Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/rYBbbZbaSpYI3VsNcTxJfCny0P8.roa
File: rYBbbZbaSpYI3VsNcTxJfCny0P8.roa (raw, json)
Hash identifier: dXyRGY+rTBPSQJnVZHUIy5ttKRmSJde9WkRmwq0FUYE=
Subject key identifier: AD:80:5B:6D:96:DA:4A:96:08:DD:5B:0D:71:3C:49:7C:29:F2:D0:FF
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 019DCFD6B119640674B44202D0BCA11AED2C
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/rYBbbZbaSpYI3VsNcTxJfCny0P8.roa
Signing time: Mon 27 Apr 2026 16:47:26 +0000
ROA not before: Mon 27 Apr 2026 16:47:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15830
IP address blocks: 137.174.0.0/16 maxlen: 22
137.174.128.0/18 maxlen: 22
137.174.192.0/19 maxlen: 22
141.137.0.0/16 maxlen: 22
141.137.232.0/24 maxlen: 24
147.123.32.0/19 maxlen: 24
147.123.128.0/17 maxlen: 22
147.123.208.0/21 maxlen: 24
155.204.0.0/16 maxlen: 22
155.204.119.0/24 maxlen: 24
155.204.128.0/18 maxlen: 22
155.204.200.0/21 maxlen: 24
155.204.208.0/21 maxlen: 21
155.204.216.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.mft
rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 16:47:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:d6:b1:19:64:06:74:b4:42:02:d0:bc:a1:1a:ed:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Apr 27 16:47:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ad805b6d96da4a9608dd5b0d713c497c29f2d0ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0b:30:18:30:ae:53:f1:53:b0:f5:b3:39:8d:
52:c8:a9:98:97:f7:b4:a2:72:f1:10:bd:5d:f4:63:
11:75:ee:bc:a5:de:75:2a:d0:06:72:a9:88:8b:af:
00:0b:cc:97:99:7c:80:19:48:d2:2a:ab:8e:dd:65:
c3:67:d1:99:4e:46:3b:d3:5a:84:71:eb:8b:d6:d8:
c6:d6:95:3a:87:b0:6a:be:76:bf:a8:96:33:9b:ff:
95:e1:28:cc:e0:8f:33:c9:fc:1b:d9:23:35:6a:88:
9e:8a:4e:a3:12:62:72:7d:37:1c:08:cc:0d:d8:9e:
ae:5a:6a:5c:ec:03:db:02:72:62:2f:41:4f:84:d5:
9d:ac:49:ad:4e:2a:c1:59:8e:cf:d1:f7:17:4c:4b:
f2:81:4a:2e:79:36:e8:28:ce:2b:1a:48:d0:96:6e:
18:74:5f:75:d0:16:4f:be:f3:9b:27:00:34:43:16:
bb:a8:2a:77:55:2a:ed:da:73:76:89:9d:f8:73:4e:
ff:08:50:9e:49:a0:64:f1:fe:84:c7:79:56:92:2f:
9b:52:0d:46:77:65:ba:3b:5f:b5:42:a7:1f:8a:8e:
52:aa:1e:4a:1e:0d:fe:50:90:2d:60:fa:81:fe:99:
e5:59:0e:ae:16:67:fc:b0:dc:d2:c4:56:f7:97:cd:
b5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:80:5B:6D:96:DA:4A:96:08:DD:5B:0D:71:3C:49:7C:29:F2:D0:FF
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/rYBbbZbaSpYI3VsNcTxJfCny0P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.174.0.0/16
141.137.0.0/16
147.123.32.0/19
147.123.128.0/17
155.204.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:22:5b:09:29:1b:1e:31:97:f2:b2:d0:05:b6:5a:97:73:c9:
79:28:bc:22:5f:19:4d:32:5f:9a:e1:b9:7c:ac:97:ed:41:63:
cd:42:2e:6d:08:2f:8e:f0:cf:7e:05:75:1a:83:66:df:d5:d1:
56:99:bd:ea:14:77:f7:45:87:57:2f:00:91:a2:d9:84:96:28:
0a:fc:19:1f:25:dd:3b:4e:0e:07:cb:01:5b:37:f7:cd:de:53:
45:46:55:04:0e:31:3c:be:01:17:55:23:fa:f1:c0:ba:38:30:
88:9a:60:15:89:c0:df:48:80:27:11:21:f1:da:ba:d2:14:bc:
59:1e:63:a9:dc:36:03:70:0a:a1:63:db:63:1e:a5:59:d3:78:
74:b0:38:4b:a5:37:97:78:d1:86:00:93:95:c4:ee:ea:c8:4f:
f6:e0:e8:82:af:ca:64:ef:86:3f:3a:38:bd:f9:c1:34:55:06:
be:6b:09:c2:e8:e6:67:30:da:43:0b:66:59:09:b0:05:43:c6:
d2:27:50:32:02:a2:70:2a:0c:43:79:a3:cd:f2:cb:4a:c0:7d:
a7:27:55:ca:06:02:0a:45:55:f9:34:e3:fc:5b:b2:e5:b3:86:
40:eb:58:d7:5d:14:35:bf:6d:7a:53:ea:61:a4:28:54:06:a8:
94:bc:3d:91
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ3P1rEZZAZ0tEIC0LyhGu0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjYwNDI3MTY0NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDgwNWI2ZDk2ZGE0YTk2MDhkZDViMGQ3MTNjNDk3YzI5ZjJkMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgswGDCuU/FTsPWzOY1SyKmYl/e0
onLxEL1d9GMRde68pd51KtAGcqmIi68AC8yXmXyAGUjSKquO3WXDZ9GZTkY701qE
ceuL1tjG1pU6h7Bqvna/qJYzm/+V4SjM4I8zyfwb2SM1aoieik6jEmJyfTccCMwN
2J6uWmpc7APbAnJiL0FPhNWdrEmtTirBWY7P0fcXTEvygUoueTboKM4rGkjQlm4Y
dF910BZPvvObJwA0Qxa7qCp3VSrt2nN2iZ34c07/CFCeSaBk8f6Ex3lWki+bUg1G
d2W6O1+1Qqcfio5Sqh5KHg3+UJAtYPqB/pnlWQ6uFmf8sNzSxFb3l821nwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK2AW22W2kqWCN1bDXE8SXwp8tD/MB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvcllCYmJaYmFTcFlJM1ZzTmNUeEpmQ255MFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbAwMAia4DAwCN
iQMEBZN7IAMEB5N7gAMDAJvMMA0GCSqGSIb3DQEBCwUAA4IBAQCsIlsJKRseMZfy
stAFtlqXc8l5KLwiXxlNMl+a4bl8rJftQWPNQi5tCC+O8M9+BXUag2bf1dFWmb3q
FHf3RYdXLwCRotmEligK/BkfJd07Tg4HywFbN/fN3lNFRlUEDjE8vgEXVSP68cC6
ODCImmAVicDfSIAnESHx2rrSFLxZHmOp3DYDcAqhY9tjHqVZ03h0sDhLpTeXeNGG
AJOVxO7qyE/24OiCr8pk74Y/Oji9+cE0VQa+awnC6OZnMNpDC2ZZCbAFQ8bSJ1Ay
AqJwKgxDeaPN8stKwH2nJ1XKBgIKRVX5NOP8W7Lls4ZA61jXXRQ1v216U+phpChU
BqiUvD2R
-----END CERTIFICATE-----
Generated at Mon Apr 27 20:07:44 2026 by rpki-client