Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ElvgGMugsO1XpAH43h8kNmBxk4M.roa
File: ElvgGMugsO1XpAH43h8kNmBxk4M.roa (raw, json)
Hash identifier: qNszrLmYHADmBJp/+f7SbiI2pso2BLXll9IwOPU0+z8=
Subject key identifier: 12:5B:E0:18:CB:A0:B0:ED:57:A4:01:F8:DE:1F:24:36:60:71:93:83
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019E87FC1FAD1EC9B035AAF3977415229B95
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ElvgGMugsO1XpAH43h8kNmBxk4M.roa
Signing time: Tue 02 Jun 2026 10:58:27 +0000
ROA not before: Tue 02 Jun 2026 10:58:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202147
IP address blocks: 5.83.137.0/24 maxlen: 24
77.90.36.0/24 maxlen: 24
85.93.1.0/24 maxlen: 24
85.118.165.0/24 maxlen: 24
94.249.175.0/24 maxlen: 24
94.249.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:fc:1f:ad:1e:c9:b0:35:aa:f3:97:74:15:22:9b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 2 10:58:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=125be018cba0b0ed57a401f8de1f243660719383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7e:74:34:b0:91:c1:0f:88:d4:f2:8d:a6:65:
bb:af:da:c9:23:75:6c:4f:67:ef:41:61:8c:dd:0c:
07:f2:37:91:97:2d:1a:11:17:e2:99:2c:79:5d:7c:
7a:b0:76:a7:9d:82:d2:9d:85:5f:5a:9a:bf:8c:a6:
e7:82:82:5b:f0:9a:65:53:71:03:15:2b:fd:0a:07:
f9:c6:e4:ca:5d:e1:f8:b4:4d:43:85:19:da:b5:e8:
c7:90:a0:18:43:4e:44:46:bb:99:c7:a3:c3:db:e3:
53:87:e6:bb:51:ac:fb:fc:ef:84:e5:d9:7b:32:0b:
53:c6:e4:6a:3e:e8:39:c8:2f:c1:85:bd:30:01:4d:
ca:cf:4b:a4:fd:bb:7e:b5:68:78:5f:7c:99:b7:fe:
bf:22:8d:95:e0:ff:05:70:ab:f7:41:79:7e:4a:4c:
9d:08:cc:2d:b2:16:17:cb:1e:24:fe:c6:a9:98:f4:
32:82:a0:1b:72:62:64:7d:a5:87:3b:76:df:cd:86:
91:94:e0:af:7a:d0:8a:d6:37:d1:32:d8:5b:6b:a9:
82:ea:91:a5:1f:1c:7d:9d:a1:64:c2:9a:1b:15:58:
88:e4:09:5f:dd:f6:79:ea:8b:96:a9:f6:96:1e:08:
3a:45:97:05:22:d0:1e:16:11:2a:aa:6f:33:1a:c5:
50:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:5B:E0:18:CB:A0:B0:ED:57:A4:01:F8:DE:1F:24:36:60:71:93:83
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ElvgGMugsO1XpAH43h8kNmBxk4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.137.0/24
77.90.36.0/24
85.93.1.0/24
85.118.165.0/24
94.249.175.0/24
94.249.205.0/24
Signature Algorithm: sha256WithRSAEncryption
15:d7:8d:b2:1b:16:58:c0:86:b6:99:d3:4d:d3:7d:93:a4:45:
5a:b4:ea:5b:b7:16:a3:3a:3d:23:73:62:22:e6:82:18:5a:3a:
d3:24:1c:10:4d:36:3a:50:ab:2d:eb:0e:34:88:82:41:c8:39:
d0:43:b3:1b:d2:d0:52:21:87:ab:39:99:13:19:ee:9c:66:41:
d3:71:48:76:bc:bd:ec:4c:c7:11:5a:26:04:48:c0:d1:bf:7f:
8c:c4:a4:63:b4:9b:e9:0d:a2:ea:d2:68:e7:45:d7:0a:dd:9b:
24:68:b6:73:be:ed:96:bc:7e:4e:8b:6a:78:4b:f5:03:7f:ef:
cb:8e:fc:1f:61:a7:f9:67:a0:f6:73:2e:81:fc:d1:5d:37:a2:
90:5a:70:0e:a4:e3:d9:96:84:de:27:f0:f7:9d:b7:5c:37:c8:
23:23:c6:92:c9:14:2c:79:59:e9:73:74:98:61:fb:f3:b4:18:
b0:16:be:ed:dc:73:f6:ae:99:a3:27:9d:c5:ad:8f:c4:65:af:
00:9d:3c:aa:8f:b6:29:c0:37:a6:25:eb:e5:01:c4:19:8c:a2:
c7:75:5a:ab:66:0a:e8:fe:c4:a4:91:d7:52:17:b9:01:c8:12:
0d:88:23:07:19:6f:44:6e:e4:0e:ef:ec:51:f2:a0:e9:83:71:
2a:a0:26:6d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ6H/B+tHsmwNarzl3QVIpuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNjAyMTA1ODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjViZTAxOGNiYTBiMGVkNTdhNDAxZjhkZTFmMjQzNjYwNzE5MzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1X50NLCRwQ+I1PKNpmW7r9rJI3Vs
T2fvQWGM3QwH8jeRly0aERfimSx5XXx6sHannYLSnYVfWpq/jKbngoJb8JplU3ED
FSv9Cgf5xuTKXeH4tE1DhRnatejHkKAYQ05ERruZx6PD2+NTh+a7Uaz7/O+E5dl7
MgtTxuRqPug5yC/Bhb0wAU3Kz0uk/bt+tWh4X3yZt/6/Io2V4P8FcKv3QXl+Skyd
CMwtshYXyx4k/sapmPQygqAbcmJkfaWHO3bfzYaRlOCvetCK1jfRMthba6mC6pGl
Hxx9naFkwpobFViI5Alf3fZ56ouWqfaWHgg6RZcFItAeFhEqqm8zGsVQowIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBJb4BjLoLDtV6QB+N4fJDZgcZODMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRWx2Z0dNdWdzTzFYcEFINDNoOGtObUJ4azRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOJAwQA
TVokAwQAVV0BAwQAVXalAwQAXvmvAwQAXvnNMA0GCSqGSIb3DQEBCwUAA4IBAQAV
142yGxZYwIa2mdNN032TpEVatOpbtxajOj0jc2Ii5oIYWjrTJBwQTTY6UKst6w40
iIJByDnQQ7Mb0tBSIYerOZkTGe6cZkHTcUh2vL3sTMcRWiYESMDRv3+MxKRjtJvp
DaLq0mjnRdcK3ZskaLZzvu2WvH5Oi2p4S/UDf+/LjvwfYaf5Z6D2cy6B/NFdN6KQ
WnAOpOPZloTeJ/D3nbdcN8gjI8aSyRQseVnpc3SYYfvztBiwFr7t3HP2rpmjJ53F
rY/EZa8AnTyqj7YpwDemJevlAcQZjKLHdVqrZgro/sSkkddSF7kByBINiCMHGW9E
buQO7+xR8qDpg3EqoCZt
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:01:12 2026 by rpki-client