Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/wJTOj0mEUrIF3Tlq4qTWWTuOppI.roa
File: wJTOj0mEUrIF3Tlq4qTWWTuOppI.roa (raw, json)
Hash identifier: w9rdqk85HiQNy+SgpZs0zo1ZOjcfj7xojv16EEwMZF4=
Subject key identifier: C0:94:CE:8F:49:84:52:B2:05:DD:39:6A:E2:A4:D6:59:3B:8E:A6:92
Certificate issuer: /CN=1cdab70524fd51313b84f5d8f46362a3d8c80814
Certificate serial: 019B783482FD5A56C5EF21BA4159D5F19480
Authority key identifier: 1C:DA:B7:05:24:FD:51:31:3B:84:F5:D8:F4:63:62:A3:D8:C8:08:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/wJTOj0mEUrIF3Tlq4qTWWTuOppI.roa
Signing time: Thu 01 Jan 2026 06:17:45 +0000
ROA not before: Thu 01 Jan 2026 06:17:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39781
IP address blocks: 79.98.56.0/21 maxlen: 24
185.106.216.0/22 maxlen: 24
193.227.107.0/24 maxlen: 24
2a02:1758::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:34:82:fd:5a:56:c5:ef:21:ba:41:59:d5:f1:94:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cdab70524fd51313b84f5d8f46362a3d8c80814
Validity
Not Before: Jan 1 06:17:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c094ce8f498452b205dd396ae2a4d6593b8ea692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:41:6d:6b:32:c8:b6:89:9f:ae:4a:7c:26:7a:
86:fe:f6:62:0b:65:29:f0:5d:2b:df:5b:b6:93:fb:
ca:c9:36:0a:ee:78:ce:93:ad:6e:e1:d8:c2:fa:bc:
cd:a9:42:83:cf:70:24:8a:5c:83:80:f8:84:0d:49:
cf:73:a6:48:dd:55:99:c4:b0:d5:34:e6:d0:fc:98:
c6:5e:db:69:32:c1:5a:ea:3b:81:13:0d:47:cb:6a:
f2:c1:87:51:a7:e4:50:13:43:f9:20:c7:dd:25:14:
6a:fd:e9:99:c8:bb:af:39:e3:32:50:d4:51:0c:83:
fb:7a:e9:ba:c6:b8:77:70:a1:db:b6:41:8c:e7:a6:
83:15:1f:4d:ea:ce:3d:f5:66:d1:79:c3:c9:53:57:
c0:00:fd:0e:6f:f3:cd:84:18:5d:d6:cd:09:80:47:
ac:c4:a3:58:28:a1:f6:4e:9a:57:ca:2e:b2:9a:3d:
ac:48:22:b7:a2:4f:88:57:d1:01:4e:0f:47:ad:af:
5a:08:b9:04:19:b1:f3:97:fe:7d:67:0a:b3:50:4d:
99:37:17:95:1a:1a:2c:9e:07:1a:34:e4:68:a3:d5:
1f:43:e1:7b:a3:6d:6e:59:bf:a3:df:fa:79:68:cf:
e4:42:dd:69:c9:1a:d7:3b:d1:fc:83:be:d5:01:a0:
b1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:94:CE:8F:49:84:52:B2:05:DD:39:6A:E2:A4:D6:59:3B:8E:A6:92
X509v3 Authority Key Identifier:
keyid:1C:DA:B7:05:24:FD:51:31:3B:84:F5:D8:F4:63:62:A3:D8:C8:08:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/wJTOj0mEUrIF3Tlq4qTWWTuOppI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.56.0/21
185.106.216.0/22
193.227.107.0/24
IPv6:
2a02:1758::/29
Signature Algorithm: sha256WithRSAEncryption
42:41:9e:ec:f2:35:ee:64:80:16:16:f5:3b:f5:26:4f:a3:9f:
35:c7:56:f2:f4:bb:4e:df:8f:18:45:6e:23:b1:71:06:35:c2:
59:70:cf:7b:56:a3:e5:5a:53:78:86:e6:bb:df:36:eb:fd:3a:
f8:8d:b1:43:07:77:ec:0c:94:df:0c:ac:65:4e:51:10:2d:92:
44:b6:0c:36:bb:d0:87:9e:99:94:a0:3f:f0:9e:d9:23:93:20:
3d:1f:24:83:ce:84:ff:9b:dc:0d:7b:fb:aa:fd:c2:3a:0f:e9:
d0:ee:39:7a:6c:50:0c:7a:e9:71:fe:06:4d:f5:e2:38:d8:b1:
fa:c6:1d:de:07:73:41:3a:d7:68:47:4d:e9:9d:0f:5f:c7:74:
68:1c:4f:ca:5a:35:d5:87:6d:71:01:23:a1:f2:e1:a3:ef:7f:
5c:ae:93:69:c0:ef:52:fd:66:6c:97:55:c1:86:ec:45:ff:f6:
10:94:cf:5f:63:5f:61:5f:97:e5:e2:ed:a2:1c:8e:ef:1b:1b:
6c:98:1f:0b:aa:c0:e6:33:ad:d0:79:19:01:2e:91:a0:c5:14:
82:26:57:1d:e1:cb:2a:16:34:cd:fe:ae:db:7e:26:f0:aa:1a:
6d:0a:e8:91:f6:47:80:86:54:45:ec:16:d4:b2:90:fd:be:33:
40:89:d1:49
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZt4NIL9WlbF7yG6QVnV8ZSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGFiNzA1MjRmZDUxMzEzYjg0ZjVkOGY0NjM2MmEzZDhj
ODA4MTQwHhcNMjYwMTAxMDYxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDk0Y2U4ZjQ5ODQ1MmIyMDVkZDM5NmFlMmE0ZDY1OTNiOGVhNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEFtazLItomfrkp8JnqG/vZiC2Up
8F0r31u2k/vKyTYK7njOk61u4djC+rzNqUKDz3AkilyDgPiEDUnPc6ZI3VWZxLDV
NObQ/JjGXttpMsFa6juBEw1Hy2rywYdRp+RQE0P5IMfdJRRq/emZyLuvOeMyUNRR
DIP7eum6xrh3cKHbtkGM56aDFR9N6s499WbRecPJU1fAAP0Ob/PNhBhd1s0JgEes
xKNYKKH2TppXyi6ymj2sSCK3ok+IV9EBTg9Hra9aCLkEGbHzl/59ZwqzUE2ZNxeV
GhosngcaNORoo9UfQ+F7o21uWb+j3/p5aM/kQt1pyRrXO9H8g77VAaCx5wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMCUzo9JhFKyBd05auKk1lk7jqaSMB8GA1UdIwQY
MBaAFBzatwUk/VExO4T12PRjYqPYyAgUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5xM0JTVDlVVEU3aFBYWTlHTmlvOWpJQ0JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8xOTAxN2EtNGZjYy00ZmFkLWE1NzIt
OTlmNjkzZTQ1MDYxLzEvd0pUT2owbUVVcklGM1RscTRxVFdXVHVPcHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8xOTAxN2EtNGZjYy00ZmFkLWE1NzItOTlmNjkzZTQ1MDYx
LzEvSE5xM0JTVDlVVEU3aFBYWTlHTmlvOWpJQ0JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDT2I4AwQC
uWrYAwQAweNrMA0EAgACMAcDBQMqAhdYMA0GCSqGSIb3DQEBCwUAA4IBAQBCQZ7s
8jXuZIAWFvU79SZPo581x1by9LtO348YRW4jsXEGNcJZcM97VqPlWlN4hua73zbr
/Tr4jbFDB3fsDJTfDKxlTlEQLZJEtgw2u9CHnpmUoD/wntkjkyA9HySDzoT/m9wN
e/uq/cI6D+nQ7jl6bFAMeulx/gZN9eI42LH6xh3eB3NBOtdoR03pnQ9fx3RoHE/K
WjXVh21xASOh8uGj739crpNpwO9S/WZsl1XBhuxF//YQlM9fY19hX5fl4u2iHI7v
GxtsmB8LqsDmM63QeRkBLpGgxRSCJlcd4csqFjTN/q7bfibwqhptCuiR9keAhlRF
7BbUspD9vjNAidFJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:49:09 2026 by rpki-client