Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/ypSiLSto3RjwAtlvFMK5kNDrdzk.roa
File: ypSiLSto3RjwAtlvFMK5kNDrdzk.roa (raw, json)
Hash identifier: 0ZlVmf2An7RemdJ7LPaj0U4nO3qgfQ0MKBoflfLZxpM=
Subject key identifier: CA:94:A2:2D:2B:68:DD:18:F0:02:D9:6F:14:C2:B9:90:D0:EB:77:39
Certificate issuer: /CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Certificate serial: 019D2B6032696DA3FD2A9B7187A921754865
Authority key identifier: 55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/ypSiLSto3RjwAtlvFMK5kNDrdzk.roa
Signing time: Thu 26 Mar 2026 18:20:17 +0000
ROA not before: Thu 26 Mar 2026 18:20:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203273
IP address blocks: 83.147.192.0/24 maxlen: 24
83.147.216.0/24 maxlen: 24
83.147.252.0/24 maxlen: 24
83.147.253.0/24 maxlen: 24
83.147.254.0/24 maxlen: 24
83.147.255.0/24 maxlen: 24
91.186.212.0/24 maxlen: 24
91.186.213.0/24 maxlen: 24
91.186.216.0/24 maxlen: 24
91.186.217.0/24 maxlen: 24
91.186.218.0/24 maxlen: 24
91.186.219.0/24 maxlen: 24
178.253.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:60:32:69:6d:a3:fd:2a:9b:71:87:a9:21:75:48:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Validity
Not Before: Mar 26 18:20:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ca94a22d2b68dd18f002d96f14c2b990d0eb7739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4e:bd:f7:8d:d9:d7:71:59:ea:27:35:65:4d:
10:39:91:68:70:65:e2:a6:19:da:6e:30:52:eb:c3:
e9:14:b0:e5:6e:8b:c2:52:72:79:c4:86:be:f2:d9:
63:d9:da:10:64:d4:5d:2d:a7:4f:e6:37:d7:3c:48:
1b:0d:c5:32:c4:af:d3:ab:f8:25:59:e9:0b:87:62:
0f:d3:2c:10:e5:ef:f1:c3:f5:69:50:e6:14:76:ef:
70:1d:ee:42:4c:02:4e:c6:d1:9d:5a:49:94:d2:d7:
07:92:f5:b3:ab:7d:dc:86:2c:08:82:46:b7:22:4f:
f8:62:e1:3f:b7:3e:98:9c:b6:07:c4:11:09:50:26:
8a:db:57:9e:d4:ec:4d:90:66:08:0d:bb:96:ff:1c:
48:53:02:46:c7:72:2d:12:23:3b:f0:75:ee:f5:a3:
96:c3:7b:0f:98:ff:f4:f7:c7:28:46:0b:13:4a:40:
b1:63:c2:5b:02:f3:a7:bd:02:96:fe:63:ed:92:e7:
87:fa:33:81:c6:a5:89:0f:50:c1:16:36:ab:6e:83:
09:c7:e2:9c:69:19:24:04:0e:01:a6:7b:c5:ec:5a:
14:15:d0:dc:0e:b8:14:f0:c6:b4:fd:cf:14:1d:c2:
8b:4e:fb:4a:d8:b2:5a:7a:02:0f:08:3d:a3:12:bf:
7a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:94:A2:2D:2B:68:DD:18:F0:02:D9:6F:14:C2:B9:90:D0:EB:77:39
X509v3 Authority Key Identifier:
keyid:55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/ypSiLSto3RjwAtlvFMK5kNDrdzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.192.0/24
83.147.216.0/24
