Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c62d13-7f03-4d19-8b46-fc91433d367d/1/wRfimvYG6uP1BQuztrYnul5AxK4.roa
File: wRfimvYG6uP1BQuztrYnul5AxK4.roa (raw, json)
Hash identifier: mNygzVCgId8/gWan0H+Y7eRS9fJ6Q7D8ydV4jRxwL1U=
Subject key identifier: C1:17:E2:9A:F6:06:EA:E3:F5:05:0B:B3:B6:B6:27:BA:5E:40:C4:AE
Certificate issuer: /CN=4ca13bdea54f76b8a85712afdb615186b33838c1
Certificate serial: 019D67F46F16BD709DB435AFCE1CC72E702F
Authority key identifier: 4C:A1:3B:DE:A5:4F:76:B8:A8:57:12:AF:DB:61:51:86:B3:38:38:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKE73qVPdrioVxKv22FRhrM4OME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c62d13-7f03-4d19-8b46-fc91433d367d/1/wRfimvYG6uP1BQuztrYnul5AxK4.roa
Signing time: Tue 07 Apr 2026 12:39:25 +0000
ROA not before: Tue 07 Apr 2026 12:39:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47309
IP address blocks: 130.0.20.0/23 maxlen: 23
130.0.22.0/23 maxlen: 23
194.8.90.0/23 maxlen: 23
212.99.128.0/19 maxlen: 19
212.99.173.0/24 maxlen: 24
212.99.174.0/24 maxlen: 24
212.99.177.0/24 maxlen: 24
2a02:e240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c62d13-7f03-4d19-8b46-fc91433d367d/1/TKE73qVPdrioVxKv22FRhrM4OME.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/c62d13-7f03-4d19-8b46-fc91433d367d/1/TKE73qVPdrioVxKv22FRhrM4OME.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKE73qVPdrioVxKv22FRhrM4OME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:f4:6f:16:bd:70:9d:b4:35:af:ce:1c:c7:2e:70:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca13bdea54f76b8a85712afdb615186b33838c1
Validity
Not Before: Apr 7 12:39:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c117e29af606eae3f5050bb3b6b627ba5e40c4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:61:d3:a6:22:dc:55:d9:70:fe:98:d3:91:80:
f0:0b:e6:58:41:d1:4f:e3:c3:e7:8f:49:08:4c:07:
08:da:39:98:98:06:38:9f:58:b7:cc:8b:ae:f1:4e:
2d:ca:c4:dd:0f:a7:c8:e4:dc:1c:85:37:f3:cd:ee:
38:f9:dd:2d:0b:27:41:18:49:40:0f:3e:e8:05:17:
75:5f:83:af:68:ba:85:a2:f4:8b:28:82:f1:b8:8a:
51:45:63:c1:fe:0e:0d:15:31:d5:c8:3c:77:9d:18:
2b:3d:29:fc:7e:f6:76:bd:f7:5e:53:46:31:09:f2:
3b:80:3e:36:c5:7a:76:4c:a5:61:5a:2b:bd:f9:b4:
fe:b3:8c:62:5c:76:0d:76:ca:27:a7:d6:86:9d:1d:
36:2a:70:32:ce:80:58:16:38:a0:2a:31:23:6a:6f:
51:8c:4b:c5:d3:01:e2:b9:6f:96:15:b5:e2:af:8d:
6f:6a:23:f2:45:e0:03:b6:61:d4:34:18:8a:3b:47:
3a:a9:b2:77:1f:dd:1a:61:26:99:e1:6f:13:a8:6f:
83:78:e7:be:a6:bd:c5:cb:88:b0:06:11:5f:26:f7:
1e:37:ec:f4:a7:cd:43:a0:68:17:69:14:f3:97:e3:
61:3b:0d:28:35:1a:93:d5:3f:13:9f:03:af:7c:1d:
43:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:17:E2:9A:F6:06:EA:E3:F5:05:0B:B3:B6:B6:27:BA:5E:40:C4:AE
X509v3 Authority Key Identifier:
