Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/_wlQDJ-a5t0DnOpjlzl4sYCEK0c.roa
File: _wlQDJ-a5t0DnOpjlzl4sYCEK0c.roa (raw, json)
Hash identifier: GiE+B1Cr5+9pg7bf5qdmnXZtbR2Ijwng4egZwOyoXmA=
Subject key identifier: FF:09:50:0C:9F:9A:E6:DD:03:9C:EA:63:97:39:78:B1:80:84:2B:47
Certificate issuer: /CN=348cf9779a92efe97543b22a347b81c2eaa5bbfa
Certificate serial: 019D9171CC26E245B66596A4B08DC1DB3247
Authority key identifier: 34:8C:F9:77:9A:92:EF:E9:75:43:B2:2A:34:7B:81:C2:EA:A5:BB:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/_wlQDJ-a5t0DnOpjlzl4sYCEK0c.roa
Signing time: Wed 15 Apr 2026 14:00:47 +0000
ROA not before: Wed 15 Apr 2026 14:00:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199752
IP address blocks: 45.113.236.0/24 maxlen: 24
185.36.132.0/22 maxlen: 22
185.187.108.0/22 maxlen: 22
185.239.171.0/24 maxlen: 24
195.191.198.0/23 maxlen: 23
2a00:ef20::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:91:71:cc:26:e2:45:b6:65:96:a4:b0:8d:c1:db:32:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=348cf9779a92efe97543b22a347b81c2eaa5bbfa
Validity
Not Before: Apr 15 14:00:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ff09500c9f9ae6dd039cea63973978b180842b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:0f:a7:10:e3:74:55:5f:b2:c7:6a:56:76:
b4:98:b4:80:2a:a0:f5:4e:d6:ba:a4:c1:76:16:f9:
db:44:40:82:9b:fa:11:a2:17:07:af:0d:7b:83:27:
39:5c:6e:8b:a3:c2:be:d2:00:9a:aa:91:bb:d0:47:
48:2f:88:a1:97:77:f1:3a:79:8a:f4:64:60:44:fa:
22:f9:34:9a:dc:3e:14:9b:21:80:46:3a:41:a0:68:
e7:57:8e:b0:d2:4b:a5:bc:66:30:22:e8:bd:d9:c3:
e9:17:2a:90:20:2a:9d:ad:17:fa:67:1f:22:a6:7a:
9f:d9:05:4c:1d:07:c0:76:f4:8c:69:4f:41:9a:49:
be:bd:3c:bd:db:27:11:2e:05:52:76:ff:27:9f:7e:
66:3a:d9:ac:c2:6f:0c:55:4d:e0:ea:a8:08:ea:bc:
d7:f8:db:2b:b6:af:2a:18:fd:70:60:55:7e:6a:39:
4e:70:8f:53:54:78:fd:3a:e3:67:be:64:7c:44:bc:
af:a1:7c:b5:a5:f2:cc:07:b4:aa:5e:39:40:e0:72:
99:bf:9b:a4:87:69:20:ec:02:c4:24:41:10:9d:a9:
70:da:1f:50:68:4b:3b:eb:b1:e9:07:e7:b2:0d:26:
0b:8d:c1:2e:4c:87:87:73:55:64:d7:5c:49:b2:7f:
4f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:09:50:0C:9F:9A:E6:DD:03:9C:EA:63:97:39:78:B1:80:84:2B:47
X509v3 Authority Key Identifier:
keyid:34:8C:F9:77:9A:92:EF:E9:75:43:B2:2A:34:7B:81:C2:EA:A5:BB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/_wlQDJ-a5t0DnOpjlzl4sYCEK0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.113.236.0/24
185.36.132.0/22
185.187.108.0/22
185.239.171.0/24
195.191.198.0/23
IPv6:
2a00:ef20::/29
Signature Algorithm: sha256WithRSAEncryption
