Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/pw0RXXsD6LUrqOPEq8MgqL2qpD0.roa
File: pw0RXXsD6LUrqOPEq8MgqL2qpD0.roa (raw, json)
Hash identifier: 917pV46CquJ4To8++B0OiVsGyf2fknUas8X+vyjzrnQ=
Subject key identifier: A7:0D:11:5D:7B:03:E8:B5:2B:A8:E3:C4:AB:C3:20:A8:BD:AA:A4:3D
Certificate issuer: /CN=96ff45e6de48bfc0397dacad83a84831db7952d1
Certificate serial: 019B79ECB802FC09C851B9B54B564EEA98EF
Authority key identifier: 96:FF:45:E6:DE:48:BF:C0:39:7D:AC:AD:83:A8:48:31:DB:79:52:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/pw0RXXsD6LUrqOPEq8MgqL2qpD0.roa
Signing time: Thu 01 Jan 2026 14:18:35 +0000
ROA not before: Thu 01 Jan 2026 14:18:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202498
IP address blocks: 178.130.140.0/24 maxlen: 24
178.130.141.0/24 maxlen: 24
178.130.142.0/24 maxlen: 24
178.130.143.0/24 maxlen: 24
193.143.64.0/24 maxlen: 24
193.143.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/lv9F5t5Iv8A5faytg6hIMdt5UtE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/lv9F5t5Iv8A5faytg6hIMdt5UtE.mft
rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:ec:b8:02:fc:09:c8:51:b9:b5:4b:56:4e:ea:98:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96ff45e6de48bfc0397dacad83a84831db7952d1
Validity
Not Before: Jan 1 14:18:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a70d115d7b03e8b52ba8e3c4abc320a8bdaaa43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b6:bf:83:02:50:46:97:2e:53:b9:dc:ea:ae:
33:52:26:cd:ca:55:a8:98:49:0a:0e:b8:b7:c2:48:
77:6c:57:4b:ad:59:04:fd:aa:fb:54:31:12:20:7e:
1b:e3:72:ca:17:04:ac:92:1f:01:3e:7e:26:5c:59:
01:d5:dd:11:d1:0c:21:28:17:6c:38:ca:72:18:10:
20:77:79:df:32:c3:e0:18:01:37:af:0a:62:1a:ef:
12:3a:73:fb:ce:70:ae:4f:1a:f7:da:cc:de:13:e9:
c0:c0:6f:4f:e7:b1:97:96:c6:cb:84:8e:2c:4c:78:
38:61:3d:1b:47:06:f7:45:74:22:76:81:d1:d0:47:
1c:4b:4a:89:0e:60:a6:8b:e9:40:4b:b6:9a:17:79:
cd:9f:4c:94:25:c9:19:ad:66:5a:56:c3:07:b2:0c:
86:54:ad:c6:10:79:a3:63:87:26:46:1a:d7:5a:ea:
a4:2a:d8:78:93:61:6d:ea:33:ab:99:f5:56:c6:1c:
c4:be:19:aa:5b:6c:2b:4a:2d:7e:9d:15:e4:d1:7b:
9b:9f:46:4a:52:5f:07:5d:27:50:6f:db:a9:56:98:
fa:8e:15:61:3c:1e:38:e8:b1:e1:aa:0c:c2:a9:38:
4e:a5:c0:23:60:78:40:47:18:b7:4d:aa:74:2d:27:
2a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:0D:11:5D:7B:03:E8:B5:2B:A8:E3:C4:AB:C3:20:A8:BD:AA:A4:3D
X509v3 Authority Key Identifier:
keyid:96:FF:45:E6:DE:48:BF:C0:39:7D:AC:AD:83:A8:48:31:DB:79:52:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/pw0RXXsD6LUrqOPEq8MgqL2qpD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/lv9F5t5Iv8A5faytg6hIMdt5UtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.130.140.0/22
