Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/WimZdTjw5Lm8MtebopYruWKL5rI.roa
File: WimZdTjw5Lm8MtebopYruWKL5rI.roa (raw, json)
Hash identifier: ZsNGt4iJIvs0TYMA8I/lIAfczIzjQsE/8A1JQl2JcVU=
Subject key identifier: 5A:29:99:75:38:F0:E4:B9:BC:32:D7:9B:A2:96:2B:B9:62:8B:E6:B2
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 019C58A018964F9336A17A441D88FE0B2667
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/WimZdTjw5Lm8MtebopYruWKL5rI.roa
Signing time: Fri 13 Feb 2026 20:10:12 +0000
ROA not before: Fri 13 Feb 2026 20:10:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3170
IP address blocks: 83.97.16.0/22 maxlen: 24
83.97.16.0/24 maxlen: 32
91.240.224.0/24 maxlen: 24
103.141.24.0/23 maxlen: 32
185.17.196.0/22 maxlen: 24
185.128.10.0/24 maxlen: 24
185.175.90.0/24 maxlen: 24
188.64.34.0/23 maxlen: 24
188.64.36.0/22 maxlen: 24
193.35.56.0/22 maxlen: 24
193.105.188.0/24 maxlen: 24
194.0.58.0/24 maxlen: 24
194.69.165.0/24 maxlen: 24
195.74.52.0/22 maxlen: 24
195.144.8.0/24 maxlen: 24
195.191.218.0/23 maxlen: 24
195.191.219.0/24 maxlen: 32
2a03:ee40::/32 maxlen: 32
2a07:240::/29 maxlen: 48
2a10:4740::/29 maxlen: 48
2a11:2640::/32 maxlen: 32
2a11:2641::/32 maxlen: 32
2a11:2647::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.mft
rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:58:a0:18:96:4f:93:36:a1:7a:44:1d:88:fe:0b:26:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Feb 13 20:10:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5a29997538f0e4b9bc32d79ba2962bb9628be6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:eb:1f:69:09:0e:0c:96:a2:dc:fa:24:b1:9d:
ae:91:45:b2:be:40:aa:06:01:65:00:89:3f:b6:8c:
9e:c5:9b:66:1c:3b:f9:27:53:24:1d:cf:16:52:8e:
f2:44:68:da:5b:98:33:2e:e1:4e:cd:c3:2d:7a:f0:
d5:2a:ac:0e:d8:cf:4c:4a:b8:0e:02:32:61:b4:e4:
cd:fb:6d:64:09:b8:f3:7a:53:e5:af:95:d9:a7:0c:
5f:8e:34:14:f4:f3:d6:a0:4a:59:14:08:6f:42:be:
28:d7:6d:a9:4d:6e:bb:2c:cf:ea:b7:40:56:b7:2b:
a7:ad:08:95:95:b2:66:3c:e3:67:c0:29:8d:76:56:
fb:9a:d6:41:65:e2:31:bf:34:0c:31:c3:7d:69:ea:
10:61:4e:6e:c8:8c:76:1a:92:0c:62:9d:83:0d:4f:
0e:f1:01:7d:c2:33:b9:7f:c1:3a:7d:4a:8f:e0:04:
db:f8:bf:67:8f:d8:b3:d2:c7:5d:f8:96:74:7d:fb:
20:92:d8:3d:30:19:28:30:bc:ac:94:bf:2e:10:af:
35:ac:c0:16:5a:3f:53:6a:fa:53:2e:f0:c3:2a:b9:
c8:8b:c1:ae:50:df:7e:55:f9:c7:46:c4:78:29:f9:
8e:a9:92:4d:c6:55:2e:34:c4:3d:1e:77:0f:ba:fc:
85:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:29:99:75:38:F0:E4:B9:BC:32:D7:9B:A2:96:2B:B9:62:8B:E6:B2
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/WimZdTjw5Lm8MtebopYruWKL5rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.16.0/22
91.240.224.0/24
