wjJE5JtKRUqOgZf5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.98.136.0/23
83.98.148.0/24
83.98.154.0/23
83.98.167.0/24
83.98.209.0/24
83.98.216.0-83.98.221.255
89.30.150.0/23
89.30.154.0-89.30.157.255
213.247.54.0/23
213.247.57.0/24
213.247.62.0/23
IPv6:
2001:16f8:15::/48
2001:16f8:666::/48
Signature Algorithm: sha256WithRSAEncryption
5b:a2:e0:79:e3:d7:8a:a7:4a:23:b8:46:db:aa:04:25:95:b3:
e7:ce:ee:0a:78:a1:00:97:f4:58:3b:32:fe:2a:e4:cb:9d:76:
e1:5f:5a:ec:5b:ea:41:15:37:d0:37:b2:5e:38:f3:87:6b:35:
3a:6a:bb:06:85:36:a3:ef:62:54:69:20:28:61:cb:5a:81:ef:
8e:0d:37:5d:fe:2b:97:49:7a:d9:8e:f5:18:f6:61:94:1b:87:
59:42:23:c5:fb:9a:e1:c0:81:86:ac:64:30:e2:3d:33:11:64:
cf:ea:74:16:5d:c3:2d:91:8e:32:7b:3b:a4:88:40:a9:d5:41:
ac:65:1f:fa:d3:ff:28:7b:7c:07:86:67:76:bb:4b:a1:37:f7:
99:23:70:82:80:ec:42:88:78:eb:38:3d:c7:76:39:8e:73:38:
6b:8f:6a:7d:7d:75:65:b2:0c:69:29:fa:49:e7:60:04:a1:d8:
34:13:0d:e9:10:ef:91:9b:b2:aa:40:fb:16:a8:aa:78:f0:26:
0a:43:bf:2b:c3:75:f5:c0:c4:2f:78:ad:22:40:79:ed:b9:74:
5e:09:a9:46:c8:a9:bf:9c:ad:9a:be:7d:03:cf:95:07:8a:37:
06:45:ba:df:be:2a:ef:d4:bb:24:30:a7:10:0d:4e:88:76:18:
76:b0:df:9b
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZ67iiA+aqjroDSlMPoudg6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDE1NjU0MDgyNTc4YzQ5NDZjZDI3YmUxZTg5YTNkZDc1
NjJmYTQwHhcNMjYwNjEyMTExNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzg1ZDFlZTdjMmJhMzljMjMyNDRlNDliNGE0NTRhOGU4MTk3Zjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud2SXE8vDz6GmAnsvbyL7XS2gFKK
AJ9LNKSOChQEXzBupsp7VUF5uexD+d05xHxWdzzwaTG4coaLf3JWyolGAADWIYDs
/f6bcRbdkEomPHeL0HmUxid9LhJIlPOzQ3pb/HWWq6zdKXqvvYLvkI/HkWs6GOHu
WgpRAgwVgfG6JNe7haskvB9RHbeXQwWf8o7uP61jhKZ+tV38M6mHsgtJpQ9qX779
J/ZqE+xkInlG8wpYxcTI35+F+x9DxhDceAC2YPJvFsWwZiTynpYC2XqXofPIPMnC
hB4MNkgvQSLQfxkgkp0Xcm4bHdVnpmRJi+5dajn59zjF92W9LsCvvL88DQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFMOF0e58K6OcIyROSbSkVKjoGX+ZMB8GA1UdIwQY
MBaAFEMBVlQIJXjElGzSe+Homj3XVi+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTkt
MTAzMGNkYmU2YmQ0LzEvdzRYUjdud3JvNXdqSkU1SnRLUlVxT2daZjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTktMTAzMGNkYmU2YmQ0
LzEvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwWAQCAAEwUgMEAVNiiAME
AFNilAMEAVNimgMEAFNipwMEAFNi0TAMAwQDU2LYAwQBU2LcAwQBWR6WMAwDBAFZ
HpoDBAFZHpwDBAHV9zYDBADV9zkDBAHV9z4wGAQCAAIwEgMHACABFvgAFQMHACAB
FvgGZjANBgkqhkiG9w0BAQsFAAOCAQEAW6LgeePXiqdKI7hG26oEJZWz587uCnih
AJf0WDsy/irky5124V9a7FvqQRU30DeyXjjzh2s1Omq7BoU2o+9iVGkgKGHLWoHv
jg03Xf4rl0l62Y71GPZhlBuHWUIjxfua4cCBhqxkMOI9MxFkz+p0Fl3DLZGOMns7
pIhAqdVBrGUf+tP/KHt8B4ZndrtLoTf3mSNwgoDsQoh46zg9x3Y5jnM4a49qfX11
ZbIMaSn6SedgBKHYNBMN6RDvkZuyqkD7FqiqePAmCkO/K8N19cDEL3itIkB57bl0
XgmpRsipv5ytmr59A8+VB4o3BkW6374q79S7JDCnEA1OiHYYdrDfmw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:06:44 2026 by rpki-client