Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/5WdAfePuazyKOqDBol6a24O3XpY.roa
File: 5WdAfePuazyKOqDBol6a24O3XpY.roa (raw, json)
Hash identifier: mhrHbQmeUkZKLJUs5FqRvkUEbMJKmKPn0IXdQCttlDY=
Subject key identifier: E5:67:40:7D:E3:EE:6B:3C:8A:3A:A0:C1:A2:5E:9A:DB:83:B7:5E:96
Certificate issuer: /CN=c2d2ac1d7c9eccf5658b88f16f613d7b3e8e8c72
Certificate serial: 019C9563B01AB8F4C72ACA5C978A81F2F78E
Authority key identifier: C2:D2:AC:1D:7C:9E:CC:F5:65:8B:88:F1:6F:61:3D:7B:3E:8E:8C:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/5WdAfePuazyKOqDBol6a24O3XpY.roa
Signing time: Wed 25 Feb 2026 15:21:04 +0000
ROA not before: Wed 25 Feb 2026 15:21:04 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211804
IP address blocks: 185.250.240.0/24 maxlen: 24
185.250.242.0/24 maxlen: 24
185.250.243.0/24 maxlen: 24
2a07:d840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:95:63:b0:1a:b8:f4:c7:2a:ca:5c:97:8a:81:f2:f7:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2ac1d7c9eccf5658b88f16f613d7b3e8e8c72
Validity
Not Before: Feb 25 15:21:04 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e567407de3ee6b3c8a3aa0c1a25e9adb83b75e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0e:a6:0d:90:6f:02:fc:ac:39:12:76:5a:a6:
a8:d7:3e:5e:f0:19:51:71:47:28:db:2b:39:2a:2a:
dd:a0:f2:98:f3:ed:32:2e:62:45:7d:f2:55:d9:27:
ff:82:fc:ed:f4:8f:b7:9d:f9:5e:5a:35:c8:c9:fa:
ec:62:91:2b:2b:e5:15:8b:98:b2:77:83:82:cb:7d:
0b:2a:52:b2:cd:49:5c:a4:0f:d1:d1:94:07:70:bf:
7d:b0:1a:a1:5a:31:80:77:7f:cd:8c:86:09:01:90:
97:f5:b3:10:13:2d:25:98:2b:19:34:83:11:48:7c:
e8:32:c5:ac:f7:f7:13:cb:95:f4:38:90:ba:e6:13:
5c:69:d0:42:82:30:5b:fb:14:5a:4b:23:a4:ec:ab:
96:d6:93:71:49:d6:05:30:3a:17:71:8d:bd:e4:27:
21:1b:58:f9:09:47:f2:5b:fe:3b:3b:cf:f5:5b:37:
1d:aa:16:ae:bf:11:30:83:dd:bd:50:23:c9:4c:17:
fc:07:1d:24:54:46:5b:d0:58:89:11:df:df:d4:18:
4b:9c:54:75:f0:61:75:ab:8c:d0:e1:69:bc:2a:a4:
66:d6:85:34:c7:8e:8b:6e:99:87:bb:6b:ab:92:5d:
58:61:c2:35:73:a6:af:0f:5f:c3:f3:3f:c6:3e:fa:
c9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:67:40:7D:E3:EE:6B:3C:8A:3A:A0:C1:A2:5E:9A:DB:83:B7:5E:96
X509v3 Authority Key Identifier:
keyid:C2:D2:AC:1D:7C:9E:CC:F5:65:8B:88:F1:6F:61:3D:7B:3E:8E:8C:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/5WdAfePuazyKOqDBol6a24O3XpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.240.0/24
185.250.242.0/23
IPv6:
2a07:d840::/32
Signature Algorithm: sha256WithRSAEncryption
82:c0:9d:f0:b0:1d:62:85:66:67:69:b5:46:6a:19:b8:b1:10:
