Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/QbAALDYZ_RGHs07gYUQih_CDJyk.roa
File: QbAALDYZ_RGHs07gYUQih_CDJyk.roa (raw, json)
Hash identifier: +Uv/ugRA2zDra5XT10jpvOYMi9ZmxhbMWKYPoPRN5bM=
Subject key identifier: 41:B0:00:2C:36:19:FD:11:87:B3:4E:E0:61:44:22:87:F0:83:27:29
Certificate issuer: /CN=53c912a0411bb0174507092d0ca35a91ad79905c
Certificate serial: 019EAB6742496E6F1AD0BE37FAE04C68CF10
Authority key identifier: 53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/QbAALDYZ_RGHs07gYUQih_CDJyk.roa
Signing time: Tue 09 Jun 2026 08:02:11 +0000
ROA not before: Tue 09 Jun 2026 08:02:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39700
IP address blocks: 194.59.136.0/24 maxlen: 24
194.59.138.0/24 maxlen: 24
2a07:cb80::/32 maxlen: 32
2a07:cb82::/32 maxlen: 32
2a07:cb84::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 07:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ab:67:42:49:6e:6f:1a:d0:be:37:fa:e0:4c:68:cf:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53c912a0411bb0174507092d0ca35a91ad79905c
Validity
Not Before: Jun 9 08:02:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=41b0002c3619fd1187b34ee061442287f0832729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0e:ed:e4:2d:38:4e:76:e5:91:6b:d3:3c:4f:
9b:29:8c:de:c9:70:f5:d7:29:a1:03:e5:39:54:4e:
93:3d:63:04:9d:7c:3d:dd:96:30:af:83:5a:4e:85:
0f:88:14:85:cc:4e:8d:cf:f3:fc:61:56:ff:8c:e5:
f4:b1:54:b2:56:f2:13:df:92:82:4f:42:c3:65:53:
bb:d2:c1:2f:ac:36:6a:5b:f7:dd:7e:49:7e:e9:40:
81:ae:92:c1:2b:e6:e6:01:5e:4b:ae:7c:0b:47:a3:
8c:e5:f9:20:ba:0f:f4:33:9b:0a:4d:f2:d8:84:7d:
13:a5:03:5b:8d:b2:6f:8a:3a:0f:3f:4b:44:f9:52:
11:e7:72:c7:6d:f9:61:41:3e:82:93:02:94:d7:7d:
6d:1c:19:a7:0d:8e:1f:df:34:34:cd:50:88:9f:ba:
d7:51:fa:88:87:8c:f1:4b:84:e9:cb:55:c8:42:80:
c4:28:55:81:c0:f2:2a:55:88:e8:cd:1f:02:c4:3b:
31:71:fb:45:6b:e3:81:16:16:d9:2f:c6:33:8b:06:
fe:3e:8c:e7:b1:ab:eb:17:0a:d7:6c:32:57:d6:0d:
f5:74:1d:07:3b:65:eb:f6:d2:b5:e7:19:7b:ee:12:
56:2a:fe:b4:7f:7f:4e:fe:28:75:9b:ad:53:ed:b2:
aa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B0:00:2C:36:19:FD:11:87:B3:4E:E0:61:44:22:87:F0:83:27:29
X509v3 Authority Key Identifier:
keyid:53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/QbAALDYZ_RGHs07gYUQih_CDJyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.136.0/24
194.59.138.0/24
IPv6:
2a07:cb80::/32
2a07:cb82::/32
2a07:cb84::/32
