Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/CGEbthtCVvOlptpvMNG-4zYMxC0.roa
File: CGEbthtCVvOlptpvMNG-4zYMxC0.roa (raw, json)
Hash identifier: uleULESiIyYNwyib2ltUP7gwwxZ92HdRJC/n7Kqb5sg=
Subject key identifier: 08:61:1B:B6:1B:42:56:F3:A5:A6:DA:6F:30:D1:BE:E3:36:0C:C4:2D
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 019EA719DB1EAEA6C59504DEDE4C35FE6094
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/CGEbthtCVvOlptpvMNG-4zYMxC0.roa
Signing time: Mon 08 Jun 2026 11:59:09 +0000
ROA not before: Mon 08 Jun 2026 11:59:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 398781
IP address blocks: 80.173.192.0/21 maxlen: 32
80.173.232.0/21 maxlen: 32
80.173.240.0/21 maxlen: 32
80.173.248.0/21 maxlen: 32
81.172.0.0/19 maxlen: 24
81.172.48.0/21 maxlen: 24
81.172.56.0/22 maxlen: 24
81.172.66.0/24 maxlen: 24
81.172.116.0/24 maxlen: 24
82.158.0.0/18 maxlen: 32
82.158.92.0/22 maxlen: 32
82.158.96.0/22 maxlen: 32
82.158.100.0/22 maxlen: 32
82.158.104.0/22 maxlen: 32
82.158.108.0/22 maxlen: 32
87.192.88.0/21 maxlen: 24
87.192.208.0/21 maxlen: 24
87.232.144.0/20 maxlen: 24
87.232.200.0/21 maxlen: 24
87.232.208.0/20 maxlen: 24
87.232.226.0/23 maxlen: 24
87.232.232.0/21 maxlen: 24
87.232.240.0/21 maxlen: 24
87.232.248.0/23 maxlen: 24
89.124.246.0/23 maxlen: 24
131.222.136.0/21 maxlen: 24
131.222.144.0/21 maxlen: 24
131.222.152.0/21 maxlen: 24
131.222.160.0/21 maxlen: 24
131.222.168.0/21 maxlen: 24
131.222.176.0/21 maxlen: 24
131.222.184.0/21 maxlen: 24
139.84.64.0/19 maxlen: 24
139.100.32.0/19 maxlen: 24
139.100.64.0/19 maxlen: 24
140.225.32.0/21 maxlen: 32
140.225.40.0/21 maxlen: 32
140.225.48.0/21 maxlen: 32
140.225.56.0/21 maxlen: 32
140.225.224.0/19 maxlen: 32
157.239.64.0/18 maxlen: 24
167.150.82.0/23 maxlen: 32
167.150.96.0/23 maxlen: 32
167.150.108.0/23 maxlen: 32
167.150.114.0/23 maxlen: 32
167.150.150.0/23 maxlen: 32
167.150.164.0/23 maxlen: 32
167.150.168.0/23 maxlen: 32
167.150.174.0/23 maxlen: 32
167.150.178.0/23 maxlen: 32
167.150.184.0/23 maxlen: 32
167.150.202.0/23 maxlen: 32
167.150.212.0/23 maxlen: 32
167.150.242.0/23 maxlen: 32
173.224.144.0/20 maxlen: 32
188.240.83.0/24 maxlen: 24
209.92.16.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:19:db:1e:ae:a6:c5:95:04:de:de:4c:35:fe:60:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Jun 8 11:59:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=08611bb61b4256f3a5a6da6f30d1bee3360cc42d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a9:7c:93:72:48:25:91:04:9e:ee:cb:f1:e2:
5b:e3:26:d3:cd:41:ba:d4:7f:e6:68:34:a4:66:54:
ce:5b:e6:6b:d8:55:13:2f:83:7c:7c:8c:b3:ea:a0:
48:50:76:1c:1a:ec:bd:49:f7:6a:93:18:fe:b9:54:
a8:0e:98:52:09:c7:e3:9f:90:9f:f7:90:b5:4e:79:
74:4d:c9:b8:e2:b5:74:c0:88:26:41:66:81:2c:6f:
b4:b3:f0:db:51:a5:83:40:91:f9:7d:4a:d2:88:13:
34:b0:b1:44:2b:e0:47:ae:cb:9e:d0:e5:2f:e3:e0:
1c:2c:a8:c0:a7:ee:68:d6:35:93:c4:b2:7a:1b:42:
82:ef:a8:04:53:0e:52:37:5c:ac:fc:3c:a6:88:19:
a0:8e:f1:28:0e:29:50:e2:42:9c:70:2d:a9:06:b1:
b6:21:57:1f:42:94:19:dd:91:04:97:44:94:d2:8d:
4c:db:00:f1:9e:f1:cf:22:4f:cc:8a:d3:40:c3:35:
e1:8f:a3:5c:10:e2:8c:23:98:90:71:ce:c8:df:ca:
e3:ca:ea:ad:5b:ff:16:e2:7f:04:e9:b9:5d:43:4d:
2a:ba:5b:92:8f:af:2e:87:3c:60:6c:ea:20:d5:7a:
0e:90:68:7a:13:b2:13:36:e0:ba:96:c0:60:95:71:
7f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:61:1B:B6:1B:42:56:F3:A5:A6:DA:6F:30:D1:BE:E3:36:0C:C4:2D
