Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/yzmd_JEtqQaKvD_qUTrgrsVF79c.roa
File: yzmd_JEtqQaKvD_qUTrgrsVF79c.roa (raw, json)
Hash identifier: SuudBezS9EbRtIE8Jk/JrcwtPiUJuIx7iCJ1s3wsLjE=
Subject key identifier: CB:39:9D:FC:91:2D:A9:06:8A:BC:3F:EA:51:3A:E0:AE:C5:45:EF:D7
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 019E3F81447F9AA8F82AA5DEEAB8F3FDCC44
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/yzmd_JEtqQaKvD_qUTrgrsVF79c.roa
Signing time: Tue 19 May 2026 09:11:36 +0000
ROA not before: Tue 19 May 2026 09:11:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.204.0/24 maxlen: 24
91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.131.0/24 maxlen: 24
93.188.132.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.50.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.241.0/24 maxlen: 24
148.253.244.0/24 maxlen: 24
148.253.245.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.110.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.143.0/24 maxlen: 24
163.171.149.0/24 maxlen: 24
163.171.151.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
163.171.164.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.215.0/24 maxlen: 24
163.171.216.0/24 maxlen: 24
163.171.217.0/24 maxlen: 24
163.171.218.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.227.0/24 maxlen: 24
163.171.228.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.235.0/24 maxlen: 24
163.171.237.0/24 maxlen: 24
163.171.244.0/24 maxlen: 24
163.171.245.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.228.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ff19::/48 maxlen: 48
2a01:53c0:ffc6::/48 maxlen: 48
2a01:53c0:ffe7::/48 maxlen: 48
2a01:53c0:fff2::/48 maxlen: 48
2a01:53c0:fff4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:81:44:7f:9a:a8:f8:2a:a5:de:ea:b8:f3:fd:cc:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: May 19 09:11:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cb399dfc912da9068abc3fea513ae0aec545efd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:65:4a:35:08:38:d2:36:5b:50:7e:d9:fa:9e:
ad:78:ad:16:08:ab:ec:c1:ba:14:40:3e:b3:ea:93:
d9:6a:be:c2:dc:df:78:b8:41:4e:c8:9a:37:67:ca:
e0:0b:74:13:ec:da:22:d0:37:84:bc:e8:5b:70:7f:
8d:b9:63:d4:12:67:73:0a:9c:2f:82:6d:ee:74:5f:
a5:74:4f:60:9c:36:37:da:1a:b7:23:6a:19:d9:0b:
7e:aa:dc:7d:54:27:7c:31:6a:d3:49:7c:40:6a:88:
d8:7c:5e:75:66:86:a1:54:c4:67:07:0a:c5:39:b5:
2a:51:cb:22:8c:b8:ba:c0:c5:fb:19:41:0a:c7:13:
10:c3:c9:dd:cd:e5:87:bb:95:ba:69:3f:eb:8e:e2:
c6:0d:c5:96:eb:f1:6e:1d:42:60:19:02:ee:7e:8e:
df:26:fd:f9:38:a9:8e:65:1f:03:b2:f6:55:a7:d4:
4d:d8:96:92:1c:9a:e7:9a:99:29:59:00:bf:27:01:
28:2e:24:5b:e1:5b:74:5b:87:d9:ce:ae:f6:f7:5f:
d2:6d:51:7c:1c:c5:8c:98:d4:25:49:49:fe:63:bb:
6d:c5:7e:33:0c:62:26:40:65:1d:af:a8:45:84:fa:
e4:1e:ec:2b:ae:e8:4f:45:34:b0:7c:9e:64:b3:53:
2e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:39:9D:FC:91:2D:A9:06:8A:BC:3F:EA:51:3A:E0:AE:C5:45:EF:D7
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/yzmd_JEtqQaKvD_qUTrgrsVF79c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.204.0/23
91.202.200.0/24
93.188.131.0-93.188.132.255
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.50.0/24
148.253.60.0/22
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.241.0/24
148.253.244.0-148.253.246.255
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.77.0/24
