Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/Yfjs6TdYq1sgdFM7cqb-qtekrNU.roa
File: Yfjs6TdYq1sgdFM7cqb-qtekrNU.roa (raw, json)
Hash identifier: P4sQK9USZfTa1aICp1B8s88VX1ymEKIke0FrnNDds28=
Subject key identifier: 61:F8:EC:E9:37:58:AB:5B:20:74:53:3B:72:A6:FE:AA:D7:A4:AC:D5
Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Certificate serial: 019CB00D591554BF6944964AF23A7DE7F307
Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/Yfjs6TdYq1sgdFM7cqb-qtekrNU.roa
Signing time: Mon 02 Mar 2026 19:36:30 +0000
ROA not before: Mon 02 Mar 2026 19:36:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 81.85.72.0/24 maxlen: 24
81.85.74.0/24 maxlen: 24
81.85.75.0/24 maxlen: 24
185.5.75.0/24 maxlen: 24
185.9.24.0/24 maxlen: 24
185.9.25.0/24 maxlen: 24
185.9.26.0/24 maxlen: 24
185.28.172.0/24 maxlen: 24
185.28.173.0/24 maxlen: 24
185.28.174.0/24 maxlen: 24
213.155.28.0/24 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.33.0/24 maxlen: 24
217.177.34.0/24 maxlen: 24
217.177.44.0/24 maxlen: 24
217.177.45.0/24 maxlen: 24
217.177.46.0/24 maxlen: 24
217.177.47.0/24 maxlen: 24
217.179.48.0/24 maxlen: 24
217.179.49.0/24 maxlen: 24
2a11:2cc0:2::/47 maxlen: 47
2a11:2cc0:4::/47 maxlen: 47
2a11:2cc0:6::/47 maxlen: 47
2a11:2cc0:8::/47 maxlen: 47
2a11:2cc0:10::/47 maxlen: 47
2a11:2cc0:20::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 13:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b0:0d:59:15:54:bf:69:44:96:4a:f2:3a:7d:e7:f3:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Validity
Not Before: Mar 2 19:36:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=61f8ece93758ab5b2074533b72a6feaad7a4acd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:62:07:13:41:71:88:70:5d:11:f5:b7:55:
12:d2:ac:f9:27:f8:45:90:07:2d:9d:da:c4:2c:4e:
b2:e8:69:8b:35:40:16:c7:34:eb:cf:5f:96:2e:b1:
32:8a:9b:a9:5e:9e:bd:a5:c8:60:57:c8:98:25:8e:
4e:07:dd:7a:10:b2:32:c3:59:ff:99:2c:54:4e:1f:
5c:47:3c:33:dd:64:35:41:06:8e:0f:23:13:e8:47:
0b:f2:99:65:cc:ad:42:a6:a0:bd:6a:64:4e:9b:0c:
c2:05:37:75:7a:d8:c7:12:d3:d0:43:3e:28:d3:04:
41:c4:7a:6b:44:f7:02:57:14:24:92:55:c6:c1:fc:
b7:68:1f:02:ed:9c:67:34:d8:b5:ba:96:80:d9:cf:
f8:cf:12:82:09:de:46:a2:10:60:1a:74:99:8f:30:
3c:87:c7:ef:f6:3d:32:99:28:23:e6:34:b0:8a:b3:
14:62:7a:df:46:00:c5:6e:41:6d:61:5a:4f:ad:a1:
2b:e7:77:4c:ab:90:94:40:98:f1:e9:93:44:3f:7a:
7c:11:03:9d:4f:22:f5:c4:b5:79:71:49:4e:84:b8:
88:96:ba:41:ee:4d:b9:38:58:0a:28:71:64:04:81:
e3:50:86:0c:af:5f:33:df:b5:e1:6e:ea:36:c5:82:
ba:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F8:EC:E9:37:58:AB:5B:20:74:53:3B:72:A6:FE:AA:D7:A4:AC:D5
X509v3 Authority Key Identifier:
keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/Yfjs6TdYq1sgdFM7cqb-qtekrNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.72.0/24
