Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/csPtXZ5xy3Z2R7ZboU6vxYNaoP4.roa
File: csPtXZ5xy3Z2R7ZboU6vxYNaoP4.roa (raw, json)
Hash identifier: GOD82AMKGyO9qKpjy7JEAIqun8BVBjxdYKzUajgvqmo=
Subject key identifier: 72:C3:ED:5D:9E:71:CB:76:76:47:B6:5B:A1:4E:AF:C5:83:5A:A0:FE
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019EB54E5C14506071F1AC85E1256F0BC8E4
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/csPtXZ5xy3Z2R7ZboU6vxYNaoP4.roa
Signing time: Thu 11 Jun 2026 06:11:11 +0000
ROA not before: Thu 11 Jun 2026 06:11:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56619
IP address blocks: 79.98.249.0/24 maxlen: 24
79.98.252.0/24 maxlen: 24
79.98.253.0/24 maxlen: 24
90.188.196.0/24 maxlen: 24
90.188.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b5:4e:5c:14:50:60:71:f1:ac:85:e1:25:6f:0b:c8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 11 06:11:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=72c3ed5d9e71cb767647b65ba14eafc5835aa0fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c2:e2:f3:34:0a:c2:a7:dd:b5:b1:55:f4:6d:
7d:18:4e:22:f4:66:70:c4:5f:cc:49:f7:03:cf:5d:
62:8c:b9:59:b4:bd:56:a3:28:b0:16:67:65:f4:d1:
cd:0a:ce:87:4a:c4:af:10:81:ce:4b:aa:0a:d3:5f:
bd:2e:1c:b9:7e:67:65:af:bf:07:99:0d:16:70:01:
57:00:24:67:f7:1f:82:24:d0:fe:1c:8f:fc:8f:0f:
32:8b:81:b0:ce:f9:b0:5b:b2:0d:fa:db:fb:8b:c4:
df:77:b9:dd:fd:ff:96:7c:ad:b0:e1:52:03:00:f1:
e1:b7:85:4a:d3:06:7e:25:38:22:30:7e:e8:f6:d1:
80:3d:57:c9:03:0e:b0:5e:ec:1e:e1:3e:21:a1:6b:
be:ac:c5:e3:f7:db:c6:d2:1d:43:fe:1f:b1:07:dc:
10:75:8a:e0:0b:d0:c6:4c:72:68:67:2d:f4:ef:33:
7d:18:ca:c9:b0:5b:67:40:a3:45:29:e0:71:54:3f:
67:c8:52:d5:73:0d:99:f6:c7:ea:d1:70:12:dd:61:
a8:2f:71:61:54:0f:b4:92:00:f2:fa:a6:11:4d:04:
9f:fb:92:9c:24:a5:88:28:66:d8:67:8e:c6:2e:c3:
23:59:d9:9f:39:24:44:27:7e:fd:f1:9f:67:6b:96:
00:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C3:ED:5D:9E:71:CB:76:76:47:B6:5B:A1:4E:AF:C5:83:5A:A0:FE
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/csPtXZ5xy3Z2R7ZboU6vxYNaoP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.249.0/24
79.98.252.0/23
90.188.196.0/24
90.188.199.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:b7:d2:5c:d9:32:a7:56:d7:33:54:3d:8a:cc:b5:31:7e:8f:
35:2f:44:14:36:8a:a5:cd:40:a5:e9:96:e1:a6:c7:b4:6a:17:
7f:c0:67:86:71:54:dd:af:07:7f:4a:0c:95:fc:06:b1:9f:e1:
a0:96:47:d6:4a:fb:31:b7:e1:67:16:2c:86:2c:88:a4:90:19:
aa:c9:0c:3f:90:47:4e:d4:e5:dc:b3:b2:1a:72:8a:dc:d6:0e:
5a:29:af:cb:72:91:4d:a0:fc:3e:f5:49:d3:a2:6c:6c:cc:7d:
7f:14:18:8f:23:e7:5d:df:7a:bb:87:2e:e5:0d:5d:bf:0a:2c:
cb:16:b1:25:a1:1e:22:05:1a:bb:c9:13:45:c2:71:85:f9:4b:
27:cb:6b:49:51:d8:58:2f:97:eb:9d:47:3b:24:a5:f0:66:7a:
fe:b8:0e:20:b4:0f:ba:76:44:ea:ec:bb:78:1b:5b:af:2a:02:
ed:9b:3e:55:e0:bf:38:bd:2f:39:26:6f:77:c8:1b:c5:94:c0:
72:f9:44:ef:95:ec:d8:c2:ff:00:aa:fa:d2:90:77:25:37:8b:
99:57:1a:eb:0d:41:df:36:b4:70:34:e1:35:94:21:87:f8:0c:
f5:45:46:dd:00:cd:27:d6:fd:a6:0f:24:f7:00:05:0b:44:0b:
d5:d6:72:d7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ61TlwUUGBx8ayF4SVvC8jkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjYwNjExMDYxMTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmMzZWQ1ZDllNzFjYjc2NzY0N2I2NWJhMTRlYWZjNTgzNWFhMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sLi8zQKwqfdtbFV9G19GE4i9GZw
xF/MSfcDz11ijLlZtL1WoyiwFmdl9NHNCs6HSsSvEIHOS6oK01+9Lhy5fmdlr78H
mQ0WcAFXACRn9x+CJND+HI/8jw8yi4GwzvmwW7IN+tv7i8Tfd7nd/f+WfK2w4VID
APHht4VK0wZ+JTgiMH7o9tGAPVfJAw6wXuwe4T4hoWu+rMXj99vG0h1D/h+xB9wQ
dYrgC9DGTHJoZy307zN9GMrJsFtnQKNFKeBxVD9nyFLVcw2Z9sfq0XAS3WGoL3Fh
VA+0kgDy+qYRTQSf+5KcJKWIKGbYZ47GLsMjWdmfOSREJ3798Z9na5YAywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHLD7V2ecct2dke2W6FOr8WDWqD+MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvY3NQdFhaNXh5M1oyUjdaYm9VNnZ4WU5hb1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT2L5AwQB
T2L8AwQAWrzEAwQAWrzHMA0GCSqGSIb3DQEBCwUAA4IBAQCbt9Jc2TKnVtczVD2K
zLUxfo81L0QUNoqlzUCl6Zbhpse0ahd/wGeGcVTdrwd/SgyV/Aaxn+GglkfWSvsx
t+FnFiyGLIikkBmqyQw/kEdO1OXcs7Iacorc1g5aKa/LcpFNoPw+9UnTomxszH1/
FBiPI+dd33q7hy7lDV2/CizLFrEloR4iBRq7yRNFwnGF+Usny2tJUdhYL5frnUc7
JKXwZnr+uA4gtA+6dkTq7Lt4G1uvKgLtmz5V4L84vS85Jm93yBvFlMBy+UTvlezY
wv8AqvrSkHclN4uZVxrrDUHfNrRwNOE1lCGH+Az1RUbdAM0n1v2mDyT3AAULRAvV
1nLX
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:19:40 2026 by rpki-client