Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/miZ29hsaY_pOErQx-aY7pzyHrDY.roa
File: miZ29hsaY_pOErQx-aY7pzyHrDY.roa (raw, json)
Hash identifier: ja6jDVzZ0shiepaNn8k1Kawi5j5jJIyt+xn9LqCPias=
Subject key identifier: 9A:26:76:F6:1B:1A:63:FA:4E:12:B4:31:F9:A6:3B:A7:3C:87:AC:36
Certificate issuer: /CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Certificate serial: 019D4859ED366C64974845144B73D97372ED
Authority key identifier: 59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/miZ29hsaY_pOErQx-aY7pzyHrDY.roa
Signing time: Wed 01 Apr 2026 09:22:26 +0000
ROA not before: Wed 01 Apr 2026 09:22:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59711
IP address blocks: 212.180.6.0/23 maxlen: 23
212.180.10.0/24 maxlen: 24
212.180.16.0/22 maxlen: 22
212.180.32.0/22 maxlen: 22
212.180.52.0/24 maxlen: 24
212.180.60.0/22 maxlen: 22
212.180.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.mft
rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:48:59:ed:36:6c:64:97:48:45:14:4b:73:d9:73:72:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Validity
Not Before: Apr 1 09:22:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a2676f61b1a63fa4e12b431f9a63ba73c87ac36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:37:24:15:15:46:e5:6b:3c:93:9d:a3:28:58:
c3:5d:2e:c1:b6:38:c1:3d:5c:26:d5:6d:e9:2e:b3:
26:11:74:27:3b:6c:cd:02:6e:b9:48:9e:8b:59:15:
dd:e9:0e:9e:97:0a:d6:9c:16:ff:e2:3d:a9:b3:00:
3b:aa:0b:50:3e:bc:5d:f6:9e:0a:b9:56:40:e3:a5:
ca:67:ae:f1:ec:82:3e:d1:ef:55:7a:82:11:81:bd:
af:61:8d:72:ed:5e:c1:0a:fa:94:5e:f3:5e:50:54:
88:3c:fc:3d:78:35:a6:29:aa:d7:0f:72:1f:85:87:
5f:e6:69:4c:1a:33:0f:ab:c6:c1:06:5b:c6:83:4e:
e7:14:1f:f3:36:35:ee:7f:81:b0:18:ae:10:f5:f4:
e8:73:a7:82:da:b1:74:9d:79:3b:5f:81:8d:54:ea:
c8:bf:0f:31:e0:4f:bb:31:a6:41:ef:4f:d1:ad:66:
a6:0e:93:0f:40:cf:4a:55:b9:34:cf:ff:af:5c:80:
54:a1:3e:ff:8f:5a:71:bd:72:77:69:18:7a:0c:74:
63:76:b2:ca:e3:8a:ba:8d:c7:2f:84:43:f5:7f:cd:
f8:92:af:fc:e3:79:f1:cb:ed:a3:ed:9a:d6:64:1a:
bb:92:3c:65:22:98:1f:92:ad:85:cb:c0:7f:5e:ef:
21:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:26:76:F6:1B:1A:63:FA:4E:12:B4:31:F9:A6:3B:A7:3C:87:AC:36
X509v3 Authority Key Identifier:
keyid:59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/miZ29hsaY_pOErQx-aY7pzyHrDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.180.6.0/23
212.180.10.0/24
212.180.16.0/22
212.180.32.0/22
212.180.52.0/24
212.180.60.0/22