81.85.74.0/23
185.5.75.0/24
185.9.24.0-185.9.26.255
185.28.172.0-185.28.174.255
213.155.28.0/24
217.177.32.0-217.177.34.255
217.177.44.0/22
217.179.48.0/23
IPv6:
2a11:2cc0:2::-2a11:2cc0:9:ffff:ffff:ffff:ffff:ffff
2a11:2cc0:10::/47
2a11:2cc0:20::/47
Signature Algorithm: sha256WithRSAEncryption
52:4d:3a:93:0d:91:2c:92:11:c1:ab:91:37:e0:7a:ca:92:8b:
32:8f:d4:9d:45:f3:74:6d:6e:04:f6:be:27:a1:bc:20:ea:1d:
63:38:d6:97:e7:6c:76:8f:75:cc:9f:cb:33:ec:2d:89:43:35:
9c:0a:4f:fc:46:ce:5f:8c:5a:d5:f5:83:1a:37:06:da:0f:36:
4f:ad:87:4e:41:cd:ec:fb:7a:27:e1:3a:b5:df:11:d2:dd:53:
5d:db:56:1d:9b:12:f9:f7:29:d0:16:c2:ed:43:8c:97:2c:a9:
90:a3:91:c7:81:a7:ea:a5:40:38:a9:4b:fe:39:9f:32:04:68:
e8:f7:18:72:fe:f9:e8:3b:42:1c:b5:50:50:83:b7:90:58:17:
08:54:cb:ce:c0:40:a3:8c:a8:9b:7e:49:03:fc:59:5b:e7:9a:
7b:67:a7:61:05:1e:47:c6:74:6e:88:b6:34:d6:84:9d:25:09:
59:b2:07:11:0c:a3:fa:c9:bc:9c:4a:53:02:fb:4b:6b:a9:e3:
2a:9c:28:a3:16:e6:f5:ea:c8:48:c6:c6:fd:f9:03:81:63:08:
9b:83:24:3f:ac:6d:e9:3a:f3:cf:04:ff:ae:74:eb:71:39:ab:
81:7c:f5:83:fc:21:44:05:e2:25:f8:92:86:eb:07:55:69:68:
13:2c:2b:80
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZywDVkVVL9pRJZK8jp95/MHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm
NDI2MTEwHhcNMjYwMzAyMTkzNjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY4ZWNlOTM3NThhYjViMjA3NDUzM2I3MmE2ZmVhYWQ3YTRhY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPliBxNBcYhwXRH1t1US0qz5J/hF
kActndrELE6y6GmLNUAWxzTrz1+WLrEyipupXp69pchgV8iYJY5OB916ELIyw1n/
mSxUTh9cRzwz3WQ1QQaODyMT6EcL8pllzK1CpqC9amROmwzCBTd1etjHEtPQQz4o
0wRBxHprRPcCVxQkklXGwfy3aB8C7ZxnNNi1upaA2c/4zxKCCd5GohBgGnSZjzA8
h8fv9j0ymSgj5jSwirMUYnrfRgDFbkFtYVpPraEr53dMq5CUQJjx6ZNEP3p8EQOd
TyL1xLV5cUlOhLiIlrpB7k25OFgKKHFkBIHjUIYMr18z37Xhbuo2xYK6YQIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFGH47Ok3WKtbIHRTO3Km/qrXpKzVMB8GA1UdIwQY
MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct
MjQyNDY2ODJiZjAwLzEvWWZqczZUZFlxMXNnZEZNN2NxYi1xdGVrck5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw
LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBUBAIAATBOAwQAUVVI
AwQBUVVKAwQAuQVLMAwDBAO5CRgDBAC5CRowDAMEArkcrAMEALkcrgMEANWbHDAM
AwQF2bEgAwQA2bEiAwQC2bEsAwQB2bMwMCwEAgACMCYwEgMHASoRLMAAAgMHASoR
LMAACAMHASoRLMAAEAMHASoRLMAAIDANBgkqhkiG9w0BAQsFAAOCAQEAUk06kw2R
LJIRwauRN+B6ypKLMo/UnUXzdG1uBPa+J6G8IOodYzjWl+dsdo91zJ/LM+wtiUM1
nApP/EbOX4xa1fWDGjcG2g82T62HTkHN7Pt6J+E6td8R0t1TXdtWHZsS+fcp0BbC
7UOMlyypkKORx4Gn6qVAOKlL/jmfMgRo6PcYcv756DtCHLVQUIO3kFgXCFTLzsBA
o4yom35JA/xZW+eae2enYQUeR8Z0boi2NNaEnSUJWbIHEQyj+sm8nEpTAvtLa6nj
Kpwooxbm9erISMbG/fkDgWMIm4MkP6xt6TrzzwT/rnTrcTmrgXz1g/whRAXiJfiS
husHVWloEywrgA==
-----END CERTIFICATE-----
Generated at Thu Mar 12 21:36:23 2026 by rpki-client