Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/_YyM5Fz0fRt9WBEEudyzbZgfybs.roa
File: _YyM5Fz0fRt9WBEEudyzbZgfybs.roa (raw, json)
Hash identifier: 4qY+Fv3RexE/YICr0m64zJ0sFOUpiGhvhqq4dKDZLy4=
Subject key identifier: FD:8C:8C:E4:5C:F4:7D:1B:7D:58:11:04:B9:DC:B3:6D:98:1F:C9:BB
Certificate issuer: /CN=69844e1374f1c4581bfbf7ad4638a112d316fbe4
Certificate serial: 019D019846A770B4D13C31C87BE09A94545D
Authority key identifier: 69:84:4E:13:74:F1:C4:58:1B:FB:F7:AD:46:38:A1:12:D3:16:FB:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYROE3TxxFgb-_etRjihEtMW--Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/_YyM5Fz0fRt9WBEEudyzbZgfybs.roa
Signing time: Wed 18 Mar 2026 15:37:29 +0000
ROA not before: Wed 18 Mar 2026 15:37:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 195.146.160.0/24 maxlen: 24
195.146.161.0/24 maxlen: 24
195.146.162.0/24 maxlen: 24
195.146.163.0/24 maxlen: 24
195.146.164.0/24 maxlen: 24
195.146.165.0/24 maxlen: 24
195.146.166.0/24 maxlen: 24
195.146.167.0/24 maxlen: 24
195.146.168.0/24 maxlen: 24
195.146.169.0/24 maxlen: 24
195.146.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/aYROE3TxxFgb-_etRjihEtMW--Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/aYROE3TxxFgb-_etRjihEtMW--Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/aYROE3TxxFgb-_etRjihEtMW--Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 08:03:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:98:46:a7:70:b4:d1:3c:31:c8:7b:e0:9a:94:54:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69844e1374f1c4581bfbf7ad4638a112d316fbe4
Validity
Not Before: Mar 18 15:37:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fd8c8ce45cf47d1b7d581104b9dcb36d981fc9bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9e:9e:bf:4a:1d:21:d1:2d:65:e2:0b:71:c4:
80:b3:98:4d:60:6e:67:43:e5:4f:d4:2b:8b:c5:47:
5e:3b:42:38:a5:89:55:72:07:79:4f:5e:d0:8d:af:
fa:dd:25:15:88:df:f7:ec:94:39:32:3f:5d:1f:dc:
70:d6:b7:a1:b2:d5:03:51:b8:71:7c:be:3f:35:fb:
45:14:70:c4:5f:c7:0c:05:54:68:71:db:29:22:0f:
ec:85:11:35:f2:ab:bf:b5:1f:ed:32:f2:7f:79:2d:
28:ef:3e:2b:a9:42:a8:e7:4a:83:4c:c9:a4:ee:18:
7e:f4:8e:1a:20:92:9f:82:03:09:74:a7:a3:ba:bd:
e4:27:a6:59:15:9c:14:3b:a8:20:c1:a8:7d:2f:cb:
46:8f:dd:1d:7d:6b:51:40:fa:26:d4:c4:e9:55:ed:
09:02:6e:6e:db:bb:dc:1d:12:6a:cc:50:2e:e7:09:
dc:a3:13:8f:5b:15:78:51:8a:e9:c6:81:1c:fc:9f:
b5:98:44:0f:85:f9:44:4a:15:be:79:12:35:03:ce:
f7:94:1a:8c:10:aa:fd:b0:56:ab:7a:eb:5e:7b:3d:
0f:e4:1b:10:c5:a5:f3:8e:e5:cb:69:d2:2e:81:49:
87:d3:d2:d8:d0:6b:fe:dd:c4:0f:ef:60:57:29:8f:
8c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:8C:8C:E4:5C:F4:7D:1B:7D:58:11:04:B9:DC:B3:6D:98:1F:C9:BB
X509v3 Authority Key Identifier:
keyid:69:84:4E:13:74:F1:C4:58:1B:FB:F7:AD:46:38:A1:12:D3:16:FB:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYROE3TxxFgb-_etRjihEtMW--Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/_YyM5Fz0fRt9WBEEudyzbZgfybs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/3d54b9-a763-4514-9467-8aaef76c2e98/1/aYROE3TxxFgb-_etRjihEtMW--Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.146.160.0-195.146.170.255
Signature Algorithm: sha256WithRSAEncryption
15:00:92:26:29:95:09:80:fb:f9:76:a3:a0:86:75:e0:47:92:
ad:ec:54:88:21:d6:5b:a7:d5:3c:0d:aa:09:29:fe:a8:2b:67:
ea:a0:83:1a:11:87:84:1d:e6:1b:0d:d8:18:b3:3d:76:6b:24:
a9:9c:db:07:48:19:27:d0:35:ae:d0:57:11:30:37:89:c4:1a:
c9:9b:a8:ec:98:02:ca:64:fb:91:92:a9:fe:84:58:35:6a:6e:
46:87:4d:59:1a:fd:77:90:bf:60:3c:15:29:ec:19:f8:a6:f7:
26:8e:cc:b7:ff:e6:95:73:8d:ee:cc:e3:22:6b:65:cd:02:2a:
31:4e:77:8c:32:c8:42:50:9a:36:cb:cb:8b:34:9a:35:d4:65:
f4:81:a5:e6:bb:f7:24:a9:ea:d8:c9:a3:95:7c:1f:77:73:37:
0b:65:0f:db:eb:c5:a7:f2:55:aa:65:60:f6:0f:e7:22:7b:24:
b1:56:6e:05:af:14:23:2a:e2:da:44:1a:26:60:ec:64:6b:3e:
a9:0e:e0:f3:f0:f4:f0:53:d5:ad:aa:12:34:5c:ce:fb:21:ca:
6f:a6:b4:d6:d4:79:af:42:ea:69:f6:c5:48:60:3f:37:73:81:
eb:2c:6e:e8:71:66:64:dc:0e:06:80:c1:05:47:50:57:9e:43:
fb:8d:3d:24
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ0BmEancLTRPDHIe+CalFRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODQ0ZTEzNzRmMWM0NTgxYmZiZjdhZDQ2MzhhMTEyZDMx
NmZiZTQwHhcNMjYwMzE4MTUzNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDhjOGNlNDVjZjQ3ZDFiN2Q1ODExMDRiOWRjYjM2ZDk4MWZjOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ6ev0odIdEtZeILccSAs5hNYG5n
Q+VP1CuLxUdeO0I4pYlVcgd5T17Qja/63SUViN/37JQ5Mj9dH9xw1rehstUDUbhx
fL4/NftFFHDEX8cMBVRocdspIg/shRE18qu/tR/tMvJ/eS0o7z4rqUKo50qDTMmk
7hh+9I4aIJKfggMJdKejur3kJ6ZZFZwUO6ggwah9L8tGj90dfWtRQPom1MTpVe0J
Am5u27vcHRJqzFAu5wncoxOPWxV4UYrpxoEc/J+1mEQPhflEShW+eRI1A873lBqM
EKr9sFareuteez0P5BsQxaXzjuXLadIugUmH09LY0Gv+3cQP72BXKY+MIwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP2MjORc9H0bfVgRBLncs22YH8m7MB8GA1UdIwQY
MBaAFGmEThN08cRYG/v3rUY4oRLTFvvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlST0UzVHh4RmdiLV9ldFJqaWhFdE1XLS1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8zZDU0YjktYTc2My00NTE0LTk0Njct
OGFhZWY3NmMyZTk4LzEvX1l5TTVGejBmUnQ5V0JFRXVkeXpiWmdmeWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8zZDU0YjktYTc2My00NTE0LTk0NjctOGFhZWY3NmMyZTk4
LzEvYVlST0UzVHh4RmdiLV9ldFJqaWhFdE1XLS1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXDkqAD
BADDkqowDQYJKoZIhvcNAQELBQADggEBABUAkiYplQmA+/l2o6CGdeBHkq3sVIgh
1lun1TwNqgkp/qgrZ+qggxoRh4Qd5hsN2BizPXZrJKmc2wdIGSfQNa7QVxEwN4nE
GsmbqOyYAspk+5GSqf6EWDVqbkaHTVka/XeQv2A8FSnsGfim9yaOzLf/5pVzje7M
4yJrZc0CKjFOd4wyyEJQmjbLy4s0mjXUZfSBpea79ySp6tjJo5V8H3dzNwtlD9vr
xafyVaplYPYP5yJ7JLFWbgWvFCMq4tpEGiZg7GRrPqkO4PPw9PBT1a2qEjRczvsh
ym+mtNbUea9C6mn2xUhgPzdzgessbuhxZmTcDgaAwQVHUFeeQ/uNPSQ=
-----END CERTIFICATE-----
Generated at Thu Mar 19 12:31:12 2026 by rpki-client