Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/YBpN3TQ1JzwNzB0-jsj_CckejPU.roa
File: YBpN3TQ1JzwNzB0-jsj_CckejPU.roa (raw, json)
Hash identifier: 8A8QBdzrHSSwGIlNYxFd7VC285mnazoMY8ZTK0EOh18=
Subject key identifier: 60:1A:4D:DD:34:35:27:3C:0D:CC:1D:3E:8E:C8:FF:09:C9:1E:8C:F5
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 019E2D5A0D0A0156E7428759E630DC67AE1B
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/YBpN3TQ1JzwNzB0-jsj_CckejPU.roa
Signing time: Fri 15 May 2026 20:35:36 +0000
ROA not before: Fri 15 May 2026 20:35:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212192
IP address blocks: 5.157.240.0/21 maxlen: 21
37.35.32.0/22 maxlen: 22
37.35.38.0/24 maxlen: 24
146.66.211.0/24 maxlen: 24
146.66.218.0/24 maxlen: 24
146.66.219.0/24 maxlen: 24
178.157.125.0/24 maxlen: 24
188.74.153.0/24 maxlen: 24
188.74.154.0/24 maxlen: 24
188.74.156.0/22 maxlen: 22
188.74.191.0/24 maxlen: 24
188.74.244.0/24 maxlen: 24
188.119.164.0/24 maxlen: 24
188.119.167.0/24 maxlen: 24
188.119.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2d:5a:0d:0a:01:56:e7:42:87:59:e6:30:dc:67:ae:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: May 15 20:35:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=601a4ddd3435273c0dcc1d3e8ec8ff09c91e8cf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e3:61:4d:73:cb:9a:7b:9b:38:93:b9:03:66:
c4:36:26:ac:e3:64:a9:9b:86:c4:f0:aa:9c:40:0a:
55:2a:38:76:bb:f2:52:1c:d0:53:d8:ab:eb:7b:7f:
d6:b0:20:59:db:57:6a:cb:49:78:8e:84:03:db:23:
b6:b3:fc:e4:1b:e4:c1:37:d2:23:7f:ac:d7:38:1e:
df:47:ac:bb:39:86:e8:28:02:13:8b:6f:7f:47:0d:
30:0c:44:66:70:79:2e:b6:91:74:ea:9f:02:ac:66:
44:42:3f:b0:a7:01:ba:87:a0:2e:1f:9a:3a:a7:49:
af:30:d8:ac:58:79:4c:09:4b:f7:1d:11:15:7a:8b:
27:77:da:5f:54:15:34:3d:88:37:2b:33:92:e2:23:
e1:55:a2:3d:19:8b:35:7d:b0:86:09:46:a6:57:cd:
8c:08:99:b2:cf:0e:39:ce:5e:e8:8a:59:93:c4:2b:
e6:04:9f:fb:5e:18:55:a9:ee:74:35:29:ae:47:ac:
2b:de:10:2b:54:75:48:b7:00:5b:14:d5:91:95:3d:
30:99:a1:36:ef:5d:2f:2a:cb:d2:3a:bc:75:7e:1d:
61:19:e2:60:13:13:b0:34:04:15:be:49:db:e3:5b:
57:72:bd:c8:62:dd:08:f3:66:11:8f:17:76:ac:f3:
66:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:1A:4D:DD:34:35:27:3C:0D:CC:1D:3E:8E:C8:FF:09:C9:1E:8C:F5
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/YBpN3TQ1JzwNzB0-jsj_CckejPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.240.0/21
37.35.32.0/22
37.35.38.0/24
146.66.211.0/24
146.66.218.0/23
