Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/ytzi6QufN1uUk32LHrRjGjg4I0Y.roa
File: ytzi6QufN1uUk32LHrRjGjg4I0Y.roa (raw, json)
Hash identifier: Ppqw0klT6Y3utnGPV1DfUasSbbb9MUxE7bdXKc+BVXM=
Subject key identifier: CA:DC:E2:E9:0B:9F:37:5B:94:93:7D:8B:1E:B4:63:1A:38:38:23:46
Certificate issuer: /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial: 019DDD39D9947F004D901DD00DD82724CCC4
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/ytzi6QufN1uUk32LHrRjGjg4I0Y.roa
Signing time: Thu 30 Apr 2026 07:10:49 +0000
ROA not before: Thu 30 Apr 2026 07:10:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137409
IP address blocks: 95.142.113.0/24 maxlen: 24
95.142.114.0/24 maxlen: 24
95.142.117.0/24 maxlen: 24
95.142.119.0/24 maxlen: 24
95.142.120.0/24 maxlen: 24
95.142.122.0/24 maxlen: 24
95.142.123.0/24 maxlen: 24
95.142.125.0/24 maxlen: 24
95.142.126.0/24 maxlen: 24
95.142.127.0/24 maxlen: 24
185.54.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:dd:39:d9:94:7f:00:4d:90:1d:d0:0d:d8:27:24:cc:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Validity
Not Before: Apr 30 07:10:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cadce2e90b9f375b94937d8b1eb4631a38382346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:21:0b:6a:3d:f9:5d:c1:82:53:9f:3b:6a:07:
b1:03:eb:f1:a7:16:6e:a2:8e:39:35:97:c8:ea:b0:
a9:e1:85:4d:9d:05:c0:d3:65:6a:20:41:3c:4d:bd:
a4:97:e0:7b:d9:6e:bd:9b:d6:ad:f8:6d:cb:59:62:
be:a8:08:aa:b8:bd:30:fe:d5:de:8e:62:69:0f:2d:
d5:da:72:83:65:5a:03:5f:44:6f:1e:46:2a:2e:ed:
a1:ac:51:b4:1e:51:82:f7:ab:0e:de:a3:9c:6f:0e:
e0:6a:a8:8c:83:3a:93:78:eb:82:bf:83:fb:ab:39:
76:95:22:5c:e2:b4:b8:06:16:9b:e8:cb:52:21:72:
73:e7:45:f5:7e:8d:0e:2c:bd:8a:a7:df:0c:5e:19:
d9:ca:0d:ef:f1:23:38:83:5c:53:90:fe:bf:42:75:
a1:9d:d1:be:07:05:53:13:84:e4:a2:2e:8c:a1:84:
ec:a8:29:78:88:20:05:e2:8a:b5:72:19:08:92:36:
e0:7c:2e:84:14:c2:5b:d5:e1:90:6e:8f:92:d3:29:
da:91:cc:7a:10:8d:ab:9c:2c:07:02:18:02:28:66:
db:74:e1:8e:b8:38:a7:61:87:32:9f:60:a8:b0:28:
5b:2c:4e:f1:80:2e:a2:13:11:79:41:46:cf:54:7a:
b0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:DC:E2:E9:0B:9F:37:5B:94:93:7D:8B:1E:B4:63:1A:38:38:23:46
X509v3 Authority Key Identifier:
keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/ytzi6QufN1uUk32LHrRjGjg4I0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.113.0-95.142.114.255
