Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/g4MdA0V4Y4LLEj4W-DT36q8-zaA.roa
File: g4MdA0V4Y4LLEj4W-DT36q8-zaA.roa (raw, json)
Hash identifier: 1dOfKerQ6fTeRy96vldDWidB19KvQjJsmugkkxvwkw0=
Subject key identifier: 83:83:1D:03:45:78:63:82:CB:12:3E:16:F8:34:F7:EA:AF:3E:CD:A0
Certificate issuer: /CN=58c57c079e795a796b47a7ed32f072b058a93a6e
Certificate serial: 019C8AFDAEE45EFD38FA40B25F68E4D48B4B
Authority key identifier: 58:C5:7C:07:9E:79:5A:79:6B:47:A7:ED:32:F0:72:B0:58:A9:3A:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WMV8B555WnlrR6ftMvBysFipOm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/g4MdA0V4Y4LLEj4W-DT36q8-zaA.roa
Signing time: Mon 23 Feb 2026 14:53:26 +0000
ROA not before: Mon 23 Feb 2026 14:53:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50784
IP address blocks: 185.159.168.0/22 maxlen: 22
185.159.168.0/24 maxlen: 24
185.159.170.0/24 maxlen: 24
2a07:b640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/WMV8B555WnlrR6ftMvBysFipOm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/WMV8B555WnlrR6ftMvBysFipOm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WMV8B555WnlrR6ftMvBysFipOm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:fd:ae:e4:5e:fd:38:fa:40:b2:5f:68:e4:d4:8b:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58c57c079e795a796b47a7ed32f072b058a93a6e
Validity
Not Before: Feb 23 14:53:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=83831d0345786382cb123e16f834f7eaaf3ecda0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d3:c0:c3:3e:c6:0a:e3:9d:2a:40:5c:f7:b4:
8e:4b:63:d8:74:05:c5:8e:a7:d5:2b:ed:b7:13:c8:
54:38:a7:31:6e:f8:e9:17:a5:7b:54:af:ba:e6:28:
d5:f5:d1:76:16:4e:dc:27:13:3e:6d:ae:0e:89:67:
43:39:f4:8d:09:bc:40:d6:e0:00:13:d4:27:24:4a:
17:01:12:31:b0:6a:d5:8a:d4:c1:b5:d0:4f:51:0e:
b2:cc:0e:ca:bc:e1:7e:06:87:47:ed:63:3f:67:ed:
a7:8f:35:60:83:51:58:4a:65:6e:b3:1e:39:a7:e1:
21:e8:99:65:51:88:f3:f6:d2:d6:29:d6:cc:08:5d:
59:df:e7:0b:e1:ed:e9:d5:88:8e:f4:8f:06:f8:4d:
d2:7b:b1:dc:ea:6d:da:13:f2:54:68:51:20:2b:92:
33:14:aa:8e:55:66:5c:42:f2:ec:cc:cc:f0:79:26:
85:8d:2d:5a:9a:30:76:e1:eb:aa:2e:98:0f:b9:82:
ed:77:2f:bd:e6:a9:82:d0:8b:ea:65:85:79:2b:88:
eb:26:26:bd:9b:26:ab:27:1f:ca:8d:55:e9:ee:73:
99:b8:2d:b2:54:75:f4:1a:26:97:61:97:e6:26:c5:
f6:64:6e:e2:51:89:11:67:fd:99:a9:22:98:8c:47:
e9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:83:1D:03:45:78:63:82:CB:12:3E:16:F8:34:F7:EA:AF:3E:CD:A0
X509v3 Authority Key Identifier:
keyid:58:C5:7C:07:9E:79:5A:79:6B:47:A7:ED:32:F0:72:B0:58:A9:3A:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WMV8B555WnlrR6ftMvBysFipOm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/g4MdA0V4Y4LLEj4W-DT36q8-zaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/WMV8B555WnlrR6ftMvBysFipOm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.168.0/22