keyid:4C:A1:3B:DE:A5:4F:76:B8:A8:57:12:AF:DB:61:51:86:B3:38:38:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKE73qVPdrioVxKv22FRhrM4OME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c62d13-7f03-4d19-8b46-fc91433d367d/1/wRfimvYG6uP1BQuztrYnul5AxK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c62d13-7f03-4d19-8b46-fc91433d367d/1/TKE73qVPdrioVxKv22FRhrM4OME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.0.20.0/22
194.8.90.0/23
212.99.128.0/19
212.99.173.0-212.99.174.255
212.99.177.0/24
IPv6:
2a02:e240::/29
Signature Algorithm: sha256WithRSAEncryption
a1:9b:d3:a2:56:95:7d:8b:2a:4b:21:a9:2f:1a:8e:89:e6:37:
e0:d7:a7:3f:00:9d:c7:ef:db:eb:0f:57:1c:b7:e5:32:5c:d6:
52:c1:f2:c3:f1:b2:f2:ba:60:85:95:fa:63:a6:cf:ad:6c:7a:
1e:23:55:b1:5d:50:c7:d2:6f:c3:86:f3:ad:45:d3:6a:85:81:
b1:8a:43:1f:a2:f0:c0:11:fa:0c:9f:7a:62:20:d5:40:6c:01:
d2:bc:af:86:34:c4:6b:d1:87:46:da:de:1e:57:bb:52:59:78:
23:c8:00:bb:e5:3c:eb:33:17:e1:98:a5:46:c5:46:8a:09:97:
34:26:5e:f0:70:76:bb:e8:b8:00:ed:4d:95:36:fb:fc:df:86:
ce:0c:af:1a:cd:f2:2b:ec:1d:17:e5:d2:9b:87:7d:b2:6c:f2:
b4:79:45:51:e2:42:be:a8:44:59:a0:c6:72:9a:de:7b:31:77:
e0:0e:23:ce:43:1f:ca:02:25:ed:20:fa:9a:35:c2:f2:2b:33:
42:cf:54:a0:90:dd:80:56:d9:85:64:ee:e5:6d:5f:97:a3:c4:
9c:10:cc:b1:31:9e:58:cf:d1:91:e4:0a:87:64:b5:78:9e:a1:
3f:7e:5d:ba:d2:74:7a:cb:ef:b5:20:9a:01:dd:60:46:c3:69:
76:35:22:71
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZ1n9G8WvXCdtDWvzhzHLnAvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTEzYmRlYTU0Zjc2YjhhODU3MTJhZmRiNjE1MTg2YjMz
ODM4YzEwHhcNMjYwNDA3MTIzOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTE3ZTI5YWY2MDZlYWUzZjUwNTBiYjNiNmI2MjdiYTVlNDBjNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWHTpiLcVdlw/pjTkYDwC+ZYQdFP
48Pnj0kITAcI2jmYmAY4n1i3zIuu8U4tysTdD6fI5NwchTfzze44+d0tCydBGElA
Dz7oBRd1X4OvaLqFovSLKILxuIpRRWPB/g4NFTHVyDx3nRgrPSn8fvZ2vfdeU0Yx
CfI7gD42xXp2TKVhWiu9+bT+s4xiXHYNdsonp9aGnR02KnAyzoBYFjigKjEjam9R
jEvF0wHiuW+WFbXir41vaiPyReADtmHUNBiKO0c6qbJ3H90aYSaZ4W8TqG+DeOe+
pr3Fy4iwBhFfJvceN+z0p81DoGgXaRTzl+NhOw0oNRqT1T8TnwOvfB1D8QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFMEX4pr2Burj9QULs7a2J7peQMSuMB8GA1UdIwQY
MBaAFEyhO96lT3a4qFcSr9thUYazODjBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtFNzNxVlBkcmlvVnhLdjIyRlJock00T01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNjJkMTMtN2YwMy00ZDE5LThiNDYt
ZmM5MTQzM2QzNjdkLzEvd1JmaW12WUc2dVAxQlF1enRyWW51bDVBeEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNjJkMTMtN2YwMy00ZDE5LThiNDYtZmM5MTQzM2QzNjdk
LzEvVEtFNzNxVlBkcmlvVnhLdjIyRlJock00T01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCggAUAwQB
wghaAwQF1GOAMAwDBADUY60DBADUY64DBADUY7EwDQQCAAIwBwMFAyoC4kAwDQYJ
KoZIhvcNAQELBQADggEBAKGb06JWlX2LKkshqS8ajonmN+DXpz8Ancfv2+sPVxy3
5TJc1lLB8sPxsvK6YIWV+mOmz61seh4jVbFdUMfSb8OG861F02qFgbGKQx+i8MAR
+gyfemIg1UBsAdK8r4Y0xGvRh0ba3h5Xu1JZeCPIALvlPOszF+GYpUbFRooJlzQm
XvBwdrvouADtTZU2+/zfhs4MrxrN8ivsHRfl0puHfbJs8rR5RVHiQr6oRFmgxnKa
3nsxd+AOI85DH8oCJe0g+po1wvIrM0LPVKCQ3YBW2YVk7uVtX5ejxJwQzLExnljP
0ZHkCodktXieoT9+XbrSdHrL77UgmgHdYEbDaXY1InE=
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:26:35 2026 by rpki-client