Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/yogY0IZIDwKYvasivqdvMYB914o.roa
File: yogY0IZIDwKYvasivqdvMYB914o.roa (raw, json)
Hash identifier: uO3cqsgDcnOx9RHy1XMrPePpa+xHhmMGmnDBW5FoFR8=
Subject key identifier: CA:88:18:D0:86:48:0F:02:98:BD:AB:22:BE:A7:6F:31:80:7D:D7:8A
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019E8BF459C25B03548F428EC89D22F2D3D7
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/yogY0IZIDwKYvasivqdvMYB914o.roa
Signing time: Wed 03 Jun 2026 05:28:27 +0000
ROA not before: Wed 03 Jun 2026 05:28:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 79.175.103.0/24 maxlen: 24
81.18.48.0/24 maxlen: 24
178.219.6.0/24 maxlen: 24
178.253.227.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
188.255.198.0/24 maxlen: 24
188.255.236.0/24 maxlen: 24
212.69.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8b:f4:59:c2:5b:03:54:8f:42:8e:c8:9d:22:f2:d3:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 3 05:28:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ca8818d086480f0298bdab22bea76f31807dd78a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3e:db:32:de:2d:24:81:3e:f2:9d:4a:2c:58:
a5:c3:8d:2d:4a:f8:4f:62:9f:ac:1f:eb:57:ce:8a:
df:e8:fd:7e:c7:f4:42:07:66:6e:4c:9e:9f:ff:2c:
cc:37:a6:03:85:1d:3b:f9:2b:22:14:9d:80:bc:dd:
25:f6:ae:f9:a0:55:08:20:7c:e8:2e:1b:93:3e:34:
06:d3:58:19:af:ff:93:b1:2c:7a:40:bc:be:90:9a:
68:37:38:ad:9f:26:7c:36:42:43:3a:e3:45:68:fd:
02:d9:93:b3:1c:df:e2:b1:65:33:fd:85:6f:78:c4:
48:82:e0:21:9d:75:37:af:23:d1:cc:24:13:9e:c0:
e8:2f:12:1d:4c:00:50:8c:8e:37:7d:3e:e1:d9:8b:
c4:53:6b:19:b8:21:ba:55:66:94:09:f5:4e:68:82:
91:fa:18:fe:f1:36:51:28:13:0a:fc:9a:03:69:5d:
30:30:f8:ab:86:5f:35:09:ec:c3:b9:a4:58:d1:17:
97:07:98:d2:b7:22:66:9e:9c:c9:bc:ff:76:77:93:
d4:79:94:a7:72:35:4b:08:3b:cb:81:e0:dd:4c:39:
1e:6a:d6:1b:1b:86:80:1c:95:77:71:57:76:57:dd:
5a:a6:de:1c:0c:dc:2f:c0:3e:9b:be:a9:b0:55:20:
f5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:88:18:D0:86:48:0F:02:98:BD:AB:22:BE:A7:6F:31:80:7D:D7:8A
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/yogY0IZIDwKYvasivqdvMYB914o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.103.0/24
81.18.48.0/24
178.219.6.0/24
178.253.227.0/24
185.47.91.0/24
188.255.198.0/24
188.255.236.0/24
212.69.8.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:01:b6:5a:44:6b:00:62:d7:98:f2:08:43:2f:bc:ae:64:ed:
8f:70:90:f4:ef:5b:28:40:80:e0:ca:fa:21:33:1f:ed:e2:b0:
ae:72:9e:ed:dd:a6:fc:55:31:3a:33:47:46:55:e7:66:07:79:
8c:62:8b:74:0b:e4:9b:51:6b:53:64:dc:af:72:6b:77:e7:31:
a6:37:e8:1e:e7:b4:16:2d:28:c4:c9:c2:31:2f:19:b1:81:1b:
28:37:ef:42:1e:7e:3c:8c:9d:ac:0e:f2:f8:b5:63:5a:1b:c0:
e7:b4:4b:a1:26:98:bf:2a:2e:24:f8:91:a6:aa:87:c2:36:9c:
18:b8:00:16:d2:64:25:e7:20:26:68:a6:34:95:aa:11:b8:36:
06:b3:5a:73:38:f1:c9:b4:5f:10:ec:0c:21:d9:87:bc:d9:2e:
0b:a2:6e:49:7f:de:4f:bc:94:00:42:a4:08:69:68:3a:32:6e:
1d:29:59:b8:d3:2b:90:b5:0b:0e:41:c4:99:86:63:a1:30:fe:
45:bd:12:6a:cb:ee:a7:fe:3a:56:b2:8b:12:ea:04:0d:3c:55:
86:f6:f4:50:2c:f9:56:fe:c0:73:2a:60:30:8b:a5:f2:72:d6:
8f:c4:0d:76:01:fb:92:cd:f8:e0:dd:d9:77:40:1f:43:10:73:
41:cf:55:e5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ6L9FnCWwNUj0KOyJ0i8tPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNjAzMDUyODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTg4MThkMDg2NDgwZjAyOThiZGFiMjJiZWE3NmYzMTgwN2RkNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD7bMt4tJIE+8p1KLFilw40tSvhP
Yp+sH+tXzorf6P1+x/RCB2ZuTJ6f/yzMN6YDhR07+SsiFJ2AvN0l9q75oFUIIHzo
LhuTPjQG01gZr/+TsSx6QLy+kJpoNzitnyZ8NkJDOuNFaP0C2ZOzHN/isWUz/YVv
eMRIguAhnXU3ryPRzCQTnsDoLxIdTABQjI43fT7h2YvEU2sZuCG6VWaUCfVOaIKR
+hj+8TZRKBMK/JoDaV0wMPirhl81CezDuaRY0ReXB5jStyJmnpzJvP92d5PUeZSn
cjVLCDvLgeDdTDkeatYbG4aAHJV3cVd2V91apt4cDNwvwD6bvqmwVSD19wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMqIGNCGSA8CmL2rIr6nbzGAfdeKMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEveW9nWTBJWklEd0tZdmFzaXZxZHZNWUI5MTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAT69nAwQA
URIwAwQAstsGAwQAsv3jAwQAuS9bAwQAvP/GAwQAvP/sAwQA1EUIMA0GCSqGSIb3
DQEBCwUAA4IBAQAsAbZaRGsAYteY8ghDL7yuZO2PcJD071soQIDgyvohMx/t4rCu
cp7t3ab8VTE6M0dGVedmB3mMYot0C+SbUWtTZNyvcmt35zGmN+ge57QWLSjEycIx
LxmxgRsoN+9CHn48jJ2sDvL4tWNaG8DntEuhJpi/Ki4k+JGmqofCNpwYuAAW0mQl
5yAmaKY0laoRuDYGs1pzOPHJtF8Q7Awh2Ye82S4Lom5Jf95PvJQAQqQIaWg6Mm4d
KVm40yuQtQsOQcSZhmOhMP5FvRJqy+6n/jpWsosS6gQNPFWG9vRQLPlW/sBzKmAw
i6XyctaPxA12AfuSzfjg3dl3QB9DEHNBz1Xl
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:16:58 2026 by rpki-client