Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/9WJSqz9qMyJSNwzBVxFYGiC8aZw.roa
File: 9WJSqz9qMyJSNwzBVxFYGiC8aZw.roa (raw, json)
Hash identifier: WuZCNX/xNaBl4p9vcIrvLXXo1XBXJ1UBXQXA+QjANrc=
Subject key identifier: F5:62:52:AB:3F:6A:33:22:52:37:0C:C1:57:11:58:1A:20:BC:69:9C
Certificate issuer: /CN=de87d35bdcab123affc1a91d1736867969709a23
Certificate serial: 019B7C11BDD58D6B3AC4C9647366D21BF0C2
Authority key identifier: DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/9WJSqz9qMyJSNwzBVxFYGiC8aZw.roa
Signing time: Fri 02 Jan 2026 00:18:16 +0000
ROA not before: Fri 02 Jan 2026 00:18:16 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12686
IP address blocks: 91.199.205.0/24 maxlen: 24
194.8.224.0/23 maxlen: 23
194.8.224.0/24 maxlen: 24
194.8.225.0/24 maxlen: 24
194.145.158.0/24 maxlen: 24
217.14.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:11:bd:d5:8d:6b:3a:c4:c9:64:73:66:d2:1b:f0:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de87d35bdcab123affc1a91d1736867969709a23
Validity
Not Before: Jan 2 00:18:16 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f56252ab3f6a332252370cc15711581a20bc699c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c9:12:3d:ef:eb:2e:8d:2a:43:1e:ce:f2:91:
9f:f7:ce:bd:2f:b9:cf:f0:12:41:0f:e8:81:89:08:
60:7e:92:4c:6d:24:e1:5c:50:66:b4:4d:c9:d8:c7:
4d:3a:0f:3d:95:ba:1e:ab:b8:95:3c:54:80:c2:f9:
72:a0:f7:93:e5:73:57:cf:3b:48:4a:e3:97:e4:67:
19:a4:bf:a4:e1:26:ba:2c:88:67:ab:ba:9a:df:84:
7c:c1:5c:4a:d9:c9:6c:50:3b:57:d8:9b:2f:ab:56:
ed:87:65:3a:39:0a:b4:b4:75:82:08:58:4f:09:0a:
fe:af:07:bf:06:cb:14:6c:b2:8d:ee:92:6d:cc:76:
bf:6c:a9:46:9b:11:5d:88:4f:68:1d:98:5e:18:64:
9b:5e:cc:c1:75:33:38:0c:4d:1b:d0:74:a3:57:9d:
22:4a:17:4a:c0:1a:93:c4:dd:3f:1c:99:30:92:f1:
07:da:2a:02:13:b9:62:e6:64:bb:58:9a:fb:7e:02:
f7:c0:6d:75:63:9f:c1:0f:0d:cb:29:61:b2:5d:fb:
e4:f7:7f:b3:53:60:46:6f:87:73:b9:c0:7d:3c:a3:
d4:33:e6:00:d9:4d:28:02:62:be:89:3f:ab:4e:6f:
9b:b3:d9:f1:da:30:03:23:f3:7b:9d:4f:e1:c0:8b:
5f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:62:52:AB:3F:6A:33:22:52:37:0C:C1:57:11:58:1A:20:BC:69:9C
X509v3 Authority Key Identifier:
keyid:DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/9WJSqz9qMyJSNwzBVxFYGiC8aZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.205.0/24
194.8.224.0/23
194.145.158.0/24
217.14.23.0/24
Signature Algorithm: sha256WithRSAEncryption
