Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YzA1etHXUdALl_bpPnOUYqtSTT4.roa
File: YzA1etHXUdALl_bpPnOUYqtSTT4.roa (raw, json)
Hash identifier: Si4GjmlvhJjd5ZQs7HtMIHl61DaXUPgKX/xAYNdc+Qs=
Subject key identifier: 63:30:35:7A:D1:D7:51:D0:0B:97:F6:E9:3E:73:94:62:AB:52:4D:3E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019CB786C1410D4835D40CDC1826E35B10B1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YzA1etHXUdALl_bpPnOUYqtSTT4.roa
Signing time: Wed 04 Mar 2026 06:26:27 +0000
ROA not before: Wed 04 Mar 2026 06:26:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 37.139.128.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 07:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b7:86:c1:41:0d:48:35:d4:0c:dc:18:26:e3:5b:10:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 4 06:26:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6330357ad1d751d00b97f6e93e739462ab524d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e2:cd:2b:a0:c8:55:ac:f9:c2:5e:7d:d5:d7:
4d:c4:04:c7:a2:ca:2e:cd:9e:f2:4c:05:7a:b0:31:
bb:d8:ea:c1:e0:42:52:17:e9:e3:f7:d2:11:69:72:
70:40:b4:92:aa:c9:d9:c5:5d:b7:20:88:14:55:f9:
8d:b2:83:c9:15:d2:2d:18:c7:ee:a9:0e:c9:fb:2b:
e3:67:d0:cc:35:04:87:9a:1a:3b:22:48:16:92:5c:
1a:7d:91:92:0c:da:4c:7a:1c:3c:14:0f:d7:e8:20:
41:ec:c0:c8:20:10:d3:0b:44:a8:88:98:59:92:93:
b0:25:da:1b:a4:f9:ce:e9:1a:5c:48:37:4a:fa:d9:
61:23:6d:36:49:07:03:f1:f4:14:52:c6:e0:42:55:
68:5b:61:75:a8:b8:27:ed:0c:bd:a5:ff:b9:31:d4:
d6:00:35:96:39:c9:26:c4:e0:ef:fa:73:64:1b:ef:
24:6b:90:93:25:f9:7c:3e:07:ce:76:58:ee:8b:29:
fd:8d:a8:36:d6:54:bc:63:3c:44:95:45:a7:26:a3:
b6:86:d9:49:6f:49:de:6e:c5:d5:69:c9:23:6e:f2:
fc:05:d1:b9:6b:f9:f3:b3:12:8b:86:1e:21:b3:5e:
6f:97:b0:cd:fb:e2:50:85:08:bc:57:3f:31:1c:44:
94:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:30:35:7A:D1:D7:51:D0:0B:97:F6:E9:3E:73:94:62:AB:52:4D:3E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YzA1etHXUdALl_bpPnOUYqtSTT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/24
45.128.234.0/24
83.219.98.0/24
85.31.44.0/24
109.206.240.0/24
185.246.221.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:85:d1:d8:64:16:88:ab:2d:3b:4b:ce:db:e1:38:17:f1:c5:
47:30:f8:64:f8:82:ef:40:a0:15:ed:6d:39:01:ff:d4:a1:68:
ae:ea:b2:81:c4:27:c9:6f:22:2b:a5:cd:eb:ba:05:5d:70:fe:
a9:5a:d8:e5:3a:8a:8e:c8:74:13:0d:55:7a:1f:7b:1e:2a:05:
9f:23:4e:86:fa:fa:1e:87:63:02:22:ce:4d:6d:09:3e:a2:4e:
72:06:ac:cf:a4:4b:c2:c7:20:40:e8:3c:80:fe:20:31:b5:01:
ce:f9:76:6d:b1:e0:5b:03:f1:a9:73:3a:e3:75:ba:d4:8b:15:
9a:da:79:b5:f8:55:b0:6f:4c:d9:8a:19:b8:26:46:ca:4a:2e:
97:56:49:0e:5f:8b:97:df:c3:c8:33:cd:d5:6f:89:20:c1:fe:
f7:6a:57:a0:99:31:22:00:f6:c8:2c:90:31:c3:92:b8:56:dd:
43:dc:6b:cb:ba:53:03:dd:60:13:a4:d7:72:b1:f8:21:3c:70:
49:b1:35:22:31:a8:1d:5f:9c:f7:e3:5e:ae:c7:83:ff:e8:a6:
f6:f5:2c:27:cb:c4:17:7e:70:55:63:ab:bd:1a:52:d3:5c:23:
b9:49:43:48:fe:ed:d1:00:32:b7:cc:e6:b4:25:68:02:85:32:
95:7c:a0:26
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZy3hsFBDUg11AzcGCbjWxCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzA0MDYyNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzMwMzU3YWQxZDc1MWQwMGI5N2Y2ZTkzZTczOTQ2MmFiNTI0ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+LNK6DIVaz5wl591ddNxATHosou
zZ7yTAV6sDG72OrB4EJSF+nj99IRaXJwQLSSqsnZxV23IIgUVfmNsoPJFdItGMfu
qQ7J+yvjZ9DMNQSHmho7IkgWklwafZGSDNpMehw8FA/X6CBB7MDIIBDTC0SoiJhZ
kpOwJdobpPnO6RpcSDdK+tlhI202SQcD8fQUUsbgQlVoW2F1qLgn7Qy9pf+5MdTW
ADWWOckmxODv+nNkG+8ka5CTJfl8PgfOdljuiyn9jag21lS8YzxElUWnJqO2htlJ
b0nebsXVackjbvL8BdG5a/nzsxKLhh4hs15vl7DN++JQhQi8Vz8xHESU3wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGMwNXrR11HQC5f26T5zlGKrUk0+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWXpBMWV0SFhVZEFMbF9icFBuT1VZcXRTVFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAJYuAAwQA
LYDqAwQAU9tiAwQAVR8sAwQAbc7wAwQAufbdMA0GCSqGSIb3DQEBCwUAA4IBAQB/
hdHYZBaIqy07S87b4TgX8cVHMPhk+ILvQKAV7W05Af/UoWiu6rKBxCfJbyIrpc3r
ugVdcP6pWtjlOoqOyHQTDVV6H3seKgWfI06G+voeh2MCIs5NbQk+ok5yBqzPpEvC
xyBA6DyA/iAxtQHO+XZtseBbA/GpczrjdbrUixWa2nm1+FWwb0zZihm4JkbKSi6X
VkkOX4uX38PIM83Vb4kgwf73alegmTEiAPbILJAxw5K4Vt1D3GvLulMD3WATpNdy
sfghPHBJsTUiMagdX5z3416ux4P/6Kb29Swny8QXfnBVY6u9GlLTXCO5SUNI/u3R
ADK3zOa0JWgChTKVfKAm
-----END CERTIFICATE-----
Generated at Wed Mar 4 17:06:45 2026 by rpki-client