Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/yB3ntVub05F4F9i1cWLaKANNBso.roa
File: yB3ntVub05F4F9i1cWLaKANNBso.roa (raw, json)
Hash identifier: zdKl/J+2C305Q7rX/8wtABN6OkAsZKkNZDLRLh5HUdk=
Subject key identifier: C8:1D:E7:B5:5B:9B:D3:91:78:17:D8:B5:71:62:DA:28:03:4D:06:CA
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 019E82D4D8627EF089944782B2D6451739C4
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/yB3ntVub05F4F9i1cWLaKANNBso.roa
Signing time: Mon 01 Jun 2026 10:57:27 +0000
ROA not before: Mon 01 Jun 2026 10:57:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60630
IP address blocks: 89.234.141.0/24 maxlen: 24
89.234.151.0/24 maxlen: 24
2a00:5881:8100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 07:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:d4:d8:62:7e:f0:89:94:47:82:b2:d6:45:17:39:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Jun 1 10:57:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c81de7b55b9bd3917817d8b57162da28034d06ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:33:ac:39:60:6d:24:8f:dc:ba:13:08:73:70:
12:5a:fc:60:7d:bc:19:9b:81:5c:8c:01:ce:5d:f6:
90:07:88:a9:ac:40:fc:01:ea:39:e9:f3:4d:eb:38:
b8:3a:e3:ed:58:22:66:00:5b:9e:22:24:4b:57:5e:
54:35:19:d8:0a:7e:bf:9f:9f:a9:a4:59:b4:74:05:
7f:d9:0c:9b:b7:77:60:be:79:58:f3:54:7a:8e:cd:
f1:c5:5f:5e:9f:c7:6b:28:0a:61:00:3e:05:9b:f7:
5c:b7:f9:fa:ee:59:41:f1:00:ad:b1:64:87:e8:3c:
50:04:13:84:c2:21:c0:50:51:72:62:72:88:5c:22:
79:a7:7f:65:5e:7a:d2:82:b2:6f:ff:0e:8d:6b:9f:
ef:2b:39:67:c7:da:74:82:41:18:ea:07:80:db:44:
16:ec:57:84:2f:f6:30:97:6e:66:59:0b:23:81:6d:
f0:91:d1:f8:d5:fc:bf:8e:07:b7:20:84:36:9d:8b:
c8:f7:fa:c4:71:bd:02:99:c2:cf:85:8e:1c:cc:a0:
1c:63:bf:2f:6a:b5:09:18:c8:85:2d:b9:db:b0:db:
36:18:62:2c:71:bd:3f:1c:44:ae:56:39:5d:d5:b6:
a9:de:c8:ec:e9:d5:a0:fe:a1:39:e2:bd:13:43:bf:
0e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:1D:E7:B5:5B:9B:D3:91:78:17:D8:B5:71:62:DA:28:03:4D:06:CA
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/yB3ntVub05F4F9i1cWLaKANNBso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.141.0/24
89.234.151.0/24
IPv6:
2a00:5881:8100::/40
Signature Algorithm: sha256WithRSAEncryption
32:18:85:b9:2b:7a:97:1f:ec:07:a6:79:f2:38:de:5f:92:a8:
34:dc:c0:be:3f:ab:18:33:8d:bb:e0:23:7e:a3:35:a8:f6:fc:
40:e5:78:fa:be:ad:7f:26:8f:3a:84:76:ed:40:a7:d4:05:83:
fd:f2:a5:ac:fa:43:25:87:ef:7e:e8:8f:db:aa:70:56:2f:51:
14:22:82:9d:e5:08:09:31:20:84:19:d7:31:7f:41:1d:54:4b:
2e:fe:c1:59:ae:40:96:de:ee:10:95:c4:65:51:6c:a3:13:b3:
df:b0:2f:d5:71:3f:33:91:fe:29:69:0a:f4:1d:cf:5d:a0:ab:
19:1c:99:83:2c:4a:5b:b9:c5:61:35:e4:22:86:c1:48:97:98:
37:b8:33:28:e9:fb:20:12:57:54:90:4e:61:09:33:9e:8b:20:
14:a0:ba:30:87:5b:a4:dd:4f:fa:60:9a:20:d6:24:04:13:ee:
d5:95:ca:26:03:4e:07:83:6f:d7:21:9e:f5:d4:ca:d1:26:4e:
44:48:a0:e0:c0:aa:55:84:9b:18:0e:61:5f:1e:31:a7:87:0b:
5a:b2:d4:3d:24:6d:8f:a5:e0:6f:ce:8b:68:03:fd:52:53:fb:
ad:c7:1e:fe:ad:c1:68:ce:b5:e2:20:f3:22:30:c3:39:71:ca:
81:7e:86:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6C1NhifvCJlEeCstZFFznEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjYwNjAxMTA1NzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODFkZTdiNTViOWJkMzkxNzgxN2Q4YjU3MTYyZGEyODAzNGQwNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljOsOWBtJI/cuhMIc3ASWvxgfbwZ
m4FcjAHOXfaQB4iprED8Aeo56fNN6zi4OuPtWCJmAFueIiRLV15UNRnYCn6/n5+p
pFm0dAV/2Qybt3dgvnlY81R6js3xxV9en8drKAphAD4Fm/dct/n67llB8QCtsWSH
6DxQBBOEwiHAUFFyYnKIXCJ5p39lXnrSgrJv/w6Na5/vKzlnx9p0gkEY6geA20QW
7FeEL/Ywl25mWQsjgW3wkdH41fy/jge3IIQ2nYvI9/rEcb0CmcLPhY4czKAcY78v
arUJGMiFLbnbsNs2GGIscb0/HESuVjld1bap3sjs6dWg/qE54r0TQ78OiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMgd57Vbm9OReBfYtXFi2igDTQbKMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xL3lCM250VnViMDVGNEY5aTFjV0xhS0FOTkJzby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNQYIKwYBBQUHAQcBAf8EJjAkMBIEAgABMAwDBABZ6o0D
BABZ6pcwDgQCAAIwCAMGACoAWIGBMA0GCSqGSIb3DQEBCwUAA4IBAQAyGIW5K3qX
H+wHpnnyON5fkqg03MC+P6sYM4274CN+ozWo9vxA5Xj6vq1/Jo86hHbtQKfUBYP9
8qWs+kMlh+9+6I/bqnBWL1EUIoKd5QgJMSCEGdcxf0EdVEsu/sFZrkCW3u4QlcRl
UWyjE7PfsC/VcT8zkf4paQr0Hc9doKsZHJmDLEpbucVhNeQihsFIl5g3uDMo6fsg
EldUkE5hCTOeiyAUoLowh1uk3U/6YJog1iQEE+7VlcomA04Hg2/XIZ711MrRJk5E
SKDgwKpVhJsYDmFfHjGnhwtastQ9JG2PpeBvzotoA/1SU/utxx7+rcFozrXiIPMi
MMM5ccqBfoaW
-----END CERTIFICATE-----
Generated at Fri Jun 12 13:18:05 2026 by rpki-client