Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/WvlvNh7K5hLx9h9vacG0tkPjMmw.roa
File: WvlvNh7K5hLx9h9vacG0tkPjMmw.roa (raw, json)
Hash identifier: 2dl+awpNpd4g8TVURdJWX1OrrQJPPqOtOykXldkOySI=
Subject key identifier: 5A:F9:6F:36:1E:CA:E6:12:F1:F6:1F:6F:69:C1:B4:B6:43:E3:32:6C
Certificate issuer: /CN=1a4dc22595fc1f588fbc4dde07c1c394998f33a7
Certificate serial: 019D9B5D24E84FC735A9AFEB0FEB666F24ED
Authority key identifier: 1A:4D:C2:25:95:FC:1F:58:8F:BC:4D:DE:07:C1:C3:94:99:8F:33:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/WvlvNh7K5hLx9h9vacG0tkPjMmw.roa
Signing time: Fri 17 Apr 2026 12:14:25 +0000
ROA not before: Fri 17 Apr 2026 12:14:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34984
IP address blocks: 131.222.194.0/24 maxlen: 24
131.222.195.0/24 maxlen: 24
131.222.200.0/24 maxlen: 24
131.222.203.0/24 maxlen: 24
131.222.204.0/24 maxlen: 24
131.222.205.0/24 maxlen: 24
131.222.206.0/24 maxlen: 24
131.222.207.0/24 maxlen: 24
131.222.222.0/24 maxlen: 24
131.222.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:5d:24:e8:4f:c7:35:a9:af:eb:0f:eb:66:6f:24:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4dc22595fc1f588fbc4dde07c1c394998f33a7
Validity
Not Before: Apr 17 12:14:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5af96f361ecae612f1f61f6f69c1b4b643e3326c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2d:be:fa:72:4d:ac:b2:95:98:78:9d:a7:cc:
ba:ce:3e:4d:2b:ef:17:43:a6:37:7b:48:a4:3f:87:
a5:a7:89:89:85:48:83:29:01:ca:79:17:e6:2e:7f:
82:e5:a0:b1:96:d7:13:1d:ef:58:4c:56:b3:2d:d1:
24:07:8d:4e:fe:69:10:90:20:cb:64:fb:d0:7b:5c:
6e:da:ef:a8:85:5a:83:b7:f5:0d:37:46:f6:4e:3c:
e0:53:6c:98:8d:39:96:49:23:d2:7d:04:4d:fe:b8:
f7:fe:4b:8e:d5:de:ee:e6:fd:14:2a:93:3f:f3:03:
62:38:de:bc:21:70:19:84:4b:ce:51:28:9c:b3:1f:
c3:1a:05:07:aa:46:d0:88:ee:83:0f:6a:25:1a:be:
3b:f0:0f:5d:8e:ab:d0:11:66:8f:8a:df:0a:4f:5c:
71:95:df:20:99:d3:4f:3a:d5:d5:b5:90:16:52:83:
8c:a3:c0:b8:64:67:8b:0e:40:71:65:01:25:85:61:
fc:d6:a5:da:52:42:67:b0:4f:a3:17:2e:02:70:06:
c5:f1:1e:c1:15:35:20:4e:88:96:c9:9e:33:da:50:
1b:5c:47:48:19:91:dc:29:c3:40:72:3f:93:65:fc:
28:fb:a7:89:43:63:cf:f5:22:bb:df:ef:d3:4a:32:
94:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:F9:6F:36:1E:CA:E6:12:F1:F6:1F:6F:69:C1:B4:B6:43:E3:32:6C
X509v3 Authority Key Identifier:
keyid:1A:4D:C2:25:95:FC:1F:58:8F:BC:4D:DE:07:C1:C3:94:99:8F:33:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/WvlvNh7K5hLx9h9vacG0tkPjMmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/0f12f2-8a2b-4346-b6b6-2b78b19b5a87/1/Gk3CJZX8H1iPvE3eB8HDlJmPM6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.222.194.0/23
