Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/ybs77Xg-yZO-ITyGM0NLc6E4Ads.roa
File: ybs77Xg-yZO-ITyGM0NLc6E4Ads.roa (raw, json)
Hash identifier: l5MUgnWtdwT5l5X+JY2WkuJIDy4f88O6zbza66unaLc=
Subject key identifier: C9:BB:3B:ED:78:3E:C9:93:BE:21:3C:86:33:43:4B:73:A1:38:01:DB
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0198F0580348E54F2780EB8FD941B94AA86F
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/ybs77Xg-yZO-ITyGM0NLc6E4Ads.roa
Signing time: Thu 28 Aug 2025 11:02:36 +0000
ROA not before: Thu 28 Aug 2025 11:02:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4766
IP address blocks: 135.196.155.0/24 maxlen: 24
135.196.166.0/24 maxlen: 24
135.196.236.0/24 maxlen: 24
135.196.244.0/24 maxlen: 24
135.196.248.0/24 maxlen: 24
135.196.252.0/24 maxlen: 24
135.196.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 23:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f0:58:03:48:e5:4f:27:80:eb:8f:d9:41:b9:4a:a8:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Aug 28 11:02:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9bb3bed783ec993be213c8633434b73a13801db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f0:13:d1:0e:36:0e:5d:06:45:b1:51:47:16:
15:57:24:b1:61:27:d4:a3:a3:95:8a:b9:c3:5f:d4:
ea:5b:d5:d8:b4:31:88:f8:0b:6b:41:1f:73:4a:6e:
9b:26:40:92:25:25:02:b6:41:95:a4:48:6a:7b:32:
fe:4e:56:68:ce:14:88:be:4b:cd:3f:7d:4d:16:a1:
93:57:6e:71:91:b3:6d:ec:04:d4:62:07:87:9e:51:
5d:4b:12:63:56:4f:6b:ac:f2:03:f8:f4:4f:97:92:
f9:5e:09:95:6c:0b:0e:51:5f:27:4a:91:0b:7a:4c:
7f:c7:cc:86:f0:bd:2a:ab:1a:28:21:93:92:ca:71:
cd:25:fd:de:72:b3:36:c0:4b:81:b2:24:e7:64:9f:
fb:3c:fb:d5:cc:8e:0b:cd:ea:23:4d:b6:6f:26:ea:
c4:8b:83:32:7a:1f:02:e2:f2:d3:12:68:2c:22:ba:
17:50:3c:38:0d:a6:19:ca:e6:04:8c:cf:f9:96:a4:
6f:ce:16:06:ca:14:2f:a2:8f:3c:c2:a8:cf:50:72:
87:11:7b:e8:82:f4:61:b6:98:33:13:3e:77:68:40:
48:b5:f5:18:06:95:7a:ea:e5:f1:9f:06:15:c2:f0:
d2:00:00:a7:49:e5:ef:c4:f5:9d:ea:74:07:56:58:
70:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BB:3B:ED:78:3E:C9:93:BE:21:3C:86:33:43:4B:73:A1:38:01:DB
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/ybs77Xg-yZO-ITyGM0NLc6E4Ads.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
135.196.155.0/24
135.196.166.0/24
135.196.236.0/24
135.196.244.0/24
135.196.248.0/24
135.196.252.0/24
135.196.254.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:b6:fc:82:a3:b7:9d:cf:75:45:22:31:1f:48:45:c6:ec:58:
7c:08:5b:07:59:39:12:00:45:ac:67:38:2c:e8:12:70:5e:02:
93:ed:fb:da:e3:f8:ce:25:2e:6c:30:e1:78:5a:03:ec:bd:94:
63:1c:5c:73:c1:36:5d:fc:71:b7:de:51:51:cb:7b:19:df:37:
f3:0b:8a:df:a8:1b:26:f8:6c:0a:b4:5c:a7:99:f8:f4:7d:8b:
fc:51:60:bd:5e:e3:9b:4b:eb:bf:22:af:bd:17:09:4b:a8:53:
e8:76:00:30:f9:a2:66:f3:a9:22:be:4b:45:6a:5a:6d:1f:83:
3d:5f:3e:7d:09:67:d3:e5:f7:5a:df:bf:7f:75:ea:f9:39:20:
6a:55:cb:72:cf:13:2e:43:d8:e7:3a:67:90:7d:57:48:89:cb:
15:15:51:ee:61:43:47:00:32:64:be:0f:da:cd:d5:ee:b8:fd:
bd:66:cf:82:7f:0e:cf:aa:99:83:d4:c5:f0:1a:0b:6a:69:44:
1e:93:0a:43:49:e7:58:9a:df:43:f3:b4:8d:ea:4b:de:e4:57:
fe:f0:18:56:aa:48:b8:46:8d:bc:60:28:78:98:90:2f:74:73:
de:53:95:95:a1:67:7c:68:c2:8e:b7:d0:54:10:15:7d:b9:ea:
c8:6c:95:17
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZjwWANI5U8ngOuP2UG5SqhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwODI4MTEwMjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWJiM2JlZDc4M2VjOTkzYmUyMTNjODYzMzQzNGI3M2ExMzgwMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PAT0Q42Dl0GRbFRRxYVVySxYSfU
o6OVirnDX9TqW9XYtDGI+AtrQR9zSm6bJkCSJSUCtkGVpEhqezL+TlZozhSIvkvN
P31NFqGTV25xkbNt7ATUYgeHnlFdSxJjVk9rrPID+PRPl5L5XgmVbAsOUV8nSpEL
ekx/x8yG8L0qqxooIZOSynHNJf3ecrM2wEuBsiTnZJ/7PPvVzI4LzeojTbZvJurE
i4Myeh8C4vLTEmgsIroXUDw4DaYZyuYEjM/5lqRvzhYGyhQvoo88wqjPUHKHEXvo
gvRhtpgzEz53aEBItfUYBpV66uXxnwYVwvDSAACnSeXvxPWd6nQHVlhwRwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMm7O+14PsmTviE8hjNDS3OhOAHbMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEveWJzNzdYZy15Wk8tSVR5R00wTkxjNkU0QWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAh8SbAwQA
h8SmAwQAh8TsAwQAh8T0AwQAh8T4AwQAh8T8AwQAh8T+MA0GCSqGSIb3DQEBCwUA
A4IBAQCftvyCo7edz3VFIjEfSEXG7Fh8CFsHWTkSAEWsZzgs6BJwXgKT7fva4/jO
JS5sMOF4WgPsvZRjHFxzwTZd/HG33lFRy3sZ3zfzC4rfqBsm+GwKtFynmfj0fYv8
UWC9XuObS+u/Iq+9FwlLqFPodgAw+aJm86kivktFalptH4M9Xz59CWfT5fda379/
der5OSBqVctyzxMuQ9jnOmeQfVdIicsVFVHuYUNHADJkvg/azdXuuP29Zs+Cfw7P
qpmD1MXwGgtqaUQekwpDSedYmt9D87SN6kve5Ff+8BhWqki4Ro28YCh4mJAvdHPe
U5WVoWd8aMKOt9BUEBV9uerIbJUX
-----END CERTIFICATE-----
Generated at Fri Sep 5 08:44:27 2025 by rpki-client