Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/WNpjH3SAwlYtzPBjNyIvkx5e4KI.roa
File: WNpjH3SAwlYtzPBjNyIvkx5e4KI.roa (raw, json)
Hash identifier: nxW+eoJ0ZFBCN0p5URb6dreScxfM0xOZQgxSbn774Gg=
Subject key identifier: 58:DA:63:1F:74:80:C2:56:2D:CC:F0:63:37:22:2F:93:1E:5E:E0:A2
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 019D90442D93FDA9D92642E83E01309BBDD9
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/WNpjH3SAwlYtzPBjNyIvkx5e4KI.roa
Signing time: Wed 15 Apr 2026 08:31:20 +0000
ROA not before: Wed 15 Apr 2026 08:31:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1836
IP address blocks: 80.86.192.0/20 maxlen: 21
80.86.192.0/24 maxlen: 24
80.86.193.0/24 maxlen: 24
80.253.80.0/21 maxlen: 22
80.254.160.0/19 maxlen: 20
81.6.0.0/19 maxlen: 20
81.6.48.0/20 maxlen: 21
81.221.0.0/16 maxlen: 17
81.221.250.0/24 maxlen: 24
81.221.252.0/24 maxlen: 24
81.221.254.0/24 maxlen: 24
82.195.224.0/19 maxlen: 20
146.228.0.0/16 maxlen: 17
146.228.64.0/24 maxlen: 24
193.72.0.0/18 maxlen: 19
193.72.64.0/21 maxlen: 21
193.72.72.0/22 maxlen: 22
193.72.76.0/23 maxlen: 23
193.72.78.0/24 maxlen: 24
193.72.81.0/24 maxlen: 24
193.72.82.0/23 maxlen: 24
193.72.84.0/22 maxlen: 23
193.72.88.0/21 maxlen: 22
193.72.96.0/19 maxlen: 20
193.72.128.0/20 maxlen: 21
193.72.148.0/22 maxlen: 23
193.72.152.0/21 maxlen: 22
193.72.160.0/22 maxlen: 23
193.72.164.0/23 maxlen: 24
193.72.167.0/24 maxlen: 24
193.72.168.0/21 maxlen: 22
193.72.176.0/21 maxlen: 22
193.72.184.0/23 maxlen: 24
193.72.187.0/24 maxlen: 24
193.72.188.0/22 maxlen: 23
193.72.192.0/20 maxlen: 21
193.72.208.0/21 maxlen: 22
193.72.217.0/24 maxlen: 24
193.72.218.0/23 maxlen: 24
193.72.220.0/22 maxlen: 23
193.72.224.0/19 maxlen: 20
193.73.0.0/18 maxlen: 19
193.73.64.0/19 maxlen: 20
193.73.80.0/20 maxlen: 20
193.73.96.0/21 maxlen: 21
193.73.96.0/22 maxlen: 22
193.73.100.0/22 maxlen: 22
193.73.104.0/23 maxlen: 24
193.73.108.0/22 maxlen: 23
193.73.112.0/24 maxlen: 24
193.73.115.0/24 maxlen: 24
193.73.116.0/22 maxlen: 23
193.73.120.0/23 maxlen: 24
193.73.123.0/24 maxlen: 24
193.73.124.0/24 maxlen: 24
193.73.126.0/23 maxlen: 24
193.73.128.0/18 maxlen: 19
193.73.192.0/20 maxlen: 21
193.73.209.0/24 maxlen: 24
193.73.210.0/24 maxlen: 24
193.73.212.0/22 maxlen: 23
193.73.216.0/21 maxlen: 22
193.73.224.0/21 maxlen: 22
193.73.232.0/22 maxlen: 23
193.73.236.0/23 maxlen: 24
193.73.239.0/24 maxlen: 24
193.73.240.0/23 maxlen: 24
193.73.244.0/22 maxlen: 23
193.73.248.0/23 maxlen: 24
193.73.252.0/22 maxlen: 23
193.193.128.0/19 maxlen: 20
194.191.0.0/16 maxlen: 17
194.191.16.0/24 maxlen: 24
