Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/af4d63-9f58-4bbd-8d25-91d1a06863ae/1/wFVKBdOf5AuSyla8OiX9SFUY-tw.roa
File: wFVKBdOf5AuSyla8OiX9SFUY-tw.roa (raw, json)
Hash identifier: iTs7VKMvCLrjV7ehvtgY+XyRQW8+vYLmCINqKdnZzs4=
Subject key identifier: C0:55:4A:05:D3:9F:E4:0B:92:CA:56:BC:3A:25:FD:48:55:18:FA:DC
Certificate issuer: /CN=7eb92b38df197ca2cbae302693226b23f32a3f76
Certificate serial: 019C4DA916A2519D47919EA11E56F684E17F
Authority key identifier: 7E:B9:2B:38:DF:19:7C:A2:CB:AE:30:26:93:22:6B:23:F3:2A:3F:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/frkrON8ZfKLLrjAmkyJrI_MqP3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/af4d63-9f58-4bbd-8d25-91d1a06863ae/1/wFVKBdOf5AuSyla8OiX9SFUY-tw.roa
Signing time: Wed 11 Feb 2026 17:04:12 +0000
ROA not before: Wed 11 Feb 2026 17:04:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204754
IP address blocks: 185.241.184.0/22 maxlen: 22
185.241.184.0/24 maxlen: 24
185.241.185.0/24 maxlen: 24
185.241.186.0/24 maxlen: 24
185.241.187.0/24 maxlen: 24
2a0c:a880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/af4d63-9f58-4bbd-8d25-91d1a06863ae/1/frkrON8ZfKLLrjAmkyJrI_MqP3Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/af4d63-9f58-4bbd-8d25-91d1a06863ae/1/frkrON8ZfKLLrjAmkyJrI_MqP3Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/frkrON8ZfKLLrjAmkyJrI_MqP3Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4d:a9:16:a2:51:9d:47:91:9e:a1:1e:56:f6:84:e1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7eb92b38df197ca2cbae302693226b23f32a3f76
Validity
Not Before: Feb 11 17:04:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c0554a05d39fe40b92ca56bc3a25fd485518fadc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f6:f1:95:18:79:21:32:79:69:f8:53:c3:d5:
dd:95:b3:0d:bc:b7:83:b2:aa:5a:ec:67:27:c7:f6:
24:c9:11:9d:a5:41:71:37:00:5c:7f:de:ef:c8:78:
2a:6e:76:37:87:6c:c0:dc:84:99:51:65:3a:eb:b8:
5f:45:81:b7:cd:22:3a:ea:b7:73:ab:6d:f0:4c:1d:
c3:c3:74:01:08:2d:1a:a5:fe:af:b6:ab:4a:b2:3a:
3c:96:e8:b0:d4:a6:f1:0f:9c:0d:ab:b5:7f:67:bb:
21:cd:10:a6:e1:b5:97:57:34:f8:9d:e0:97:6e:93:
19:88:23:74:0a:36:3f:94:bc:aa:b4:96:e1:eb:ae:
1e:88:64:25:84:1c:ed:76:3b:2c:6f:61:9f:db:c0:
eb:f0:41:a2:22:ba:78:cb:15:9b:1e:c5:c9:37:2b:
31:a8:56:5e:89:c5:f0:9f:7d:76:9e:a8:38:63:50:
04:cf:e7:ba:a4:46:62:a1:c3:1b:9d:80:a2:e2:b8:
e3:6e:3b:cc:8c:32:54:5d:e6:e6:27:99:7d:d7:83:
29:7c:28:1b:a2:82:46:c1:b5:8a:00:8d:a3:a4:67:
ca:4b:a3:7a:7b:cb:c9:1d:f3:98:56:3d:41:1f:85:
b8:2b:b6:a8:34:c5:97:8f:5f:91:ae:0e:97:b0:8e:
bc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:55:4A:05:D3:9F:E4:0B:92:CA:56:BC:3A:25:FD:48:55:18:FA:DC
X509v3 Authority Key Identifier:
keyid:7E:B9:2B:38:DF:19:7C:A2:CB:AE:30:26:93:22:6B:23:F3:2A:3F:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/frkrON8ZfKLLrjAmkyJrI_MqP3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/af4d63-9f58-4bbd-8d25-91d1a06863ae/1/wFVKBdOf5AuSyla8OiX9SFUY-tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/af4d63-9f58-4bbd-8d25-91d1a06863ae/1/frkrON8ZfKLLrjAmkyJrI_MqP3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.184.0/22
IPv6:
2a0c:a880::/29
Signature Algorithm: sha256WithRSAEncryption
29:23:a8:21:f9:b4:bc:45:8c:2d:b5:ce:be:17:d9:4c:1a:c2:
1c:d7:04:b1:36:b9:f9:84:df:3a:62:b8:7c:27:d5:bf:ff:11:
8a:3d:ff:26:08:b2:ae:ee:78:bc:53:a3:43:62:71:a8:8d:e5:
c7:79:b9:59:f3:4f:c0:29:43:80:fe:68:0e:9d:76:a5:dc:c5:
ca:58:1a:fa:2c:ae:40:4e:6c:4d:5a:a3:bd:e0:5b:cd:97:a8:
bc:66:11:20:a7:49:6f:24:3a:71:08:98:76:a3:59:03:54:17:
a3:99:42:26:93:e9:97:40:19:6f:0c:cb:f1:8d:4e:97:0a:51:
01:ac:a6:e0:42:01:8d:61:d1:f6:91:f4:26:1a:1d:c6:3c:82:
b1:f7:14:7c:f7:dd:2b:fd:7e:87:e1:d2:31:89:b6:e2:91:f9:
d9:12:84:32:7c:76:cd:5a:34:14:5f:88:d5:2e:94:6a:1e:05:
42:94:79:05:df:62:61:a6:68:d4:33:03:bb:e9:a0:17:63:fa:
d2:37:d3:26:14:43:42:e6:ba:1e:ae:39:b5:6b:77:1c:c8:07:
b0:69:d6:1d:4a:7d:52:99:be:b9:b8:3a:70:39:b2:00:5f:c7:
b5:a8:34:de:8b:a3:e7:9b:1e:ea:f7:9d:29:71:12:a9:b5:ea:
2c:b4:f1:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZxNqRaiUZ1HkZ6hHlb2hOF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYjkyYjM4ZGYxOTdjYTJjYmFlMzAyNjkzMjI2YjIzZjMy
YTNmNzYwHhcNMjYwMjExMTcwNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDU1NGEwNWQzOWZlNDBiOTJjYTU2YmMzYTI1ZmQ0ODU1MThmYWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/bxlRh5ITJ5afhTw9XdlbMNvLeD
sqpa7Gcnx/YkyRGdpUFxNwBcf97vyHgqbnY3h2zA3ISZUWU667hfRYG3zSI66rdz
q23wTB3Dw3QBCC0apf6vtqtKsjo8luiw1KbxD5wNq7V/Z7shzRCm4bWXVzT4neCX
bpMZiCN0CjY/lLyqtJbh664eiGQlhBztdjssb2Gf28Dr8EGiIrp4yxWbHsXJNysx
qFZeicXwn312nqg4Y1AEz+e6pEZiocMbnYCi4rjjbjvMjDJUXebmJ5l914MpfCgb
ooJGwbWKAI2jpGfKS6N6e8vJHfOYVj1BH4W4K7aoNMWXj1+Rrg6XsI68swIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMBVSgXTn+QLkspWvDol/UhVGPrcMB8GA1UdIwQY
MBaAFH65KzjfGXyiy64wJpMiayPzKj92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnJrck9OOFpmS0xMcmpBbWt5SnJJX01xUDNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hZjRkNjMtOWY1OC00YmJkLThkMjUt
OTFkMWEwNjg2M2FlLzEvd0ZWS0JkT2Y1QXVTeWxhOE9pWDlTRlVZLXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hZjRkNjMtOWY1OC00YmJkLThkMjUtOTFkMWEwNjg2M2Fl
LzEvZnJrck9OOFpmS0xMcmpBbWt5SnJJX01xUDNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufG4MA0E
AgACMAcDBQMqDKiAMA0GCSqGSIb3DQEBCwUAA4IBAQApI6gh+bS8RYwttc6+F9lM
GsIc1wSxNrn5hN86Yrh8J9W//xGKPf8mCLKu7ni8U6NDYnGojeXHeblZ80/AKUOA
/mgOnXal3MXKWBr6LK5ATmxNWqO94FvNl6i8ZhEgp0lvJDpxCJh2o1kDVBejmUIm
k+mXQBlvDMvxjU6XClEBrKbgQgGNYdH2kfQmGh3GPIKx9xR8990r/X6H4dIxibbi
kfnZEoQyfHbNWjQUX4jVLpRqHgVClHkF32JhpmjUMwO76aAXY/rSN9MmFENC5roe
rjm1a3ccyAewadYdSn1Smb65uDpwObIAX8e1qDTei6Pnmx7q950pcRKpteostPFR
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:35:44 2026 by rpki-client