a2:c5:ec:79:9a:a7:46:16:52:6f:70:36:b7:bf:d0:fd:e7:28:
1b:31:95:14:97:a1:af:11:02:1a:79:28:1a:3f:2d:fe:f2:f4:
31:fb:0a:97:9b:49:b0:a7:03:06:c0:ec:2e:69:59:31:66:61:
36:21:cb:e4:90:0e:01:79:b2:a8:d0:20:c4:b5:6b:77:89:c7:
78:d3:c5:8e:40:35:49:d4:8c:55:12:a7:86:99:2e:59:6a:59:
97:03:11:71:d3:44:90:56:a2:0b:28:5a:db:c0:b7:e3:8e:75:
9f:b3:93:99:b4:a1:98:d7:75:c0:30:8b:30:ba:eb:85:fb:c1:
e8:21:71:48:a6:02:a9:22:bd:33:68:12:e9:48:e7:5f:c3:9b:
ef:ea:af:4b:01:2b:4a:70:50:a8:5f:85:67:4c:ea:55:8b:93:
e4:c1:e4:8d:be:d6:ab:d9:aa:ea:f8:00:85:40:58:97:73:10:
a4:bb:12:12:17:8d:aa:d1:f7:9d:a3:2f:32:be:5e:9b:45:a2:
4c:a0:94:1c:4d:98:83:19:c2:c6:52:0a:01:fa:e0:1c:8c:49:
96:ed:8b:13:dd:f1:bf:88:c9:5b:c1:72:5c:3c:ec:09:59:77:
67:99:b6:ca:21:49:27:15:86:c3:50:ce:25:87:94:15:e4:d8:
48:56:74:8c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ2Rccwm4kW2ZZaksI3B2zJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OGNmOTc3OWE5MmVmZTk3NTQzYjIyYTM0N2I4MWMyZWFh
NWJiZmEwHhcNMjYwNDE1MTQwMDQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjA5NTAwYzlmOWFlNmRkMDM5Y2VhNjM5NzM5NzhiMTgwODQyYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhgPpxDjdFVfssdqVna0mLSAKqD1
Tta6pMF2FvnbRECCm/oRohcHrw17gyc5XG6Lo8K+0gCaqpG70EdIL4ihl3fxOnmK
9GRgRPoi+TSa3D4UmyGARjpBoGjnV46w0kulvGYwIui92cPpFyqQICqdrRf6Zx8i
pnqf2QVMHQfAdvSMaU9Bmkm+vTy92ycRLgVSdv8nn35mOtmswm8MVU3g6qgI6rzX
+Nsrtq8qGP1wYFV+ajlOcI9TVHj9OuNnvmR8RLyvoXy1pfLMB7SqXjlA4HKZv5uk
h2kg7ALEJEEQnalw2h9QaEs767HpB+eyDSYLjcEuTIeHc1Vk11xJsn9PYwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFP8JUAyfmubdA5zqY5c5eLGAhCtHMB8GA1UdIwQY
MBaAFDSM+Xeaku/pdUOyKjR7gcLqpbv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkl6NWQ1cVM3LWwxUTdJcU5IdUJ3dXFsdV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yOWNkNTgtODMyNy00MmJlLWI3Zjkt
Yzk4MTlhNDEwYTdhLzEvX3dsUURKLWE1dDBEbk9wamx6bDRzWUNFSzBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yOWNkNTgtODMyNy00MmJlLWI3ZjktYzk4MTlhNDEwYTdh
LzEvTkl6NWQ1cVM3LWwxUTdJcU5IdUJ3dXFsdV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALXHsAwQC
uSSEAwQCubtsAwQAue+rAwQBw7/GMA0EAgACMAcDBQMqAO8gMA0GCSqGSIb3DQEB
CwUAA4IBAQCixex5mqdGFlJvcDa3v9D95ygbMZUUl6GvEQIaeSgaPy3+8vQx+wqX
m0mwpwMGwOwuaVkxZmE2IcvkkA4BebKo0CDEtWt3icd408WOQDVJ1IxVEqeGmS5Z
almXAxFx00SQVqILKFrbwLfjjnWfs5OZtKGY13XAMIswuuuF+8HoIXFIpgKpIr0z
aBLpSOdfw5vv6q9LAStKcFCoX4VnTOpVi5PkweSNvtar2arq+ACFQFiXcxCkuxIS
F42q0fedoy8yvl6bRaJMoJQcTZiDGcLGUgoB+uAcjEmW7YsT3fG/iMlbwXJcPOwJ
WXdnmbbKIUknFYbDUM4lh5QV5NhIVnSM
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:26:14 2026 by rpki-client