Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/w6oX5mGx7c6lRsfKyazUtGRQqAk.roa
File: w6oX5mGx7c6lRsfKyazUtGRQqAk.roa (raw, json)
Hash identifier: iTg0hO/uiTHmXy7B4kNCdPtqORYfkokFlGch6RuURXA=
Subject key identifier: C3:AA:17:E6:61:B1:ED:CE:A5:46:C7:CA:C9:AC:D4:B4:64:50:A8:09
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 019A48FBF4CCDBBECE1ECF58EA348FB20EEB
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/w6oX5mGx7c6lRsfKyazUtGRQqAk.roa
Signing time: Mon 03 Nov 2025 09:11:03 +0000
ROA not before: Mon 03 Nov 2025 09:11:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.206.2.0/23 maxlen: 23
82.206.4.0/22 maxlen: 24
82.206.8.0/23 maxlen: 24
82.206.16.0/22 maxlen: 22
82.206.16.0/23 maxlen: 23
82.206.18.0/24 maxlen: 24
82.206.72.0/21 maxlen: 21
82.206.84.0/22 maxlen: 24
82.206.88.0/21 maxlen: 21
82.206.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:fb:f4:cc:db:be:ce:1e:cf:58:ea:34:8f:b2:0e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Nov 3 09:11:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3aa17e661b1edcea546c7cac9acd4b46450a809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:aa:d2:be:00:52:16:a0:62:45:ae:17:d7:a5:
6e:a6:3e:19:73:8e:13:b1:f2:aa:86:07:71:93:52:
da:c0:f3:d0:57:ce:27:61:d4:5a:2b:c7:36:53:d4:
c3:d3:c0:4e:0f:09:0b:c9:95:cd:77:c7:1e:cf:22:
0e:d0:43:42:27:0c:a1:d1:e7:de:f5:ec:cb:88:72:
6e:d8:98:f3:5e:ad:bf:5c:a4:ef:73:81:0e:20:f8:
77:9e:07:6d:20:1f:c0:d8:78:f2:76:28:e8:68:33:
68:94:9e:7b:df:12:94:c6:f3:67:de:bc:19:3e:f9:
d3:79:83:71:6a:d9:e5:67:b4:ed:e5:5c:87:e3:ed:
15:3b:5f:dd:15:19:18:27:9e:f7:14:14:f3:49:15:
12:35:e7:d7:c0:ad:77:84:b5:56:54:69:02:e0:68:
93:58:e2:aa:b5:55:d3:13:9a:84:e5:fd:5c:51:e0:
16:54:28:a6:87:48:13:72:fc:fc:d6:5b:21:c5:21:
63:aa:fa:59:55:9e:f4:ae:2b:8c:6c:89:5d:97:9d:
0b:ed:50:23:06:51:c5:f2:34:50:6f:44:31:d3:92:
ff:94:ba:08:79:ab:89:41:62:7f:b2:62:67:06:60:
1f:57:cf:19:0f:34:32:2a:02:98:86:3b:ae:4d:60:
cb:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:AA:17:E6:61:B1:ED:CE:A5:46:C7:CA:C9:AC:D4:B4:64:50:A8:09
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/w6oX5mGx7c6lRsfKyazUtGRQqAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0-82.206.9.255
82.206.16.0/22
82.206.72.0/21
82.206.84.0-82.206.111.255
Signature Algorithm: sha256WithRSAEncryption
17:ae:4a:3a:23:d3:54:b3:6b:f3:26:69:26:f3:c3:47:85:5f:
36:69:68:f3:c1:eb:0d:41:9c:9d:c6:e3:10:56:e4:4c:eb:77:
22:66:4f:22:34:53:a6:dc:f0:e7:93:09:29:94:7c:f6:1a:81:
80:cd:76:5b:9e:9f:f2:b1:09:7a:04:21:47:88:2a:42:98:58:
6b:8f:9a:ef:ef:41:24:a0:55:89:22:9b:77:ae:d9:90:e2:55:
69:6a:09:ba:53:73:b2:94:a8:dd:a6:68:ce:2c:ba:cb:f7:b4:
80:9e:45:f4:09:4c:ab:f4:57:02:97:b5:9a:3c:ed:55:ba:2c:
71:a9:52:72:a2:f6:f5:a7:e6:62:88:7a:2f:2f:51:26:28:d3:
98:f6:3f:38:4f:8d:2b:6a:fc:35:1b:77:5f:43:27:61:62:95:
61:42:07:d3:69:17:69:9d:8b:6c:28:af:0f:18:08:c8:e7:50:
74:51:b9:dc:71:be:0d:9b:8c:93:e4:40:5a:d3:67:df:e6:d3:
16:32:b4:c1:9a:b2:7f:a4:e7:ee:18:11:7e:ff:15:f1:ac:c5:
70:71:c0:9c:06:dc:c0:38:72:c1:21:5c:7d:95:b7:13:a5:8d:
4e:f8:2f:15:ef:a7:ff:4b:64:7c:67:b4:d3:dc:96:6f:d6:b7:
31:a3:39:d5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZpI+/TM277OHs9Y6jSPsg7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUxMTAzMDkxMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2FhMTdlNjYxYjFlZGNlYTU0NmM3Y2FjOWFjZDRiNDY0NTBhODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqrSvgBSFqBiRa4X16Vupj4Zc44T
sfKqhgdxk1LawPPQV84nYdRaK8c2U9TD08BODwkLyZXNd8cezyIO0ENCJwyh0efe
9ezLiHJu2JjzXq2/XKTvc4EOIPh3ngdtIB/A2HjydijoaDNolJ573xKUxvNn3rwZ
PvnTeYNxatnlZ7Tt5VyH4+0VO1/dFRkYJ573FBTzSRUSNefXwK13hLVWVGkC4GiT
WOKqtVXTE5qE5f1cUeAWVCimh0gTcvz81lshxSFjqvpZVZ70riuMbIldl50L7VAj
BlHF8jRQb0Qx05L/lLoIeauJQWJ/smJnBmAfV88ZDzQyKgKYhjuuTWDLnQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMOqF+Zhse3OpUbHysms1LRkUKgJMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvdzZvWDVtR3g3YzZsUnNmS3lhelV0R1JRcUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAFSzgID
BAFSzggDBAJSzhADBANSzkgwDAMEAlLOVAMEBFLOYDANBgkqhkiG9w0BAQsFAAOC
AQEAF65KOiPTVLNr8yZpJvPDR4VfNmlo88HrDUGcncbjEFbkTOt3ImZPIjRTptzw
55MJKZR89hqBgM12W56f8rEJegQhR4gqQphYa4+a7+9BJKBViSKbd67ZkOJVaWoJ
ulNzspSo3aZoziy6y/e0gJ5F9AlMq/RXApe1mjztVboscalScqL29afmYoh6Ly9R
JijTmPY/OE+NK2r8NRt3X0MnYWKVYUIH02kXaZ2LbCivDxgIyOdQdFG53HG+DZuM
k+RAWtNn3+bTFjK0wZqyf6Tn7hgRfv8V8azFcHHAnAbcwDhywSFcfZW3E6WNTvgv
Fe+n/0tkfGe009yWb9a3MaM51Q==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:44:48 2025 by rpki-client