Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/WepaHCobvyfUL-s7Xvp2TdSaRCg.roa
File: WepaHCobvyfUL-s7Xvp2TdSaRCg.roa (raw, json)
Hash identifier: zTofr48e9nj7np9deTFY/xT9jqoaaYGmlvI2GruOzlI=
Subject key identifier: 59:EA:5A:1C:2A:1B:BF:27:D4:2F:EB:3B:5E:FA:76:4D:D4:9A:44:28
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 019D6C75001D3E82A292CCD0ED0C5CD48D9B
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/WepaHCobvyfUL-s7Xvp2TdSaRCg.roa
Signing time: Wed 08 Apr 2026 09:38:20 +0000
ROA not before: Wed 08 Apr 2026 09:38:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6206
IP address blocks: 37.46.192.0/21 maxlen: 24
69.161.192.0/21 maxlen: 24
91.199.50.0/24 maxlen: 24
94.185.80.0/21 maxlen: 24
94.228.208.0/20 maxlen: 24
107.182.112.0/20 maxlen: 20
109.235.48.0/21 maxlen: 24
194.110.67.0/24 maxlen: 24
2a00:dd0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6c:75:00:1d:3e:82:a2:92:cc:d0:ed:0c:5c:d4:8d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Apr 8 09:38:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=59ea5a1c2a1bbf27d42feb3b5efa764dd49a4428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:78:d4:49:9a:8d:b7:58:57:d0:23:c1:88:e3:
1c:91:8f:24:8d:e7:c5:ae:07:ea:f4:76:af:53:4f:
4f:d5:70:25:8c:01:b4:74:27:a7:2c:14:e7:3e:8f:
a3:f9:9a:62:f3:9b:38:ca:29:f8:33:be:61:66:7d:
c1:5d:ca:90:2b:14:5f:96:71:c3:5e:7a:3d:57:b0:
81:1e:85:6a:52:b5:6c:6b:77:a5:22:85:16:98:39:
27:2b:03:36:94:67:77:13:64:3e:b7:51:e5:54:23:
41:ac:24:fd:15:15:70:b1:d6:06:f8:43:25:10:2f:
b8:6c:2e:43:e9:34:91:7d:cc:0b:8f:ed:9e:c2:bd:
f8:2a:3e:29:4d:55:6b:58:55:1f:b9:8e:5d:f1:84:
c9:47:6e:4a:9a:6f:93:24:cd:89:20:71:73:bf:de:
3b:cd:76:5b:2c:4d:14:58:c7:44:e7:65:a8:32:6f:
57:b6:3c:8d:94:b2:dd:cb:44:31:6b:48:f6:1c:d2:
41:c1:48:cf:23:db:0d:83:66:e7:6b:02:0e:b4:3e:
b7:ce:0b:41:22:cd:a1:c6:c6:b6:2b:d5:57:35:a6:
47:3e:31:6f:35:d0:ed:f9:c6:f1:66:e7:53:48:52:
0c:92:51:57:b0:fc:ba:7a:02:2e:c5:b4:f1:c0:92:
e4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:EA:5A:1C:2A:1B:BF:27:D4:2F:EB:3B:5E:FA:76:4D:D4:9A:44:28
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/WepaHCobvyfUL-s7Xvp2TdSaRCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.192.0/21
69.161.192.0/21
91.199.50.0/24
94.185.80.0/21
94.228.208.0/20
107.182.112.0/20
109.235.48.0/21
194.110.67.0/24
IPv6:
2a00:dd0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:4f:e5:e7:a4:6b:78:2c:08:e5:a7:cf:3a:82:7a:72:68:0e:
89:ac:63:f9:eb:da:b6:5b:58:dc:c4:1f:9c:16:43:86:7a:8f:
73:2b:b4:10:28:ea:64:c4:16:41:86:87:e5:2c:2e:1e:63:f8:
6f:6f:9d:0d:de:cb:e5:85:29:c8:42:aa:91:61:f8:1b:df:db:
45:0a:e7:29:5a:00:37:cd:a7:7e:d9:fc:3b:71:d5:54:03:50:
77:c9:8c:68:47:9a:53:35:34:1d:2c:e3:c2:5e:d4:db:6a:3f:
6c:47:69:8d:38:51:a4:9b:56:26:ce:07:de:cc:03:41:7e:a4:
87:d0:45:23:b2:d4:4a:80:da:a6:40:63:d0:8f:fe:7f:c3:e5:
1f:cd:23:96:14:98:53:ae:71:bf:6e:87:46:66:af:e3:21:a9:
26:e3:a1:a3:cf:a3:c9:a8:70:20:3e:ea:52:cb:1a:0a:08:00:
25:fb:d8:ab:f7:dc:78:33:86:a5:06:c4:a9:60:2a:74:b8:1f:
c4:c2:d9:84:89:05:7f:ff:c7:0e:05:b2:b9:b6:7a:21:03:6b:
b5:d6:71:83:94:70:f4:b9:4c:44:6e:0e:69:33:75:ed:9f:8a:
e4:99:41:c6:a8:ac:c9:86:5f:05:3e:6b:0e:de:54:7d:d3:11:
44:60:fd:3e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ1sdQAdPoKikszQ7Qxc1I2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjYwNDA4MDkzODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWVhNWExYzJhMWJiZjI3ZDQyZmViM2I1ZWZhNzY0ZGQ0OWE0NDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHjUSZqNt1hX0CPBiOMckY8kjefF
rgfq9HavU09P1XAljAG0dCenLBTnPo+j+Zpi85s4yin4M75hZn3BXcqQKxRflnHD
Xno9V7CBHoVqUrVsa3elIoUWmDknKwM2lGd3E2Q+t1HlVCNBrCT9FRVwsdYG+EMl
EC+4bC5D6TSRfcwLj+2ewr34Kj4pTVVrWFUfuY5d8YTJR25Kmm+TJM2JIHFzv947
zXZbLE0UWMdE52WoMm9XtjyNlLLdy0Qxa0j2HNJBwUjPI9sNg2bnawIOtD63zgtB
Is2hxsa2K9VXNaZHPjFvNdDt+cbxZudTSFIMklFXsPy6egIuxbTxwJLkxQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFFnqWhwqG78n1C/rO176dk3UmkQoMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvV2VwYUhDb2J2eWZVTC1zN1h2cDJUZFNhUkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJS7AAwQD
RaHAAwQAW8cyAwQDXrlQAwQEXuTQAwQEa7ZwAwQDbeswAwQAwm5DMA0EAgACMAcD
BQAqAA3QMA0GCSqGSIb3DQEBCwUAA4IBAQBuT+XnpGt4LAjlp886gnpyaA6JrGP5
69q2W1jcxB+cFkOGeo9zK7QQKOpkxBZBhoflLC4eY/hvb50N3svlhSnIQqqRYfgb
39tFCucpWgA3zad+2fw7cdVUA1B3yYxoR5pTNTQdLOPCXtTbaj9sR2mNOFGkm1Ym
zgfezANBfqSH0EUjstRKgNqmQGPQj/5/w+UfzSOWFJhTrnG/bodGZq/jIakm46Gj
z6PJqHAgPupSyxoKCAAl+9ir99x4M4alBsSpYCp0uB/EwtmEiQV//8cOBbK5tnoh
A2u11nGDlHD0uUxEbg5pM3Xtn4rkmUHGqKzJhl8FPmsO3lR90xFEYP0+
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:13:35 2026 by rpki-client