Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/y4ya_NKTiQ6OdOCrUkzx2Up2H6o.roa
File: y4ya_NKTiQ6OdOCrUkzx2Up2H6o.roa (raw, json)
Hash identifier: R8pEtmHDQY7QYqofggQsLvgsr0c2si6VX57O8Fm65nY=
Subject key identifier: CB:8C:9A:FC:D2:93:89:0E:8E:74:E0:AB:52:4C:F1:D9:4A:76:1F:AA
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019EA6351A6C96955873A3F7DBFBDFE84B1C
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/y4ya_NKTiQ6OdOCrUkzx2Up2H6o.roa
Signing time: Mon 08 Jun 2026 07:49:18 +0000
ROA not before: Mon 08 Jun 2026 07:49:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396356
IP address blocks: 14.102.53.0/24 maxlen: 24
14.102.60.0/24 maxlen: 24
158.173.164.0/24 maxlen: 24
158.173.219.0/24 maxlen: 24
212.32.68.0/24 maxlen: 24
212.32.69.0/24 maxlen: 24
212.32.72.0/24 maxlen: 24
213.254.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Jun 2026 14:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:35:1a:6c:96:95:58:73:a3:f7:db:fb:df:e8:4b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 8 07:49:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cb8c9afcd293890e8e74e0ab524cf1d94a761faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:50:ef:c7:42:13:dc:94:41:82:9e:68:d2:89:
ae:b8:e3:38:47:e2:ed:9f:1f:b9:87:0c:0b:3c:56:
d5:e6:7b:67:a5:1d:fb:d6:cb:45:a0:65:0a:f8:d4:
72:ad:a8:00:f6:93:a3:c5:c0:42:3b:4c:4d:8f:cf:
dd:1d:63:a3:b3:a5:df:7b:92:12:6e:10:13:ed:6b:
41:86:a1:6c:7f:e9:4b:80:8c:2e:39:b2:c7:98:d9:
cb:c8:c8:59:68:46:8a:68:21:e8:fc:66:5a:ca:db:
7b:a3:66:c0:81:f6:27:6f:84:73:15:d4:d6:37:88:
2c:4c:d6:95:30:de:0d:1a:b6:e4:b5:10:cd:0c:bb:
e9:fb:96:69:5b:8d:7d:5c:49:68:18:9c:31:1d:30:
cb:0f:2a:3b:da:4b:46:e1:e9:dc:27:b7:5e:af:fd:
ba:65:85:93:4e:41:b7:ee:d7:02:9f:5a:08:7f:3c:
ab:e8:02:1c:dc:35:72:47:7d:b8:7c:3b:83:2d:46:
6c:67:ab:25:0a:6d:b6:37:b2:e0:9b:89:9a:2d:b1:
61:51:7e:73:d9:91:d9:14:6b:b1:43:1e:bb:ac:ee:
b5:ce:c9:96:6c:5a:f4:73:91:9e:3c:fb:db:ec:c9:
c0:c3:20:d2:25:6c:bc:30:3e:d7:fe:68:9b:45:cc:
ee:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8C:9A:FC:D2:93:89:0E:8E:74:E0:AB:52:4C:F1:D9:4A:76:1F:AA
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/y4ya_NKTiQ6OdOCrUkzx2Up2H6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.53.0/24
14.102.60.0/24
158.173.164.0/24
158.173.219.0/24
212.32.68.0/23
212.32.72.0/24
213.254.161.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:6c:86:bb:41:60:b2:5b:31:f8:66:04:b7:8f:3e:b3:1b:32:
3f:35:28:e6:9a:5d:c9:5e:3b:a7:53:92:f8:43:63:ec:7a:59:
21:3c:d6:8c:83:42:b2:b9:ac:e4:3e:dd:03:00:a3:1b:85:91:
52:5c:6d:00:83:a3:68:86:39:ce:dc:03:96:ba:4f:1f:8a:75:
83:cd:86:d7:96:aa:5a:8d:24:bb:92:27:5c:c0:2a:37:4d:8c:
9d:68:95:3e:e1:d8:6f:c4:2e:ec:80:33:7b:1c:c7:7c:27:d2:
ab:b3:98:00:37:be:54:f2:f4:44:9d:94:bc:b6:56:61:56:a9:
55:10:ef:e9:e3:3e:f3:d0:64:c0:f9:6e:94:e8:7e:9e:c6:70:
46:9e:f3:f2:a2:14:6b:86:ec:94:83:c7:de:a1:be:7d:97:23:
10:ee:06:d2:21:f5:54:15:60:c6:d9:79:5d:d2:0e:4c:f0:6f:
4d:01:e7:aa:fa:35:38:ab:f2:5d:33:1e:ab:61:d0:d9:48:89:
e4:0a:c8:af:03:48:fc:1e:c4:c2:c2:78:cc:48:b7:7b:86:e7:
d2:15:c5:df:f1:f7:3d:03:4f:3f:f9:3c:a0:d3:1b:ca:6f:e1:
18:a9:eb:af:3b:18:6e:20:fa:c3:3f:2c:53:20:89:5f:8a:6a:
a5:6a:34:98
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ6mNRpslpVYc6P32/vf6EscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNjA4MDc0OTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjhjOWFmY2QyOTM4OTBlOGU3NGUwYWI1MjRjZjFkOTRhNzYxZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1Dvx0IT3JRBgp5o0omuuOM4R+Lt
nx+5hwwLPFbV5ntnpR371stFoGUK+NRyragA9pOjxcBCO0xNj8/dHWOjs6Xfe5IS
bhAT7WtBhqFsf+lLgIwuObLHmNnLyMhZaEaKaCHo/GZaytt7o2bAgfYnb4RzFdTW
N4gsTNaVMN4NGrbktRDNDLvp+5ZpW419XEloGJwxHTDLDyo72ktG4encJ7der/26
ZYWTTkG37tcCn1oIfzyr6AIc3DVyR324fDuDLUZsZ6slCm22N7Lgm4maLbFhUX5z
2ZHZFGuxQx67rO61zsmWbFr0c5GePPvb7MnAwyDSJWy8MD7X/mibRczuZwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMuMmvzSk4kOjnTgq1JM8dlKdh+qMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEveTR5YV9OS1RpUTZPZE9DclVrengyVXAySDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQADmY1AwQA
DmY8AwQAnq2kAwQAnq3bAwQB1CBEAwQA1CBIAwQA1f6hMA0GCSqGSIb3DQEBCwUA
A4IBAQB+bIa7QWCyWzH4ZgS3jz6zGzI/NSjmml3JXjunU5L4Q2PselkhPNaMg0Ky
uazkPt0DAKMbhZFSXG0Ag6NohjnO3AOWuk8finWDzYbXlqpajSS7kidcwCo3TYyd
aJU+4dhvxC7sgDN7HMd8J9Krs5gAN75U8vREnZS8tlZhVqlVEO/p4z7z0GTA+W6U
6H6exnBGnvPyohRrhuyUg8feob59lyMQ7gbSIfVUFWDG2Xld0g5M8G9NAeeq+jU4
q/JdMx6rYdDZSInkCsivA0j8HsTCwnjMSLd7hufSFcXf8fc9A08/+Tyg0xvKb+EY
qeuvOxhuIPrDPyxTIIlfimqlajSY
-----END CERTIFICATE-----
Generated at Tue Jun 9 00:46:05 2026 by rpki-client