Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/yNufAMlvFzr-y3RpF4kWqix80FU.roa
File: yNufAMlvFzr-y3RpF4kWqix80FU.roa (raw, json)
Hash identifier: ItOzxiAoZvT23VSZbnaQrDyl7pYFaBGpsulhtwB6Wpo=
Subject key identifier: C8:DB:9F:00:C9:6F:17:3A:FE:CB:74:69:17:89:16:AA:2C:7C:D0:55
Certificate issuer: /CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Certificate serial: 019E84C68E0D41EC83A42F1CD9A1086FAD2E
Authority key identifier: 30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/yNufAMlvFzr-y3RpF4kWqix80FU.roa
Signing time: Mon 01 Jun 2026 20:01:05 +0000
ROA not before: Mon 01 Jun 2026 20:01:05 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 188.246.208.0/24 maxlen: 24
188.246.210.0/24 maxlen: 24
188.246.211.0/24 maxlen: 24
188.246.212.0/24 maxlen: 24
188.246.213.0/24 maxlen: 24
188.246.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 14:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:84:c6:8e:0d:41:ec:83:a4:2f:1c:d9:a1:08:6f:ad:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Validity
Not Before: Jun 1 20:01:05 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c8db9f00c96f173afecb7469178916aa2c7cd055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9a:2d:fe:23:5b:f1:ef:3c:99:c1:a0:1d:64:
16:85:a4:52:bf:6b:7f:74:75:18:e4:d2:1d:df:3e:
55:9a:9f:aa:12:93:de:73:fa:a5:15:6c:a5:fe:40:
0f:f3:45:cb:c3:de:17:d1:ca:aa:38:c5:0f:32:b0:
5b:c1:ad:21:45:c9:94:43:d6:cc:cc:26:ac:ee:e4:
47:87:69:83:6b:d9:14:2e:b3:21:f1:b2:c2:e7:f9:
db:88:29:71:d3:83:40:5e:d0:94:41:7a:fc:d0:40:
98:73:be:b7:49:f9:07:45:bf:8a:5b:2b:ff:f5:ba:
a1:ba:62:0a:20:c6:ef:5c:65:e1:09:d8:e6:22:2c:
b0:90:5e:2f:b7:62:53:8c:2f:4f:9b:da:87:0a:48:
b3:ba:72:f4:d4:b9:a6:75:04:38:7d:ec:23:6b:05:
6f:d1:6b:9c:61:44:cb:ae:c4:f3:4a:b5:7a:f7:70:
6b:5c:bf:e5:19:53:4b:12:b5:e9:19:5d:b6:ea:98:
1c:1e:d3:82:de:22:38:e7:1b:b1:04:17:b6:98:cc:
90:c3:18:c0:12:a4:88:e2:70:72:81:7d:83:4a:11:
57:98:30:c0:8b:3a:30:6d:cd:d7:45:9b:10:fc:36:
42:36:b0:2a:9f:df:14:0d:fc:e9:ef:33:5b:57:c5:
cc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DB:9F:00:C9:6F:17:3A:FE:CB:74:69:17:89:16:AA:2C:7C:D0:55
X509v3 Authority Key Identifier:
keyid:30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/yNufAMlvFzr-y3RpF4kWqix80FU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.246.208.0/24
188.246.210.0-188.246.213.255
188.246.215.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:58:f1:5e:f0:bf:bf:4c:8e:57:39:c3:12:ea:ef:86:1b:79:
b9:a9:e7:47:b2:f5:08:b1:34:35:89:f1:af:43:bc:62:d7:5e:
bd:c5:dd:70:2a:6a:bf:75:5c:b6:1e:55:36:f6:9a:e6:93:b3:
3e:bd:ed:e0:41:00:70:c6:84:ef:ca:52:eb:48:fa:70:35:94:
3a:ff:67:17:09:d3:ad:96:c3:52:ca:56:b5:a2:3b:5a:85:66:
26:bc:06:e0:30:dd:3c:60:93:70:48:fb:32:43:df:a9:ad:62:
42:77:a9:a1:03:c5:3d:17:54:a3:3a:72:c9:43:91:83:a5:a7:
6a:a0:94:71:c1:f5:47:f4:6c:38:0d:54:82:61:64:62:3d:57:
f5:4b:07:41:d1:75:19:09:68:b0:58:74:56:ed:ca:a6:14:41:
22:60:06:05:d4:04:17:64:bd:59:36:a4:06:b8:b5:76:bc:31:
24:ec:0f:e1:2f:d5:f2:95:76:8f:e5:21:0d:55:a7:e0:28:b9:
00:93:0a:6f:fc:16:0a:90:08:dc:c7:ad:ff:54:ed:9d:e5:83:
de:76:cc:67:72:93:03:32:5e:1c:12:9c:13:94:a4:31:ed:c5:
24:f4:c1:b6:3d:9a:e0:5a:01:57:8e:9d:8d:76:dc:0a:94:a3:
b7:2d:2a:10
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ6Exo4NQeyDpC8c2aEIb60uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjdhNjMxYmI2NzM4ZWI2OGJiNmVhNmM0MjRlZjRhN2Qx
NGMzY2IwHhcNMjYwNjAxMjAwMTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGRiOWYwMGM5NmYxNzNhZmVjYjc0NjkxNzg5MTZhYTJjN2NkMDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZot/iNb8e88mcGgHWQWhaRSv2t/
dHUY5NId3z5Vmp+qEpPec/qlFWyl/kAP80XLw94X0cqqOMUPMrBbwa0hRcmUQ9bM
zCas7uRHh2mDa9kULrMh8bLC5/nbiClx04NAXtCUQXr80ECYc763SfkHRb+KWyv/
9bqhumIKIMbvXGXhCdjmIiywkF4vt2JTjC9Pm9qHCkizunL01LmmdQQ4fewjawVv
0WucYUTLrsTzSrV693BrXL/lGVNLErXpGV226pgcHtOC3iI45xuxBBe2mMyQwxjA
EqSI4nBygX2DShFXmDDAizowbc3XRZsQ/DZCNrAqn98UDfzp7zNbV8XMXQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMjbnwDJbxc6/st0aReJFqosfNBVMB8GA1UdIwQY
MBaAFDAnpjG7ZzjraLtupsQk70p9FMPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYt
MWRkNmQyODFjODhhLzEveU51ZkFNbHZGenIteTNScEY0a1dxaXg4MEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYtMWRkNmQyODFjODhh
LzEvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAvPbQMAwD
BAG89tIDBAG89tQDBAC89tcwDQYJKoZIhvcNAQELBQADggEBAMVY8V7wv79Mjlc5
wxLq74Ybebmp50ey9QixNDWJ8a9DvGLXXr3F3XAqar91XLYeVTb2muaTsz697eBB
AHDGhO/KUutI+nA1lDr/ZxcJ062Ww1LKVrWiO1qFZia8BuAw3Txgk3BI+zJD36mt
YkJ3qaEDxT0XVKM6cslDkYOlp2qglHHB9Uf0bDgNVIJhZGI9V/VLB0HRdRkJaLBY
dFbtyqYUQSJgBgXUBBdkvVk2pAa4tXa8MSTsD+Ev1fKVdo/lIQ1Vp+AouQCTCm/8
FgqQCNzHrf9U7Z3lg952zGdykwMyXhwSnBOUpDHtxST0wbY9muBaAVeOnY123AqU
o7ctKhA=
-----END CERTIFICATE-----
Generated at Tue Jun 2 20:50:37 2026 by rpki-client