Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/wUIQuE5RAl6yjUP9k5UHyxLRIPw.roa
File: wUIQuE5RAl6yjUP9k5UHyxLRIPw.roa (raw, json)
Hash identifier: NCMtFKefqHShmwgJRWPFU+3g5xSc9WX2hSElA5v9Foo=
Subject key identifier: C1:42:10:B8:4E:51:02:5E:B2:8D:43:FD:93:95:07:CB:12:D1:20:FC
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 019C043CAB395153C8864BCA8448EDB8E9DE
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/wUIQuE5RAl6yjUP9k5UHyxLRIPw.roa
Signing time: Wed 28 Jan 2026 10:53:30 +0000
ROA not before: Wed 28 Jan 2026 10:53:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49685
IP address blocks: 31.3.8.0/21 maxlen: 24
31.223.160.0/20 maxlen: 24
37.17.208.0/20 maxlen: 24
46.226.56.0/21 maxlen: 24
78.108.128.0/20 maxlen: 24
80.84.224.0/19 maxlen: 24
80.246.192.0/20 maxlen: 24
80.246.207.0/24 maxlen: 24
80.255.240.0/20 maxlen: 24
81.4.64.0/20 maxlen: 24
81.4.80.0/22 maxlen: 24
81.4.88.0/21 maxlen: 24
81.4.96.0/22 maxlen: 24
81.4.112.0/21 maxlen: 24
81.21.136.0/21 maxlen: 24
81.21.136.0/24 maxlen: 24
81.30.32.0/20 maxlen: 24
83.96.128.0/18 maxlen: 24
83.96.192.0/21 maxlen: 24
83.96.208.0/22 maxlen: 24
83.96.224.0/21 maxlen: 24
83.96.232.0/22 maxlen: 24
83.96.248.0/22 maxlen: 24
85.10.160.0/19 maxlen: 24
85.10.172.0/22 maxlen: 24
85.158.248.0/22 maxlen: 24
85.158.252.0/23 maxlen: 24
91.142.240.0/21 maxlen: 24
91.142.252.0/23 maxlen: 24
91.189.208.0/22 maxlen: 24
91.205.32.0/22 maxlen: 24
94.142.208.0/21 maxlen: 24
141.255.176.0/22 maxlen: 24
141.255.180.0/22 maxlen: 24
171.33.128.0/21 maxlen: 24
171.33.128.0/24 maxlen: 24
176.74.224.0/19 maxlen: 24
185.15.248.0/22 maxlen: 24
185.65.52.0/22 maxlen: 24
185.69.232.0/22 maxlen: 24
185.84.72.0/22 maxlen: 24
185.89.152.0/22 maxlen: 24
185.95.68.0/22 maxlen: 24
185.105.204.0/22 maxlen: 24
185.105.216.0/22 maxlen: 24
193.93.172.0/22 maxlen: 24
193.242.119.0/24 maxlen: 24
217.21.240.0/20 maxlen: 24
217.21.241.0/24 maxlen: 24
217.149.128.0/20 maxlen: 24
2001:828::/32 maxlen: 48
2001:4cb8::/29 maxlen: 48
2001:4cb8:e::/48 maxlen: 48
2001:4cb8:40b::/48 maxlen: 48
2a00:c080::/32 maxlen: 48
2a03:4f00::/32 maxlen: 48
2a03:5700::/32 maxlen: 48
2a05:2500::/32 maxlen: 48
