Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/WY4yKJ6FuiBdiFOznndYQM--z2g.roa
File: WY4yKJ6FuiBdiFOznndYQM--z2g.roa (raw, json)
Hash identifier: 76Gd2waLyhSjE5zW3D9kYms7Etz3xgkY7SORNKkRpWI=
Subject key identifier: 59:8E:32:28:9E:85:BA:20:5D:88:53:B3:9E:77:58:40:CF:BE:CF:68
Certificate issuer: /CN=1455ca30592313388925ee1441009ad31d4bb41f
Certificate serial: 019D40267EE1374329FF1E1F602789BD4CE2
Authority key identifier: 14:55:CA:30:59:23:13:38:89:25:EE:14:41:00:9A:D3:1D:4B:B4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/WY4yKJ6FuiBdiFOznndYQM--z2g.roa
Signing time: Mon 30 Mar 2026 19:09:17 +0000
ROA not before: Mon 30 Mar 2026 19:09:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203639
IP address blocks: 46.21.23.0/24 maxlen: 24
46.21.28.0/24 maxlen: 24
46.21.30.0/24 maxlen: 24
185.155.186.0/24 maxlen: 24
185.155.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:40:26:7e:e1:37:43:29:ff:1e:1f:60:27:89:bd:4c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1455ca30592313388925ee1441009ad31d4bb41f
Validity
Not Before: Mar 30 19:09:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=598e32289e85ba205d8853b39e775840cfbecf68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6e:14:6e:8d:64:ed:ea:5f:1d:73:a0:60:b2:
b2:87:8d:0e:10:40:d3:7a:55:2e:f7:ac:27:3f:f8:
eb:10:07:c2:d5:4a:16:2e:31:4b:07:a8:ac:d7:59:
66:d9:09:2f:e6:d4:cc:1d:96:9c:8c:aa:be:12:17:
74:22:da:55:bd:91:8d:cc:9f:6c:76:ee:7f:7d:6c:
25:61:f8:c1:0c:5f:0d:07:93:00:ef:5d:25:eb:9d:
35:ee:b1:38:98:9a:fe:24:13:04:b3:f6:b5:0c:77:
c5:7a:dc:ec:94:e5:8e:28:eb:1c:cb:e1:3e:88:82:
56:8a:4e:1f:c9:78:6d:78:30:6c:66:3c:46:a1:c2:
96:aa:24:7c:67:b4:a1:2a:fb:8e:c4:32:27:b2:a7:
c9:2b:4f:c8:f2:9a:34:d0:74:af:df:fe:83:cd:31:
02:d0:78:9c:c9:9d:43:70:94:96:27:c0:3b:8a:f1:
12:cc:cd:2e:f9:66:ed:34:b8:17:a0:59:6b:04:6a:
92:32:b8:8d:67:95:ff:62:4f:af:83:7c:87:f3:c4:
92:66:98:e0:e6:eb:09:20:21:c8:05:f1:bf:42:72:
13:81:71:aa:f9:d0:02:2f:79:0d:58:c3:8e:ad:30:
c3:6b:26:80:6b:f4:a8:b3:c9:bf:2e:aa:17:70:19:
95:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:8E:32:28:9E:85:BA:20:5D:88:53:B3:9E:77:58:40:CF:BE:CF:68
X509v3 Authority Key Identifier:
keyid:14:55:CA:30:59:23:13:38:89:25:EE:14:41:00:9A:D3:1D:4B:B4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFXKMFkjEziJJe4UQQCa0x1LtB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/WY4yKJ6FuiBdiFOznndYQM--z2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f0832e-675b-4ec2-a802-9b26cab79451/1/FFXKMFkjEziJJe4UQQCa0x1LtB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.23.0/24
46.21.28.0/24
46.21.30.0/24
