Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/yZhJYP9MTDqgvExJHziH0lNRXaY.roa
File: yZhJYP9MTDqgvExJHziH0lNRXaY.roa (raw, json)
Hash identifier: xG4XZCoR+Q/mj+b+zIEN5uguqj+EbPdFGRnSs9knAPc=
Subject key identifier: C9:98:49:60:FF:4C:4C:3A:A0:BC:4C:49:1F:38:87:D2:53:51:5D:A6
Certificate issuer: /CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Certificate serial: 019DBA2A98927B6E69F37ACDC2D924276942
Authority key identifier: 2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/yZhJYP9MTDqgvExJHziH0lNRXaY.roa
Signing time: Thu 23 Apr 2026 11:47:26 +0000
ROA not before: Thu 23 Apr 2026 11:47:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29049
IP address blocks: 85.132.112.0/24 maxlen: 24
94.20.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.mft
rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ba:2a:98:92:7b:6e:69:f3:7a:cd:c2:d9:24:27:69:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Validity
Not Before: Apr 23 11:47:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c9984960ff4c4c3aa0bc4c491f3887d253515da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:de:c5:b3:fd:6d:ad:6f:df:8d:d2:a3:8f:c3:
5b:6e:40:68:55:d6:e3:71:25:e2:0c:e9:a4:8f:a8:
90:ba:aa:55:a8:ac:93:b2:4e:78:64:d8:d9:fe:5a:
78:b9:03:cc:d2:4e:fb:7b:a8:cb:01:14:dd:3f:26:
1e:c7:96:df:b4:0f:dd:3d:01:17:ab:7d:b4:00:e1:
9f:d2:d8:9d:72:24:3e:e4:3b:dd:f8:7f:17:62:74:
9e:c2:f6:86:bf:96:bc:37:11:83:94:0b:7e:57:a3:
3a:9f:fa:1d:bf:b2:d5:1e:04:76:c9:ba:97:88:e0:
f5:af:e9:57:0d:9d:5f:59:f4:de:d9:8b:a6:f6:92:
e4:8d:92:4c:5e:46:b7:ef:45:c8:de:6c:3f:02:05:
e1:63:e9:70:5d:02:fb:27:db:7f:d7:46:98:2f:3f:
0f:99:f5:95:d8:85:d5:12:90:bd:94:b5:98:58:79:
50:00:b3:3c:bf:16:00:76:e8:ad:3c:f1:9e:89:0e:
b6:75:68:f2:ef:54:58:90:84:08:13:c7:6a:2d:dc:
8b:04:01:8d:6a:31:b5:2a:7d:4c:a9:68:eb:21:e0:
a0:50:8c:6b:b8:52:34:11:c3:ea:51:90:47:77:0a:
66:0c:01:18:b6:51:04:9d:fa:c3:e2:dc:3b:3c:36:
e4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:98:49:60:FF:4C:4C:3A:A0:BC:4C:49:1F:38:87:D2:53:51:5D:A6
X509v3 Authority Key Identifier:
keyid:2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/yZhJYP9MTDqgvExJHziH0lNRXaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.132.112.0/24
94.20.177.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:8f:4a:7f:72:02:46:15:f0:58:39:b5:71:2e:34:12:88:3f:
f5:06:6e:2a:e9:89:0a:0a:1b:25:65:e8:05:2d:c9:3a:55:a7:
d3:e5:84:d7:e6:c3:ed:94:76:46:47:e9:6e:c2:c7:70:f1:d4:
7f:ff:85:4a:cc:81:6c:c9:20:1e:62:a4:78:ef:de:fa:16:4d:
8b:1f:83:1d:52:10:33:60:47:6e:7d:a8:e8:24:77:ad:d3:ff:
6e:27:21:d5:32:0f:83:29:93:13:80:16:fc:28:4c:d3:1a:8c:
d6:68:c8:24:87:d4:76:fd:3a:f5:9d:08:08:1f:1b:e8:1d:1d:
01:8f:dc:cf:87:19:6f:a4:b4:5a:26:38:93:46:58:e8:d2:d8:
23:cb:58:a8:b4:cc:0c:5c:34:a1:0b:86:11:e0:f9:dc:f0:af:
2c:94:5f:c0:0e:76:fc:fe:bc:81:99:73:7d:06:a7:31:12:b1:
66:df:7d:d3:d6:f9:00:ca:60:74:46:ab:4d:0f:0d:bd:c4:a1:
e2:d4:aa:dd:42:38:89:4f:2f:81:a1:31:45:10:11:1c:6f:f0:
13:0e:11:c7:71:96:17:80:df:ab:2a:9d:3c:22:39:2b:dd:ce:
d1:40:af:9a:4f:96:d2:80:75:16:e1:52:bc:4c:9a:db:d9:4e:
89:3a:e3:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ26KpiSe25p83rNwtkkJ2lCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjUyYTQ3NzI0MmZiNDVmMjBiYjA4MDIwYTQwM2EyYmI0
NjZhOWIwHhcNMjYwNDIzMTE0NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk4NDk2MGZmNGM0YzNhYTBiYzRjNDkxZjM4ODdkMjUzNTE1ZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt7Fs/1trW/fjdKjj8NbbkBoVdbj
cSXiDOmkj6iQuqpVqKyTsk54ZNjZ/lp4uQPM0k77e6jLARTdPyYex5bftA/dPQEX
q320AOGf0tidciQ+5Dvd+H8XYnSewvaGv5a8NxGDlAt+V6M6n/odv7LVHgR2ybqX
iOD1r+lXDZ1fWfTe2Yum9pLkjZJMXka370XI3mw/AgXhY+lwXQL7J9t/10aYLz8P
mfWV2IXVEpC9lLWYWHlQALM8vxYAduitPPGeiQ62dWjy71RYkIQIE8dqLdyLBAGN
ajG1Kn1MqWjrIeCgUIxruFI0EcPqUZBHdwpmDAEYtlEEnfrD4tw7PDbkwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmYSWD/TEw6oLxMSR84h9JTUV2mMB8GA1UdIwQY
MBaAFC4lKkdyQvtF8guwgCCkA6K7RmqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmIt
MTZmMTQ2YmVmOTk1LzEveVpoSllQOU1URHFndkV4Skh6aUgwbE5SWGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmItMTZmMTQ2YmVmOTk1
LzEvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYRwAwQA
XhSxMA0GCSqGSIb3DQEBCwUAA4IBAQBuj0p/cgJGFfBYObVxLjQSiD/1Bm4q6YkK
ChslZegFLck6VafT5YTX5sPtlHZGR+luwsdw8dR//4VKzIFsySAeYqR47976Fk2L
H4MdUhAzYEdufajoJHet0/9uJyHVMg+DKZMTgBb8KEzTGozWaMgkh9R2/Tr1nQgI
HxvoHR0Bj9zPhxlvpLRaJjiTRljo0tgjy1iotMwMXDShC4YR4Pnc8K8slF/ADnb8
/ryBmXN9BqcxErFm333T1vkAymB0RqtNDw29xKHi1KrdQjiJTy+BoTFFEBEcb/AT
DhHHcZYXgN+rKp08Ijkr3c7RQK+aT5bSgHUW4VK8TJrb2U6JOuM5
-----END CERTIFICATE-----
Generated at Mon Apr 27 17:22:18 2026 by rpki-client