Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/WyLq5mdKCW2UGDpdqrK7Xp2HJRc.roa
File: WyLq5mdKCW2UGDpdqrK7Xp2HJRc.roa (raw, json)
Hash identifier: 3yoswgkDWLABDVLm06inU+3X5NuNCflUQTjxzRiweyM=
Subject key identifier: 5B:22:EA:E6:67:4A:09:6D:94:18:3A:5D:AA:B2:BB:5E:9D:87:25:17
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 019C204492DE80BCF7A2248DA45357595CD8
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/WyLq5mdKCW2UGDpdqrK7Xp2HJRc.roa
Signing time: Mon 02 Feb 2026 21:31:30 +0000
ROA not before: Mon 02 Feb 2026 21:31:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50131
IP address blocks: 37.72.132.0/24 maxlen: 32
45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
45.145.74.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.150.224.0/24 maxlen: 32
45.150.225.0/24 maxlen: 32
45.150.226.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.154.212.0/22 maxlen: 32
62.204.54.0/24 maxlen: 32
91.246.39.0/24 maxlen: 24
94.154.114.0/24 maxlen: 32
146.19.114.0/24 maxlen: 32
146.19.223.0/24 maxlen: 32
176.116.1.0/24 maxlen: 32
178.22.30.0/24 maxlen: 32
188.93.139.0/24 maxlen: 32
193.218.200.0/23 maxlen: 32
193.221.94.0/23 maxlen: 32
194.124.218.0/23 maxlen: 32
194.124.224.0/24 maxlen: 32
194.124.225.0/24 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
212.18.111.0/24 maxlen: 32
217.114.47.0/24 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:20:44:92:de:80:bc:f7:a2:24:8d:a4:53:57:59:5c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Feb 2 21:31:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5b22eae6674a096d94183a5daab2bb5e9d872517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c0:5a:1c:fd:ed:ed:79:b3:ef:9d:94:4f:b5:
e5:3b:d5:8d:b0:62:40:ea:53:a4:c5:ab:2d:91:b1:
43:98:3f:69:30:c5:70:7b:ea:05:9b:2c:3d:cc:90:
c6:a2:ca:83:00:9a:82:02:e6:92:5e:54:15:67:9b:
f5:eb:4f:57:d4:e4:26:42:ee:11:68:dd:7f:c8:cf:
a7:da:16:44:95:5c:c7:eb:cc:33:33:af:e6:5c:f6:
f2:f9:6a:ef:7b:f5:a5:fd:7e:3c:10:8a:ce:16:be:
05:83:78:be:c6:cb:cb:1c:fd:77:60:cc:7b:2a:dd:
c1:4b:0c:01:26:42:12:be:ff:b5:39:ae:a1:84:56:
b9:a3:30:2d:06:6d:8f:c3:9c:f9:e5:d8:a4:81:97:
37:8e:11:89:0a:b8:aa:96:90:b9:05:a5:d1:53:99:
0d:db:79:b4:01:d8:31:29:8f:bd:ac:e4:7e:35:16:
ac:72:78:00:d9:c4:54:87:fa:97:37:ce:d2:65:68:
a8:66:b8:ae:4e:4d:95:30:46:9d:08:39:01:94:d0:
11:44:48:e4:c8:8c:b9:13:41:f9:0c:f1:68:c7:52:
3c:e0:08:81:9e:38:7f:c3:1b:c9:8e:3b:ed:63:fa:
13:d9:9f:7c:cd:7f:9a:4c:c3:8d:bc:dd:8a:9c:15:
7b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:22:EA:E6:67:4A:09:6D:94:18:3A:5D:AA:B2:BB:5E:9D:87:25:17
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/WyLq5mdKCW2UGDpdqrK7Xp2HJRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.132.0/24
