Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/yPdCNMxm54VLc8jKzVbuOxUrCAA.roa
File: yPdCNMxm54VLc8jKzVbuOxUrCAA.roa (raw, json)
Hash identifier: UJjDFFkG5idFe0rTyEPIIN4ZJqAJBjz+JR6hJQSsUzQ=
Subject key identifier: C8:F7:42:34:CC:66:E7:85:4B:73:C8:CA:CD:56:EE:3B:15:2B:08:00
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 019EB593EF2DDF1AF9A949D0DB70E8A27024
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/yPdCNMxm54VLc8jKzVbuOxUrCAA.roa
Signing time: Thu 11 Jun 2026 07:27:11 +0000
ROA not before: Thu 11 Jun 2026 07:27:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39700
IP address blocks: 78.108.128.0/20 maxlen: 24
80.246.202.0/24 maxlen: 24
81.30.38.0/24 maxlen: 24
91.142.240.0/21 maxlen: 24
91.142.248.0/22 maxlen: 24
141.255.178.0/23 maxlen: 23
176.74.224.0/24 maxlen: 24
217.149.141.0/24 maxlen: 24
2001:4cb8::/29 maxlen: 48
2a00:c080:101c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 22:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b5:93:ef:2d:df:1a:f9:a9:49:d0:db:70:e8:a2:70:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jun 11 07:27:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c8f74234cc66e7854b73c8cacd56ee3b152b0800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:20:92:7b:ad:db:de:e3:cf:54:36:77:a2:3f:
61:5e:6b:e1:d3:53:f7:e7:ef:49:8f:25:7f:7f:38:
48:13:2b:c5:6b:f0:75:ea:f5:2a:3e:e9:a9:85:e4:
b1:a9:c4:34:da:ab:5d:31:3f:80:a2:0b:69:e0:03:
65:f6:9d:00:f2:bc:17:f0:b0:d0:fb:79:4c:9a:52:
a5:16:a8:c6:7d:fd:d4:cf:fd:2b:0d:b4:ec:5e:2c:
88:38:a7:38:1c:de:30:de:3a:93:5d:66:da:7c:28:
da:b5:ef:c8:e6:21:2f:25:c8:f4:7c:fa:63:cf:a9:
ff:72:c1:7a:0f:40:71:4b:f8:2f:c8:a8:38:00:38:
fa:d7:7c:bc:2b:98:c2:9d:32:14:a5:4e:6e:a0:c9:
cf:9b:1b:d5:39:49:d7:56:a1:c5:5c:eb:55:ff:a4:
ad:0e:29:74:f2:00:1e:43:eb:a0:0b:af:06:8c:75:
96:08:35:79:66:ed:bc:9a:9b:33:f1:35:df:7a:ca:
77:1b:7b:79:92:fe:94:20:05:ec:e2:d6:65:bf:83:
7e:f1:48:e0:da:77:1a:04:84:2d:80:2f:45:7e:0d:
a6:86:30:ad:b9:22:7b:4f:8e:6f:c6:4f:f7:ce:d7:
5a:06:bd:e1:ce:eb:d9:78:aa:43:fc:4d:19:5f:9c:
81:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F7:42:34:CC:66:E7:85:4B:73:C8:CA:CD:56:EE:3B:15:2B:08:00
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/yPdCNMxm54VLc8jKzVbuOxUrCAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.128.0/20
80.246.202.0/24
81.30.38.0/24
91.142.240.0-91.142.251.255
