Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Waos7-XGOfCb1jVnxaDXXJ8FbS0.roa
File: Waos7-XGOfCb1jVnxaDXXJ8FbS0.roa (raw, json)
Hash identifier: OlEw+/VKb5C5I0jNouIEEfOwzaJNKrqkp/9DnrwnKW8=
Subject key identifier: 59:AA:2C:EF:E5:C6:39:F0:9B:D6:35:67:C5:A0:D7:5C:9F:05:6D:2D
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 019DC3F4645B266065D621F9A8EEFB433568
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Waos7-XGOfCb1jVnxaDXXJ8FbS0.roa
Signing time: Sat 25 Apr 2026 09:24:26 +0000
ROA not before: Sat 25 Apr 2026 09:24:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 80.93.192.0/24 maxlen: 24
80.93.194.0/24 maxlen: 24
80.93.195.0/24 maxlen: 24
80.93.196.0/24 maxlen: 24
80.93.199.0/24 maxlen: 24
80.93.204.0/24 maxlen: 24
80.93.205.0/24 maxlen: 24
80.93.206.0/24 maxlen: 24
80.93.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Apr 2026 21:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c3:f4:64:5b:26:60:65:d6:21:f9:a8:ee:fb:43:35:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: Apr 25 09:24:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=59aa2cefe5c639f09bd63567c5a0d75c9f056d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:08:3e:76:ae:63:f2:01:05:71:b3:74:3f:f6:
d4:87:ef:d4:4c:1f:5a:ab:5f:46:3f:6a:e8:56:f8:
e6:80:46:f1:a1:be:6c:94:be:15:f8:87:34:22:59:
ab:34:07:13:86:4f:43:f6:69:1b:a3:d9:19:ec:cf:
9c:1b:72:1f:07:32:f5:27:e6:d4:09:46:f4:55:b4:
1e:90:9b:db:1a:44:ce:fb:f7:2a:a8:b4:4a:23:54:
9a:f8:79:48:d7:da:ea:74:da:7e:d7:a6:56:84:71:
0d:fe:18:c3:07:21:83:6a:bc:e0:ca:6a:9e:70:cb:
17:b1:af:43:0f:fd:4e:8b:36:13:63:01:a0:11:a3:
05:39:f3:f9:90:22:51:a8:40:31:2c:4e:e5:ce:c7:
20:50:ab:a8:33:01:f2:e5:14:17:cc:d3:0b:ca:1b:
7e:9a:c7:26:9a:16:04:17:6e:fe:f4:2e:c0:4c:fa:
e4:2d:96:02:63:93:be:a4:b6:7a:b6:36:0e:72:1b:
9d:85:d2:f6:47:9a:ec:1d:0d:92:8c:6c:cd:7f:f8:
5c:d9:7c:ed:34:98:27:bb:1f:f7:6b:89:0f:bc:ec:
82:c8:71:f7:b3:44:8a:5e:86:c5:0f:6e:8a:04:6c:
37:c8:74:5c:a6:1b:b3:5f:41:aa:6e:5a:c5:1f:5b:
9c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:AA:2C:EF:E5:C6:39:F0:9B:D6:35:67:C5:A0:D7:5C:9F:05:6D:2D
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Waos7-XGOfCb1jVnxaDXXJ8FbS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.192.0/24
80.93.194.0-80.93.196.255
80.93.199.0/24
80.93.204.0/22
Signature Algorithm: sha256WithRSAEncryption
51:cf:7b:7c:0d:49:4a:93:7a:da:1b:33:6d:a3:1b:2f:4b:92:
9d:92:bd:fa:56:50:01:53:1d:73:06:51:e7:50:2a:fb:11:2e:
8c:21:91:37:a9:f4:04:31:54:b7:48:c4:6c:41:dc:55:79:d0:
e6:ad:1c:63:eb:04:c1:ac:63:4d:7c:dd:33:cd:5c:db:da:0f:
c9:49:23:0c:c9:2b:e3:32:8c:1e:2a:ed:4b:26:25:a4:a7:81:
6b:2b:61:34:16:9d:4c:92:29:70:99:d3:79:c7:14:1d:5e:b9:
54:f9:80:83:35:0e:36:96:a9:1d:b5:b2:93:e5:6e:ba:88:41:
1f:f5:fa:15:d4:83:51:69:6b:01:f1:eb:bf:e9:2c:77:b6:3d:
48:e4:af:ec:52:b4:64:ea:9f:97:2b:27:aa:24:56:2e:e7:74:
29:13:95:b5:62:fe:ac:0f:9a:8a:74:54:df:23:ab:23:56:8c:
75:d8:4c:79:e9:00:48:d7:cb:be:36:a2:65:0a:24:e6:07:89:
46:57:6c:3e:7c:cd:f6:a4:0d:6e:33:17:c3:e2:0c:bc:c7:51:
79:08:5c:56:26:ec:e6:b7:c8:e9:aa:e8:f8:01:b7:89:b7:04:
5d:8a:20:44:d7:e4:47:c3:c5:53:e2:1e:e9:e7:5a:9a:3a:a7:
b6:ff:23:bc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ3D9GRbJmBl1iH5qO77QzVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjYwNDI1MDkyNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWFhMmNlZmU1YzYzOWYwOWJkNjM1NjdjNWEwZDc1YzlmMDU2ZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgg+dq5j8gEFcbN0P/bUh+/UTB9a
q19GP2roVvjmgEbxob5slL4V+Ic0IlmrNAcThk9D9mkbo9kZ7M+cG3IfBzL1J+bU
CUb0VbQekJvbGkTO+/cqqLRKI1Sa+HlI19rqdNp+16ZWhHEN/hjDByGDarzgymqe
cMsXsa9DD/1OizYTYwGgEaMFOfP5kCJRqEAxLE7lzscgUKuoMwHy5RQXzNMLyht+
mscmmhYEF27+9C7ATPrkLZYCY5O+pLZ6tjYOchudhdL2R5rsHQ2SjGzNf/hc2Xzt
NJgnux/3a4kPvOyCyHH3s0SKXobFD26KBGw3yHRcphuzX0GqblrFH1ucxQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFmqLO/lxjnwm9Y1Z8Wg11yfBW0tMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvV2FvczctWEdPZkNiMWpWbnhhRFhYSjhGYlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUF3AMAwD
BAFQXcIDBABQXcQDBABQXccDBAJQXcwwDQYJKoZIhvcNAQELBQADggEBAFHPe3wN
SUqTetobM22jGy9Lkp2SvfpWUAFTHXMGUedQKvsRLowhkTep9AQxVLdIxGxB3FV5
0OatHGPrBMGsY0183TPNXNvaD8lJIwzJK+MyjB4q7UsmJaSngWsrYTQWnUySKXCZ
03nHFB1euVT5gIM1DjaWqR21spPlbrqIQR/1+hXUg1FpawHx67/pLHe2PUjkr+xS
tGTqn5crJ6okVi7ndCkTlbVi/qwPmop0VN8jqyNWjHXYTHnpAEjXy742omUKJOYH
iUZXbD58zfakDW4zF8PiDLzHUXkIXFYm7Oa3yOmq6PgBt4m3BF2KIETX5EfDxVPi
HunnWpo6p7b/I7w=
-----END CERTIFICATE-----
Generated at Thu Apr 30 04:27:27 2026 by rpki-client