131.222.200.0/24
131.222.203.0-131.222.207.255
131.222.222.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:94:08:6e:5a:12:f1:7e:84:85:e7:48:17:a6:a0:1e:80:c1:
65:7a:94:da:41:21:88:cb:32:ad:2a:60:86:39:82:a3:9e:f9:
da:29:7c:cb:d2:fa:60:ee:6a:e7:77:de:16:a1:cd:ba:22:f6:
04:1a:99:59:c1:d6:50:64:b0:bb:b8:64:26:31:49:ad:b7:d3:
8d:6e:ca:84:08:92:27:ca:3e:2e:5a:41:3c:bc:3b:6d:0d:8d:
7e:e9:d8:88:9c:b3:bb:8e:98:b6:ad:f0:5e:e0:8f:61:25:87:
d3:65:40:32:d1:ba:e6:64:2b:f5:e8:aa:4f:3c:da:1b:86:a5:
be:f1:2b:93:eb:3d:c6:d6:2c:66:6e:80:fe:57:d7:19:0f:61:
52:63:97:f7:13:c8:00:e9:4f:67:31:a8:9b:d9:ee:a1:a6:79:
c5:f1:8f:7d:f9:36:25:70:c0:a0:51:39:02:4a:3b:46:58:0a:
91:b9:8c:2c:71:f2:b4:6c:75:db:50:ea:d2:cd:3d:c0:6a:5a:
27:9f:2b:ee:3b:8e:ec:ab:1f:06:d8:df:84:e2:9f:9b:81:55:
bb:f9:58:db:01:c2:35:81:60:68:be:9f:bc:e3:76:c4:67:8d:
f1:3a:09:90:e1:c8:34:a1:eb:df:d4:87:d1:dc:c4:06:24:4d:
4d:32:b1:e0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ2bXSToT8c1qa/rD+tmbyTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGRjMjI1OTVmYzFmNTg4ZmJjNGRkZTA3YzFjMzk0OTk4
ZjMzYTcwHhcNMjYwNDE3MTIxNDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWY5NmYzNjFlY2FlNjEyZjFmNjFmNmY2OWMxYjRiNjQzZTMzMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy2++nJNrLKVmHidp8y6zj5NK+8X
Q6Y3e0ikP4elp4mJhUiDKQHKeRfmLn+C5aCxltcTHe9YTFazLdEkB41O/mkQkCDL
ZPvQe1xu2u+ohVqDt/UNN0b2TjzgU2yYjTmWSSPSfQRN/rj3/kuO1d7u5v0UKpM/
8wNiON68IXAZhEvOUSicsx/DGgUHqkbQiO6DD2olGr478A9djqvQEWaPit8KT1xx
ld8gmdNPOtXVtZAWUoOMo8C4ZGeLDkBxZQElhWH81qXaUkJnsE+jFy4CcAbF8R7B
FTUgToiWyZ4z2lAbXEdIGZHcKcNAcj+TZfwo+6eJQ2PP9SK73+/TSjKUxwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFr5bzYeyuYS8fYfb2nBtLZD4zJsMB8GA1UdIwQY
MBaAFBpNwiWV/B9Yj7xN3gfBw5SZjzOnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2szQ0paWDhIMWlQdkUzZUI4SERsSm1QTTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wZjEyZjItOGEyYi00MzQ2LWI2YjYt
MmI3OGIxOWI1YTg3LzEvV3Zsdk5oN0s1aEx4OWg5dmFjRzB0a1BqTW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wZjEyZjItOGEyYi00MzQ2LWI2YjYtMmI3OGIxOWI1YTg3
LzEvR2szQ0paWDhIMWlQdkUzZUI4SERsSm1QTTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBg97CAwQA
g97IMAwDBACD3ssDBASD3sADBAGD3t4wDQYJKoZIhvcNAQELBQADggEBAA+UCG5a
EvF+hIXnSBemoB6AwWV6lNpBIYjLMq0qYIY5gqOe+dopfMvS+mDuaud33hahzboi
9gQamVnB1lBksLu4ZCYxSa23041uyoQIkifKPi5aQTy8O20NjX7p2Iics7uOmLat
8F7gj2Elh9NlQDLRuuZkK/Xoqk882huGpb7xK5PrPcbWLGZugP5X1xkPYVJjl/cT
yADpT2cxqJvZ7qGmecXxj335NiVwwKBROQJKO0ZYCpG5jCxx8rRsddtQ6tLNPcBq
WiefK+47juyrHwbY34Tin5uBVbv5WNsBwjWBYGi+n7zjdsRnjfE6CZDhyDSh69/U
h9HcxAYkTU0yseA=
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:50:16 2026 by rpki-client