Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/Cw5n-PWT2I1DxgK5DhwcrBsPkdE.roa
File: Cw5n-PWT2I1DxgK5DhwcrBsPkdE.roa (raw, json)
Hash identifier: mUvGxOekgoK3xHrsniH+HyllAGZivMOYDnmq6KeKBXw=
Subject key identifier: 0B:0E:67:F8:F5:93:D8:8D:43:C6:02:B9:0E:1C:1C:AC:1B:0F:91:D1
Certificate issuer: /CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Certificate serial: 019C950394BC0C99BCEED1635D5EA36F9D9E
Authority key identifier: 1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/Cw5n-PWT2I1DxgK5DhwcrBsPkdE.roa
Signing time: Wed 25 Feb 2026 13:36:05 +0000
ROA not before: Wed 25 Feb 2026 13:36:05 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39728
IP address blocks: 45.152.24.0/22 maxlen: 22
45.152.27.0/24 maxlen: 24
91.217.4.0/23 maxlen: 24
176.113.224.0/19 maxlen: 24
178.214.160.0/19 maxlen: 24
178.216.232.0/21 maxlen: 21
185.149.196.0/22 maxlen: 22
185.178.245.0/24 maxlen: 24
185.178.246.0/24 maxlen: 24
194.31.152.0/22 maxlen: 24
195.8.56.0/23 maxlen: 24
2a07:6900::/48 maxlen: 48
2a07:6900:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:95:03:94:bc:0c:99:bc:ee:d1:63:5d:5e:a3:6f:9d:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Validity
Not Before: Feb 25 13:36:05 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0b0e67f8f593d88d43c602b90e1c1cac1b0f91d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5d:4f:1d:fd:5c:c9:7a:3a:d1:02:38:54:77:
61:f2:98:23:4f:a9:58:6e:34:85:43:ae:3f:a3:17:
7c:22:f4:29:a7:8d:58:f2:4e:95:aa:0e:65:c2:c0:
cf:fd:35:65:f9:11:fc:81:be:6e:a6:f6:5a:3c:6d:
62:1c:86:38:ad:82:b3:a3:a1:57:ae:b3:43:71:51:
76:25:3b:b3:90:bc:5d:cd:59:04:8a:63:bd:44:b7:
c8:22:9b:1b:8b:5d:68:19:40:88:48:ea:8b:58:99:
b7:77:1a:38:12:45:2b:63:eb:a0:93:82:5b:01:08:
a5:bf:64:b4:51:2d:96:3e:4b:14:6d:32:5a:36:e7:
f5:a1:ed:e4:98:df:ff:8d:64:f6:9c:74:aa:8e:4c:
06:16:58:3b:84:59:0e:26:85:bf:29:1c:e8:82:e6:
b8:a8:ea:73:c8:82:ae:58:66:97:f3:da:3b:de:b4:
82:44:9a:df:7e:85:9c:f8:98:10:9a:c6:86:cc:86:
66:d3:d4:ab:4f:05:e7:ed:e4:ca:22:71:4d:c6:00:
a1:b3:bc:90:a8:f6:17:2b:ff:b7:28:e1:0a:3e:34:
92:de:54:85:a3:d0:9f:19:3f:45:8b:82:fe:4c:2d:
f8:86:6b:22:2c:de:9a:fa:b3:d8:09:b4:7c:6c:34:
68:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0E:67:F8:F5:93:D8:8D:43:C6:02:B9:0E:1C:1C:AC:1B:0F:91:D1
X509v3 Authority Key Identifier:
keyid:1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/Cw5n-PWT2I1DxgK5DhwcrBsPkdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.24.0/22
91.217.4.0/23
176.113.224.0/19
178.214.160.0/19
178.216.232.0/21
185.149.196.0/22
185.178.245.0-185.178.246.255
