Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/CRXS8yJabkFe9zngcADmlt5Mjh8.roa
File: CRXS8yJabkFe9zngcADmlt5Mjh8.roa (raw, json)
Hash identifier: V+gmBDqtYsm9sl2kIiueYpvE2PqUIfwWQ+IMlLrBBzI=
Subject key identifier: 09:15:D2:F3:22:5A:6E:41:5E:F7:39:E0:70:00:E6:96:DE:4C:8E:1F
Certificate issuer: /CN=53c912a0411bb0174507092d0ca35a91ad79905c
Certificate serial: 019E45609A56FF90509F7CD1EB47031CC9C6
Authority key identifier: 53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/CRXS8yJabkFe9zngcADmlt5Mjh8.roa
Signing time: Wed 20 May 2026 12:33:39 +0000
ROA not before: Wed 20 May 2026 12:33:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49685
IP address blocks: 194.59.136.0/24 maxlen: 24
194.59.138.0/24 maxlen: 24
2a07:cb80::/32 maxlen: 32
2a07:cb84:3001::/48 maxlen: 48
2a07:cb84:3006::/48 maxlen: 48
2a07:cb84:3013::/48 maxlen: 48
2a07:cb84:3015::/48 maxlen: 48
2a07:cb84:3018::/48 maxlen: 48
2a07:cb84:3019::/48 maxlen: 48
2a07:cb84:3026::/48 maxlen: 48
2a07:cb84:3035::/48 maxlen: 48
2a07:cb84:3036::/48 maxlen: 48
2a07:cb84:3038::/48 maxlen: 48
2a07:cb84:3057::/48 maxlen: 48
2a07:cb84:3059::/48 maxlen: 48
2a07:cb84:3063::/48 maxlen: 48
2a07:cb84:3069::/48 maxlen: 48
2a07:cb84:3075::/48 maxlen: 48
2a07:cb84:3076::/48 maxlen: 48
2a07:cb84:3101::/48 maxlen: 48
2a07:cb84:3104::/48 maxlen: 48
2a07:cb84:3112::/48 maxlen: 48
2a07:cb84:3114::/48 maxlen: 48
2a07:cb84:3119::/48 maxlen: 48
2a07:cb84:3120::/48 maxlen: 48
2a07:cb84:3123::/48 maxlen: 48
2a07:cb84:3130::/48 maxlen: 48
2a07:cb84:3131::/48 maxlen: 48
2a07:cb84:3154::/48 maxlen: 48
2a07:cb84:3160::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 23:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:45:60:9a:56:ff:90:50:9f:7c:d1:eb:47:03:1c:c9:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53c912a0411bb0174507092d0ca35a91ad79905c
Validity
Not Before: May 20 12:33:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0915d2f3225a6e415ef739e07000e696de4c8e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:15:1c:6e:e9:da:fc:54:d8:9e:4f:86:ea:28:
1e:1b:3a:31:59:be:b9:69:74:29:51:90:3d:5b:14:
81:17:54:3a:e7:7c:ca:1c:41:4d:8e:36:3e:81:fe:
2f:be:ed:1a:d6:3c:dd:24:d8:52:80:4c:83:a8:6e:
76:9c:c3:86:b8:8c:e0:5e:a0:1f:d5:1c:66:35:2f:
d2:34:cb:fb:b5:cb:71:18:02:8b:6b:19:98:fe:d6:
64:b4:b3:6c:b6:7b:d6:08:70:af:9b:73:88:f6:3e:
82:c6:29:7f:d8:e7:4e:32:fc:22:cf:6c:b3:84:30:
de:b6:71:7d:1b:4d:3f:84:57:35:07:40:54:15:26:
dd:48:fe:23:f8:d0:b2:57:5b:28:aa:db:58:4e:cd:
e3:a2:da:97:e4:a2:da:d8:1d:58:cb:e5:50:48:65:
f0:86:ea:82:c2:35:66:ac:1a:e6:02:70:0c:d8:04:
89:ce:8d:a3:58:36:3b:b6:8e:31:42:73:19:96:20:
e1:05:20:2f:95:71:c6:c1:35:ff:bf:99:a0:c1:50:
f4:4c:15:63:8f:ae:ba:3f:c6:0f:60:22:ef:e2:72:
7c:f4:5a:12:2e:ef:73:61:59:6e:09:5e:98:ff:ed:
37:58:45:2d:89:cd:f6:7d:36:1b:3b:28:b1:93:e9:
ae:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:15:D2:F3:22:5A:6E:41:5E:F7:39:E0:70:00:E6:96:DE:4C:8E:1F
X509v3 Authority Key Identifier:
keyid:53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/CRXS8yJabkFe9zngcADmlt5Mjh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.136.0/24
194.59.138.0/24
IPv6:
2a07:cb80::/32
2a07:cb84:3001::/48
2a07:cb84:3006::/48
2a07:cb84:3013::/48
