Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/wEAh6Y1gg6BEm0orkWdwRI0gp74.roa
File: wEAh6Y1gg6BEm0orkWdwRI0gp74.roa (raw, json)
Hash identifier: X3U5riqBeOsUH+HvnP5Z0bS6jprPNi+05ZohLO28jWQ=
Subject key identifier: C0:40:21:E9:8D:60:83:A0:44:9B:4A:2B:91:67:70:44:8D:20:A7:BE
Certificate issuer: /CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Certificate serial: 019E3D49A3A57CA6627F17481AE43C1458EA
Authority key identifier: D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/wEAh6Y1gg6BEm0orkWdwRI0gp74.roa
Signing time: Mon 18 May 2026 22:51:36 +0000
ROA not before: Mon 18 May 2026 22:51:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57922
IP address blocks: 5.250.253.0/24 maxlen: 24
2a0f:4d00::/29 maxlen: 48
2a0f:4d00:1::/48 maxlen: 48
2a0f:4d00:2::/48 maxlen: 48
2a0f:4d00:3::/48 maxlen: 48
2a0f:4d00:4::/48 maxlen: 48
2a0f:4d00:5::/48 maxlen: 48
2a0f:4d00:6::/48 maxlen: 48
2a0f:4d00:7::/48 maxlen: 48
2a0f:4d00:8::/48 maxlen: 48
2a0f:4d00:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3d:49:a3:a5:7c:a6:62:7f:17:48:1a:e4:3c:14:58:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Validity
Not Before: May 18 22:51:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c04021e98d6083a0449b4a2b916770448d20a7be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:40:ec:5d:34:db:41:c5:22:27:ac:03:e2:6f:
2a:b2:35:43:65:5c:40:de:48:85:62:5d:3f:db:e4:
d2:f7:b6:c7:b8:4b:ce:8b:53:17:0b:b3:70:c3:17:
f9:ce:70:4d:a8:7e:81:4f:be:b4:50:dd:bd:40:14:
f3:70:31:61:7c:4b:be:de:4c:cb:28:1d:61:23:bc:
3f:19:a3:f8:0a:1b:85:4f:33:15:c6:bd:fd:61:c1:
66:7b:70:c0:35:7d:3f:e1:31:04:56:17:6f:0a:d3:
38:60:02:56:64:06:a0:80:87:d4:74:5e:75:6f:17:
b4:a9:e9:5a:ce:94:6f:0a:16:10:1b:a9:bf:60:bf:
53:1e:7f:a6:83:14:1a:10:00:8b:1c:b8:8f:91:04:
10:d7:c9:75:c0:0e:1d:24:53:ce:73:d4:9a:2e:bb:
cc:9c:63:f5:9d:ec:fd:5d:ce:60:2e:fc:72:e4:6d:
9f:f5:2f:d1:53:7a:9e:30:40:16:cd:06:b0:20:11:
ff:48:09:d4:7d:1a:46:4f:b4:b7:76:1a:01:62:bb:
3c:a4:f7:30:47:3f:97:50:64:46:46:26:03:58:f0:
44:aa:61:51:05:41:ec:53:4e:8f:e3:ac:f4:7b:9a:
09:38:c3:60:9f:88:d2:b5:5c:8b:50:f9:fc:be:93:
fb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:40:21:E9:8D:60:83:A0:44:9B:4A:2B:91:67:70:44:8D:20:A7:BE
X509v3 Authority Key Identifier:
keyid:D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/wEAh6Y1gg6BEm0orkWdwRI0gp74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.253.0/24