194.191.18.0/24 maxlen: 24
194.191.19.0/24 maxlen: 24
194.191.20.0/24 maxlen: 24
194.191.24.0/24 maxlen: 24
194.191.25.0/24 maxlen: 24
194.191.26.0/24 maxlen: 24
194.191.29.0/24 maxlen: 24
194.191.30.0/24 maxlen: 24
194.191.31.0/24 maxlen: 24
195.48.0.0/16 maxlen: 17
195.48.221.0/24 maxlen: 24
195.49.0.0/17 maxlen: 18
195.49.6.0/24 maxlen: 24
195.49.16.0/24 maxlen: 24
195.49.78.0/24 maxlen: 24
195.49.79.0/24 maxlen: 24
195.130.160.0/19 maxlen: 20
212.59.128.0/18 maxlen: 19
2001:1b50::/29 maxlen: 29
2a01:2a8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.mft
rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:90:44:2d:93:fd:a9:d9:26:42:e8:3e:01:30:9b:bd:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Apr 15 08:31:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=58da631f7480c2562dccf06337222f931e5ee0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b0:b0:01:4f:16:59:5d:9a:e6:1e:e1:ff:02:
eb:c9:38:25:38:53:a2:b6:aa:4f:c7:90:ec:b7:ce:
75:98:e4:b2:9a:b7:89:2e:bc:a1:90:8f:ba:6b:13:
f8:32:4b:83:4a:28:c7:73:91:a5:76:9a:e4:98:99:
78:f1:88:d6:28:6d:82:0b:c1:d7:48:0b:ae:d5:ef:
ad:a7:98:61:ef:cb:f5:8c:c7:f5:4c:65:3e:cd:a2:
b0:59:ca:b8:de:79:02:f3:40:6b:3e:15:e3:87:36:
ec:d8:23:fc:26:f4:84:2b:cd:dd:b2:65:fc:6b:b6:
e3:6d:9b:de:d3:7a:04:31:4f:ae:15:38:d7:76:2a:
a8:95:d9:16:88:66:9c:40:6c:83:87:67:95:6f:fd:
d9:cc:6f:9d:6b:8c:45:95:1f:0f:ce:97:4e:59:f5:
a5:02:0f:7c:7f:99:71:f0:93:85:d2:6c:41:96:93:
9e:9e:e1:ef:1e:89:bc:84:2d:e0:f4:40:87:11:d2:
6f:44:02:36:91:a7:35:d4:51:35:8e:46:9e:dc:2e:
a1:44:e3:2f:20:d2:49:51:1a:1c:ba:06:f0:29:d3:
64:0f:c8:d1:86:e4:85:ed:65:b9:96:04:32:55:41:
c1:9e:ec:f3:3d:86:7f:ef:d7:50:08:bf:04:23:e1:
ab:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DA:63:1F:74:80:C2:56:2D:CC:F0:63:37:22:2F:93:1E:5E:E0:A2
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/WNpjH3SAwlYtzPBjNyIvkx5e4KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.192.0/20
80.253.80.0/21
80.254.160.0/19
81.6.0.0/19
81.6.48.0/20
81.221.0.0/16
82.195.224.0/19
146.228.0.0/16
193.72.0.0-193.72.78.255
193.72.81.0-193.72.143.255
193.72.148.0-193.72.165.255
193.72.167.0-193.72.185.255
193.72.187.0-193.72.215.255
193.72.217.0-193.73.105.255
193.73.108.0-193.73.112.255
193.73.115.0-193.73.121.255
193.73.123.0-193.73.124.255
193.73.126.0-193.73.207.255
193.73.209.0-193.73.210.255
193.73.212.0-193.73.237.255
193.73.239.0-193.73.241.255
193.73.244.0-193.73.249.255
193.73.252.0/22
193.193.128.0/19
194.191.0.0/16
195.48.0.0-195.49.127.255
195.130.160.0/19
212.59.128.0/18
IPv6:
2001:1b50::/29
2a01:2a8::/29
