Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/w1uabFInB0Tg8grW0MnrXGQahRI.roa
File: w1uabFInB0Tg8grW0MnrXGQahRI.roa (raw, json)
Hash identifier: v54UwFS/6qVmZzZVlzPF+WM3XWkEsOBZraMnT1re580=
Subject key identifier: C3:5B:9A:6C:52:27:07:44:E0:F2:0A:D6:D0:C9:EB:5C:64:1A:85:12
Certificate issuer: /CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Certificate serial: 019D3EEF3753CE11F41E8FFAECE8DB91F5A7
Authority key identifier: 0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/w1uabFInB0Tg8grW0MnrXGQahRI.roa
Signing time: Mon 30 Mar 2026 13:29:17 +0000
ROA not before: Mon 30 Mar 2026 13:29:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211868
IP address blocks: 150.251.129.0/24 maxlen: 24
193.29.180.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 21:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3e:ef:37:53:ce:11:f4:1e:8f:fa:ec:e8:db:91:f5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3558546a2c54bbd812a19228aa98e078d3aa68
Validity
Not Before: Mar 30 13:29:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c35b9a6c52270744e0f20ad6d0c9eb5c641a8512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:97:5f:fb:96:19:6c:6b:ee:4e:2f:d9:84:3a:
e6:3e:38:9f:dc:3b:e4:8b:32:07:2a:9d:3c:88:cd:
c5:d4:68:24:9a:db:03:98:e4:f7:36:4d:8f:17:f5:
76:ec:50:d2:67:42:2d:e3:aa:e5:13:f8:62:e2:a7:
fa:28:7f:3a:96:ff:69:5d:a4:ad:6b:67:0d:d6:e0:
4f:74:35:93:ec:68:5b:9d:75:d2:b1:ad:82:f1:5c:
0b:7d:af:9a:90:ea:45:eb:fc:11:82:33:7b:67:c8:
0e:af:82:e3:5b:fa:d1:d2:f2:df:b6:d6:12:6b:f5:
aa:bd:c2:b9:d1:8a:6c:ea:b9:57:c6:28:ef:87:8f:
01:82:fc:95:69:74:38:1c:79:ff:60:55:8e:0c:8c:
23:5b:a7:e9:42:8b:ef:31:a8:62:11:be:62:b7:d0:
bd:01:ae:24:0a:9d:63:55:40:de:fa:58:e3:4b:06:
02:65:51:4b:66:97:7a:0f:17:23:37:ca:c6:7b:72:
83:89:46:02:80:3b:f3:c9:7c:7f:3c:f9:dd:9e:44:
2a:02:bb:99:3e:27:2b:26:9f:82:7f:a6:af:50:37:
36:66:3f:dd:4a:2a:ee:04:de:3f:14:3a:6c:ad:7c:
d5:39:4e:91:59:8e:33:70:c7:f8:c0:da:4b:c7:b9:
87:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:5B:9A:6C:52:27:07:44:E0:F2:0A:D6:D0:C9:EB:5C:64:1A:85:12
X509v3 Authority Key Identifier:
keyid:0D:35:58:54:6A:2C:54:BB:D8:12:A1:92:28:AA:98:E0:78:D3:AA:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTVYVGosVLvYEqGSKKqY4HjTqmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/w1uabFInB0Tg8grW0MnrXGQahRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/474f27-b286-46f0-ae45-132ffc8bde46/1/DTVYVGosVLvYEqGSKKqY4HjTqmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.251.129.0/24