IPv6:
2a0f:4d00::/29
Signature Algorithm: sha256WithRSAEncryption
40:0f:c6:ec:03:77:50:48:ba:90:0e:7a:25:cd:2f:42:44:f4:
a3:ef:cc:7b:9c:04:37:a0:5a:f5:5f:e1:28:27:bf:46:1c:25:
95:2f:07:c2:e3:fb:f7:4b:42:c4:c9:56:dd:3e:30:a7:ee:da:
28:aa:c2:84:b9:37:8f:8b:19:24:8c:a1:ff:3f:2f:14:92:09:
f0:6b:10:66:2e:53:c6:dc:94:a7:52:22:58:f6:5e:ca:a1:7c:
f6:a8:8e:9a:61:d1:f4:d2:4f:3e:2c:10:43:8d:27:ed:82:fe:
67:b1:2a:32:60:91:c1:cf:a0:1e:66:a8:78:a8:ab:2b:52:a0:
04:9f:b0:e7:1c:15:7f:b3:7c:09:c4:af:92:b0:f3:30:7e:8d:
e8:9a:b4:5a:bd:a4:77:ed:a3:ec:83:20:49:d5:dc:91:f3:c2:
e1:d1:a5:d4:3f:72:7a:e9:50:da:15:53:1b:9b:83:16:6a:81:
77:57:4e:bd:8c:9b:5f:31:5d:4d:fa:3c:a3:2f:16:22:bf:e5:
94:cb:9a:15:b6:7f:4c:52:05:aa:1d:da:cd:c7:a0:67:a0:3a:
23:40:1b:da:90:9a:19:d2:cd:c9:3f:ad:ed:78:b9:f9:56:f1:
63:44:d8:94:55:f1:36:eb:44:ac:d0:48:33:e7:8f:19:e8:03:
48:c3:b0:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ49SaOlfKZifxdIGuQ8FFjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2IyMjEzMGFhOWE3NzM0MjU0NzY5ZWMxM2JmZTE3MWZh
MWUyOGIwHhcNMjYwNTE4MjI1MTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDQwMjFlOThkNjA4M2EwNDQ5YjRhMmI5MTY3NzA0NDhkMjBhN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEDsXTTbQcUiJ6wD4m8qsjVDZVxA
3kiFYl0/2+TS97bHuEvOi1MXC7Nwwxf5znBNqH6BT760UN29QBTzcDFhfEu+3kzL
KB1hI7w/GaP4ChuFTzMVxr39YcFme3DANX0/4TEEVhdvCtM4YAJWZAaggIfUdF51
bxe0qelazpRvChYQG6m/YL9THn+mgxQaEACLHLiPkQQQ18l1wA4dJFPOc9SaLrvM
nGP1nez9Xc5gLvxy5G2f9S/RU3qeMEAWzQawIBH/SAnUfRpGT7S3dhoBYrs8pPcw
Rz+XUGRGRiYDWPBEqmFRBUHsU06P46z0e5oJOMNgn4jStVyLUPn8vpP72wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMBAIemNYIOgRJtKK5FncESNIKe+MB8GA1UdIwQY
MBaAFNQ7IhMKqadzQlR2nsE7/hcfoeKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEt
YTYzMGMyZWEyM2Y5LzEvd0VBaDZZMWdnNkJFbTBvcmtXZHdSSTBncDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEtYTYzMGMyZWEyM2Y5
LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABfr9MA0E
AgACMAcDBQMqD00AMA0GCSqGSIb3DQEBCwUAA4IBAQBAD8bsA3dQSLqQDnolzS9C
RPSj78x7nAQ3oFr1X+EoJ79GHCWVLwfC4/v3S0LEyVbdPjCn7tooqsKEuTePixkk
jKH/Py8UkgnwaxBmLlPG3JSnUiJY9l7KoXz2qI6aYdH00k8+LBBDjSftgv5nsSoy
YJHBz6AeZqh4qKsrUqAEn7DnHBV/s3wJxK+SsPMwfo3omrRavaR37aPsgyBJ1dyR
88Lh0aXUP3J66VDaFVMbm4MWaoF3V069jJtfMV1N+jyjLxYiv+WUy5oVtn9MUgWq
HdrNx6BnoDojQBvakJoZ0s3JP63teLn5VvFjRNiUVfE260Ss0Egz548Z6ANIw7D+
-----END CERTIFICATE-----
Generated at Sat Jun 13 19:55:46 2026 by rpki-client