193.143.64.0/23
Signature Algorithm: sha256WithRSAEncryption
76:3b:1b:09:05:49:65:82:f1:7f:cb:31:c0:e4:2d:e0:1b:00:
82:33:ed:d0:23:e5:57:22:f2:33:07:c8:5e:6f:81:b8:ea:3f:
72:8c:d5:d8:1b:20:ba:66:f4:7e:35:fe:49:a1:64:a1:67:22:
16:c2:d5:29:5c:04:d0:22:24:e5:5a:24:31:2c:ac:fe:af:26:
ed:12:57:40:d7:a5:33:4d:7a:bb:f3:31:52:27:83:29:a8:5b:
19:24:ab:a7:4a:d9:d6:d0:45:47:d1:13:b8:cc:9e:5d:5f:fb:
ad:51:d2:3a:cd:b5:98:8e:52:4b:f0:24:66:8a:18:7b:b5:4c:
bd:ea:e2:8f:be:37:07:81:e4:1e:08:46:80:a8:50:9d:69:9f:
35:b1:e4:f2:bb:f8:1f:c4:b0:8f:01:91:6e:38:f5:c6:18:b9:
80:48:42:bb:65:db:3d:76:c0:12:7a:99:de:e1:d5:5f:30:51:
24:06:b6:87:84:a0:19:f8:80:05:b3:f8:9b:66:32:62:31:78:
fa:cf:59:53:ac:91:48:f3:e9:fd:da:1c:e5:b0:33:ff:92:32:
f4:f0:67:7a:40:6e:24:9b:dd:83:09:e1:40:e6:e7:b7:99:ff:
b5:58:9c:01:e4:1f:bf:c0:f2:16:e5:ca:7e:06:8b:fe:6d:5d:
83:d3:6e:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZt57LgC/AnIUbm1S1ZO6pjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZmY0NWU2ZGU0OGJmYzAzOTdkYWNhZDgzYTg0ODMxZGI3
OTUyZDEwHhcNMjYwMTAxMTQxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzBkMTE1ZDdiMDNlOGI1MmJhOGUzYzRhYmMzMjBhOGJkYWFhNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyba/gwJQRpcuU7nc6q4zUibNylWo
mEkKDri3wkh3bFdLrVkE/ar7VDESIH4b43LKFwSskh8BPn4mXFkB1d0R0QwhKBds
OMpyGBAgd3nfMsPgGAE3rwpiGu8SOnP7znCuTxr32szeE+nAwG9P57GXlsbLhI4s
THg4YT0bRwb3RXQidoHR0EccS0qJDmCmi+lAS7aaF3nNn0yUJckZrWZaVsMHsgyG
VK3GEHmjY4cmRhrXWuqkKth4k2Ft6jOrmfVWxhzEvhmqW2wrSi1+nRXk0Xubn0ZK
Ul8HXSdQb9upVpj6jhVhPB446LHhqgzCqThOpcAjYHhARxi3Tap0LScqYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKcNEV17A+i1K6jjxKvDIKi9qqQ9MB8GA1UdIwQY
MBaAFJb/RebeSL/AOX2srYOoSDHbeVLRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHY5RjV0NUl2OEE1ZmF5dGc2aElNZHQ1VXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82YzdiMjgtZjJjZS00NDVmLThmOTAt
MGY1ZDM3OTdhMzI1LzEvcHcwUlhYc0Q2TFVycU9QRXE4TWdxTDJxcEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82YzdiMjgtZjJjZS00NDVmLThmOTAtMGY1ZDM3OTdhMzI1
LzEvbHY5RjV0NUl2OEE1ZmF5dGc2aElNZHQ1VXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsoKMAwQB
wY9AMA0GCSqGSIb3DQEBCwUAA4IBAQB2OxsJBUllgvF/yzHA5C3gGwCCM+3QI+VX
IvIzB8heb4G46j9yjNXYGyC6ZvR+Nf5JoWShZyIWwtUpXATQIiTlWiQxLKz+rybt
EldA16UzTXq78zFSJ4MpqFsZJKunStnW0EVH0RO4zJ5dX/utUdI6zbWYjlJL8CRm
ihh7tUy96uKPvjcHgeQeCEaAqFCdaZ81seTyu/gfxLCPAZFuOPXGGLmASEK7Zds9
dsASepne4dVfMFEkBraHhKAZ+IAFs/ibZjJiMXj6z1lTrJFI8+n92hzlsDP/kjL0
8Gd6QG4km92DCeFA5ue3mf+1WJwB5B+/wPIW5cp+Bov+bV2D025Y
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:52:31 2026 by rpki-client