Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/yz_vy5t43GcASyadlJdZu9aMe2g.roa
File: yz_vy5t43GcASyadlJdZu9aMe2g.roa (raw, json)
Hash identifier: yI16oW6yAahNxBRx800pNQp6+TyhSivOo7RIjczcwUU=
Subject key identifier: CB:3F:EF:CB:9B:78:DC:67:00:4B:26:9D:94:97:59:BB:D6:8C:7B:68
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019C47E38261AC83A966AD618FFE824BB903
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/yz_vy5t43GcASyadlJdZu9aMe2g.roa
Signing time: Tue 10 Feb 2026 14:10:18 +0000
ROA not before: Tue 10 Feb 2026 14:10:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 78.135.71.0/24 maxlen: 24
78.135.72.0/24 maxlen: 24
78.135.74.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.88.0/24 maxlen: 24
188.132.141.0/24 maxlen: 24
188.132.146.0/24 maxlen: 24
188.132.152.0/24 maxlen: 24
188.132.163.0/24 maxlen: 24
188.132.171.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.203.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
188.132.213.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.217.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Feb 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:47:e3:82:61:ac:83:a9:66:ad:61:8f:fe:82:4b:b9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 10 14:10:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cb3fefcb9b78dc67004b269d949759bbd68c7b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:68:da:68:6a:f0:a6:2f:42:90:89:e3:33:84:
7e:7c:73:51:97:83:50:69:ba:17:83:92:8a:c8:70:
77:4c:87:a7:b1:08:89:23:2b:ca:12:ec:82:08:be:
43:bf:a8:a8:dd:f3:36:c3:eb:b5:3b:ab:44:6a:72:
6c:9e:ce:39:0b:99:0f:18:f2:b3:c7:cf:a3:15:42:
7e:be:96:5e:79:45:5c:ff:51:39:f5:74:81:29:19:
d8:f7:6b:d0:74:a4:24:bb:2e:0e:ab:a8:78:35:a0:
9d:14:2c:ee:50:75:03:12:1f:95:06:26:5d:f2:ea:
4f:50:44:97:8b:db:f5:9a:cb:66:6d:1b:85:95:5a:
3e:d0:36:a9:f6:70:44:bf:d9:b4:cb:5b:1a:ad:19:
c9:37:55:2c:0c:93:01:32:06:5b:d8:5d:c6:45:c4:
44:47:19:3a:86:56:d0:64:9b:e0:a0:bb:df:19:49:
73:2b:a1:09:f0:01:47:81:ad:7d:ef:ef:51:35:13:
2e:e5:e1:bd:74:19:42:3a:2a:be:2b:fa:5f:26:39:
4c:55:3f:37:46:48:34:60:f3:7b:67:ac:0b:2a:97:
69:1f:ce:42:35:c0:73:f0:d5:fb:a9:22:73:bf:f5:
e7:99:42:37:1e:4d:3a:6c:13:3c:bf:0d:7e:a4:eb:
77:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3F:EF:CB:9B:78:DC:67:00:4B:26:9D:94:97:59:BB:D6:8C:7B:68
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/yz_vy5t43GcASyadlJdZu9aMe2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.71.0-78.135.72.255
78.135.74.0/24
78.135.78.0/24
78.135.88.0/24
188.132.141.0/24
188.132.146.0/24
