Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/srWe56Rvo2K7779AXu3Cn8pCu4g.roa
File: srWe56Rvo2K7779AXu3Cn8pCu4g.roa (raw, json)
Hash identifier: X2/JG+8rYEUbtsYZ9NDx0vHkWyXZrdTLcdj1X8pYin4=
Subject key identifier: B2:B5:9E:E7:A4:6F:A3:62:BB:EF:BF:40:5E:ED:C2:9F:CA:42:BB:88
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019DF849665D1E27792BBB0FC378A0ECCC91
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/srWe56Rvo2K7779AXu3Cn8pCu4g.roa
Signing time: Tue 05 May 2026 13:17:33 +0000
ROA not before: Tue 05 May 2026 13:17:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 192.124.191.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.150.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.42.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f8:49:66:5d:1e:27:79:2b:bb:0f:c3:78:a0:ec:cc:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 5 13:17:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b2b59ee7a46fa362bbefbf405eedc29fca42bb88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b4:89:45:20:b6:8e:11:c7:18:ea:ad:ae:4a:
98:8d:ca:ab:b2:0c:fb:c7:df:97:f1:bd:45:74:aa:
71:00:a9:99:9e:4d:25:ca:77:1b:b2:86:69:e8:2b:
79:97:66:f3:3c:12:f1:52:84:41:cc:ec:63:b3:55:
c8:bc:d8:ad:b0:65:15:9e:8f:a9:3b:c3:d0:bb:9d:
5e:4f:94:88:ec:fe:b4:3d:d2:23:5b:d4:dc:78:8c:
78:5a:30:d1:d4:ce:33:71:67:a4:56:5e:47:e1:f9:
6e:84:ae:bc:2f:32:e1:b9:72:bf:32:ba:21:1d:df:
33:08:33:ff:1c:02:b1:80:c2:79:81:7b:bc:af:a9:
a9:48:05:50:7a:d0:8d:ba:1d:f0:72:a2:dd:1c:6a:
fb:5b:0d:bd:71:4b:40:8c:93:be:59:cf:c3:4b:6d:
32:5f:f9:51:3f:79:c5:0c:ba:5b:b8:9e:b9:6c:b9:
85:e9:c1:e2:86:c8:e0:ae:46:ef:d1:21:41:22:5b:
38:ab:f8:5e:26:15:30:ae:f0:72:b7:d6:ba:18:14:
3d:8a:dc:f9:ef:11:1c:a9:26:3b:d7:dc:23:d5:0b:
93:7f:af:25:45:5e:dd:22:94:e0:85:eb:41:7b:1c:
f5:13:a1:92:57:00:0c:4c:7a:38:60:6a:8b:3c:3f:
8d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B5:9E:E7:A4:6F:A3:62:BB:EF:BF:40:5E:ED:C2:9F:CA:42:BB:88
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/srWe56Rvo2K7779AXu3Cn8pCu4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
194.87.12.0/24
194.87.22.0/24
194.87.40.0/24
194.87.124.0/24
194.87.142.0/24
194.87.150.0/24
194.87.185.0/24
195.133.6.0/24
195.133.42.0/24
195.133.85.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:7d:4c:6e:0c:31:dc:2a:ba:cc:15:3f:5d:1a:e9:1c:18:7f:
f3:8d:4e:ed:c0:1c:d7:48:ea:00:42:14:95:77:82:dd:5e:ff:
3d:e6:c8:89:24:6c:0e:bf:be:3d:4f:d2:67:96:8d:6f:e7:be:
ec:ec:18:ff:b1:fa:72:c8:34:c9:dd:7e:4c:e2:15:2d:1f:d1:
22:bc:08:82:8a:1d:f8:e4:36:6b:a0:2c:65:23:c9:8a:d6:ad:
10:23:c3:fc:cd:48:02:43:05:6a:5d:78:90:21:0d:1c:7e:e9:
2c:26:63:5a:4d:90:99:59:eb:61:2f:52:78:dd:1c:a2:42:da:
c2:65:f3:24:7f:18:aa:7a:05:4e:d9:0a:1c:35:5b:31:77:71:
da:29:63:e0:7c:c9:8f:5e:3c:77:c2:71:bc:ec:56:46:70:a0:
d0:97:81:e2:bd:4d:2d:25:a7:96:97:8e:f8:48:fa:5d:9e:6a:
72:21:29:0a:19:1e:14:98:23:e7:3f:21:5c:3f:b7:b5:9b:67:
c9:cf:f2:d6:1c:64:02:43:76:05:de:a3:09:5d:55:12:1d:6b:
c7:1f:3a:f7:61:36:92:5d:b7:8c:fe:79:55:6d:95:60:e7:9e:
e2:10:cf:74:c6:f5:f5:3e:b2:c1:40:2c:1d:24:a4:9a:2d:a2:
0c:b7:7b:f0
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ34SWZdHid5K7sPw3ig7MyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwNTA1MTMxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmI1OWVlN2E0NmZhMzYyYmJlZmJmNDA1ZWVkYzI5ZmNhNDJiYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7SJRSC2jhHHGOqtrkqYjcqrsgz7
x9+X8b1FdKpxAKmZnk0lyncbsoZp6Ct5l2bzPBLxUoRBzOxjs1XIvNitsGUVno+p
O8PQu51eT5SI7P60PdIjW9TceIx4WjDR1M4zcWekVl5H4fluhK68LzLhuXK/Mroh
Hd8zCDP/HAKxgMJ5gXu8r6mpSAVQetCNuh3wcqLdHGr7Ww29cUtAjJO+Wc/DS20y
X/lRP3nFDLpbuJ65bLmF6cHihsjgrkbv0SFBIls4q/heJhUwrvByt9a6GBQ9itz5
7xEcqSY719wj1QuTf68lRV7dIpTghetBexz1E6GSVwAMTHo4YGqLPD+N5wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLK1nuekb6Niu++/QF7twp/KQruIMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc3JXZTU2UnZvMks3Nzc5QVh1M0NuOHBDdTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwHy/AwQA
wlcMAwQAwlcWAwQAwlcoAwQAwld8AwQAwleOAwQAwleWAwQAwle5AwQAw4UGAwQA
w4UqAwQAw4VVAwQA1MEOMA0GCSqGSIb3DQEBCwUAA4IBAQAefUxuDDHcKrrMFT9d
GukcGH/zjU7twBzXSOoAQhSVd4LdXv895siJJGwOv749T9Jnlo1v577s7Bj/sfpy
yDTJ3X5M4hUtH9EivAiCih345DZroCxlI8mK1q0QI8P8zUgCQwVqXXiQIQ0cfuks
JmNaTZCZWethL1J43RyiQtrCZfMkfxiqegVO2QocNVsxd3HaKWPgfMmPXjx3wnG8
7FZGcKDQl4HivU0tJaeWl474SPpdnmpyISkKGR4UmCPnPyFcP7e1m2fJz/LWHGQC
Q3YF3qMJXVUSHWvHHzr3YTaSXbeM/nlVbZVg557iEM90xvX1PrLBQCwdJKSaLaIM
t3vw
-----END CERTIFICATE-----
Generated at Wed May 13 04:09:29 2026 by rpki-client