84:a2:20:8d:12:7c:06:58:42:89:0d:d2:7a:14:66:a8:33:d8:
5b:f3:f9:de:c1:17:98:34:91:ef:84:12:07:ab:a3:2f:a8:84:
98:5f:3a:02:be:30:9f:64:36:93:45:cc:55:0c:c9:0b:ca:8f:
3e:06:93:2a:dd:ce:a2:55:32:e1:95:09:14:a9:61:02:b0:73:
bf:f0:79:b7:b4:b6:de:2b:9f:be:f9:1a:9c:f2:69:d9:36:0b:
3b:6c:dc:45:0f:ed:e2:23:6a:c1:5e:f3:2f:1b:b9:ad:0d:ab:
8a:a6:16:57:b2:2b:a5:34:5d:cc:5e:28:52:79:2f:34:c8:11:
71:73:36:ca:af:43:ed:10:1a:e6:47:63:11:50:67:e3:60:82:
0a:da:ef:b0:7e:0b:9e:9e:d9:07:1e:eb:f0:6d:03:34:ad:d5:
9d:f4:ee:c2:39:cc:2c:99:87:6c:0c:9c:65:9d:0c:1a:48:38:
be:36:43:67:95:aa:6c:c0:3e:cc:1c:60:f1:e3:98:42:f3:ba:
bb:c3:8c:ba:e4:00:ef:c9:b3:f3:37:ad:34:ed:5b:ad:25:ea:
c7:01:58:ca:3e:ae:f7:84:fa:f6:eb:b8:25:6c:c3:e4:a9:8d:
d3:fb:42:1f:16:13:6c:84:62:1b:ca:ad:45:8f:ed:1e:06:b9:
38:18:6a:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZt8Eb3VjWs6xMlkc2bSG/DCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODdkMzViZGNhYjEyM2FmZmMxYTkxZDE3MzY4Njc5Njk3
MDlhMjMwHhcNMjYwMTAyMDAxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTYyNTJhYjNmNmEzMzIyNTIzNzBjYzE1NzExNTgxYTIwYmM2OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ckSPe/rLo0qQx7O8pGf9869L7nP
8BJBD+iBiQhgfpJMbSThXFBmtE3J2MdNOg89lboeq7iVPFSAwvlyoPeT5XNXzztI
SuOX5GcZpL+k4Sa6LIhnq7qa34R8wVxK2clsUDtX2Jsvq1bth2U6OQq0tHWCCFhP
CQr+rwe/BssUbLKN7pJtzHa/bKlGmxFdiE9oHZheGGSbXszBdTM4DE0b0HSjV50i
ShdKwBqTxN0/HJkwkvEH2ioCE7li5mS7WJr7fgL3wG11Y5/BDw3LKWGyXfvk93+z
U2BGb4dzucB9PKPUM+YA2U0oAmK+iT+rTm+bs9nx2jADI/N7nU/hwItflwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPViUqs/ajMiUjcMwVcRWBogvGmcMB8GA1UdIwQY
MBaAFN6H01vcqxI6/8GpHRc2hnlpcJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQt
YzIyMzkwZThkOWE2LzEvOVdKU3F6OXFNeUpTTnd6QlZ4RllHaUM4YVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQtYzIyMzkwZThkOWE2
LzEvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8fNAwQB
wgjgAwQAwpGeAwQA2Q4XMA0GCSqGSIb3DQEBCwUAA4IBAQCEoiCNEnwGWEKJDdJ6
FGaoM9hb8/newReYNJHvhBIHq6MvqISYXzoCvjCfZDaTRcxVDMkLyo8+BpMq3c6i
VTLhlQkUqWECsHO/8Hm3tLbeK5+++Rqc8mnZNgs7bNxFD+3iI2rBXvMvG7mtDauK
phZXsiulNF3MXihSeS80yBFxczbKr0PtEBrmR2MRUGfjYIIK2u+wfguentkHHuvw
bQM0rdWd9O7COcwsmYdsDJxlnQwaSDi+NkNnlapswD7MHGDx45hC87q7w4y65ADv
ybPzN6007VutJerHAVjKPq73hPr267glbMPkqY3T+0IfFhNshGIbyq1Fj+0eBrk4
GGr+
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:38:04 2026 by rpki-client