2a05:a282::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 10:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:04:3c:ab:39:51:53:c8:86:4b:ca:84:48:ed:b8:e9:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 28 10:53:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c14210b84e51025eb28d43fd939507cb12d120fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:14:0a:44:26:ca:d1:2b:7b:70:cf:3a:93:e4:
20:0e:bb:cc:26:02:7a:f6:b7:0e:22:dc:df:b5:da:
a9:77:df:6d:08:f2:72:13:eb:cf:9e:bc:27:ef:6f:
ac:83:6c:39:0f:43:ee:41:dd:22:af:70:ca:a1:6f:
6f:4c:09:b1:36:6b:0e:99:96:31:7f:73:e0:40:93:
95:50:f4:f9:c9:c2:19:34:27:9d:24:74:d4:c7:32:
a2:c0:7a:3d:81:e7:71:50:ab:51:6c:b8:45:c5:bf:
4a:60:48:fe:4c:59:5d:e4:74:f4:2a:64:78:7e:6d:
74:1a:3f:f1:58:34:21:b1:25:19:07:a4:26:4c:ef:
7c:db:4e:aa:8b:0c:91:b7:25:52:9b:6b:7f:c0:b5:
bb:f5:8b:96:c1:27:15:51:29:0b:04:40:4e:57:bc:
ae:04:0d:d2:da:ea:48:e5:cd:10:5b:12:6e:f8:e0:
71:3c:89:6f:ad:88:1e:8a:75:46:b5:16:d5:8c:84:
09:ff:fd:f0:cd:eb:35:95:44:70:9b:5d:0e:e9:20:
14:fd:6d:2d:f9:4c:cd:e9:a5:57:d2:00:48:d2:97:
d6:3a:43:83:01:0f:ee:ea:e8:60:ea:55:75:8c:74:
6b:90:32:5f:a5:02:4c:98:92:46:58:ec:bb:2e:fc:
39:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:42:10:B8:4E:51:02:5E:B2:8D:43:FD:93:95:07:CB:12:D1:20:FC
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/wUIQuE5RAl6yjUP9k5UHyxLRIPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.8.0/21
31.223.160.0/20
37.17.208.0/20
46.226.56.0/21
78.108.128.0/20
80.84.224.0/19
80.246.192.0/20
80.255.240.0/20
81.4.64.0-81.4.83.255
81.4.88.0-81.4.99.255
81.4.112.0/21
81.21.136.0/21
81.30.32.0/20
83.96.128.0-83.96.199.255
83.96.208.0/22
83.96.224.0-83.96.235.255
83.96.248.0/22
85.10.160.0/19
85.158.248.0-85.158.253.255
91.142.240.0/21
91.142.252.0/23
91.189.208.0/22
91.205.32.0/22
94.142.208.0/21
141.255.176.0/21
171.33.128.0/21
176.74.224.0/19
185.15.248.0/22
185.65.52.0/22
185.69.232.0/22
185.84.72.0/22
185.89.152.0/22
185.95.68.0/22
185.105.204.0/22
185.105.216.0/22
193.93.172.0/22
193.242.119.0/24
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:828::/32
2001:4cb8::/29
2a00:c080::/32
2a03:4f00::/32
2a03:5700::/32
2a05:2500::/32
2a05:a282::/32
Signature Algorithm: sha256WithRSAEncryption
5a:9b:2b:b7:7c:bb:69:91:6d:fd:64:7d:f2:c8:e9:4e:eb:b8:
21:0e:28:79:27:c0:c9:8c:a3:a3:5d:5d:09:dc:74:19:7d:a3:
53:1e:32:40:2a:2b:34:19:dc:06:28:9b:4e:af:97:7e:cc:60:
93:bf:f0:4e:0c:16:53:cd:1e:cb:01:37:fe:d2:eb:1f:37:02:
d6:92:45:37:26:94:5a:3f:f6:c6:4f:4b:59:88:f0:f0:57:c7:
36:c8:6c:ea:ce:46:3c:10:e0:55:13:1c:8f:2b:10:db:71:b5:
dc:5a:c0:52:2b:62:fb:6d:ce:32:cb:14:f4:28:f8:3e:85:9c:
5c:76:4a:1b:a8:96:4a:a2:4e:17:05:9a:d0:4c:90:93:83:93:
92:f0:4b:2e:49:d5:b3:f3:ed:a4:93:5d:da:57:3d:90:48:b2:
91:85:3b:74:33:e6:67:8f:c6:b6:ea:db:31:2f:cf:bc:37:73:
8d:39:2e:c0:02:1e:fc:48:15:81:04:f6:86:19:81:b6:40:2d:
8b:da:c6:c8:5d:74:0b:eb:bb:87:aa:4c:d6:75:eb:35:0d:be:
f7:26:c2:8c:c6:83:3a:b8:ec:4c:60:e0:78:de:50:3a:ee:33:
5e:83:e2:56:a3:92:c4:6c:d4:66:7e:e1:0b:03:fa:b6:af:39:
55:f4:26:15
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgISAZwEPKs5UVPIhkvKhEjtuOneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjYwMTI4MTA1MzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTQyMTBiODRlNTEwMjVlYjI4ZDQzZmQ5Mzk1MDdjYjEyZDEyMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhQKRCbK0St7cM86k+QgDrvMJgJ6
9rcOItzftdqpd99tCPJyE+vPnrwn72+sg2w5D0PuQd0ir3DKoW9vTAmxNmsOmZYx
f3PgQJOVUPT5ycIZNCedJHTUxzKiwHo9gedxUKtRbLhFxb9KYEj+TFld5HT0KmR4
fm10Gj/xWDQhsSUZB6QmTO98206qiwyRtyVSm2t/wLW79YuWwScVUSkLBEBOV7yu
BA3S2upI5c0QWxJu+OBxPIlvrYgeinVGtRbVjIQJ//3wzes1lURwm10O6SAU/W0t
+UzN6aVX0gBI0pfWOkODAQ/u6uhg6lV1jHRrkDJfpQJMmJJGWOy7Lvw5NwIDAQAB
o4IDWDCCA1QwHQYDVR0OBBYEFMFCELhOUQJeso1D/ZOVB8sS0SD8MB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvd1VJUXVFNVJBbDZ5alVQOWs1VUh5eExSSVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbAYIKwYBBQUHAQcBAf8EggFbMIIBVzCCARoEAgABMIIB
EgMEAx8DCAMEBB/foAMEBCUR0AMEAy7iOAMEBE5sgAMEBVBU4AMEBFD2wAMEBFD/
8DAMAwQGUQRAAwQCUQRQMAwDBANRBFgDBAJRBGADBANRBHADBANRFYgDBARRHiAw
DAMEB1NggAMEA1NgwAMEAlNg0DAMAwQFU2DgAwQCU2DoAwQCU2D4AwQFVQqgMAwD
BANVnvgDBAFVnvwDBANbjvADBAFbjvwDBAJbvdADBAJbzSADBANejtADBAON/7AD
BAOrIYADBAWwSuADBAK5D/gDBAK5QTQDBAK5RegDBAK5VEgDBAK5WZgDBAK5X0QD
BAK5acwDBAK5adgDBALBXawDBADB8ncDBATZFfADBATZlYAwNwQCAAIwMQMFACAB
CCgDBQMgAUy4AwUAKgDAgAMFACoDTwADBQAqA1cAAwUAKgUlAAMFACoFooIwDQYJ
KoZIhvcNAQELBQADggEBAFqbK7d8u2mRbf1kffLI6U7ruCEOKHknwMmMo6NdXQnc
dBl9o1MeMkAqKzQZ3AYom06vl37MYJO/8E4MFlPNHssBN/7S6x83AtaSRTcmlFo/
9sZPS1mI8PBXxzbIbOrORjwQ4FUTHI8rENtxtdxawFIrYvttzjLLFPQo+D6FnFx2
ShuolkqiThcFmtBMkJODk5LwSy5J1bPz7aSTXdpXPZBIspGFO3Qz5mePxrbq2zEv
z7w3c405LsACHvxIFYEE9oYZgbZALYvaxshddAvru4eqTNZ16zUNvvcmwozGgzq4
7Exg4HjeUDruM16D4lajksRs1GZ+4QsD+ravOVX0JhU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:18:49 2026 by rpki-client