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.224.0/22
45.151.132.0/22
45.154.212.0/22
62.204.54.0/24
91.246.39.0/24
94.154.114.0/24
146.19.114.0/24
146.19.223.0/24
176.116.1.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
212.18.111.0/24
217.114.47.0/24
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
07:8b:bd:40:a3:72:6b:75:a9:a2:e8:ed:34:51:26:02:eb:84:
3f:e3:73:11:bf:ac:93:95:c3:22:63:91:ed:f1:f7:28:0d:0e:
4d:98:c7:23:87:6d:cb:bd:b3:65:e0:c4:4f:fd:3c:5f:d4:65:
a4:c4:7d:2e:c3:18:60:19:90:13:db:5f:7e:9f:1b:52:7f:8a:
8e:34:ac:74:91:a2:2b:fe:0c:29:a2:c7:0e:76:5b:e8:26:88:
51:d8:80:41:e9:d0:61:67:b9:03:81:12:9c:a1:32:84:c3:06:
12:2e:05:82:98:f8:3a:b6:58:58:7f:c8:f3:ec:c5:7d:62:1e:
38:cd:7e:f9:fa:76:7c:84:e3:97:66:47:84:d4:98:90:79:95:
99:20:6a:48:90:69:74:39:1a:04:8a:16:e0:cf:88:96:98:4e:
9c:87:4e:bf:bb:a7:bc:8f:af:98:3c:a0:cf:bd:54:fd:2f:4c:
c5:dd:4f:d2:e2:b7:f3:27:2f:b3:f3:87:d4:93:5a:7c:3c:d5:
e9:28:8b:af:24:38:0d:7e:c6:9c:8c:d5:a5:1a:11:03:dc:cb:
87:6b:50:97:1e:15:35:76:3b:0b:e3:a9:6e:0f:67:9f:c0:7c:
cc:da:fb:d0:a6:7a:15:7e:c4:a8:94:6d:b8:31:4d:55:8f:12:
0b:65:cf:52
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZwgRJLegLz3oiSNpFNXWVzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjYwMjAyMjEzMTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjIyZWFlNjY3NGEwOTZkOTQxODNhNWRhYWIyYmI1ZTlkODcyNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsBaHP3t7Xmz752UT7XlO9WNsGJA
6lOkxastkbFDmD9pMMVwe+oFmyw9zJDGosqDAJqCAuaSXlQVZ5v1609X1OQmQu4R
aN1/yM+n2hZElVzH68wzM6/mXPby+Wrve/Wl/X48EIrOFr4Fg3i+xsvLHP13YMx7
Kt3BSwwBJkISvv+1Oa6hhFa5ozAtBm2Pw5z55dikgZc3jhGJCriqlpC5BaXRU5kN
23m0AdgxKY+9rOR+NRascngA2cRUh/qXN87SZWioZriuTk2VMEadCDkBlNARREjk
yIy5E0H5DPFox1I84AiBnjh/wxvJjjvtY/oT2Z98zX+aTMONvN2KnBV7GQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFFsi6uZnSgltlBg6Xaqyu16dhyUXMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvV3lMcTVtZEtDVzJVR0RwZHFySzdYcDJISlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBkwQCAAEwgYwDBAAl
SIQDBAItjpwDBAItkUgDBAItlqQDBAItluADBAItl4QDBAItmtQDBAA+zDYDBABb
9icDBABemnIDBACSE3IDBACSE98DBACwdAEDBACyFh4DBAC8XYsDBAHB2sgDBAHB
3V4DBAHCfNoDBAHCfOAwDAMEAcKTYgMEAcKTZAMEANQSbwMEANlyLzAOBAIAAjAI
AwYGKg7aQEAwDQYJKoZIhvcNAQELBQADggEBAAeLvUCjcmt1qaLo7TRRJgLrhD/j
cxG/rJOVwyJjke3x9ygNDk2YxyOHbcu9s2XgxE/9PF/UZaTEfS7DGGAZkBPbX36f
G1J/io40rHSRoiv+DCmixw52W+gmiFHYgEHp0GFnuQOBEpyhMoTDBhIuBYKY+Dq2
WFh/yPPsxX1iHjjNfvn6dnyE45dmR4TUmJB5lZkgakiQaXQ5GgSKFuDPiJaYTpyH
Tr+7p7yPr5g8oM+9VP0vTMXdT9Lit/MnL7Pzh9STWnw81ekoi68kOA1+xpyM1aUa
EQPcy4drUJceFTV2OwvjqW4PZ5/AfMza+9CmehV+xKiUbbgxTVWPEgtlz1I=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:38:31 2026 by rpki-client