95.142.117.0/24
95.142.119.0-95.142.120.255
95.142.122.0/23
95.142.125.0-95.142.127.255
185.54.228.0/24
Signature Algorithm: sha256WithRSAEncryption
96:2a:3e:ae:ee:d9:57:1a:30:b7:08:4d:bb:ec:60:cc:b8:62:
b1:ca:7b:4f:c7:78:95:de:03:a4:59:a2:51:d9:a7:9a:57:4c:
c1:23:96:69:ef:cc:05:43:1d:51:bd:4d:72:f9:74:40:38:36:
6e:ac:f7:6e:7a:30:7e:e2:8a:20:a8:9f:b3:db:0b:e6:00:f3:
09:fe:e1:e7:ce:b6:fb:33:25:dc:95:4d:44:70:f2:b0:b9:e9:
13:5f:4f:8e:a7:ea:05:5d:ec:d9:80:01:12:c6:41:2b:1e:ab:
a3:b6:ee:f7:a6:5f:91:14:30:d7:47:fd:7e:ba:2b:83:69:c2:
07:8e:44:bf:7e:22:89:65:37:fe:2a:32:d4:17:59:46:25:8b:
c9:32:6d:e3:93:a2:a1:e1:a6:68:74:84:82:39:bb:6c:48:92:
ec:21:e3:d5:42:2f:6b:28:b6:2a:e7:54:22:b5:6d:e4:29:d2:
4f:7a:0d:fa:aa:ef:94:77:b4:dc:e0:b7:21:df:fd:16:5f:f9:
3e:da:4c:5a:3d:9c:8e:0d:7e:31:3e:a7:f9:ac:9c:73:5c:5b:
e6:c5:18:82:9c:42:61:a0:69:25:31:a0:ea:ba:90:2b:8e:4b:
57:c4:84:cc:46:e6:32:27:46:96:fd:46:be:68:24:5c:5c:e6:
5f:55:ea:81
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ3dOdmUfwBNkB3QDdgnJMzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjYwNDMwMDcxMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWRjZTJlOTBiOWYzNzViOTQ5MzdkOGIxZWI0NjMxYTM4MzgyMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCELaj35XcGCU587agexA+vxpxZu
oo45NZfI6rCp4YVNnQXA02VqIEE8Tb2kl+B72W69m9at+G3LWWK+qAiquL0w/tXe
jmJpDy3V2nKDZVoDX0RvHkYqLu2hrFG0HlGC96sO3qOcbw7gaqiMgzqTeOuCv4P7
qzl2lSJc4rS4Bhab6MtSIXJz50X1fo0OLL2Kp98MXhnZyg3v8SM4g1xTkP6/QnWh
ndG+BwVTE4Tkoi6MoYTsqCl4iCAF4oq1chkIkjbgfC6EFMJb1eGQbo+S0ynakcx6
EI2rnCwHAhgCKGbbdOGOuDinYYcyn2CosChbLE7xgC6iExF5QUbPVHqwvQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMrc4ukLnzdblJN9ix60Yxo4OCNGMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEveXR6aTZRdWZOMXVVazMyTEhyUmpHamc0STBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBABfjnED
BABfjnIDBABfjnUwDAMEAF+OdwMEAF+OeAMEAV+OejAMAwQAX459AwQHX44AAwQA
uTbkMA0GCSqGSIb3DQEBCwUAA4IBAQCWKj6u7tlXGjC3CE277GDMuGKxyntPx3iV
3gOkWaJR2aeaV0zBI5Zp78wFQx1RvU1y+XRAODZurPduejB+4oogqJ+z2wvmAPMJ
/uHnzrb7MyXclU1EcPKwuekTX0+Op+oFXezZgAESxkErHqujtu73pl+RFDDXR/1+
uiuDacIHjkS/fiKJZTf+KjLUF1lGJYvJMm3jk6Kh4aZodISCObtsSJLsIePVQi9r
KLYq51QitW3kKdJPeg36qu+Ud7Tc4Lch3/0WX/k+2kxaPZyODX4xPqf5rJxzXFvm
xRiCnEJhoGklMaDqupArjktXxITMRuYyJ0aW/Ua+aCRcXOZfVeqB
-----END CERTIFICATE-----
Generated at Wed May 6 01:09:22 2026 by rpki-client