2a07:cb84:3015::/48
2a07:cb84:3018::/47
2a07:cb84:3026::/48
2a07:cb84:3035::-2a07:cb84:3036:ffff:ffff:ffff:ffff:ffff
2a07:cb84:3038::/48
2a07:cb84:3057::/48
2a07:cb84:3059::/48
2a07:cb84:3063::/48
2a07:cb84:3069::/48
2a07:cb84:3075::-2a07:cb84:3076:ffff:ffff:ffff:ffff:ffff
2a07:cb84:3101::/48
2a07:cb84:3104::/48
2a07:cb84:3112::/48
2a07:cb84:3114::/48
2a07:cb84:3119::/48
2a07:cb84:3120::/48
2a07:cb84:3123::/48
2a07:cb84:3130::/47
2a07:cb84:3154::/48
2a07:cb84:3160::/48
Signature Algorithm: sha256WithRSAEncryption
00:ea:62:cc:2c:26:40:47:d7:66:a1:33:6c:2f:92:2a:34:15:
09:00:6f:5f:1f:2a:51:41:c5:73:0c:54:64:71:fd:52:01:74:
03:1d:27:4f:32:23:dd:a2:6c:ca:2a:d4:11:c8:03:f2:8a:3c:
34:65:c4:a8:34:a7:49:21:a4:f3:b4:fa:29:bf:54:9f:38:d7:
dc:81:f1:78:27:2e:d9:59:89:ef:33:88:cc:7c:b0:0c:d9:0b:
3c:3b:55:81:56:b2:6a:98:10:b4:de:fc:19:fa:7b:d0:af:1b:
e6:a5:35:94:2a:6c:af:82:ae:68:76:aa:7d:a3:d1:bf:39:fc:
c0:d6:3d:6e:40:ff:2b:3c:57:2d:71:85:4e:ac:0d:34:68:67:
d7:6b:0f:43:fb:1d:5a:a2:66:75:6d:65:a7:f8:a3:cc:8a:b8:
cc:e1:89:d5:35:5d:99:89:d3:df:1f:9d:10:4d:ba:92:bf:a3:
85:f3:d4:38:5c:ba:51:ac:bd:b7:87:11:3a:18:b6:11:46:4e:
e6:f5:03:46:a9:e5:b5:0e:67:0c:52:5f:c7:59:55:47:5b:d0:
4c:4e:01:dd:b4:27:eb:19:28:90:aa:2b:c9:96:be:19:c2:64:
06:0e:b6:0a:b5:7f:24:6e:32:27:48:3e:44:44:96:25:7a:df:
8d:5a:f5:f0
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZ5FYJpW/5BQn3zR60cDHMnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYzkxMmEwNDExYmIwMTc0NTA3MDkyZDBjYTM1YTkxYWQ3
OTkwNWMwHhcNMjYwNTIwMTIzMzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTE1ZDJmMzIyNWE2ZTQxNWVmNzM5ZTA3MDAwZTY5NmRlNGM4ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRUcbuna/FTYnk+G6igeGzoxWb65
aXQpUZA9WxSBF1Q653zKHEFNjjY+gf4vvu0a1jzdJNhSgEyDqG52nMOGuIzgXqAf
1RxmNS/SNMv7tctxGAKLaxmY/tZktLNstnvWCHCvm3OI9j6Cxil/2OdOMvwiz2yz
hDDetnF9G00/hFc1B0BUFSbdSP4j+NCyV1soqttYTs3jotqX5KLa2B1Yy+VQSGXw
huqCwjVmrBrmAnAM2ASJzo2jWDY7to4xQnMZliDhBSAvlXHGwTX/v5mgwVD0TBVj
j666P8YPYCLv4nJ89FoSLu9zYVluCV6Y/+03WEUtic32fTYbOyixk+muRQIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFAkV0vMiWm5BXvc54HAA5pbeTI4fMB8GA1UdIwQY
MBaAFFPJEqBBG7AXRQcJLQyjWpGteZBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAt
ZTIxYzQzNmI2MmVmLzEvQ1JYUzh5SmFia0ZlOXpuZ2NBRG1sdDVNamg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAtZTIxYzQzNmI2MmVm
LzEvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjASBAIAATAMAwQA
wjuIAwQAwjuKMIHzBAIAAjCB7AMFACoHy4ADBwAqB8uEMAEDBwAqB8uEMAYDBwAq
B8uEMBMDBwAqB8uEMBUDBwEqB8uEMBgDBwAqB8uEMCYwEgMHACoHy4QwNQMHACoH
y4QwNgMHACoHy4QwOAMHACoHy4QwVwMHACoHy4QwWQMHACoHy4QwYwMHACoHy4Qw
aTASAwcAKgfLhDB1AwcAKgfLhDB2AwcAKgfLhDEBAwcAKgfLhDEEAwcAKgfLhDES
AwcAKgfLhDEUAwcAKgfLhDEZAwcAKgfLhDEgAwcAKgfLhDEjAwcBKgfLhDEwAwcA
KgfLhDFUAwcAKgfLhDFgMA0GCSqGSIb3DQEBCwUAA4IBAQAA6mLMLCZAR9dmoTNs
L5IqNBUJAG9fHypRQcVzDFRkcf1SAXQDHSdPMiPdomzKKtQRyAPyijw0ZcSoNKdJ
IaTztPopv1SfONfcgfF4Jy7ZWYnvM4jMfLAM2Qs8O1WBVrJqmBC03vwZ+nvQrxvm
pTWUKmyvgq5odqp9o9G/OfzA1j1uQP8rPFctcYVOrA00aGfXaw9D+x1aomZ1bWWn
+KPMirjM4YnVNV2ZidPfH50QTbqSv6OF89Q4XLpRrL23hxE6GLYRRk7m9QNGqeW1
DmcMUl/HWVVHW9BMTgHdtCfrGSiQqivJlr4ZwmQGDrYKtX8kbjInSD5ERJYlet+N
WvXw
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:41:40 2026 by rpki-client