185.155.186.0/23
Signature Algorithm: sha256WithRSAEncryption
26:0b:ca:1e:01:b5:ad:58:df:d5:d2:43:d4:28:4e:6b:1e:c5:
e2:6c:c0:fb:10:93:6e:37:ed:53:71:59:1d:51:50:c4:0e:3e:
98:7b:e7:32:a8:e8:39:55:62:fc:f9:8b:18:94:c9:bf:c6:1d:
7e:d7:a4:49:ec:54:11:5e:c9:e7:7e:30:44:4c:5e:46:6a:33:
cd:ab:5c:cd:d2:ac:50:24:4f:a4:79:d8:11:c9:f8:5e:f4:ed:
62:b5:04:6f:16:9b:ab:dc:1e:43:a3:99:80:15:6b:3e:fb:e3:
e4:2c:17:98:cb:7e:2e:b1:68:15:82:7a:2a:41:a3:11:80:9c:
69:09:9e:42:bd:94:28:33:4d:e3:b7:21:88:68:cf:2a:fc:3d:
94:e4:09:13:e1:97:0e:f4:aa:dc:c6:50:29:31:08:a8:50:49:
bf:8c:e2:1a:a4:56:57:b6:24:c4:dd:f7:1d:31:d7:5d:55:22:
40:90:91:e6:b5:2a:af:94:33:58:1b:11:72:b4:22:b4:69:2c:
a2:e6:b7:10:63:f6:e1:3e:0c:6f:f8:b6:cf:89:7f:40:ee:69:
00:36:ea:71:42:14:d8:05:ca:3e:66:4d:4b:29:18:dc:9c:2f:
e1:b4:ab:38:bb:02:0b:49:93:50:7d:22:24:eb:bb:55:f0:f4:
9b:30:81:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1AJn7hN0Mp/x4fYCeJvUziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NTVjYTMwNTkyMzEzMzg4OTI1ZWUxNDQxMDA5YWQzMWQ0
YmI0MWYwHhcNMjYwMzMwMTkwOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OThlMzIyODllODViYTIwNWQ4ODUzYjM5ZTc3NTg0MGNmYmVjZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp24Ubo1k7epfHXOgYLKyh40OEEDT
elUu96wnP/jrEAfC1UoWLjFLB6is11lm2Qkv5tTMHZacjKq+Ehd0ItpVvZGNzJ9s
du5/fWwlYfjBDF8NB5MA710l65017rE4mJr+JBMEs/a1DHfFetzslOWOKOscy+E+
iIJWik4fyXhteDBsZjxGocKWqiR8Z7ShKvuOxDInsqfJK0/I8po00HSv3/6DzTEC
0HicyZ1DcJSWJ8A7ivESzM0u+WbtNLgXoFlrBGqSMriNZ5X/Yk+vg3yH88SSZpjg
5usJICHIBfG/QnITgXGq+dACL3kNWMOOrTDDayaAa/Sos8m/LqoXcBmVxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFmOMiiehbogXYhTs553WEDPvs9oMB8GA1UdIwQY
MBaAFBRVyjBZIxM4iSXuFEEAmtMdS7QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZYS01Ga2pFemlKSmU0VVFRQ2EweDFMdEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMDgzMmUtNjc1Yi00ZWMyLWE4MDIt
OWIyNmNhYjc5NDUxLzEvV1k0eUtKNkZ1aUJkaUZPem5uZFlRTS0tejJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMDgzMmUtNjc1Yi00ZWMyLWE4MDItOWIyNmNhYjc5NDUx
LzEvRkZYS01Ga2pFemlKSmU0VVFRQ2EweDFMdEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALhUXAwQA
LhUcAwQALhUeAwQBuZu6MA0GCSqGSIb3DQEBCwUAA4IBAQAmC8oeAbWtWN/V0kPU
KE5rHsXibMD7EJNuN+1TcVkdUVDEDj6Ye+cyqOg5VWL8+YsYlMm/xh1+16RJ7FQR
XsnnfjBETF5GajPNq1zN0qxQJE+kedgRyfhe9O1itQRvFpur3B5Do5mAFWs+++Pk
LBeYy34usWgVgnoqQaMRgJxpCZ5CvZQoM03jtyGIaM8q/D2U5AkT4ZcO9KrcxlAp
MQioUEm/jOIapFZXtiTE3fcdMdddVSJAkJHmtSqvlDNYGxFytCK0aSyi5rcQY/bh
Pgxv+LbPiX9A7mkANupxQhTYBco+Zk1LKRjcnC/htKs4uwILSZNQfSIk67tV8PSb
MIGa
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:06:56 2026 by rpki-client