Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/Wa0CX7RG8uAdja7B0m3EKZels0w.roa
File: Wa0CX7RG8uAdja7B0m3EKZels0w.roa (raw, json)
Hash identifier: JUslTyoglnHgcVJvGKDZBKBJGVcC16irdZ4JPhdaaBQ=
Subject key identifier: 59:AD:02:5F:B4:46:F2:E0:1D:8D:AE:C1:D2:6D:C4:29:97:A5:B3:4C
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019C66AF0AAC55F461B63FC68DDED5CB3249
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/Wa0CX7RG8uAdja7B0m3EKZels0w.roa
Signing time: Mon 16 Feb 2026 13:41:13 +0000
ROA not before: Mon 16 Feb 2026 13:41:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210703
IP address blocks: 91.103.252.0/23 maxlen: 23
94.142.136.0/23 maxlen: 23
185.94.164.0/23 maxlen: 23
185.233.202.0/23 maxlen: 23
193.124.188.0/23 maxlen: 23
2a04:5201:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 16:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:66:af:0a:ac:55:f4:61:b6:3f:c6:8d:de:d5:cb:32:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Feb 16 13:41:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=59ad025fb446f2e01d8daec1d26dc42997a5b34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ba:3b:48:70:34:13:e7:a9:5c:2d:2b:ed:99:
93:ec:85:aa:2b:d2:cd:4a:31:35:2d:5a:b4:7c:5d:
77:a0:5d:a7:6c:0f:fb:94:a4:ec:7b:b5:31:f0:7f:
13:ed:97:a7:05:44:ef:db:1b:80:79:c2:d2:7e:65:
a4:73:fa:a1:60:98:47:71:9c:cf:8d:3e:a9:82:63:
58:bc:05:01:f9:b5:12:c3:4a:29:53:a7:30:9d:c3:
c0:64:c1:1d:ed:9a:3c:9e:ff:11:71:a4:54:15:6e:
bb:c7:84:0b:e6:60:4e:26:04:4e:91:0a:7a:eb:04:
b5:29:28:56:30:82:82:d1:10:ff:de:9a:d8:af:29:
bc:f8:53:e9:40:45:28:3c:be:9d:97:97:0e:53:f9:
e9:21:61:cb:16:d0:b9:aa:ef:da:2f:7b:31:de:89:
7d:62:46:af:13:1f:46:41:b8:a8:fe:38:f4:41:ac:
1a:4d:40:98:ff:2c:0a:8c:67:8f:a7:e9:da:85:73:
f6:9f:f9:18:01:13:04:ea:c9:de:8c:d9:5a:9a:ad:
07:53:63:38:61:a8:ca:f6:ad:82:58:cf:ce:35:31:
be:05:2c:61:52:40:43:96:b0:13:83:55:b8:61:79:
7a:7d:d3:05:a9:46:73:7a:6f:b7:3e:cc:41:49:67:
fc:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:AD:02:5F:B4:46:F2:E0:1D:8D:AE:C1:D2:6D:C4:29:97:A5:B3:4C
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/Wa0CX7RG8uAdja7B0m3EKZels0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.252.0/23
94.142.136.0/23
185.94.164.0/23
185.233.202.0/23
193.124.188.0/23
IPv6:
2a04:5201:7::/48
Signature Algorithm: sha256WithRSAEncryption
74:b4:ff:84:ea:fc:84:9a:8b:e5:6b:e8:aa:17:17:c1:a9:b1:
85:5b:6b:ae:d0:61:29:e2:57:30:26:d4:6a:d1:00:19:37:42:
99:63:47:76:a1:9c:56:2b:b5:6a:54:86:43:5b:a8:89:3f:72:
d4:2d:76:14:a6:7b:ff:c3:4a:ab:4a:1f:44:c0:2f:86:ec:0d:
51:de:c2:37:a7:00:e4:16:47:15:7d:8a:1f:e8:de:fd:bf:c9:
55:98:a1:d4:1a:1b:16:24:50:33:9f:78:c3:19:37:91:2e:de:
2d:80:fa:3f:6e:2d:41:b4:9f:0b:79:b8:ca:d5:39:fb:3e:40:
e2:d0:91:45:ad:e0:78:42:e3:af:e1:5a:75:2d:19:95:b5:5c:
e0:5e:77:c7:41:26:d4:71:bd:00:43:25:7a:7a:9b:2e:99:d0:
dd:f7:4c:5a:08:51:1f:02:2b:f4:af:05:35:0e:31:08:bb:f2:
96:fd:b0:ed:a6:b0:e6:3f:27:0b:75:b2:da:87:46:6a:5a:10:
f2:0a:b4:18:37:3d:94:b4:ea:84:ff:8f:e5:64:30:b0:56:f2:
99:42:be:a7:42:53:b4:9c:1a:71:e1:89:b3:a8:07:05:6a:d4:
57:aa:42:50:4a:8a:ef:40:d8:58:f3:95:ec:14:41:72:ea:83:
3a:a0:86:32
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZxmrwqsVfRhtj/Gjd7VyzJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjYwMjE2MTM0MTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWFkMDI1ZmI0NDZmMmUwMWQ4ZGFlYzFkMjZkYzQyOTk3YTViMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbo7SHA0E+epXC0r7ZmT7IWqK9LN
SjE1LVq0fF13oF2nbA/7lKTse7Ux8H8T7ZenBUTv2xuAecLSfmWkc/qhYJhHcZzP
jT6pgmNYvAUB+bUSw0opU6cwncPAZMEd7Zo8nv8RcaRUFW67x4QL5mBOJgROkQp6
6wS1KShWMIKC0RD/3prYrym8+FPpQEUoPL6dl5cOU/npIWHLFtC5qu/aL3sx3ol9
YkavEx9GQbio/jj0QawaTUCY/ywKjGePp+nahXP2n/kYARME6snejNlamq0HU2M4
YajK9q2CWM/ONTG+BSxhUkBDlrATg1W4YXl6fdMFqUZzem+3PsxBSWf8jwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFmtAl+0RvLgHY2uwdJtxCmXpbNMMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvV2EwQ1g3Ukc4dUFkamE3QjBtM0VLWmVsczB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBW2f8AwQB
Xo6IAwQBuV6kAwQBuenKAwQBwXy8MA8EAgACMAkDBwAqBFIBAAcwDQYJKoZIhvcN
AQELBQADggEBAHS0/4Tq/ISai+Vr6KoXF8GpsYVba67QYSniVzAm1GrRABk3Qplj
R3ahnFYrtWpUhkNbqIk/ctQtdhSme//DSqtKH0TAL4bsDVHewjenAOQWRxV9ih/o
3v2/yVWYodQaGxYkUDOfeMMZN5Eu3i2A+j9uLUG0nwt5uMrVOfs+QOLQkUWt4HhC
46/hWnUtGZW1XOBed8dBJtRxvQBDJXp6my6Z0N33TFoIUR8CK/SvBTUOMQi78pb9
sO2msOY/Jwt1stqHRmpaEPIKtBg3PZS06oT/j+VkMLBW8plCvqdCU7ScGnHhibOo
BwVq1FeqQlBKiu9A2FjzlewUQXLqgzqghjI=
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:57:44 2026 by rpki-client