194.31.152.0/22
195.8.56.0/23
IPv6:
2a07:6900::/47
Signature Algorithm: sha256WithRSAEncryption
52:c3:fc:90:62:6f:4b:bb:fa:d9:8d:aa:90:97:8a:15:68:1a:
fe:26:1f:eb:d6:f1:a1:5e:57:36:1a:28:27:79:05:63:19:19:
b8:b2:bc:ad:41:17:59:34:56:31:11:f8:bf:1f:57:dd:23:3d:
6a:03:af:eb:5c:75:ec:dc:a7:72:f4:9b:e8:44:d9:55:f1:66:
08:05:60:b4:d9:64:68:ac:4e:00:32:55:36:5a:e4:87:2a:0c:
36:f5:05:55:72:fd:54:5d:6a:16:26:34:e5:ad:4c:2c:97:c2:
4a:d2:c4:42:b0:5e:4c:6c:67:a6:f0:5d:e9:c7:3d:63:46:61:
fe:a6:eb:d6:ab:d3:02:9a:a0:8a:37:0e:ea:43:b0:8d:29:41:
3b:4a:1a:0e:df:34:eb:0a:36:49:a3:12:c0:d6:7d:da:5c:15:
9b:10:57:61:0b:a1:89:5a:a9:6f:8b:b8:d1:15:55:1c:15:d0:
74:df:eb:6e:98:18:59:d7:93:5a:b3:e1:d0:2c:11:2e:03:c5:
d0:0f:58:c5:15:85:e4:8c:31:30:ae:2c:80:0f:d0:c2:7f:5e:
f1:f3:5d:0e:ea:08:e4:88:06:f1:5c:d8:54:b9:ca:16:14:27:
62:5c:65:33:5e:b3:93:c4:f7:73:06:e7:cb:f3:c3:cb:22:12:
4d:e5:f6:67
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZyVA5S8DJm87tFjXV6jb52eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTVhMDY5NjY5ZWQ1YTc2NmVlZThlYmRjMzJlMzlmYjE0
ODQxMGIwHhcNMjYwMjI1MTMzNjA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjBlNjdmOGY1OTNkODhkNDNjNjAyYjkwZTFjMWNhYzFiMGY5MWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2V1PHf1cyXo60QI4VHdh8pgjT6lY
bjSFQ64/oxd8IvQpp41Y8k6Vqg5lwsDP/TVl+RH8gb5upvZaPG1iHIY4rYKzo6FX
rrNDcVF2JTuzkLxdzVkEimO9RLfIIpsbi11oGUCISOqLWJm3dxo4EkUrY+ugk4Jb
AQilv2S0US2WPksUbTJaNuf1oe3kmN//jWT2nHSqjkwGFlg7hFkOJoW/KRzogua4
qOpzyIKuWGaX89o73rSCRJrffoWc+JgQmsaGzIZm09SrTwXn7eTKInFNxgChs7yQ
qPYXK/+3KOEKPjSS3lSFo9CfGT9Fi4L+TC34hmsiLN6a+rPYCbR8bDRowwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFAsOZ/j1k9iNQ8YCuQ4cHKwbD5HRMB8GA1UdIwQY
MBaAFB6VoGlmntWnZu7o69wy45+xSEELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAt
OTMzYmZhNTkyYjFkLzEvQ3c1bi1QV1QySTFEeGdLNURod2NyQnNQa2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAtOTMzYmZhNTkyYjFk
LzEvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBEBAIAATA+AwQCLZgYAwQB
W9kEAwQFsHHgAwQFstagAwQDstjoAwQCuZXEMAwDBAC5svUDBAC5svYDBALCH5gD
BAHDCDgwDwQCAAIwCQMHASoHaQAAADANBgkqhkiG9w0BAQsFAAOCAQEAUsP8kGJv
S7v62Y2qkJeKFWga/iYf69bxoV5XNhooJ3kFYxkZuLK8rUEXWTRWMRH4vx9X3SM9
agOv61x17NyncvSb6ETZVfFmCAVgtNlkaKxOADJVNlrkhyoMNvUFVXL9VF1qFiY0
5a1MLJfCStLEQrBeTGxnpvBd6cc9Y0Zh/qbr1qvTApqgijcO6kOwjSlBO0oaDt80
6wo2SaMSwNZ92lwVmxBXYQuhiVqpb4u40RVVHBXQdN/rbpgYWdeTWrPh0CwRLgPF
0A9YxRWF5IwxMK4sgA/Qwn9e8fNdDuoI5IgG8VzYVLnKFhQnYlxlM16zk8T3cwbn
y/PDyyISTeX2Zw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:45:57 2026 by rpki-client