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/CGEbthtCVvOlptpvMNG-4zYMxC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.173.192.0/21
80.173.232.0-80.173.255.255
81.172.0.0/19
81.172.48.0-81.172.59.255
81.172.66.0/24
81.172.116.0/24
82.158.0.0/18
82.158.92.0-82.158.111.255
87.192.88.0/21
87.192.208.0/21
87.232.144.0/20
87.232.200.0-87.232.223.255
87.232.226.0/23
87.232.232.0-87.232.249.255
89.124.246.0/23
131.222.136.0-131.222.191.255
139.84.64.0/19
139.100.32.0-139.100.95.255
140.225.32.0/19
140.225.224.0/19
157.239.64.0/18
167.150.82.0/23
167.150.96.0/23
167.150.108.0/23
167.150.114.0/23
167.150.150.0/23
167.150.164.0/23
167.150.168.0/23
167.150.174.0/23
167.150.178.0/23
167.150.184.0/23
167.150.202.0/23
167.150.212.0/23
167.150.242.0/23
173.224.144.0/20
188.240.83.0/24
209.92.16.0/20
Signature Algorithm: sha256WithRSAEncryption
97:f8:04:30:b8:50:96:31:b0:56:ce:98:6e:ed:57:89:ed:a5:
a0:15:14:3d:65:37:19:ce:3d:ef:75:1f:e3:7c:a6:c1:60:54:
07:f0:58:14:51:f8:e5:5d:99:24:d2:ec:b6:7c:3d:2a:56:18:
80:1b:4d:37:76:ae:8d:a8:6c:2b:1a:43:90:c5:11:0f:9f:1d:
25:b1:c7:a7:1c:4e:68:e5:a7:e2:ac:8e:a8:a3:d1:d7:d8:65:
4a:54:87:d9:d0:1e:30:50:4c:23:a8:42:da:f6:d0:68:5c:d9:
da:ae:92:dc:07:a4:34:35:f6:4e:bb:be:30:72:79:a0:21:cd:
64:95:c2:dd:17:33:7c:36:53:12:77:b9:d0:15:0b:f0:b5:61:
3c:da:55:cb:fd:ac:8b:26:b8:40:f7:61:fd:e1:4d:e4:10:e4:
77:f8:f5:56:b6:93:17:8c:21:36:b3:14:2b:2d:de:61:1b:37:
77:fa:ea:c8:13:8f:b1:05:29:59:51:39:0f:1b:78:b3:8b:cb:
44:67:1c:c6:63:fb:b5:26:72:63:1d:e0:09:6c:7b:66:dd:29:
95:73:57:e7:54:0c:dc:43:f1:1e:15:f7:6b:9a:6a:b3:98:16:
ae:d2:58:ed:21:98:aa:a2:83:fa:f2:7d:25:4a:85:76:80:44:
73:58:b0:a1
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgISAZ6nGdserqbFlQTe3kw1/mCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjYwNjA4MTE1OTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODYxMWJiNjFiNDI1NmYzYTVhNmRhNmYzMGQxYmVlMzM2MGNjNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsql8k3JIJZEEnu7L8eJb4ybTzUG6
1H/maDSkZlTOW+Zr2FUTL4N8fIyz6qBIUHYcGuy9Sfdqkxj+uVSoDphSCcfjn5Cf
95C1Tnl0Tcm44rV0wIgmQWaBLG+0s/DbUaWDQJH5fUrSiBM0sLFEK+BHrsue0OUv
4+AcLKjAp+5o1jWTxLJ6G0KC76gEUw5SN1ys/DymiBmgjvEoDilQ4kKccC2pBrG2
IVcfQpQZ3ZEEl0SU0o1M2wDxnvHPIk/MitNAwzXhj6NcEOKMI5iQcc7I38rjyuqt
W/8W4n8E6bldQ00quluSj68uhzxgbOog1XoOkGh6E7ITNuC6lsBglXF/uQIDAQAB
o4IDIjCCAx4wHQYDVR0OBBYEFAhhG7YbQlbzpababzDRvuM2DMQtMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvQ0dFYnRodENWdk9scHRwdk1ORy00ellNeEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNgYIKwYBBQUHAQcBAf8EggElMIIBITCCAR0EAgABMIIB
FQMEA1CtwDALAwQDUK3oAwMBUKwDBAVRrAAwDAMEBFGsMAMEAlGsOAMEAFGsQgME
AFGsdAMEBlKeADAMAwQCUp5cAwQEUp5gAwQDV8BYAwQDV8DQAwQEV+iQMAwDBANX
6MgDBAVX6MADBAFX6OIwDAMEA1fo6AMEAVfo+AMEAVl89jAMAwQDg96IAwQGg96A
AwQFi1RAMAwDBAWLZCADBAWLZEADBAWM4SADBAWM4eADBAad70ADBAGnllIDBAGn
lmADBAGnlmwDBAGnlnIDBAGnlpYDBAGnlqQDBAGnlqgDBAGnlq4DBAGnlrIDBAGn
lrgDBAGnlsoDBAGnltQDBAGnlvIDBASt4JADBAC88FMDBATRXBAwDQYJKoZIhvcN
AQELBQADggEBAJf4BDC4UJYxsFbOmG7tV4ntpaAVFD1lNxnOPe91H+N8psFgVAfw
WBRR+OVdmSTS7LZ8PSpWGIAbTTd2ro2obCsaQ5DFEQ+fHSWxx6ccTmjlp+Ksjqij
0dfYZUpUh9nQHjBQTCOoQtr20Ghc2dquktwHpDQ19k67vjByeaAhzWSVwt0XM3w2
UxJ3udAVC/C1YTzaVcv9rIsmuED3Yf3hTeQQ5Hf49Va2kxeMITazFCst3mEbN3f6
6sgTj7EFKVlROQ8beLOLy0RnHMZj+7UmcmMd4Alse2bdKZVzV+dUDNxD8R4V92ua
arOYFq7SWO0hmKqig/ryfSVKhXaARHNYsKE=
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:40:23 2026 by rpki-client