141.255.178.0/23
176.74.224.0/24
217.149.141.0/24
IPv6:
2001:4cb8::/29
2a00:c080:101c::/48
Signature Algorithm: sha256WithRSAEncryption
a8:cf:3a:62:d3:e5:6f:db:ce:7a:ef:f3:57:d0:16:7a:8f:16:
52:d6:2c:c1:20:cf:aa:66:d3:62:9d:ac:34:c5:78:ae:3d:b4:
a1:f4:c1:05:89:cc:ac:ce:9b:f4:3d:77:9b:37:50:ed:7c:40:
49:f9:99:76:af:ac:67:71:89:bc:e3:5a:17:4c:42:2d:1d:df:
1c:05:08:12:01:a1:7b:f4:03:17:f2:f3:6b:32:0e:61:3a:4a:
ed:ec:a5:d5:81:d5:37:2b:e0:c9:50:dd:bc:3a:b0:70:d8:3e:
c1:2d:15:71:59:e3:17:19:40:a9:c4:1c:8f:37:a0:34:6c:9c:
8d:04:46:c9:8c:85:d7:d5:b6:2a:cc:bd:79:fd:9a:6a:00:90:
65:13:f8:27:86:6c:b0:c8:ee:8e:1e:be:95:a8:a2:29:47:6a:
ff:90:a9:48:f2:f4:c6:5d:20:5d:8c:ef:f2:32:e4:94:86:4a:
9c:70:df:d0:a4:ec:c9:2c:7e:71:cc:f7:c2:21:c9:15:94:fa:
89:b4:d0:11:b3:c1:05:0b:56:3a:5c:d6:27:da:71:2d:dc:99:
ac:e4:a1:e4:d6:25:ce:0c:ea:1a:ff:11:89:b8:67:bd:6f:be:
48:fd:1b:17:3b:69:05:47:a6:4f:99:b8:0d:57:4f:80:29:3f:
f0:ec:7d:a5
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZ61k+8t3xr5qUnQ23DoonAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjYwNjExMDcyNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGY3NDIzNGNjNjZlNzg1NGI3M2M4Y2FjZDU2ZWUzYjE1MmIwODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSCSe63b3uPPVDZ3oj9hXmvh01P3
5+9JjyV/fzhIEyvFa/B16vUqPumpheSxqcQ02qtdMT+Aogtp4ANl9p0A8rwX8LDQ
+3lMmlKlFqjGff3Uz/0rDbTsXiyIOKc4HN4w3jqTXWbafCjate/I5iEvJcj0fPpj
z6n/csF6D0BxS/gvyKg4ADj613y8K5jCnTIUpU5uoMnPmxvVOUnXVqHFXOtV/6St
Dil08gAeQ+ugC68GjHWWCDV5Zu28mpsz8TXfesp3G3t5kv6UIAXs4tZlv4N+8Ujg
2ncaBIQtgC9Ffg2mhjCtuSJ7T45vxk/3ztdaBr3hzuvZeKpD/E0ZX5yBkwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFMj3QjTMZueFS3PIys1W7jsVKwgAMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEveVBkQ05NeG01NFZMYzhqS3pWYnVPeFVyQ0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjA4BAIAATAyAwQETmyAAwQA
UPbKAwQAUR4mMAwDBARbjvADBAJbjvgDBAGN/7IDBACwSuADBADZlY0wFgQCAAIw
EAMFAyABTLgDBwAqAMCAEBwwDQYJKoZIhvcNAQELBQADggEBAKjPOmLT5W/bznrv
81fQFnqPFlLWLMEgz6pm02KdrDTFeK49tKH0wQWJzKzOm/Q9d5s3UO18QEn5mXav
rGdxibzjWhdMQi0d3xwFCBIBoXv0Axfy82syDmE6Su3spdWB1Tcr4MlQ3bw6sHDY
PsEtFXFZ4xcZQKnEHI83oDRsnI0ERsmMhdfVtirMvXn9mmoAkGUT+CeGbLDI7o4e
vpWooilHav+QqUjy9MZdIF2M7/Iy5JSGSpxw39Ck7MksfnHM98IhyRWU+om00BGz
wQULVjpc1ifacS3cmazkoeTWJc4M6hr/EYm4Z71vvkj9Gxc7aQVHpk+ZuA1XT4Ap
P/DsfaU=
-----END CERTIFICATE-----
Generated at Fri Jun 12 07:23:31 2026 by rpki-client