Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/W5Xdoga3NFWo-Xc3XHPMUJuNEIg.roa
File: W5Xdoga3NFWo-Xc3XHPMUJuNEIg.roa (raw, json)
Hash identifier: DTjDuxaokaB0r1dJ8TGvv232F7fD0NtJNnhl3B2Xe5M=
Subject key identifier: 5B:95:DD:A2:06:B7:34:55:A8:F9:77:37:5C:73:CC:50:9B:8D:10:88
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 019B7C11CE0A0ACE100E4A777D0BDB537939
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/W5Xdoga3NFWo-Xc3XHPMUJuNEIg.roa
Signing time: Fri 02 Jan 2026 00:18:20 +0000
ROA not before: Fri 02 Jan 2026 00:18:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204838
IP address blocks: 185.108.38.0/23 maxlen: 24
185.108.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 21:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:11:ce:0a:0a:ce:10:0e:4a:77:7d:0b:db:53:79:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Jan 2 00:18:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5b95dda206b73455a8f977375c73cc509b8d1088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:86:58:a6:92:49:50:e9:50:4f:2a:40:18:14:
01:cb:80:00:85:2d:de:3e:8e:55:59:21:a9:11:b1:
a4:37:1c:0d:96:78:e1:9a:65:6a:10:d3:92:1d:b0:
38:8f:1a:da:31:17:e8:06:5d:38:ca:e4:d8:ba:15:
62:ff:ed:fe:f2:4a:e3:24:4e:97:fd:25:f2:21:57:
98:ac:94:3b:bf:8e:b1:58:34:51:8b:27:2a:b5:a7:
09:79:9a:41:a4:24:ce:8d:66:a0:40:e9:5d:70:45:
43:70:c6:03:e3:ca:97:1e:78:34:fc:76:be:00:e5:
cf:93:60:97:c2:c4:81:ee:e0:b1:8f:4e:7c:a9:02:
c8:7a:24:4e:d1:0b:d1:f7:ff:b3:1f:49:f8:4d:8e:
87:93:7a:72:ce:a7:dd:c2:b5:b1:a9:f0:78:ae:eb:
e8:f3:3a:1f:35:6f:29:30:a3:23:55:1b:79:e1:a3:
2a:06:19:59:51:d5:0a:3e:a2:49:3a:8d:7e:71:72:
14:e9:23:ed:37:90:40:10:eb:86:ed:32:bc:e2:f7:
2d:78:3b:96:be:43:ca:cb:3f:68:55:3d:2a:38:5f:
87:60:d9:31:ca:69:6a:17:66:88:75:af:bc:07:fb:
d9:92:c0:91:c0:4c:22:9c:5b:3b:33:d8:38:28:96:
f7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:95:DD:A2:06:B7:34:55:A8:F9:77:37:5C:73:CC:50:9B:8D:10:88
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/W5Xdoga3NFWo-Xc3XHPMUJuNEIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.38.0/23
Signature Algorithm: sha256WithRSAEncryption
76:3b:25:64:1c:fd:ee:0c:5d:e8:f9:a7:34:70:91:3b:14:49:
41:b7:af:56:9e:fa:2b:13:60:6f:bd:f0:31:5a:e7:06:9d:1e:
f3:9f:5b:55:1e:88:8e:a4:af:44:21:dc:6c:71:69:df:7e:a8:
23:b3:79:c8:7f:e9:2a:83:7f:9c:f8:3f:d2:d4:53:4c:a0:e0:
02:10:04:a6:10:fc:82:1e:00:80:3d:0e:83:19:35:1b:81:eb:
ea:12:3b:b6:5c:25:32:7b:58:0b:c8:e2:a5:ba:14:f6:8e:2f:
49:3d:e5:e6:ea:e5:af:cd:33:39:1a:2f:c5:8c:cd:07:35:f1:
36:6c:ab:ac:8f:10:26:60:74:d0:d9:2f:c3:bc:2c:df:ce:dd:
9a:68:19:e9:5f:af:39:66:a5:28:b6:aa:99:82:f0:5a:75:2a:
06:7f:ae:70:fb:d3:d8:fa:26:6c:9d:65:c0:fa:f5:a0:33:c8:
b0:c8:53:11:a9:40:6b:2e:d7:b5:c7:63:66:ac:a5:98:a2:24:
0a:12:bb:3d:15:d4:b1:04:5f:2f:52:62:66:57:5f:e0:e8:64:
94:39:fa:a0:d5:7d:5b:d6:c5:6e:e5:30:20:65:47:25:d8:3a:
c2:fb:a7:e5:ae:58:7c:39:3f:5f:66:bf:17:8b:ea:74:75:29:
fb:64:6c:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8Ec4KCs4QDkp3fQvbU3k5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNDRlNjA5ZTM2MTkxM2UzYzNiMGE3OGQ3NDg2YWE0NWI1
NjI0MDEwHhcNMjYwMTAyMDAxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjk1ZGRhMjA2YjczNDU1YThmOTc3Mzc1YzczY2M1MDliOGQxMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIZYppJJUOlQTypAGBQBy4AAhS3e
Po5VWSGpEbGkNxwNlnjhmmVqENOSHbA4jxraMRfoBl04yuTYuhVi/+3+8krjJE6X
/SXyIVeYrJQ7v46xWDRRiycqtacJeZpBpCTOjWagQOldcEVDcMYD48qXHng0/Ha+
AOXPk2CXwsSB7uCxj058qQLIeiRO0QvR9/+zH0n4TY6Hk3pyzqfdwrWxqfB4ruvo
8zofNW8pMKMjVRt54aMqBhlZUdUKPqJJOo1+cXIU6SPtN5BAEOuG7TK84vcteDuW
vkPKyz9oVT0qOF+HYNkxymlqF2aIda+8B/vZksCRwEwinFs7M9g4KJb3vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFuV3aIGtzRVqPl3N1xzzFCbjRCIMB8GA1UdIwQY
MBaAFDFE5gnjYZE+PDsKeNdIaqRbViQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYt
Nzc1ODg4YTg3MTk0LzEvVzVYZG9nYTNORldvLVhjM1hIUE1VSnVORUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYtNzc1ODg4YTg3MTk0
LzEvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWwmMA0G
CSqGSIb3DQEBCwUAA4IBAQB2OyVkHP3uDF3o+ac0cJE7FElBt69WnvorE2BvvfAx
WucGnR7zn1tVHoiOpK9EIdxscWnffqgjs3nIf+kqg3+c+D/S1FNMoOACEASmEPyC
HgCAPQ6DGTUbgevqEju2XCUye1gLyOKluhT2ji9JPeXm6uWvzTM5Gi/FjM0HNfE2
bKusjxAmYHTQ2S/DvCzfzt2aaBnpX685ZqUotqqZgvBadSoGf65w+9PY+iZsnWXA
+vWgM8iwyFMRqUBrLte1x2NmrKWYoiQKErs9FdSxBF8vUmJmV1/g6GSUOfqg1X1b
1sVu5TAgZUcl2DrC+6flrlh8OT9fZr8Xi+p0dSn7ZGw/
-----END CERTIFICATE-----
Generated at Tue Mar 3 05:32:30 2026 by rpki-client