83.147.252.0/22
91.186.212.0/23
91.186.216.0/22
178.253.55.0/24
Signature Algorithm: sha256WithRSAEncryption
88:1b:63:a8:6d:be:f3:c2:73:2f:27:a6:e9:01:20:ea:04:ea:
c2:f2:06:82:c7:dd:9d:b6:44:65:2f:2c:74:e3:22:a3:e7:6e:
c5:52:83:0d:f4:34:ac:fe:00:1f:d3:64:e5:7c:5b:6b:40:d8:
22:3a:af:cb:b7:49:29:cf:1a:77:f2:f0:fc:5c:cc:70:a3:b9:
94:84:05:5d:d5:d5:b1:e1:d6:91:af:c0:de:ea:d2:f4:49:24:
fb:33:1e:7a:d8:2a:8b:b0:e8:01:a9:54:c4:21:52:fd:ec:52:
aa:44:77:a9:d6:0a:ea:ab:30:0d:92:c3:14:4c:e2:78:92:7f:
b8:1e:40:3a:59:df:77:d4:06:bf:8d:c6:00:64:33:ec:71:e2:
0e:9b:c2:77:57:75:40:1e:5a:98:a6:a5:de:a2:59:79:f7:86:
30:0f:03:bd:92:a2:06:ed:e2:79:e7:12:d9:73:cd:e7:c8:5d:
29:7f:4d:1c:94:b0:c1:de:7a:b8:ee:c4:e3:1b:ef:7a:46:61:
fe:1d:54:6c:6c:03:d8:7c:cb:58:2a:45:53:6e:c7:77:55:3c:
57:0a:d6:5c:c7:c5:c9:22:44:a2:c4:dc:56:29:0e:fd:86:fa:
bd:06:4d:68:b5:57:b1:af:c1:49:56:ca:d6:52:8f:49:31:fa:
40:07:0e:e3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ0rYDJpbaP9Kptxh6khdUhlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YmFmMjY5Njc1MTBiM2M1MmU0NmQxZGM1OTM5NjdjZGYy
OWY5YzkwHhcNMjYwMzI2MTgyMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTk0YTIyZDJiNjhkZDE4ZjAwMmQ5NmYxNGMyYjk5MGQwZWI3NzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlE69943Z13FZ6ic1ZU0QOZFocGXi
phnabjBS68PpFLDlbovCUnJ5xIa+8tlj2doQZNRdLadP5jfXPEgbDcUyxK/Tq/gl
WekLh2IP0ywQ5e/xw/VpUOYUdu9wHe5CTAJOxtGdWkmU0tcHkvWzq33chiwIgka3
Ik/4YuE/tz6YnLYHxBEJUCaK21ee1OxNkGYIDbuW/xxIUwJGx3ItEiM78HXu9aOW
w3sPmP/098coRgsTSkCxY8JbAvOnvQKW/mPtkueH+jOBxqWJD1DBFjarboMJx+Kc
aRkkBA4BpnvF7FoUFdDcDrgU8Ma0/c8UHcKLTvtK2LJaegIPCD2jEr96QQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMqUoi0raN0Y8ALZbxTCuZDQ63c5MB8GA1UdIwQY
MBaAFFW68mlnUQs8UuRtHcWTlnzfKfnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAt
NDlmOTgxZWU1OTgxLzEveXBTaUxTdG8zUmp3QXRsdkZNSzVrTkRyZHprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAtNDlmOTgxZWU1OTgx
LzEvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAU5PAAwQA
U5PYAwQCU5P8AwQBW7rUAwQCW7rYAwQAsv03MA0GCSqGSIb3DQEBCwUAA4IBAQCI
G2Oobb7zwnMvJ6bpASDqBOrC8gaCx92dtkRlLyx04yKj527FUoMN9DSs/gAf02Tl
fFtrQNgiOq/Lt0kpzxp38vD8XMxwo7mUhAVd1dWx4daRr8De6tL0SST7Mx562CqL
sOgBqVTEIVL97FKqRHep1grqqzANksMUTOJ4kn+4HkA6Wd931Aa/jcYAZDPsceIO
m8J3V3VAHlqYpqXeoll594YwDwO9kqIG7eJ55xLZc83nyF0pf00clLDB3nq47sTj
G+96RmH+HVRsbAPYfMtYKkVTbsd3VTxXCtZcx8XJIkSixNxWKQ79hvq9Bk1otVex
r8FJVsrWUo9JMfpABw7j
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:14:31 2026 by rpki-client