193.29.180.0/24
Signature Algorithm: sha256WithRSAEncryption
63:5c:2c:1a:33:7e:06:73:18:47:00:3d:e1:2c:d3:19:d4:04:
de:67:25:b4:31:f6:11:df:25:f8:95:b1:c5:7c:85:ac:24:fa:
d2:6b:49:34:ff:2f:86:22:76:15:f5:33:fa:04:7c:8c:66:66:
1f:5a:ac:05:8f:dc:d1:32:0c:7d:7e:d4:0b:df:90:b7:8c:f9:
de:4d:ee:11:75:08:46:ba:72:4e:ee:82:64:0f:59:fc:2b:9c:
35:eb:12:fc:c4:da:f6:20:e8:1d:d9:99:ea:f9:5a:e5:53:24:
b6:a0:c7:b9:14:34:9d:05:3f:89:b4:b3:23:3e:d5:0c:ae:39:
cc:13:5e:2f:14:f9:87:8f:00:27:e2:da:c4:78:48:aa:f7:0c:
68:ff:e0:c8:8c:08:ed:7e:f2:97:b2:02:83:8e:15:14:f1:53:
72:2c:52:ba:a0:b5:d7:02:ca:bc:70:ef:24:94:3f:ae:d2:4c:
4e:e0:eb:fb:04:70:8b:3a:c0:ca:cb:29:3c:18:b9:53:44:5f:
1a:92:aa:0b:e7:83:06:5a:a0:34:01:cd:8a:e4:47:d0:6c:46:
af:10:01:d1:1e:ed:c0:0a:1a:ef:0b:6d:31:32:ef:10:5f:53:
3c:fb:5e:9c:34:51:35:03:a7:88:17:8a:85:9e:6c:73:56:52:
7d:2b:3c:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0+7zdTzhH0Ho/67OjbkfWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzU1ODU0NmEyYzU0YmJkODEyYTE5MjI4YWE5OGUwNzhk
M2FhNjgwHhcNMjYwMzMwMTMyOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzViOWE2YzUyMjcwNzQ0ZTBmMjBhZDZkMGM5ZWI1YzY0MWE4NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5df+5YZbGvuTi/ZhDrmPjif3Dvk
izIHKp08iM3F1GgkmtsDmOT3Nk2PF/V27FDSZ0It46rlE/hi4qf6KH86lv9pXaSt
a2cN1uBPdDWT7GhbnXXSsa2C8VwLfa+akOpF6/wRgjN7Z8gOr4LjW/rR0vLfttYS
a/WqvcK50Yps6rlXxijvh48BgvyVaXQ4HHn/YFWODIwjW6fpQovvMahiEb5it9C9
Aa4kCp1jVUDe+ljjSwYCZVFLZpd6DxcjN8rGe3KDiUYCgDvzyXx/PPndnkQqAruZ
PicrJp+Cf6avUDc2Zj/dSiruBN4/FDpsrXzVOU6RWY4zcMf4wNpLx7mHNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMNbmmxSJwdE4PIK1tDJ61xkGoUSMB8GA1UdIwQY
MBaAFA01WFRqLFS72BKhkiiqmOB406poMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUt
MTMyZmZjOGJkZTQ2LzEvdzF1YWJGSW5CMFRnOGdyVzBNbnJYR1FhaFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NzRmMjctYjI4Ni00NmYwLWFlNDUtMTMyZmZjOGJkZTQ2
LzEvRFRWWVZHb3NWTHZZRXFHU0tLcVk0SGpUcW1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAlvuBAwQA
wR20MA0GCSqGSIb3DQEBCwUAA4IBAQBjXCwaM34GcxhHAD3hLNMZ1ATeZyW0MfYR
3yX4lbHFfIWsJPrSa0k0/y+GInYV9TP6BHyMZmYfWqwFj9zRMgx9ftQL35C3jPne
Te4RdQhGunJO7oJkD1n8K5w16xL8xNr2IOgd2Znq+VrlUyS2oMe5FDSdBT+JtLMj
PtUMrjnME14vFPmHjwAn4trEeEiq9wxo/+DIjAjtfvKXsgKDjhUU8VNyLFK6oLXX
Asq8cO8klD+u0kxO4Ov7BHCLOsDKyyk8GLlTRF8akqoL54MGWqA0Ac2K5EfQbEav
EAHRHu3AChrvC20xMu8QX1M8+16cNFE1A6eIF4qFnmxzVlJ9Kzxb
-----END CERTIFICATE-----
Generated at Sat Apr 18 04:12:51 2026 by rpki-client