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.110.0/24
163.171.119.0/24
163.171.126.0/24
163.171.143.0/24
163.171.149.0/24
163.171.151.0/24
163.171.153.0/24
163.171.164.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.215.0-163.171.218.255
163.171.222.0/24
163.171.224.0/23
163.171.227.0-163.171.228.255
163.171.230.0/23
163.171.234.0/23
163.171.237.0/24
163.171.244.0/23
163.171.249.0/24
163.171.252.0/24
185.27.228.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ff19::/48
2a01:53c0:ffc6::/48
2a01:53c0:ffe7::/48
2a01:53c0:fff2::/48
2a01:53c0:fff4::/48
Signature Algorithm: sha256WithRSAEncryption
78:c7:46:5c:e0:09:fd:ac:49:2a:7c:33:41:3c:1c:4c:59:03:
92:bc:44:cc:06:6b:e5:d5:9a:37:06:c9:bf:97:0f:b9:45:83:
f4:92:c8:57:a3:af:f8:ae:92:ab:e0:e9:5f:ee:08:2b:b5:7b:
b3:af:cc:8b:3b:21:4c:34:66:24:7f:bb:f1:a2:06:0e:8c:dd:
2f:a8:ed:ab:6e:75:63:81:4b:9b:83:ef:e2:3d:ef:02:c5:74:
72:f7:fa:ec:f3:06:90:67:df:89:e8:81:10:7b:2e:19:12:27:
d4:e2:03:1a:28:d8:86:64:d0:7e:bc:80:f0:0d:85:f7:02:3c:
fa:69:4f:81:de:7b:d4:7d:ee:2c:f1:04:06:d6:b2:96:bb:a8:
28:ea:01:f0:fc:3f:fe:e4:8d:5e:41:f0:14:ee:21:5e:ab:23:
a3:59:31:b9:3f:83:43:62:a8:5f:8e:04:05:04:1b:fe:f7:6e:
fe:c6:47:b9:b2:08:99:9a:60:c7:89:20:c6:21:c6:4c:dd:61:
09:2a:19:6d:8c:c2:a2:a9:df:a3:ec:a3:4b:3f:ab:06:d1:90:
5f:12:bc:33:ed:df:67:53:56:fb:e4:7a:bf:b2:09:3d:81:b1:
97:08:25:56:6a:f0:06:d8:e7:2f:3f:81:ee:cf:57:04:f9:ce:
1d:37:6e:a6
-----BEGIN CERTIFICATE-----
MIIG0DCCBbigAwIBAgISAZ4/gUR/mqj4KqXe6rjz/cxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjYwNTE5MDkxMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM5OWRmYzkxMmRhOTA2OGFiYzNmZWE1MTNhZTBhZWM1NDVlZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomVKNQg40jZbUH7Z+p6teK0WCKvs
wboUQD6z6pPZar7C3N94uEFOyJo3Z8rgC3QT7Noi0DeEvOhbcH+NuWPUEmdzCpwv
gm3udF+ldE9gnDY32hq3I2oZ2Qt+qtx9VCd8MWrTSXxAaojYfF51ZoahVMRnBwrF
ObUqUcsijLi6wMX7GUEKxxMQw8ndzeWHu5W6aT/rjuLGDcWW6/FuHUJgGQLufo7f
Jv35OKmOZR8DsvZVp9RN2JaSHJrnmpkpWQC/JwEoLiRb4Vt0W4fZzq7291/SbVF8
HMWMmNQlSUn+Y7ttxX4zDGImQGUdr6hFhPrkHuwrruhPRTSwfJ5ks1Mu3QIDAQAB
o4ID3DCCA9gwHQYDVR0OBBYEFMs5nfyRLakGirw/6lE64K7FRe/XMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEveXptZF9KRXRxUWFLdkRfcVVUcmdyc1ZGNzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB8AYIKwYBBQUHAQcBAf8EggHfMIIB2zCCAaIEAgABMIIB
mgMEAVvCzAMEAFvKyDAMAwQAXbyDAwQAXbyEAwQAXbyHAwQAlP0iAwQAlP0kMAwD
BACU/SkDBACU/SoDBACU/SwDBACU/S8DBACU/TIDBAKU/TwDBAGU/eQwDAMEAJT9
5wMEApT96AMEAJT97QMEAJT97wMEAJT98TAMAwQClP30AwQAlP32AwQAlP34MAwD
BAKX+VwDBACX+V4DBACjq0ADBACjq0MDBAGjq0YDBACjq00DBAGjq1QDBACjq1cw
DAMEAKOrXQMEAKOrXjAMAwQFo6tgAwQAo6tiMAwDBACjq2UDBACjq2gDBACjq24D
BACjq3cDBACjq34DBACjq48DBACjq5UDBACjq5cDBACjq5kDBACjq6QDBACjq6YD
BAGjq7ADBACjq7YDBACjq7wDBACjq8YDBACjq88wDAMEAKOr1wMEAKOr2gMEAKOr
3gMEAaOr4DAMAwQAo6vjAwQAo6vkAwQBo6vmAwQBo6vqAwQAo6vtAwQBo6v0AwQA
o6v5AwQAo6v8AwQAuRvkAwQAuRvmAwQAwmsTMDMEAgACMC0DBwAqAVPA/xkDBwAq
AVPA/8YDBwAqAVPA/+cDBwAqAVPA//IDBwAqAVPA//QwDQYJKoZIhvcNAQELBQAD
ggEBAHjHRlzgCf2sSSp8M0E8HExZA5K8RMwGa+XVmjcGyb+XD7lFg/SSyFejr/iu
kqvg6V/uCCu1e7OvzIs7IUw0ZiR/u/GiBg6M3S+o7atudWOBS5uD7+I97wLFdHL3
+uzzBpBn34nogRB7LhkSJ9TiAxoo2IZk0H68gPANhfcCPPppT4Hee9R97izxBAbW
spa7qCjqAfD8P/7kjV5B8BTuIV6rI6NZMbk/g0NiqF+OBAUEG/73bv7GR7myCJma
YMeJIMYhxkzdYQkqGW2MwqKp36Pso0s/qwbRkF8SvDPt32dTVvvker+yCT2BsZcI
JVZq8AbY5y8/ge7PVwT5zh03bqY=
-----END CERTIFICATE-----
Generated at Sat Jun 6 12:03:48 2026 by rpki-client