Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/YEy4XPYGCDqxsoRnXgfz_TUy1OY.roa
File: YEy4XPYGCDqxsoRnXgfz_TUy1OY.roa (raw, json)
Hash identifier: tiWl3jNzAtGY9npRTD3zLSlEJz8A4EjoiHlixEuK/js=
Subject key identifier: 60:4C:B8:5C:F6:06:08:3A:B1:B2:84:67:5E:07:F3:FD:35:32:D4:E6
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019DD029170C9AD7AE06D42FCF7CCDFC63C6
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/YEy4XPYGCDqxsoRnXgfz_TUy1OY.roa
Signing time: Mon 27 Apr 2026 18:17:26 +0000
ROA not before: Mon 27 Apr 2026 18:17:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200398
IP address blocks: 194.26.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d0:29:17:0c:9a:d7:ae:06:d4:2f:cf:7c:cd:fc:63:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 27 18:17:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=604cb85cf606083ab1b284675e07f3fd3532d4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:08:64:99:52:01:a1:10:4c:9a:f1:85:67:2d:
99:bf:b7:a8:7a:04:7e:8f:43:02:e0:14:35:3a:3b:
9d:f4:20:78:5f:43:ce:cf:85:6f:58:3e:a5:67:f5:
50:05:9b:cc:23:e3:65:4a:e6:0d:7f:64:e2:e9:80:
3e:8a:03:64:f5:b1:25:e1:77:62:fb:b5:15:4b:d7:
ef:2c:87:fa:64:93:8c:fd:e5:44:61:81:7d:0f:f1:
68:32:4e:9c:fe:40:58:eb:78:ff:28:9b:48:66:12:
d8:3f:d9:cc:42:ec:4b:55:e3:a2:f2:60:9e:b1:fc:
2d:7c:e2:5e:8b:c3:83:c3:b4:98:e8:d3:57:da:8b:
e9:a6:31:c7:e5:83:7f:8f:a1:dd:7c:cc:28:d4:ff:
79:38:b9:da:e2:eb:91:f3:5f:42:8f:05:5c:5f:db:
54:7a:93:54:2a:d9:32:96:ff:7b:59:83:7c:23:a2:
20:40:8a:28:5f:d1:0d:92:25:7c:8e:c6:a0:8e:f9:
97:bb:fd:9f:72:80:0b:7e:f4:45:f1:f7:c6:14:41:
97:7b:d6:88:3d:85:6e:60:79:04:7b:f6:36:bd:57:
55:63:05:9f:8c:b0:66:52:5d:e9:e3:47:ad:7d:2e:
29:60:92:7c:e1:df:60:d4:40:52:ea:2c:c9:76:75:
35:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:4C:B8:5C:F6:06:08:3A:B1:B2:84:67:5E:07:F3:FD:35:32:D4:E6
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/YEy4XPYGCDqxsoRnXgfz_TUy1OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.215.0/24
Signature Algorithm: sha256WithRSAEncryption
95:2d:c8:ba:a7:5d:0f:02:eb:c7:ae:16:aa:da:85:47:83:51:
09:b6:71:61:40:f1:5d:15:b1:36:b9:7e:c3:9e:d0:4c:42:fa:
6c:3f:82:75:a0:30:9c:00:4c:ff:c6:a7:07:4e:ca:f7:3a:41:
fe:44:63:a3:02:21:27:d1:7a:55:24:76:17:d8:1b:4a:7a:23:
be:cb:32:44:9f:da:da:43:92:48:93:4c:f4:7b:99:b6:dc:f2:
da:2e:01:d0:b3:6c:42:a0:1d:77:19:65:ef:ea:df:a5:9c:16:
b7:8d:38:c4:42:12:fb:65:8d:02:34:77:35:e2:9f:61:97:1d:
0b:4c:62:78:5b:3c:f6:91:dd:d0:dc:07:88:9b:3a:b7:04:21:
0c:58:a4:4c:d8:3c:9e:ce:1c:fc:0c:48:d0:3c:72:34:18:5a:
a8:80:e9:90:c4:cd:fd:3f:4e:73:82:60:ef:44:b8:3d:ec:ae:
5b:61:71:4d:df:0e:f7:5a:46:79:32:a7:d3:19:46:e0:6c:bc:
93:69:10:80:c8:7b:9e:df:6b:7c:09:11:4b:3a:10:11:c2:74:
d0:5b:2b:f2:bc:e7:0a:08:94:b4:35:73:c8:05:9c:f6:5c:3a:
c9:34:15:50:53:1e:e2:78:60:57:4f:f0:e0:f5:39:07:1f:4f:
80:f9:d1:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3QKRcMmteuBtQvz3zN/GPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNDI3MTgxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDRjYjg1Y2Y2MDYwODNhYjFiMjg0Njc1ZTA3ZjNmZDM1MzJkNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0whkmVIBoRBMmvGFZy2Zv7eoegR+
j0MC4BQ1Ojud9CB4X0POz4VvWD6lZ/VQBZvMI+NlSuYNf2Ti6YA+igNk9bEl4Xdi
+7UVS9fvLIf6ZJOM/eVEYYF9D/FoMk6c/kBY63j/KJtIZhLYP9nMQuxLVeOi8mCe
sfwtfOJei8ODw7SY6NNX2ovppjHH5YN/j6HdfMwo1P95OLna4uuR819CjwVcX9tU
epNUKtkylv97WYN8I6IgQIooX9ENkiV8jsagjvmXu/2fcoALfvRF8ffGFEGXe9aI
PYVuYHkEe/Y2vVdVYwWfjLBmUl3p40etfS4pYJJ84d9g1EBS6izJdnU16QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBMuFz2Bgg6sbKEZ14H8/01MtTmMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvWUV5NFhQWUdDRHF4c29SblhnZnpfVFV5MU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhrXMA0G
CSqGSIb3DQEBCwUAA4IBAQCVLci6p10PAuvHrhaq2oVHg1EJtnFhQPFdFbE2uX7D
ntBMQvpsP4J1oDCcAEz/xqcHTsr3OkH+RGOjAiEn0XpVJHYX2BtKeiO+yzJEn9ra
Q5JIk0z0e5m23PLaLgHQs2xCoB13GWXv6t+lnBa3jTjEQhL7ZY0CNHc14p9hlx0L
TGJ4Wzz2kd3Q3AeImzq3BCEMWKRM2Dyezhz8DEjQPHI0GFqogOmQxM39P05zgmDv
RLg97K5bYXFN3w73WkZ5MqfTGUbgbLyTaRCAyHue32t8CRFLOhARwnTQWyvyvOcK
CJS0NXPIBZz2XDrJNBVQUx7ieGBXT/Dg9TkHH0+A+dHa
-----END CERTIFICATE-----
Generated at Wed Apr 29 04:45:49 2026 by rpki-client