Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/15a7df-99b5-4a91-9bc7-d8a42f320eae/1/w8YX6kWRefmNotBFGh2cREY-WBM.roa
File: w8YX6kWRefmNotBFGh2cREY-WBM.roa (raw, json)
Hash identifier: 1vK37SqVaoOxamUCHlxajZoFLir3cuRttmgl39KbodM=
Subject key identifier: C3:C6:17:EA:45:91:79:F9:8D:A2:D0:45:1A:1D:9C:44:46:3E:58:13
Certificate issuer: /CN=53a77fdfdd14c2df158ebfc2e6cfc2a279a648c1
Certificate serial: 019D6DD0E555162A5732D0FDF6A44D7D7978
Authority key identifier: 53:A7:7F:DF:DD:14:C2:DF:15:8E:BF:C2:E6:CF:C2:A2:79:A6:48:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U6d_390Uwt8Vjr_C5s_ConmmSME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/15a7df-99b5-4a91-9bc7-d8a42f320eae/1/w8YX6kWRefmNotBFGh2cREY-WBM.roa
Signing time: Wed 08 Apr 2026 15:58:19 +0000
ROA not before: Wed 08 Apr 2026 15:58:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 53766
IP address blocks: 136.144.98.0/23 maxlen: 23
136.144.100.0/23 maxlen: 23
136.144.102.0/23 maxlen: 23
136.144.106.0/23 maxlen: 23
136.144.108.0/24 maxlen: 24
136.144.109.0/24 maxlen: 24
136.144.110.0/24 maxlen: 24
136.144.111.0/24 maxlen: 24
136.144.113.0/24 maxlen: 24
136.144.114.0/24 maxlen: 24
136.144.115.0/24 maxlen: 24
136.144.116.0/24 maxlen: 24
136.144.118.0/24 maxlen: 24
136.144.119.0/24 maxlen: 24
136.144.120.0/24 maxlen: 24
136.144.121.0/24 maxlen: 24
136.144.122.0/24 maxlen: 24
136.144.124.0/24 maxlen: 24
136.144.125.0/24 maxlen: 24
136.144.127.0/24 maxlen: 24
159.100.166.0/23 maxlen: 23
159.100.170.0/23 maxlen: 23
159.100.172.0/23 maxlen: 23
159.100.174.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/15a7df-99b5-4a91-9bc7-d8a42f320eae/1/U6d_390Uwt8Vjr_C5s_ConmmSME.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/15a7df-99b5-4a91-9bc7-d8a42f320eae/1/U6d_390Uwt8Vjr_C5s_ConmmSME.mft
rsync://rpki.ripe.net/repository/DEFAULT/U6d_390Uwt8Vjr_C5s_ConmmSME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:d0:e5:55:16:2a:57:32:d0:fd:f6:a4:4d:7d:79:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53a77fdfdd14c2df158ebfc2e6cfc2a279a648c1
Validity
Not Before: Apr 8 15:58:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c3c617ea459179f98da2d0451a1d9c44463e5813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:92:9a:21:93:79:04:e8:e2:6b:1e:fb:0d:a3:
b1:b2:15:39:c7:fd:2f:86:e8:17:61:09:16:24:f5:
e7:75:10:87:6e:a2:46:97:f8:60:d3:97:67:47:10:
8a:3f:1d:c8:97:4e:98:ed:38:68:5e:99:e8:33:21:
a0:b7:b5:77:c1:16:c6:5b:d0:9c:b2:56:e0:ed:da:
ad:90:17:9b:4d:af:29:e8:05:3f:ec:b5:bf:35:c0:
73:1c:13:48:4a:9e:ef:82:96:dc:df:c2:26:b0:ee:
2c:c1:d0:00:39:2b:1d:e4:fd:26:49:18:0c:65:f8:
ed:d7:41:43:1f:cd:7c:f2:68:19:31:b9:24:40:55:
d7:f2:4d:a7:31:d9:05:a0:80:67:63:29:db:37:6f:
0b:d9:34:55:7e:40:08:7c:f5:61:bf:30:e3:f4:40:
cf:c4:b5:3a:23:3c:bd:84:e0:61:69:53:f7:b3:3a:
82:d4:1f:72:8c:d2:47:02:97:5e:91:f3:d6:3b:e9:
e4:0f:6d:4a:4d:f2:f2:bb:52:e3:09:07:9d:ef:25:
2b:e9:d8:d4:7c:04:a9:a8:ff:cf:6c:82:2e:35:eb:
e6:a4:ca:82:b8:4a:1e:39:08:79:76:92:d9:ac:84:
19:11:10:5a:08:5c:43:e9:98:f1:1d:78:4c:be:26:
2c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:C6:17:EA:45:91:79:F9:8D:A2:D0:45:1A:1D:9C:44:46:3E:58:13
X509v3 Authority Key Identifier:
keyid:53:A7:7F:DF:DD:14:C2:DF:15:8E:BF:C2:E6:CF:C2:A2:79:A6:48:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6d_390Uwt8Vjr_C5s_ConmmSME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/15a7df-99b5-4a91-9bc7-d8a42f320eae/1/w8YX6kWRefmNotBFGh2cREY-WBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/15a7df-99b5-4a91-9bc7-d8a42f320eae/1/U6d_390Uwt8Vjr_C5s_ConmmSME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.144.98.0-136.144.103.255
136.144.106.0-136.144.111.255
136.144.113.0-136.144.116.255
136.144.118.0-136.144.122.255
136.144.124.0/23
136.144.127.0/24
159.100.166.0/23
159.100.170.0-159.100.175.255
Signature Algorithm: sha256WithRSAEncryption
cc:5c:49:99:e8:a1:95:ef:a4:ce:b2:e6:59:d2:78:e6:81:08:
42:85:f2:12:b6:fe:d5:0f:04:c6:d0:8f:89:ae:ac:0e:3a:73:
6e:3c:2c:57:33:bc:39:f7:7c:d2:e9:8f:ae:72:ab:ce:fe:c7:
97:26:7d:34:72:2b:ae:79:65:46:7e:d1:27:f9:74:a9:ef:f3:
12:95:a9:76:01:ce:19:97:d7:9d:a7:c2:be:08:fb:9c:0b:7e:
35:83:80:01:e6:b2:46:42:f7:9e:ce:4c:f7:1a:ae:1d:5f:0b:
58:dc:d3:52:81:17:d2:82:a3:d7:ec:28:42:88:96:3a:25:e5:
74:54:01:8f:35:53:de:31:b6:60:ba:03:3d:2d:93:3c:ad:19:
6f:0b:98:bc:1d:34:ef:95:52:9e:37:b9:c6:39:8e:c3:be:23:
07:db:ea:0c:a2:c0:cd:bc:10:39:87:63:46:95:f1:92:71:42:
11:c9:11:20:d3:60:a7:46:c9:15:f0:fd:88:21:bb:75:30:5c:
96:56:32:53:00:ee:6a:b7:8a:92:e5:8a:c7:06:c9:9d:a2:71:
87:69:68:14:a5:b3:ca:30:91:39:7a:52:ff:71:50:12:21:5d:
9a:c5:fe:28:81:f1:7b:4a:bf:ec:5c:51:90:ae:9e:79:59:b4:
a3:7e:ba:40
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZ1t0OVVFipXMtD99qRNfXl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYTc3ZmRmZGQxNGMyZGYxNThlYmZjMmU2Y2ZjMmEyNzlh
NjQ4YzEwHhcNMjYwNDA4MTU1ODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2M2MTdlYTQ1OTE3OWY5OGRhMmQwNDUxYTFkOWM0NDQ2M2U1ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZKaIZN5BOjiax77DaOxshU5x/0v
hugXYQkWJPXndRCHbqJGl/hg05dnRxCKPx3Il06Y7ThoXpnoMyGgt7V3wRbGW9Cc
slbg7dqtkBebTa8p6AU/7LW/NcBzHBNISp7vgpbc38ImsO4swdAAOSsd5P0mSRgM
Zfjt10FDH8188mgZMbkkQFXX8k2nMdkFoIBnYynbN28L2TRVfkAIfPVhvzDj9EDP
xLU6Izy9hOBhaVP3szqC1B9yjNJHApdekfPWO+nkD21KTfLyu1LjCQed7yUr6djU
fASpqP/PbIIuNevmpMqCuEoeOQh5dpLZrIQZERBaCFxD6ZjxHXhMviYsVwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFMPGF+pFkXn5jaLQRRodnERGPlgTMB8GA1UdIwQY
MBaAFFOnf9/dFMLfFY6/wubPwqJ5pkjBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZkXzM5MFV3dDhWanJfQzVzX0Nvbm1tU01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8xNWE3ZGYtOTliNS00YTkxLTliYzct
ZDhhNDJmMzIwZWFlLzEvdzhZWDZrV1JlZm1Ob3RCRkdoMmNSRVktV0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8xNWE3ZGYtOTliNS00YTkxLTliYzctZDhhNDJmMzIwZWFl
LzEvVTZkXzM5MFV3dDhWanJfQzVzX0Nvbm1tU01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAGIkGID
BAOIkGAwDAMEAYiQagMEBIiQYDAMAwQAiJBxAwQAiJB0MAwDBAGIkHYDBACIkHoD
BAGIkHwDBACIkH8DBAGfZKYwDAMEAZ9kqgMEBJ9koDANBgkqhkiG9w0BAQsFAAOC
AQEAzFxJmeihle+kzrLmWdJ45oEIQoXyErb+1Q8ExtCPia6sDjpzbjwsVzO8Ofd8
0umPrnKrzv7HlyZ9NHIrrnllRn7RJ/l0qe/zEpWpdgHOGZfXnafCvgj7nAt+NYOA
AeayRkL3ns5M9xquHV8LWNzTUoEX0oKj1+woQoiWOiXldFQBjzVT3jG2YLoDPS2T
PK0ZbwuYvB0075VSnje5xjmOw74jB9vqDKLAzbwQOYdjRpXxknFCEckRINNgp0bJ
FfD9iCG7dTBcllYyUwDuareKkuWKxwbJnaJxh2loFKWzyjCROXpS/3FQEiFdmsX+
KIHxe0q/7FxRkK6eeVm0o366QA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:33:37 2026 by rpki-client