178.157.125.0/24
188.74.153.0-188.74.154.255
188.74.156.0/22
188.74.191.0/24
188.74.244.0/24
188.119.164.0/24
188.119.167.0/24
188.119.189.0/24
Signature Algorithm: sha256WithRSAEncryption
66:32:f0:ab:90:65:c5:e3:0f:b1:12:85:76:a0:3e:54:ba:b0:
d5:ae:76:37:1a:85:84:93:92:b8:a4:03:57:09:74:2f:d3:2d:
20:c2:60:ec:b5:c1:e2:83:bd:2d:93:96:b9:94:df:c8:c7:f9:
0a:a5:6f:65:22:96:3e:19:c4:51:82:6b:37:de:5e:77:01:90:
61:d4:2a:3a:36:74:81:6a:1c:2b:ba:46:04:e6:7d:6f:c1:96:
77:a7:a8:d2:6e:a4:ad:70:70:b1:9a:1b:10:c7:9e:48:04:68:
e0:68:f0:0e:39:7f:15:be:50:11:be:ab:48:99:5e:f2:fe:4b:
a7:8d:4e:77:1e:c9:d9:b9:75:77:31:48:d8:e3:ef:09:a4:65:
7f:29:57:66:d5:6a:12:47:4a:a0:7a:d0:7f:ec:cb:de:63:16:
ea:38:c1:b1:23:01:18:04:db:2c:70:cb:ee:23:ee:b7:9f:d5:
6f:d2:4b:98:4a:c8:9f:b2:65:01:96:ca:fc:d0:43:6b:8f:d1:
39:48:b9:a7:48:ca:ab:15:5f:f3:58:1f:a1:1e:29:f8:61:8e:
3b:e8:ee:76:44:d2:e3:bb:57:df:5e:04:73:2d:e0:9e:78:f8:
6d:25:c2:78:6f:a9:34:71:c7:d3:d9:50:3b:9f:97:c1:66:20:
d7:96:72:23
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZ4tWg0KAVbnQodZ5jDcZ64bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjYwNTE1MjAzNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDFhNGRkZDM0MzUyNzNjMGRjYzFkM2U4ZWM4ZmYwOWM5MWU4Y2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwONhTXPLmnubOJO5A2bENias42Sp
m4bE8KqcQApVKjh2u/JSHNBT2Kvre3/WsCBZ21dqy0l4joQD2yO2s/zkG+TBN9Ij
f6zXOB7fR6y7OYboKAITi29/Rw0wDERmcHkutpF06p8CrGZEQj+wpwG6h6AuH5o6
p0mvMNisWHlMCUv3HREVeosnd9pfVBU0PYg3KzOS4iPhVaI9GYs1fbCGCUamV82M
CJmyzw45zl7oilmTxCvmBJ/7XhhVqe50NSmuR6wr3hArVHVItwBbFNWRlT0wmaE2
710vKsvSOrx1fh1hGeJgExOwNAQVvknb41tXcr3IYt0I82YRjxd2rPNm9wIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFGAaTd00NSc8DcwdPo7I/wnJHoz1MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvWUJwTjNUUTFKendOekIwLWpzal9DY2tlalBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQDBZ3wAwQC
JSMgAwQAJSMmAwQAkkLTAwQBkkLaAwQAsp19MAwDBAC8SpkDBAC8SpoDBAK8SpwD
BAC8Sr8DBAC8SvQDBAC8d6QDBAC8d6cDBAC8d70wDQYJKoZIhvcNAQELBQADggEB
AGYy8KuQZcXjD7EShXagPlS6sNWudjcahYSTkrikA1cJdC/TLSDCYOy1weKDvS2T
lrmU38jH+Qqlb2Uilj4ZxFGCazfeXncBkGHUKjo2dIFqHCu6RgTmfW/BlnenqNJu
pK1wcLGaGxDHnkgEaOBo8A45fxW+UBG+q0iZXvL+S6eNTnceydm5dXcxSNjj7wmk
ZX8pV2bVahJHSqB60H/sy95jFuo4wbEjARgE2yxwy+4j7ref1W/SS5hKyJ+yZQGW
yvzQQ2uP0TlIuadIyqsVX/NYH6EeKfhhjjvo7nZE0uO7V99eBHMt4J54+G0lwnhv
qTRxx9PZUDufl8FmINeWciM=
-----END CERTIFICATE-----
Generated at Thu Jun 4 14:06:23 2026 by rpki-client