Signature Algorithm: sha256WithRSAEncryption
86:27:5c:27:31:ea:54:5b:85:d1:c7:d9:94:35:9f:c0:8c:7c:
64:bc:d0:08:01:13:ac:4e:13:d6:a4:5b:f3:87:ae:d6:de:87:
7a:50:f5:9b:d0:ec:ca:43:b0:7f:8d:13:de:cb:e8:84:a8:58:
6d:20:1b:cb:7e:69:ec:7e:57:e3:ee:72:dc:c9:31:6f:c5:41:
a6:a4:3d:b7:8a:f8:0e:93:2c:f7:08:93:df:af:4e:16:53:56:
20:91:cf:61:b5:35:5f:8a:bf:53:e5:21:26:28:98:70:62:75:
49:fe:c7:d4:48:ae:18:bc:25:ea:0d:99:05:b6:d5:13:5e:aa:
8f:e8:db:cd:dc:7d:27:67:de:db:f4:0b:a8:c2:8c:1f:a9:9a:
ca:eb:00:3d:aa:75:23:0b:3d:b2:91:21:fe:69:fe:27:43:30:
42:9e:3e:75:3f:13:0e:c0:b3:1e:f7:0e:6e:bc:e9:0d:b4:06:
f9:49:b4:0e:e2:d7:c9:4b:70:32:16:df:f4:ea:fb:82:46:d9:
42:88:28:e4:30:76:8f:8f:d6:82:33:c6:d2:d7:b6:a5:c6:16:
40:ed:1f:98:1b:9e:88:d0:61:1c:f1:c5:e1:68:be:7e:71:cb:
de:42:82:8b:48:03:a4:17:66:76:13:b9:17:fb:39:7b:df:ea:
d1:d0:2a:fa
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZ6rZ0JJbm8a0L43+uBMaM8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYzkxMmEwNDExYmIwMTc0NTA3MDkyZDBjYTM1YTkxYWQ3
OTkwNWMwHhcNMjYwNjA5MDgwMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWIwMDAyYzM2MTlmZDExODdiMzRlZTA2MTQ0MjI4N2YwODMyNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2w7t5C04TnblkWvTPE+bKYzeyXD1
1ymhA+U5VE6TPWMEnXw93ZYwr4NaToUPiBSFzE6Nz/P8YVb/jOX0sVSyVvIT35KC
T0LDZVO70sEvrDZqW/fdfkl+6UCBrpLBK+bmAV5LrnwLR6OM5fkgug/0M5sKTfLY
hH0TpQNbjbJvijoPP0tE+VIR53LHbflhQT6CkwKU131tHBmnDY4f3zQ0zVCIn7rX
UfqIh4zxS4Tpy1XIQoDEKFWBwPIqVYjozR8CxDsxcftFa+OBFhbZL8Yziwb+Pozn
savrFwrXbDJX1g31dB0HO2Xr9tK15xl77hJWKv60f39O/ih1m61T7bKqqQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEGwACw2Gf0Rh7NO4GFEIofwgycpMB8GA1UdIwQY
MBaAFFPJEqBBG7AXRQcJLQyjWpGteZBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAt
ZTIxYzQzNmI2MmVmLzEvUWJBQUxEWVpfUkdIczA3Z1lVUWloX0NESnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAtZTIxYzQzNmI2MmVm
LzEvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQAwjuIAwQA
wjuKMBsEAgACMBUDBQAqB8uAAwUAKgfLggMFACoHy4QwDQYJKoZIhvcNAQELBQAD
ggEBAIYnXCcx6lRbhdHH2ZQ1n8CMfGS80AgBE6xOE9akW/OHrtbeh3pQ9ZvQ7MpD
sH+NE97L6ISoWG0gG8t+aex+V+PuctzJMW/FQaakPbeK+A6TLPcIk9+vThZTViCR
z2G1NV+Kv1PlISYomHBidUn+x9RIrhi8JeoNmQW21RNeqo/o283cfSdn3tv0C6jC
jB+pmsrrAD2qdSMLPbKRIf5p/idDMEKePnU/Ew7Asx73Dm686Q20BvlJtA7i18lL
cDIW3/Tq+4JG2UKIKOQwdo+P1oIzxtLXtqXGFkDtH5gbnojQYRzxxeFovn5xy95C
gotIA6QXZnYTuRf7OXvf6tHQKvo=
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:49:51 2026 by rpki-client