ad:04:3c:7b:cd:0a:84:21:49:0c:8a:8f:f3:be:37:33:f3:b9:
ce:79:f3:0b:69:f3:d4:6a:75:00:fd:b8:9a:c0:13:ed:5e:13:
c2:56:53:9a:0c:6b:6c:38:42:d2:9d:34:2d:e0:e7:84:f9:45:
e3:94:4c:1b:d7:78:bf:bf:b7:54:1d:ee:a2:1d:0f:d2:69:89:
fd:1c:fc:d8:9c:23:9a:b0:db:56:15:a7:8e:79:c7:d9:5f:db:
70:5a:b4:6b:15:d9:77:d3:7f:67:93:87:49:76:d4:a5:71:1f:
bf:26:d6:4a:e4:74:00:7c:14:8a:50:7d:b5:5a:5f:9e:53:2c:
21:fb:e3:2f:d7:9d:fc:b6:b6:99:6c:be:4a:66:1c:58:d5:10:
52:a5:fe:fd:cf:f0:52:da:d4:db:0b:d5:d9:30:f1:35:1b:e8:
5c:20:3b:49:bb:d7:3a:0e:f8:55:67:f8:d9:5a:0e:b9:a3:ae:
7f:89:ab:bc:69:6f:1b:34:7d:17:b8:33:70:ee:10:89:0d:bb:
2b:32:37:5f:77:38:c1:01:df:0c:3a:c3:37:31:6c:e1:16:ff:
14:3e:e1:0c:f0:41:aa:29:cc:e0:62:da:8d:a3:e6:f3:e7:7d:
4b:71:47:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZyVY7AauPTHKspcl4qB8veOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhYzFkN2M5ZWNjZjU2NThiODhmMTZmNjEzZDdiM2U4
ZThjNzIwHhcNMjYwMjI1MTUyMTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTY3NDA3ZGUzZWU2YjNjOGEzYWEwYzFhMjVlOWFkYjgzYjc1ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyA6mDZBvAvysORJ2Wqao1z5e8BlR
cUco2ys5KirdoPKY8+0yLmJFffJV2Sf/gvzt9I+3nfleWjXIyfrsYpErK+UVi5iy
d4OCy30LKlKyzUlcpA/R0ZQHcL99sBqhWjGAd3/NjIYJAZCX9bMQEy0lmCsZNIMR
SHzoMsWs9/cTy5X0OJC65hNcadBCgjBb+xRaSyOk7KuW1pNxSdYFMDoXcY295Cch
G1j5CUfyW/47O8/1WzcdqhauvxEwg929UCPJTBf8Bx0kVEZb0FiJEd/f1BhLnFR1
8GF1q4zQ4Wm8KqRm1oU0x46LbpmHu2urkl1YYcI1c6avD1/D8z/GPvrJiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOVnQH3j7ms8ijqgwaJemtuDt16WMB8GA1UdIwQY
MBaAFMLSrB18nsz1ZYuI8W9hPXs+joxyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLc0hYeWV6UFZsaTRqeGIyRTllejZPakhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YjFiYzItNTkyNi00YWNlLWIxNmYt
MTk3ZmU4MzY1NjQzLzEvNVdkQWZlUHVhenlLT3FEQm9sNmEyNE8zWHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YjFiYzItNTkyNi00YWNlLWIxNmYtMTk3ZmU4MzY1NjQz
LzEvd3RLc0hYeWV6UFZsaTRqeGIyRTllejZPakhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAufrwAwQB
ufryMA0EAgACMAcDBQAqB9hAMA0GCSqGSIb3DQEBCwUAA4IBAQCCwJ3wsB1ihWZn
abVGahm4sRCtBDx7zQqEIUkMio/zvjcz87nOefMLafPUanUA/biawBPtXhPCVlOa
DGtsOELSnTQt4OeE+UXjlEwb13i/v7dUHe6iHQ/SaYn9HPzYnCOasNtWFaeOecfZ
X9twWrRrFdl3039nk4dJdtSlcR+/JtZK5HQAfBSKUH21Wl+eUywh++Mv1538traZ
bL5KZhxY1RBSpf79z/BS2tTbC9XZMPE1G+hcIDtJu9c6DvhVZ/jZWg65o65/iau8
aW8bNH0XuDNw7hCJDbsrMjdfdzjBAd8MOsM3MWzhFv8UPuEM8EGqKczgYtqNo+bz
531LcUck
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:53:51 2026 by rpki-client