Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/kUsgoDKvC6Zrkrt39ZK5TGpttts.roa
File: kUsgoDKvC6Zrkrt39ZK5TGpttts.roa (raw, json)
Hash identifier: R6EIMwTV2AxtRVnvEeq/MoHnOuREjc1rKOmJmpjIgRA=
Subject key identifier: 91:4B:20:A0:32:AF:0B:A6:6B:92:BB:77:F5:92:B9:4C:6A:6D:B6:DB
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 019E6B1C250E5F5305248C0E1E88BE7CA273
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/kUsgoDKvC6Zrkrt39ZK5TGpttts.roa
Signing time: Wed 27 May 2026 20:24:27 +0000
ROA not before: Wed 27 May 2026 20:24:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 2.59.21.0/24 maxlen: 24
2.59.22.0/24 maxlen: 24
86.54.28.0/24 maxlen: 24
86.54.29.0/24 maxlen: 24
168.222.185.0/24 maxlen: 24
168.222.187.0/24 maxlen: 24
2a01:e940::/48 maxlen: 48
2a01:e943::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 31 May 2026 05:18:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6b:1c:25:0e:5f:53:05:24:8c:0e:1e:88:be:7c:a2:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: May 27 20:24:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=914b20a032af0ba66b92bb77f592b94c6a6db6db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9c:a6:79:53:4f:be:6c:d4:90:9e:ca:02:92:
6f:78:14:e5:05:3b:fb:b6:f2:e0:7e:ed:69:71:38:
b1:98:0a:4b:ba:80:0d:66:68:d1:93:dc:05:e3:83:
89:b9:42:04:c2:d5:87:89:9a:99:81:a7:56:99:1d:
ae:6e:2f:26:58:3c:c2:72:f3:db:8e:ac:b1:70:e2:
63:2c:69:e7:76:87:bf:80:ac:45:b3:9d:29:dd:76:
d4:22:56:74:82:01:3b:89:a4:42:12:a7:52:0a:f6:
0d:cd:23:11:a8:f5:ad:0d:cf:10:4c:78:1b:37:1e:
fe:19:b6:86:0c:55:7a:0b:15:0a:cc:27:3b:4a:37:
d5:96:64:59:b8:98:45:72:ab:f3:38:49:45:4d:d4:
74:a0:72:0f:4a:ba:fb:d8:0a:e4:72:fb:cc:97:b3:
14:9d:98:f8:55:92:61:e9:6c:c9:e5:2a:a7:3a:76:
34:80:45:39:e8:28:fe:0d:51:80:36:94:96:00:fa:
60:7a:23:b9:86:46:21:13:eb:d7:9d:15:a1:4c:f9:
62:86:da:cf:d4:ba:d7:7a:20:bb:b6:18:dd:10:ca:
eb:49:1c:67:07:ad:92:c3:75:e3:06:6d:fa:a8:d4:
d7:e4:26:61:c8:0b:9f:13:67:c1:fa:b2:dc:58:60:
13:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4B:20:A0:32:AF:0B:A6:6B:92:BB:77:F5:92:B9:4C:6A:6D:B6:DB
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/kUsgoDKvC6Zrkrt39ZK5TGpttts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.21.0-2.59.22.255
86.54.28.0/23
168.222.185.0/24
168.222.187.0/24
IPv6:
2a01:e940::/48
2a01:e943::/48
Signature Algorithm: sha256WithRSAEncryption
1f:cc:1a:26:50:4b:69:ac:ff:18:c3:0e:a6:55:b4:ce:d2:df:
29:6d:32:94:50:19:b9:43:b2:de:58:9c:47:cc:84:2a:66:46:
a6:83:b1:c7:c5:64:cd:17:04:b0:07:4a:86:b5:74:0e:5c:82:
11:d8:c3:7c:32:1f:de:4d:42:16:d4:58:ac:7e:14:be:c0:e5:
23:ce:86:b3:d4:90:d6:8a:27:15:be:03:9d:93:4d:b0:f0:de:
2a:f2:19:c3:8b:09:6e:b1:5e:b1:a5:18:6b:6c:5a:8e:f2:aa:
82:9d:8f:a8:cb:b4:68:68:8f:65:1b:c9:29:b8:ae:a4:5f:ac:
44:ba:c6:8f:c5:76:bd:be:85:c6:89:09:9d:3e:9c:15:e1:02:
05:8d:be:d5:1f:83:13:94:52:ff:ca:7d:b2:14:d0:31:1c:8d:
b7:fd:0a:d4:e9:4a:b8:9c:ab:0d:90:17:f1:79:4e:d7:4e:1a:
c4:fc:49:aa:9f:2e:d5:b3:d5:d6:64:27:6d:23:47:53:32:a9:
35:71:85:6f:7f:26:e8:a4:6f:92:69:09:51:8d:44:8d:da:8e:
a9:d8:37:15:8f:df:8d:aa:ab:14:19:b9:bd:7f:a3:5c:75:1d:
e4:3f:f3:7b:28:10:b4:28:ec:ca:8d:ad:d2:88:b5:68:06:0a:
07:d1:93:72
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ5rHCUOX1MFJIwOHoi+fKJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjYwNTI3MjAyNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRiMjBhMDMyYWYwYmE2NmI5MmJiNzdmNTkyYjk0YzZhNmRiNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5ymeVNPvmzUkJ7KApJveBTlBTv7
tvLgfu1pcTixmApLuoANZmjRk9wF44OJuUIEwtWHiZqZgadWmR2ubi8mWDzCcvPb
jqyxcOJjLGnndoe/gKxFs50p3XbUIlZ0ggE7iaRCEqdSCvYNzSMRqPWtDc8QTHgb
Nx7+GbaGDFV6CxUKzCc7SjfVlmRZuJhFcqvzOElFTdR0oHIPSrr72ArkcvvMl7MU
nZj4VZJh6WzJ5SqnOnY0gEU56Cj+DVGANpSWAPpgeiO5hkYhE+vXnRWhTPlihtrP
1LrXeiC7thjdEMrrSRxnB62Sw3XjBm36qNTX5CZhyAufE2fB+rLcWGATvQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJFLIKAyrwuma5K7d/WSuUxqbbbbMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEva1VzZ29ES3ZDNlpya3J0MzlaSzVUR3B0dHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAmBAIAATAgMAwDBAACOxUD
BAACOxYDBAFWNhwDBACo3rkDBACo3rswGAQCAAIwEgMHACoB6UAAAAMHACoB6UMA
ADANBgkqhkiG9w0BAQsFAAOCAQEAH8waJlBLaaz/GMMOplW0ztLfKW0ylFAZuUOy
3licR8yEKmZGpoOxx8VkzRcEsAdKhrV0DlyCEdjDfDIf3k1CFtRYrH4UvsDlI86G
s9SQ1oonFb4DnZNNsPDeKvIZw4sJbrFesaUYa2xajvKqgp2PqMu0aGiPZRvJKbiu
pF+sRLrGj8V2vb6FxokJnT6cFeECBY2+1R+DE5RS/8p9shTQMRyNt/0K1OlKuJyr
DZAX8XlO104axPxJqp8u1bPV1mQnbSNHUzKpNXGFb38m6KRvkmkJUY1EjdqOqdg3
FY/fjaqrFBm5vX+jXHUd5D/zeygQtCjsyo2t0oi1aAYKB9GTcg==
-----END CERTIFICATE-----
Generated at Sat May 30 13:47:12 2026 by rpki-client