Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/wr5OBu9Kg5fiAynMByNWWanKodQ.roa
File: wr5OBu9Kg5fiAynMByNWWanKodQ.roa (raw, json)
Hash identifier: xpQiib4Ztk+0sSwtkw/MfpFjKcsKXQPv65ui0X+24sw=
Subject key identifier: C2:BE:4E:06:EF:4A:83:97:E2:03:29:CC:07:23:56:59:A9:CA:A1:D4
Certificate issuer: /CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Certificate serial: 019D966CB80DDF977A694759AEDFFFFDF72E
Authority key identifier: 7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/wr5OBu9Kg5fiAynMByNWWanKodQ.roa
Signing time: Thu 16 Apr 2026 13:13:20 +0000
ROA not before: Thu 16 Apr 2026 13:13:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 26548
IP address blocks: 46.243.52.0/24 maxlen: 24
46.243.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:6c:b8:0d:df:97:7a:69:47:59:ae:df:ff:fd:f7:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Validity
Not Before: Apr 16 13:13:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c2be4e06ef4a8397e20329cc07235659a9caa1d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bc:4d:23:c6:35:eb:fe:19:be:5d:6e:74:d0:
56:10:0c:21:35:64:3a:b6:7b:49:ef:a5:8b:03:12:
b1:5f:d1:1b:8c:ab:3a:85:95:60:49:ce:07:29:38:
09:28:f7:34:0a:96:0d:2a:1b:8d:94:64:eb:80:9f:
13:53:97:ef:84:5e:da:0a:a7:97:6c:7e:db:57:1e:
02:07:f3:aa:83:94:43:81:b3:57:47:25:9b:de:45:
41:31:7a:95:0d:8f:43:85:d0:ce:59:7b:35:20:bb:
33:05:2e:1e:57:20:99:e1:20:e8:c6:44:1c:3a:f5:
91:88:c1:9b:11:b0:d5:1b:64:5b:d8:89:90:c8:c1:
2e:32:14:d6:47:a2:b6:b1:77:76:b2:69:e1:4c:8f:
24:82:95:4d:90:77:8c:0f:3f:aa:55:b6:3e:27:cf:
b1:cd:b5:db:f5:3e:46:16:f5:4e:8d:82:c4:78:8e:
c0:a9:56:ae:fc:c9:a3:b9:49:70:39:82:08:23:3c:
3f:ed:60:c9:93:dd:10:3f:60:d4:2a:6b:fb:a6:dc:
7c:00:08:5e:6a:fb:1d:9d:f5:d8:57:12:45:04:fc:
39:6f:55:ff:e1:ee:cd:1e:b7:0d:06:ea:81:ff:e9:
32:8a:2b:10:09:21:7e:b7:d3:c7:4e:f8:78:43:8a:
b7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BE:4E:06:EF:4A:83:97:E2:03:29:CC:07:23:56:59:A9:CA:A1:D4
X509v3 Authority Key Identifier:
keyid:7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/wr5OBu9Kg5fiAynMByNWWanKodQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.52.0/23
Signature Algorithm: sha256WithRSAEncryption
36:fd:9a:ac:a0:b5:2d:bf:de:c9:96:79:d6:9a:48:73:24:47:
4a:51:34:f5:1f:b8:82:b3:46:97:8e:af:57:86:be:78:2f:45:
14:2a:d1:70:84:b8:d1:00:04:e4:e2:26:eb:67:bb:6e:f9:41:
2d:0a:97:b1:1f:76:ae:de:2a:ef:48:9b:37:5c:0c:37:97:0d:
6b:13:ae:47:bf:a3:9e:d1:a6:5c:86:72:ba:0d:0b:48:67:02:
cf:cb:39:32:4e:c1:ba:77:20:55:5b:76:03:41:dc:4d:4d:b9:
6a:67:2d:5e:34:e8:dc:fb:15:bf:25:e0:27:c7:47:e7:9f:d7:
19:80:db:c7:8a:d9:2e:1c:fc:df:3d:c9:ca:44:c5:35:e5:2c:
6f:bb:d4:0b:ee:13:cd:31:6f:ba:7a:bc:9b:79:80:e3:8e:39:
04:e0:68:14:e4:61:35:a3:c8:16:cb:4e:30:fa:91:46:61:38:
5b:b7:ba:59:71:e7:ff:81:66:20:bd:54:5f:57:8f:b3:5c:17:
a9:3d:4f:a5:fc:37:3e:e5:4c:bf:4a:5b:59:f3:19:8c:b2:43:
1b:51:8b:66:14:ee:96:96:d9:eb:47:09:4d:00:a9:c1:df:e4:
07:9c:40:1f:3a:c5:ca:a3:46:1d:59:9c:04:03:4c:0e:b0:0b:
7c:d7:f5:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2WbLgN35d6aUdZrt///fcuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNjVkYWIyMzk0MGNiMzk0ZjlhYWE2NjRmZWE0ZDZmOGY0
MmUzMTgwHhcNMjYwNDE2MTMxMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmJlNGUwNmVmNGE4Mzk3ZTIwMzI5Y2MwNzIzNTY1OWE5Y2FhMWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7xNI8Y16/4Zvl1udNBWEAwhNWQ6
tntJ76WLAxKxX9EbjKs6hZVgSc4HKTgJKPc0CpYNKhuNlGTrgJ8TU5fvhF7aCqeX
bH7bVx4CB/Oqg5RDgbNXRyWb3kVBMXqVDY9DhdDOWXs1ILszBS4eVyCZ4SDoxkQc
OvWRiMGbEbDVG2Rb2ImQyMEuMhTWR6K2sXd2smnhTI8kgpVNkHeMDz+qVbY+J8+x
zbXb9T5GFvVOjYLEeI7AqVau/MmjuUlwOYIIIzw/7WDJk90QP2DUKmv7ptx8AAhe
avsdnfXYVxJFBPw5b1X/4e7NHrcNBuqB/+kyiisQCSF+t9PHTvh4Q4q37QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMK+TgbvSoOX4gMpzAcjVlmpyqHUMB8GA1UdIwQY
MBaAFH5l2rI5QMs5T5qqZk/qTW+PQuMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYt
ODQ5Y2ZjYWJiNjU3LzEvd3I1T0J1OUtnNWZpQXluTUJ5TldXYW5Lb2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYtODQ5Y2ZjYWJiNjU3
LzEvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLvM0MA0G
CSqGSIb3DQEBCwUAA4IBAQA2/ZqsoLUtv97JlnnWmkhzJEdKUTT1H7iCs0aXjq9X
hr54L0UUKtFwhLjRAATk4ibrZ7tu+UEtCpexH3au3irvSJs3XAw3lw1rE65Hv6Oe
0aZchnK6DQtIZwLPyzkyTsG6dyBVW3YDQdxNTblqZy1eNOjc+xW/JeAnx0fnn9cZ
gNvHitkuHPzfPcnKRMU15Sxvu9QL7hPNMW+6erybeYDjjjkE4GgU5GE1o8gWy04w
+pFGYThbt7pZcef/gWYgvVRfV4+zXBepPU+l/Dc+5Uy/SltZ8xmMskMbUYtmFO6W
ltnrRwlNAKnB3+QHnEAfOsXKo0YdWZwEA0wOsAt81/V/
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:21:25 2026 by rpki-client