212.180.104.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:b5:4c:60:c2:2c:ee:64:6d:16:1a:a5:34:bf:35:e5:aa:83:
e4:b7:22:08:35:6c:ce:cb:b4:19:d8:a7:46:9a:af:de:c1:4b:
7b:46:d1:ec:dd:52:a7:7b:9d:67:44:a0:03:8a:6a:dd:f1:a4:
70:f3:ba:56:9a:58:24:75:2d:e2:07:79:58:eb:36:fc:b9:e9:
d7:5d:f3:26:54:6b:a3:5c:b7:a1:9c:31:a3:74:ba:a5:36:81:
4c:7d:b7:d0:3c:ad:2f:31:df:4e:c8:7c:cc:75:cd:89:71:7e:
86:0a:78:b2:4c:e3:71:5f:fe:11:35:5b:03:92:64:93:b1:5a:
84:e0:3b:56:eb:b3:82:87:31:a9:68:97:aa:69:97:b6:20:f3:
e7:bf:3f:51:ca:66:6a:98:33:b3:69:6d:a7:d5:db:fd:6c:e9:
72:75:fd:fc:11:24:ac:68:26:5b:2d:04:55:27:3f:bc:47:88:
81:87:16:36:7f:2b:a1:e8:34:02:a5:78:4c:c4:0c:54:6b:2d:
c1:1f:d8:c4:39:a8:68:0e:1d:2b:98:b3:54:c2:b2:84:64:ee:
5e:a8:30:a0:8c:91:51:f7:1d:13:c9:2d:56:b5:07:b8:3b:f9:
3f:e9:50:13:54:97:50:95:df:7b:5b:74:25:bb:82:61:28:f4:
92:f9:55:33
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ1IWe02bGSXSEUUS3PZc3LtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRiNjE4M2U0NTk3NDhjODllZTU0MzFiOGYzMWRlNjky
YWUzYjcwHhcNMjYwNDAxMDkyMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTI2NzZmNjFiMWE2M2ZhNGUxMmI0MzFmOWE2M2JhNzNjODdhYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDckFRVG5Ws8k52jKFjDXS7BtjjB
PVwm1W3pLrMmEXQnO2zNAm65SJ6LWRXd6Q6elwrWnBb/4j2pswA7qgtQPrxd9p4K
uVZA46XKZ67x7II+0e9VeoIRgb2vYY1y7V7BCvqUXvNeUFSIPPw9eDWmKarXD3If
hYdf5mlMGjMPq8bBBlvGg07nFB/zNjXuf4GwGK4Q9fToc6eC2rF0nXk7X4GNVOrI
vw8x4E+7MaZB70/RrWamDpMPQM9KVbk0z/+vXIBUoT7/j1pxvXJ3aRh6DHRjdrLK
44q6jccvhEP1f834kq/843nxy+2j7ZrWZBq7kjxlIpgfkq2Fy8B/Xu8hBQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJomdvYbGmP6ThK0MfmmO6c8h6w2MB8GA1UdIwQY
MBaAFFlUthg+RZdIyJ7lQxuPMd5pKuO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMt
ZDJhZGVlZDc1NWQ4LzEvbWlaMjloc2FZX3BPRXJReC1hWTdwenlIckRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMtZDJhZGVlZDc1NWQ4
LzEvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQB1LQGAwQA
1LQKAwQC1LQQAwQC1LQgAwQA1LQ0AwQC1LQ8AwQB1LRoMA0GCSqGSIb3DQEBCwUA
A4IBAQAatUxgwizuZG0WGqU0vzXlqoPktyIINWzOy7QZ2KdGmq/ewUt7RtHs3VKn
e51nRKADimrd8aRw87pWmlgkdS3iB3lY6zb8uenXXfMmVGujXLehnDGjdLqlNoFM
fbfQPK0vMd9OyHzMdc2JcX6GCniyTONxX/4RNVsDkmSTsVqE4DtW67OChzGpaJeq
aZe2IPPnvz9RymZqmDOzaW2n1dv9bOlydf38ESSsaCZbLQRVJz+8R4iBhxY2fyuh
6DQCpXhMxAxUay3BH9jEOahoDh0rmLNUwrKEZO5eqDCgjJFR9x0TyS1WtQe4O/k/
6VATVJdQld97W3Qlu4JhKPSS+VUz
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:10:16 2026 by rpki-client