Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/53zsREaM2oPiZZAzLOSiMVZ-6g8.roa
File: 53zsREaM2oPiZZAzLOSiMVZ-6g8.roa (raw, json)
Hash identifier: mergViMqW0iRpJxItykCDQvuzt2m62RrKr9ZIa1m8MY=
Subject key identifier: E7:7C:EC:44:46:8C:DA:83:E2:65:90:33:2C:E4:A2:31:56:7E:EA:0F
Certificate issuer: /CN=bfd070b0c9add92972fefc566c112d93717c4d6c
Certificate serial: 019D7634CE71C92002B02B30ED764043889A
Authority key identifier: BF:D0:70:B0:C9:AD:D9:29:72:FE:FC:56:6C:11:2D:93:71:7C:4D:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9BwsMmt2Sly_vxWbBEtk3F8TWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/53zsREaM2oPiZZAzLOSiMVZ-6g8.roa
Signing time: Fri 10 Apr 2026 07:04:25 +0000
ROA not before: Fri 10 Apr 2026 07:04:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49586
IP address blocks: 137.221.24.0/21 maxlen: 21
137.221.25.64/27 maxlen: 27
137.221.25.112/28 maxlen: 28
185.7.132.0/22 maxlen: 22
188.95.240.0/21 maxlen: 21
188.95.240.64/26 maxlen: 26
188.95.240.72/30 maxlen: 30
188.95.240.208/29 maxlen: 29
188.95.240.216/29 maxlen: 29
188.95.240.248/29 maxlen: 29
188.95.242.16/30 maxlen: 31
188.95.242.24/29 maxlen: 29
188.95.242.254/31 maxlen: 31
2a00:10b0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/v9BwsMmt2Sly_vxWbBEtk3F8TWw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/v9BwsMmt2Sly_vxWbBEtk3F8TWw.mft
rsync://rpki.ripe.net/repository/DEFAULT/v9BwsMmt2Sly_vxWbBEtk3F8TWw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:76:34:ce:71:c9:20:02:b0:2b:30:ed:76:40:43:88:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfd070b0c9add92972fefc566c112d93717c4d6c
Validity
Not Before: Apr 10 07:04:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e77cec44468cda83e26590332ce4a231567eea0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:87:e5:6a:0f:b7:d2:5e:ab:30:ab:8c:5b:83:
92:a5:ea:2a:ce:a6:27:07:5d:c8:3c:49:8a:85:11:
49:a2:db:76:2f:ba:5f:91:f2:89:ec:55:4d:c2:a4:
f3:9e:04:33:29:f8:a2:07:18:a3:49:5d:a0:97:60:
80:41:6f:a6:2c:e2:85:bf:17:41:10:5b:37:fb:19:
8f:0d:ff:c8:e4:0d:42:b4:56:bb:3c:83:35:4b:b6:
0a:24:3c:a8:20:03:5c:b2:94:10:d9:c7:47:0d:dd:
8d:0c:5b:27:4f:c6:48:e0:28:23:4a:39:41:92:2d:
24:7f:d6:c6:4f:93:0b:41:6a:83:44:07:13:2e:af:
c6:4e:c3:78:9f:23:54:ec:3f:3c:75:2a:9c:fe:8a:
db:18:08:90:51:0f:13:f1:36:48:9a:2a:37:2a:62:
19:07:1e:a9:2a:c5:71:6c:f5:b9:0c:43:15:d7:1e:
30:d3:72:01:d1:aa:88:0e:10:ab:75:7c:48:de:48:
d0:11:2a:22:50:14:b8:09:ba:52:c8:09:c9:e1:9b:
2f:00:20:ad:bc:c1:72:c7:ea:35:4c:0d:6d:5f:de:
68:fe:f1:3b:84:b6:ec:ed:df:c7:d4:d7:10:b5:ee:
62:1e:6b:93:95:86:98:be:24:13:f3:7c:4c:c7:87:
12:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:7C:EC:44:46:8C:DA:83:E2:65:90:33:2C:E4:A2:31:56:7E:EA:0F
X509v3 Authority Key Identifier:
keyid:BF:D0:70:B0:C9:AD:D9:29:72:FE:FC:56:6C:11:2D:93:71:7C:4D:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9BwsMmt2Sly_vxWbBEtk3F8TWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/53zsREaM2oPiZZAzLOSiMVZ-6g8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/195427-4425-4556-9ea6-53cca81e9224/1/v9BwsMmt2Sly_vxWbBEtk3F8TWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.221.24.0/21
185.7.132.0/22
188.95.240.0/21
IPv6:
2a00:10b0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:2e:5f:d5:72:6b:a3:51:fd:9c:79:2e:17:cf:56:04:70:14:
15:d9:de:ef:a3:db:54:75:92:9d:a8:45:ca:91:25:14:29:2f:
1b:ce:99:f4:b6:c0:7a:c5:0c:42:0e:b3:69:f9:9e:14:f3:fc:
e1:c6:b1:67:6f:54:cc:f4:2c:50:0d:c1:b1:99:78:d2:9d:f7:
75:79:54:d1:f7:c9:fe:3f:4e:7c:f0:74:e0:12:8d:3d:af:00:
8f:2b:c6:9c:44:b6:75:3c:85:78:dd:56:4b:7d:a4:17:65:55:
f0:13:5c:75:37:e1:c9:33:5b:8a:7b:cb:9d:6c:d4:c1:64:22:
48:a0:d6:40:f6:f1:61:e8:ff:79:91:13:d6:17:42:a8:7e:c2:
89:08:c7:39:7a:b5:c6:6a:43:27:e8:b8:d4:5b:b7:91:04:74:
d7:fe:f9:ed:dd:d5:21:d6:b0:ec:41:29:07:0b:7d:b8:b8:7c:
56:80:4c:fc:3d:5e:f6:70:6d:b6:a5:ea:0e:7d:be:dd:31:33:
dd:8d:c9:29:e6:c9:dd:0d:60:ca:74:2e:8a:ae:f4:fb:43:b6:
b8:a8:fa:00:70:ec:0f:1d:73:82:ce:72:93:7e:b1:33:52:47:
c7:12:9d:96:78:bc:99:96:ab:38:f6:f5:bc:3a:3e:1d:0a:b9:
3b:02:b1:b1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ12NM5xySACsCsw7XZAQ4iaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZDA3MGIwYzlhZGQ5Mjk3MmZlZmM1NjZjMTEyZDkzNzE3
YzRkNmMwHhcNMjYwNDEwMDcwNDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzdjZWM0NDQ2OGNkYTgzZTI2NTkwMzMyY2U0YTIzMTU2N2VlYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4flag+30l6rMKuMW4OSpeoqzqYn
B13IPEmKhRFJott2L7pfkfKJ7FVNwqTzngQzKfiiBxijSV2gl2CAQW+mLOKFvxdB
EFs3+xmPDf/I5A1CtFa7PIM1S7YKJDyoIANcspQQ2cdHDd2NDFsnT8ZI4CgjSjlB
ki0kf9bGT5MLQWqDRAcTLq/GTsN4nyNU7D88dSqc/orbGAiQUQ8T8TZImio3KmIZ
Bx6pKsVxbPW5DEMV1x4w03IB0aqIDhCrdXxI3kjQESoiUBS4CbpSyAnJ4ZsvACCt
vMFyx+o1TA1tX95o/vE7hLbs7d/H1NcQte5iHmuTlYaYviQT83xMx4cSxQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOd87ERGjNqD4mWQMyzkojFWfuoPMB8GA1UdIwQY
MBaAFL/QcLDJrdkpcv78VmwRLZNxfE1sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjlCd3NNbXQyU2x5X3Z4V2JCRXRrM0Y4VFd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xOTU0MjctNDQyNS00NTU2LTllYTYt
NTNjY2E4MWU5MjI0LzEvNTN6c1JFYU0yb1BpWlpBekxPU2lNVlotNmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xOTU0MjctNDQyNS00NTU2LTllYTYtNTNjY2E4MWU5MjI0
LzEvdjlCd3NNbXQyU2x5X3Z4V2JCRXRrM0Y4VFd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDid0YAwQC
uQeEAwQDvF/wMA0EAgACMAcDBQMqABCwMA0GCSqGSIb3DQEBCwUAA4IBAQBsLl/V
cmujUf2ceS4Xz1YEcBQV2d7vo9tUdZKdqEXKkSUUKS8bzpn0tsB6xQxCDrNp+Z4U
8/zhxrFnb1TM9CxQDcGxmXjSnfd1eVTR98n+P0588HTgEo09rwCPK8acRLZ1PIV4
3VZLfaQXZVXwE1x1N+HJM1uKe8udbNTBZCJIoNZA9vFh6P95kRPWF0KofsKJCMc5
erXGakMn6LjUW7eRBHTX/vnt3dUh1rDsQSkHC324uHxWgEz8PV72cG22peoOfb7d
MTPdjckp5sndDWDKdC6KrvT7Q7a4qPoAcOwPHXOCznKTfrEzUkfHEp2WeLyZlqs4
9vW8Oj4dCrk7ArGx
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:07:44 2026 by rpki-client