Signature Algorithm: sha256WithRSAEncryption
9e:e0:bc:98:95:63:fc:e7:69:7e:24:64:ec:32:d7:68:5c:a0:
c3:44:9e:51:6f:c2:7e:12:17:5c:9c:5a:ec:ac:0e:16:8b:d2:
80:af:97:80:6c:06:d4:92:6a:04:12:ad:0d:3c:10:4a:cf:77:
de:91:94:29:b9:e7:d5:d0:0a:6b:59:76:10:a1:22:4f:17:fc:
bd:e3:e4:af:11:21:25:0f:e9:3c:9c:c4:3d:4d:89:79:c7:9f:
49:84:74:6c:05:8c:fb:c6:26:b5:6c:27:62:59:5a:6d:ae:1b:
cc:34:45:59:a2:06:5a:88:b8:6f:11:15:0e:1d:3c:c6:8f:22:
51:50:dd:fc:3b:82:0e:04:98:b8:ca:ef:17:d1:8f:06:4a:4e:
48:1e:c7:2e:74:ae:c8:66:3f:32:99:83:9a:28:88:ae:fe:c2:
da:7d:09:6d:03:b6:16:0e:b3:03:17:cf:1d:ef:f8:ed:34:86:
11:a5:e1:5d:a1:42:26:b8:8f:d5:98:85:eb:da:fa:6d:30:2a:
f9:9f:d4:4d:15:3e:7d:79:ca:a7:df:b5:8f:79:03:53:9b:09:
25:17:19:36:08:e0:e5:0c:59:9c:b3:5e:db:4f:52:5a:2a:cb:
a2:bc:28:64:4d:b0:e6:ba:76:39:c8:82:4a:d0:ad:5d:d2:63:
b2:78:5b:52
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgISAZ2QRC2T/anZJkLoPgEwm73ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjYwNDE1MDgzMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGRhNjMxZjc0ODBjMjU2MmRjY2YwNjMzNzIyMmY5MzFlNWVlMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLCwAU8WWV2a5h7h/wLryTglOFOi
tqpPx5Dst851mOSymreJLryhkI+6axP4MkuDSijHc5GldprkmJl48YjWKG2CC8HX
SAuu1e+tp5hh78v1jMf1TGU+zaKwWcq43nkC80BrPhXjhzbs2CP8JvSEK83dsmX8
a7bjbZve03oEMU+uFTjXdiqoldkWiGacQGyDh2eVb/3ZzG+da4xFlR8PzpdOWfWl
Ag98f5lx8JOF0mxBlpOenuHvHom8hC3g9ECHEdJvRAI2kac11FE1jkae3C6hROMv
INJJURocugbwKdNkD8jRhuSF7WW5lgQyVUHBnuzzPYZ/79dQCL8EI+GrWwIDAQAB
o4IDPjCCAzowHQYDVR0OBBYEFFjaYx90gMJWLczwYzciL5MeXuCiMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvV05wakgzU0F3bFl0elBCak55SXZreDVlNEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUgYIKwYBBQUHAQcBAf8EggFBMIIBPTCCASMEAgABMIIB
GwMEBFBWwAMEA1D9UAMEBVD+oAMEBVEGAAMEBFEGMAMDAFHdAwQFUsPgAwMAkuQw
CwMDA8FIAwQAwUhOMAwDBADBSFEDBATBSIAwDAMEAsFIlAMEAcFIpDAMAwQAwUin
AwQBwUi4MAwDBADBSLsDBAPBSNAwDAMEAMFI2QMEAcFJaDAMAwQCwUlsAwQAwUlw
MAwDBADBSXMDBAHBSXgwDAMEAMFJewMEAMFJfDAMAwQBwUl+AwQEwUnAMAwDBADB
SdEDBADBSdIwDAMEAsFJ1AMEAcFJ7DAMAwQAwUnvAwQBwUnwMAwDBALBSfQDBAHB
SfgDBALBSfwDBAXBwYADAwDCvzALAwMEwzADBAfDMQADBAXDgqADBAbUO4AwFAQC
AAIwDgMFAyABG1ADBQMqAQKoMA0GCSqGSIb3DQEBCwUAA4IBAQCe4LyYlWP852l+
JGTsMtdoXKDDRJ5Rb8J+EhdcnFrsrA4Wi9KAr5eAbAbUkmoEEq0NPBBKz3fekZQp
uefV0AprWXYQoSJPF/y94+SvESElD+k8nMQ9TYl5x59JhHRsBYz7xia1bCdiWVpt
rhvMNEVZogZaiLhvERUOHTzGjyJRUN38O4IOBJi4yu8X0Y8GSk5IHscudK7IZj8y
mYOaKIiu/sLafQltA7YWDrMDF88d7/jtNIYRpeFdoUImuI/VmIXr2vptMCr5n9RN
FT59ecqn37WPeQNTmwklFxk2CODlDFmcs17bT1JaKsuivChkTbDmunY5yIJK0K1d
0mOyeFtS
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:03:55 2026 by rpki-client