Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Wsuo6EIJcNBFLOGRp11wRUPDdJs.roa
File: Wsuo6EIJcNBFLOGRp11wRUPDdJs.roa (raw, json)
Hash identifier: rl50uvelEytArPpqt/wFfjhXTLLJ7gUH9urfB19W7vI=
Subject key identifier: 5A:CB:A8:E8:42:09:70:D0:45:2C:E1:91:A7:5D:70:45:43:C3:74:9B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019DDE662613729D6C250E189095CFF497EA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Wsuo6EIJcNBFLOGRp11wRUPDdJs.roa
Signing time: Thu 30 Apr 2026 12:38:49 +0000
ROA not before: Thu 30 Apr 2026 12:38:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6079
IP address blocks: 82.197.194.0/23 maxlen: 24
82.197.198.0/23 maxlen: 24
82.197.200.0/23 maxlen: 24
82.197.206.0/23 maxlen: 24
84.245.20.0/23 maxlen: 24
84.245.24.0/23 maxlen: 24
84.245.26.0/23 maxlen: 24
84.245.30.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:de:66:26:13:72:9d:6c:25:0e:18:90:95:cf:f4:97:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 30 12:38:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5acba8e8420970d0452ce191a75d704543c3749b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1b:c5:7d:0c:fb:38:b2:d0:c4:17:20:25:d7:
54:57:7d:a1:6f:80:f0:48:fe:20:fb:9d:f3:3a:ac:
9f:33:11:b2:18:55:58:44:58:c8:38:1d:2e:29:4a:
0b:d0:c2:b7:f4:3f:fe:f1:2d:f7:45:c6:e3:5e:59:
6b:ab:65:e9:71:b0:10:fa:cc:c8:b5:28:29:a3:c7:
1f:5b:42:ac:c5:97:6b:69:52:94:93:83:45:68:7f:
88:7b:81:da:e8:47:22:69:c9:81:c2:18:94:2b:44:
05:68:09:74:d8:f8:a7:77:b5:60:14:e9:70:67:ac:
19:78:20:9a:e8:8b:fa:20:62:2e:02:e9:f0:09:0f:
32:aa:d2:5a:32:4c:73:2e:4d:10:8d:9e:ad:9c:b7:
ad:69:22:90:ff:25:ce:6d:76:26:91:a1:2d:3a:bf:
af:88:5d:2d:e2:b8:1d:04:de:2e:34:7e:cb:0f:f7:
6f:a4:10:d0:dc:67:5d:27:43:ff:68:a7:0f:24:60:
02:72:e1:1c:d8:26:b1:c7:3f:d8:ec:e5:9f:1d:95:
a2:12:2a:a0:cf:c2:5e:c1:a8:13:9b:62:12:6a:37:
e6:5d:1e:8b:3c:e8:e3:7f:1b:dc:2a:40:31:d7:74:
3a:f2:71:13:40:0b:9b:85:02:1d:27:57:ed:20:de:
07:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:CB:A8:E8:42:09:70:D0:45:2C:E1:91:A7:5D:70:45:43:C3:74:9B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Wsuo6EIJcNBFLOGRp11wRUPDdJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.197.194.0/23
82.197.198.0-82.197.201.255
82.197.206.0/23
84.245.20.0/23
84.245.24.0/22
84.245.30.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:8c:46:c7:5f:bf:37:e9:40:53:6d:53:62:03:c0:59:74:1d:
13:0d:72:2a:ab:d9:9a:f6:bf:94:9b:0f:30:9f:88:a2:6d:3e:
0d:7f:db:e9:61:88:b4:98:11:f1:15:e7:aa:fd:5e:88:0e:88:
5e:39:df:e7:a9:db:3b:5f:ec:bf:c3:f8:fb:84:49:ea:3b:f7:
a2:51:7d:01:7f:f2:5e:5e:9a:b6:b4:51:d4:01:56:66:40:2b:
59:8c:77:07:b3:10:d8:4d:8a:d1:e6:c6:c9:64:ae:d9:6b:b5:
d6:9b:3b:32:c1:95:1c:f7:b0:3e:75:5a:3a:95:1b:f0:dd:5d:
9b:c4:17:76:21:5c:80:4c:25:34:a4:36:e4:04:18:57:c4:2c:
0c:40:87:60:01:b7:ee:b9:f1:a9:c6:47:17:e2:a2:ec:5e:18:
c7:78:55:2f:40:91:7f:2a:a7:fc:5a:33:23:04:3d:59:c1:ca:
23:5f:c9:0f:64:c1:55:b8:27:d3:23:2a:40:96:1b:b9:fb:22:
3c:09:2d:c1:6e:94:d3:c4:c8:16:bb:f4:3b:30:49:25:db:92:
2d:8a:be:04:01:46:1a:dd:97:c1:b2:ea:f8:b6:53:fd:05:ca:
d7:0b:40:d2:b8:86:b3:11:22:0a:61:07:e4:62:84:ea:90:75:
53:26:12:a6
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ3eZiYTcp1sJQ4YkJXP9JfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwNDMwMTIzODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWNiYThlODQyMDk3MGQwNDUyY2UxOTFhNzVkNzA0NTQzYzM3NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxvFfQz7OLLQxBcgJddUV32hb4Dw
SP4g+53zOqyfMxGyGFVYRFjIOB0uKUoL0MK39D/+8S33RcbjXllrq2XpcbAQ+szI
tSgpo8cfW0KsxZdraVKUk4NFaH+Ie4Ha6EciacmBwhiUK0QFaAl02Pind7VgFOlw
Z6wZeCCa6Iv6IGIuAunwCQ8yqtJaMkxzLk0QjZ6tnLetaSKQ/yXObXYmkaEtOr+v
iF0t4rgdBN4uNH7LD/dvpBDQ3GddJ0P/aKcPJGACcuEc2Caxxz/Y7OWfHZWiEiqg
z8JewagTm2ISajfmXR6LPOjjfxvcKkAx13Q68nETQAubhQIdJ1ftIN4HDwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFrLqOhCCXDQRSzhkaddcEVDw3SbMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvV3N1bzZFSUpjTkJGTE9HUnAxMXdSVVBEZEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBUsXCMAwD
BAFSxcYDBAFSxcgDBAFSxc4DBAFU9RQDBAJU9RgDBAFU9R4wDQYJKoZIhvcNAQEL
BQADggEBAFqMRsdfvzfpQFNtU2IDwFl0HRMNciqr2Zr2v5SbDzCfiKJtPg1/2+lh
iLSYEfEV56r9XogOiF453+ep2ztf7L/D+PuESeo796JRfQF/8l5emra0UdQBVmZA
K1mMdwezENhNitHmxslkrtlrtdabOzLBlRz3sD51WjqVG/DdXZvEF3YhXIBMJTSk
NuQEGFfELAxAh2ABt+658anGRxfiouxeGMd4VS9AkX8qp/xaMyMEPVnByiNfyQ9k
wVW4J9MjKkCWG7n7IjwJLcFulNPEyBa79DswSSXbki2KvgQBRhrdl8Gy6vi2U/0F
ytcLQNK4hrMRIgphB+RihOqQdVMmEqY=
-----END CERTIFICATE-----
Generated at Tue May 12 23:46:04 2026 by rpki-client