188.132.152.0/24
188.132.163.0/24
188.132.171.0/24
188.132.189.0/24
188.132.191.0/24
188.132.203.0/24
188.132.212.0/23
188.132.216.0/23
188.132.229.0/24
188.132.236.0/24
212.68.55.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
a8:f1:c8:6c:f7:5e:22:59:89:3c:4a:a3:11:2a:83:a6:b0:26:
86:40:b1:52:c8:2f:6d:4f:a6:b5:bc:04:2e:50:1a:5c:33:0e:
72:d8:df:0b:b2:26:d8:77:05:a0:16:7c:e6:d3:a0:fc:e6:0f:
36:fa:65:7d:57:31:dd:e1:55:1d:80:87:9a:5b:a2:d9:18:a2:
e1:44:5b:3c:ce:00:7d:12:3f:b4:f8:ad:06:3b:10:ad:86:ce:
97:3d:77:01:70:e1:ba:ba:d4:96:09:0c:78:54:33:c6:58:3c:
35:da:fb:e0:60:81:79:72:81:f5:28:08:26:3c:30:57:df:1c:
37:c8:cb:df:18:89:d0:36:b3:e6:05:4d:f6:21:21:4e:9d:fe:
68:a4:47:8f:49:4d:c2:57:e7:07:54:dc:7c:af:8f:90:fd:87:
fe:56:2b:8e:57:07:a7:d9:b5:3f:5b:d1:73:0c:25:2a:a8:fa:
b9:b4:04:b6:f7:62:08:cb:68:36:82:72:d4:c9:25:15:7a:c1:
8f:ca:f1:46:16:b1:db:1b:03:12:49:13:f3:e1:a5:32:ae:e1:
fa:e3:4e:5a:7a:2f:71:de:66:25:aa:a8:6a:6c:e8:07:ef:00:
18:4b:36:06:b7:5a:b1:40:44:72:de:7b:4c:52:8a:bb:51:9b:
10:f2:d3:c0
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZxH44JhrIOpZq1hj/6CS7kDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjYwMjEwMTQxMDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjNmZWZjYjliNzhkYzY3MDA0YjI2OWQ5NDk3NTliYmQ2OGM3YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2jaaGrwpi9CkInjM4R+fHNRl4NQ
aboXg5KKyHB3TIensQiJIyvKEuyCCL5Dv6io3fM2w+u1O6tEanJsns45C5kPGPKz
x8+jFUJ+vpZeeUVc/1E59XSBKRnY92vQdKQkuy4Oq6h4NaCdFCzuUHUDEh+VBiZd
8upPUESXi9v1mstmbRuFlVo+0Dap9nBEv9m0y1sarRnJN1UsDJMBMgZb2F3GRcRE
Rxk6hlbQZJvgoLvfGUlzK6EJ8AFHga197+9RNRMu5eG9dBlCOiq+K/pfJjlMVT83
Rkg0YPN7Z6wLKpdpH85CNcBz8NX7qSJzv/XnmUI3Hk06bBM8vw1+pOt3iwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFMs/78ubeNxnAEsmnZSXWbvWjHtoMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEveXpfdnk1dDQzR2NBU3lhZGxKZFp1OWFNZTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfDAMAwQA
TodHAwQATodIAwQATodKAwQATodOAwQATodYAwQAvISNAwQAvISSAwQAvISYAwQA
vISjAwQAvISrAwQAvIS9AwQAvIS/AwQAvITLAwQBvITUAwQBvITYAwQAvITlAwQA
vITsAwQA1EQ3MAwDBADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEBAKjxyGz3
XiJZiTxKoxEqg6awJoZAsVLIL21PprW8BC5QGlwzDnLY3wuyJth3BaAWfObToPzm
Dzb6ZX1XMd3hVR2Ah5pbotkYouFEWzzOAH0SP7T4rQY7EK2Gzpc9dwFw4bq61JYJ
DHhUM8ZYPDXa++BggXlygfUoCCY8MFffHDfIy98YidA2s+YFTfYhIU6d/mikR49J
TcJX5wdU3Hyvj5D9h/5WK45XB6fZtT9b0XMMJSqo+rm0BLb3YgjLaDaCctTJJRV6
wY/K8UYWsdsbAxJJE/PhpTKu4frjTlp6L3HeZiWqqGps6AfvABhLNga3WrFARHLe
e0xSirtRmxDy08A=
-----END CERTIFICATE-----
Generated at Sat Feb 21 03:40:29 2026 by rpki-client