103.141.24.0/23
185.17.196.0/22
185.128.10.0/24
185.175.90.0/24
188.64.34.0-188.64.39.255
193.35.56.0/22
193.105.188.0/24
194.0.58.0/24
194.69.165.0/24
195.74.52.0/22
195.144.8.0/24
195.191.218.0/23
IPv6:
2a03:ee40::/32
2a07:240::/29
2a10:4740::/29
2a11:2640::/31
2a11:2647::/32
Signature Algorithm: sha256WithRSAEncryption
27:9b:64:cf:a2:7e:41:39:c6:6e:38:00:87:06:28:1d:3b:65:
4e:95:81:2e:81:f9:b1:02:a0:a7:aa:f0:1a:5d:ad:c5:f3:d5:
c1:a9:aa:fa:22:ab:84:e0:34:72:a2:8e:73:81:4a:3d:3f:af:
76:d6:22:1e:45:41:76:d8:dd:c3:6f:f2:aa:f2:76:9f:ec:a1:
12:11:dc:f1:50:51:08:9a:99:ff:df:12:3d:03:d5:06:87:c0:
8f:3d:9f:36:05:14:7f:6b:32:a2:d3:9f:2c:52:9f:77:56:34:
e0:da:9a:ab:c7:dc:f8:ed:7f:e2:c3:d3:26:b6:74:c1:77:a0:
bc:e5:27:07:ec:c1:bc:f1:bc:62:60:fc:8e:5e:6b:95:4c:20:
6e:eb:09:51:6c:2c:43:43:c6:c1:13:1c:ba:04:e5:f1:0b:1c:
9d:b5:5a:7a:14:a8:66:ea:46:2e:ae:99:6b:a2:d4:bf:c9:0b:
57:6d:eb:29:c4:7f:3f:87:31:8c:69:3f:05:07:f9:44:00:18:
9b:25:d5:52:7c:eb:60:40:34:8d:3f:22:de:36:e0:c6:46:4f:
12:9d:43:02:66:1e:83:18:73:d4:1f:a8:fc:f4:24:d7:72:29:
ae:6f:cd:c2:48:47:3e:87:fc:f8:08:f6:d6:0e:b0:a0:7c:f2:
cb:d7:a0:56
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZxYoBiWT5M2oXpEHYj+CyZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjYwMjEzMjAxMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTI5OTk3NTM4ZjBlNGI5YmMzMmQ3OWJhMjk2MmJiOTYyOGJlNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2esfaQkODJai3PoksZ2ukUWyvkCq
BgFlAIk/toyexZtmHDv5J1MkHc8WUo7yRGjaW5gzLuFOzcMtevDVKqwO2M9MSrgO
AjJhtOTN+21kCbjzelPlr5XZpwxfjjQU9PPWoEpZFAhvQr4o122pTW67LM/qt0BW
tyunrQiVlbJmPONnwCmNdlb7mtZBZeIxvzQMMcN9aeoQYU5uyIx2GpIMYp2DDU8O
8QF9wjO5f8E6fUqP4ATb+L9nj9iz0sdd+JZ0ffsgktg9MBkoMLyslL8uEK81rMAW
Wj9TavpTLvDDKrnIi8GuUN9+VfnHRsR4KfmOqZJNxlUuNMQ9HncPuvyF9wIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFFopmXU48OS5vDLXm6KWK7lii+ayMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvV2ltWmRUanc1TG04TXRlYm9wWXJ1V0tMNXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzBiBAIAATBcAwQCU2EQ
AwQAW/DgAwQBZ40YAwQCuRHEAwQAuYAKAwQAua9aMAwDBAG8QCIDBAO8QCADBALB
IzgDBADBabwDBADCADoDBADCRaUDBALDSjQDBADDkAgDBAHDv9owKQQCAAIwIwMF
ACoD7kADBQMqBwJAAwUDKhBHQAMFASoRJkADBQAqESZHMA0GCSqGSIb3DQEBCwUA
A4IBAQAnm2TPon5BOcZuOACHBigdO2VOlYEugfmxAqCnqvAaXa3F89XBqar6IquE
4DRyoo5zgUo9P6921iIeRUF22N3Db/Kq8naf7KESEdzxUFEImpn/3xI9A9UGh8CP
PZ82BRR/azKi058sUp93VjTg2pqrx9z47X/iw9MmtnTBd6C85ScH7MG88bxiYPyO
XmuVTCBu6wlRbCxDQ8bBExy6BOXxCxydtVp6FKhm6kYurplrotS/yQtXbespxH8/
hzGMaT8FB/lEABibJdVSfOtgQDSNPyLeNuDGRk8SnUMCZh6DGHPUH6j89CTXcimu
b83CSEc+h/z4CPbWDrCgfPLL16BW
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:19:09 2026 by rpki-client