Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/wYcSTIG9yPUOdwiZYdcH6Snch7w.roa
File: wYcSTIG9yPUOdwiZYdcH6Snch7w.roa (raw, json)
Hash identifier: L5swS2Xsfc3itrCGB3zwgUSqAdZhGxhUnlsXS9NZLLw=
Subject key identifier: C1:87:12:4C:81:BD:C8:F5:0E:77:08:99:61:D7:07:E9:29:DC:87:BC
Certificate issuer: /CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Certificate serial: 019D489BD68CE32ED201A3F4B95409FE25A1
Authority key identifier: 58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/wYcSTIG9yPUOdwiZYdcH6Snch7w.roa
Signing time: Wed 01 Apr 2026 10:34:25 +0000
ROA not before: Wed 01 Apr 2026 10:34:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35228
IP address blocks: 82.132.138.0/23 maxlen: 24
82.132.160.0/23 maxlen: 24
82.132.162.0/23 maxlen: 24
82.132.164.0/23 maxlen: 24
82.132.166.0/23 maxlen: 24
82.132.168.0/23 maxlen: 24
82.132.170.0/23 maxlen: 24
82.132.172.0/23 maxlen: 24
82.132.174.0/23 maxlen: 24
82.132.176.0/23 maxlen: 24
82.132.180.0/23 maxlen: 24
82.132.182.0/23 maxlen: 24
82.132.184.0/22 maxlen: 24
82.132.198.0/23 maxlen: 24
82.132.199.0/24 maxlen: 24
82.132.210.0/23 maxlen: 24
82.132.212.0/22 maxlen: 24
82.132.216.0/22 maxlen: 24
82.132.220.0/22 maxlen: 24
82.132.224.0/22 maxlen: 24
82.132.228.0/22 maxlen: 24
82.132.232.0/22 maxlen: 24
82.132.236.0/22 maxlen: 24
82.132.240.0/22 maxlen: 24
82.132.244.0/22 maxlen: 24
82.132.248.0/23 maxlen: 24
2a03:dd00:810::/46 maxlen: 48
2a03:dd00:821::/48 maxlen: 48
2a03:dd00:822::/48 maxlen: 48
2a03:dd00:2000::/40 maxlen: 48
2a03:dd00:2100::/40 maxlen: 48
2a03:dd00:2200::/40 maxlen: 48
2a03:dd00:2300::/40 maxlen: 48
2a03:dd00:2400::/40 maxlen: 48
2a03:dd00:2500::/40 maxlen: 48
2a03:dd00:2600::/40 maxlen: 48
2a03:dd00:2700::/40 maxlen: 48
2a03:dd00:3000::/44 maxlen: 48
2a03:dd00:3002::/48 maxlen: 48
2a03:dd00:300d::/48 maxlen: 48
2a03:dd00:3040::/47 maxlen: 48
2a03:dd00:3042::/47 maxlen: 48
2a03:dd00:3044::/47 maxlen: 48
2a03:dd00:3046::/47 maxlen: 48
2a03:dd00:3048::/47 maxlen: 48
2a03:dd00:304a::/47 maxlen: 48
2a03:dd00:304c::/47 maxlen: 48
2a03:dd00:304e::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:48:9b:d6:8c:e3:2e:d2:01:a3:f4:b9:54:09:fe:25:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Validity
Not Before: Apr 1 10:34:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c187124c81bdc8f50e77089961d707e929dc87bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:30:38:fd:92:0d:cd:ee:29:cc:0c:94:9c:0a:
e9:db:c7:49:03:26:b8:dc:1d:3d:36:a3:be:de:36:
c5:02:f9:0a:e9:04:c4:ae:21:c6:d9:10:eb:ba:df:
a6:5b:63:e9:46:b6:5f:11:ce:eb:a6:ce:5c:49:0f:
e5:86:5d:22:e7:10:88:35:f3:eb:10:4e:d9:66:83:
79:e6:de:29:80:17:24:18:68:f9:5d:d3:74:84:b3:
bb:f7:6b:56:da:3c:16:08:01:aa:3e:f7:89:c8:34:
eb:a7:43:d7:6d:46:31:a8:95:0d:40:82:e6:55:06:
e4:2f:62:07:a6:87:95:2e:b6:b4:ac:16:f0:8e:a9:
68:ca:91:b8:76:05:62:94:db:98:6d:d7:0e:a0:83:
70:0b:7d:3f:73:4f:c3:66:ec:2e:a0:0b:e5:d2:2d:
72:a5:31:dc:d1:cb:cd:65:a7:18:7a:4b:28:e9:44:
1a:a2:61:ca:3a:06:25:95:3f:ac:fb:36:cf:f0:0d:
03:65:e9:e7:53:4e:eb:c3:19:5b:71:f5:c2:76:ec:
2d:51:e1:bb:90:d2:1b:27:09:07:6f:dd:b7:31:55:
cc:f2:9a:a4:5c:5d:d7:97:94:49:fa:76:86:32:83:
51:f0:a7:b8:a1:30:5c:3c:55:6e:21:68:70:65:1a:
8a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:87:12:4C:81:BD:C8:F5:0E:77:08:99:61:D7:07:E9:29:DC:87:BC
X509v3 Authority Key Identifier:
keyid:58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/wYcSTIG9yPUOdwiZYdcH6Snch7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.132.138.0/23
82.132.160.0-82.132.177.255
82.132.180.0-82.132.187.255
82.132.198.0/23
82.132.210.0-82.132.249.255
IPv6:
2a03:dd00:810::/46
2a03:dd00:821::-2a03:dd00:822:ffff:ffff:ffff:ffff:ffff
2a03:dd00:2000::/37
2a03:dd00:3000::/44
2a03:dd00:3040::/44
Signature Algorithm: sha256WithRSAEncryption
5a:4d:c8:d9:80:46:5a:87:53:51:66:83:fa:ef:84:c8:6d:2a:
db:55:dc:71:32:6f:25:92:65:a5:c1:d4:9f:22:fc:c2:09:a8:
6a:53:d2:4b:54:cd:e8:7a:7b:87:83:8f:8d:5a:86:f8:7e:ec:
8c:44:7c:fa:de:8d:22:f6:95:d8:2c:2d:92:2d:c3:b9:52:49:
aa:b2:cb:a9:7f:a1:2e:5d:5c:30:6a:4b:00:a4:57:b6:ea:ac:
58:e6:da:53:7f:20:21:15:0d:e0:b3:fa:48:4b:e6:08:51:07:
ad:f0:51:bb:24:ee:f2:30:25:27:e4:6d:e9:54:a6:02:db:cf:
04:53:8a:5d:22:e8:4c:51:9d:b0:fc:bb:de:8f:58:28:73:89:
19:f7:d1:2d:ac:0d:3c:0f:d2:25:89:d6:c6:55:0c:bc:00:35:
dd:32:b8:89:9a:4c:53:be:d4:d8:71:2f:1f:b9:1e:ae:4b:67:
1e:6c:80:e1:41:b9:86:4c:27:ac:0e:7b:1a:cf:2b:f6:1a:38:
d2:e6:96:fc:7c:c6:0f:29:e2:2f:e2:e3:23:65:1e:fc:28:98:
17:43:53:37:f1:8d:5d:a8:31:57:06:0b:65:65:74:46:5c:96:
0b:77:c0:74:60:11:b1:5b:39:e0:4a:93:a5:c1:4d:6c:2f:c5:
59:4d:88:c0
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZ1Im9aM4y7SAaP0uVQJ/iWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjI5ZTdiOGEwZGRiOWMzNmM2ZTBlM2Y0OTU3NzgxN2Iw
ZWEzYTYwHhcNMjYwNDAxMTAzNDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTg3MTI0YzgxYmRjOGY1MGU3NzA4OTk2MWQ3MDdlOTI5ZGM4N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTA4/ZINze4pzAyUnArp28dJAya4
3B09NqO+3jbFAvkK6QTEriHG2RDrut+mW2PpRrZfEc7rps5cSQ/lhl0i5xCINfPr
EE7ZZoN55t4pgBckGGj5XdN0hLO792tW2jwWCAGqPveJyDTrp0PXbUYxqJUNQILm
VQbkL2IHpoeVLra0rBbwjqloypG4dgVilNuYbdcOoINwC30/c0/DZuwuoAvl0i1y
pTHc0cvNZacYekso6UQaomHKOgYllT+s+zbP8A0DZennU07rwxlbcfXCduwtUeG7
kNIbJwkHb923MVXM8pqkXF3Xl5RJ+naGMoNR8Ke4oTBcPFVuIWhwZRqKRQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFMGHEkyBvcj1DncImWHXB+kp3Ie8MB8GA1UdIwQY
MBaAFFiynnuKDducNsbg4/SVd4F7DqOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUt
ZWU3M2ZlMjFlZDIzLzEvd1ljU1RJRzl5UFVPZHdpWllkY0g2U25jaDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUtZWU3M2ZlMjFlZDIz
LzEvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wPAQCAAEwNgMEAVKEijAM
AwQFUoSgAwQBUoSwMAwDBAJShLQDBAJShLgDBAFShMYwDAMEAVKE0gMEAVKE+DA9
BAIAAjA3AwcCKgPdAAgQMBIDBwAqA90ACCEDBwAqA90ACCIDBgMqA90AIAMHBCoD
3QAwAAMHBCoD3QAwQDANBgkqhkiG9w0BAQsFAAOCAQEAWk3I2YBGWodTUWaD+u+E
yG0q21XccTJvJZJlpcHUnyL8wgmoalPSS1TN6Hp7h4OPjVqG+H7sjER8+t6NIvaV
2Cwtki3DuVJJqrLLqX+hLl1cMGpLAKRXtuqsWObaU38gIRUN4LP6SEvmCFEHrfBR
uyTu8jAlJ+Rt6VSmAtvPBFOKXSLoTFGdsPy73o9YKHOJGffRLawNPA/SJYnWxlUM
vAA13TK4iZpMU77U2HEvH7kerktnHmyA4UG5hkwnrA57Gs8r9ho40uaW/HzGDyni
L+LjI2Ue/CiYF0NTN/GNXagxVwYLZWV0RlyWC3fAdGARsVs54EqTpcFNbC/FWU2I
wA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:12:09 2026 by rpki-client