IPv6:
2a07:b640::/29
Signature Algorithm: sha256WithRSAEncryption
5f:be:4d:80:25:7f:32:42:78:4a:bc:c6:47:74:f8:77:55:da:
65:17:42:ec:25:f5:11:5a:e2:89:3a:13:91:43:3f:ff:ce:45:
95:65:4e:00:2f:b9:20:94:84:1c:78:63:d5:1f:c9:27:82:7e:
f9:6a:69:81:78:f8:af:ec:bb:af:8e:5a:6d:ab:e0:69:72:11:
c3:97:75:7c:3b:d3:65:a7:58:2b:0c:aa:fe:01:22:d2:60:71:
39:3f:08:97:14:c0:85:d8:e7:20:38:b6:8f:ce:08:57:7c:36:
28:d7:87:56:e9:a0:ea:d9:9a:e3:c1:f9:7e:63:3f:0e:68:2b:
34:31:3d:3f:54:53:f1:62:52:e5:ba:4a:bc:8e:81:cd:b1:f9:
2a:fb:6f:60:62:6f:8c:a3:7e:11:46:55:a9:19:5a:8e:25:5a:
f7:52:dd:76:66:8c:de:15:fd:ff:59:55:0b:6b:cf:b2:a9:b3:
e0:dd:f1:f9:23:ba:86:c8:c9:49:29:a1:f7:c3:99:64:5c:fb:
76:2e:98:83:6b:48:c9:06:a5:26:02:0e:93:47:9b:00:3b:85:
ed:a3:2a:04:b7:d8:f0:d8:20:9d:fa:e6:f6:79:39:16:0c:81:
11:da:ef:86:0e:2b:2a:55:be:4d:24:30:37:92:f0:c0:d6:bb:
e5:3d:8e:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZyK/a7kXv04+kCyX2jk1ItLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YzU3YzA3OWU3OTVhNzk2YjQ3YTdlZDMyZjA3MmIwNThh
OTNhNmUwHhcNMjYwMjIzMTQ1MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzgzMWQwMzQ1Nzg2MzgyY2IxMjNlMTZmODM0ZjdlYWFmM2VjZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9PAwz7GCuOdKkBc97SOS2PYdAXF
jqfVK+23E8hUOKcxbvjpF6V7VK+65ijV9dF2Fk7cJxM+ba4OiWdDOfSNCbxA1uAA
E9QnJEoXARIxsGrVitTBtdBPUQ6yzA7KvOF+BodH7WM/Z+2njzVgg1FYSmVusx45
p+Eh6JllUYjz9tLWKdbMCF1Z3+cL4e3p1YiO9I8G+E3Se7Hc6m3aE/JUaFEgK5Iz
FKqOVWZcQvLszMzweSaFjS1amjB24euqLpgPuYLtdy+95qmC0IvqZYV5K4jrJia9
myarJx/KjVXp7nOZuC2yVHX0GiaXYZfmJsX2ZG7iUYkRZ/2ZqSKYjEfpDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIODHQNFeGOCyxI+Fvg09+qvPs2gMB8GA1UdIwQY
MBaAFFjFfAeeeVp5a0en7TLwcrBYqTpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV01WOEI1NTVXbmxyUjZmdE12QnlzRmlwT200LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iMzU3NDYtOGU0Mi00ZDgwLWI3NmQt
NTc1MjkyYmMzOTQxLzEvZzRNZEEwVjRZNExMRWo0Vy1EVDM2cTgtemFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iMzU3NDYtOGU0Mi00ZDgwLWI3NmQtNTc1MjkyYmMzOTQx
LzEvV01WOEI1NTVXbmxyUjZmdE12QnlzRmlwT200LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ+oMA0E
AgACMAcDBQMqB7ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBfvk2AJX8yQnhKvMZHdPh3
VdplF0LsJfURWuKJOhORQz//zkWVZU4AL7kglIQceGPVH8kngn75ammBePiv7Luv
jlptq+BpchHDl3V8O9Nlp1grDKr+ASLSYHE5PwiXFMCF2OcgOLaPzghXfDYo14dW
6aDq2Zrjwfl+Yz8OaCs0MT0/VFPxYlLlukq8joHNsfkq+29gYm+Mo34RRlWpGVqO
JVr3Ut12ZozeFf3/WVULa8+yqbPg3fH5I7qGyMlJKaH3w5lkXPt2LpiDa0jJBqUm
Ag6TR5sAO4XtoyoEt9jw2CCd+ub2eTkWDIER2u+GDisqVb5NJDA3kvDA1rvlPY7G
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:11:04 2026 by rpki-client