Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Y7fnF9-f-CTGAq6_TmccveJhRos.roa
File: Y7fnF9-f-CTGAq6_TmccveJhRos.roa (raw, json)
Hash identifier: DL28wCNpKtvzp6otyvBeK2fI50Fy7E+8ZKTWJjz5A8Q=
Subject key identifier: 63:B7:E7:17:DF:9F:F8:24:C6:02:AE:BF:4E:67:1C:BD:E2:61:46:8B
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 019E63A2EA2B353A76A148728FDEA9C256A9
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Y7fnF9-f-CTGAq6_TmccveJhRos.roa
Signing time: Tue 26 May 2026 09:34:41 +0000
ROA not before: Tue 26 May 2026 09:34:41 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8795
IP address blocks: 46.10.150.0/24 maxlen: 24
62.176.126.0/24 maxlen: 24
77.85.175.0/24 maxlen: 24
77.85.196.0/24 maxlen: 24
83.228.107.0/24 maxlen: 24
95.43.224.0/24 maxlen: 24
95.43.230.0/24 maxlen: 24
212.5.130.0/24 maxlen: 24
212.5.133.0/24 maxlen: 24
212.5.145.0/24 maxlen: 24
213.16.35.0/24 maxlen: 24
213.91.134.0/24 maxlen: 24
213.91.170.0/24 maxlen: 24
2a01:5a8:7::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:63:a2:ea:2b:35:3a:76:a1:48:72:8f:de:a9:c2:56:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: May 26 09:34:41 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=63b7e717df9ff824c602aebf4e671cbde261468b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:95:f0:60:1a:da:d9:6f:51:fb:d6:28:6b:d1:
07:57:57:42:98:90:64:0e:82:d3:fe:28:c0:95:14:
b5:5e:85:ae:8e:a1:b2:3d:d9:84:a1:92:99:7e:33:
fb:9d:1a:53:d2:22:ad:3b:8d:e0:8b:b1:53:ca:6e:
f4:28:61:f0:8f:95:a9:f3:1a:13:22:47:a5:77:2f:
ae:18:ba:5d:06:12:60:cd:ee:1d:75:14:65:9f:79:
8d:08:bb:5f:4d:fc:95:dd:54:77:bc:f9:02:4c:e6:
d3:9b:f7:b5:9b:d2:ae:d4:8d:14:b1:cf:65:d6:d5:
80:ba:47:4f:9d:6a:97:2c:4d:66:bb:84:31:88:fb:
a5:1e:b2:58:b9:90:40:79:8d:b7:a1:4f:ae:15:20:
29:74:7e:6a:60:39:5d:62:5f:ea:b8:37:57:e9:b0:
39:65:3f:9d:27:e1:2e:ce:fe:7e:b3:0c:1f:88:91:
ca:9c:68:78:cf:58:f0:db:09:bb:3e:b8:13:2d:40:
c2:30:d3:37:4a:51:1a:be:91:eb:b8:58:60:0d:3b:
11:1d:37:ed:08:38:91:d3:e9:89:8a:d9:dc:a6:a2:
2b:11:67:4f:c0:41:38:10:af:2a:23:5f:83:81:59:
f0:1c:2f:4e:b2:1d:d2:ae:f2:22:9c:af:53:6c:14:
25:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B7:E7:17:DF:9F:F8:24:C6:02:AE:BF:4E:67:1C:BD:E2:61:46:8B
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Y7fnF9-f-CTGAq6_TmccveJhRos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.10.150.0/24
62.176.126.0/24
77.85.175.0/24
77.85.196.0/24
83.228.107.0/24
95.43.224.0/24
95.43.230.0/24
212.5.130.0/24
212.5.133.0/24
212.5.145.0/24
213.16.35.0/24
213.91.134.0/24
213.91.170.0/24
IPv6:
2a01:5a8:7::/56
Signature Algorithm: sha256WithRSAEncryption
73:32:40:4e:fe:7a:cc:21:13:a7:30:9e:2d:b4:fb:9c:28:67:
6a:07:93:2c:bd:e5:5b:10:b6:9f:5f:ae:7b:41:9b:4a:24:27:
7d:a7:4c:ca:f2:82:ea:90:4d:a1:e6:d3:f6:b2:3e:01:12:c1:
6e:bd:7e:6e:db:11:a3:ff:70:d5:2b:0d:56:9e:aa:c9:3f:0f:
ec:9f:c5:bc:0d:d8:49:53:f7:9a:d4:eb:01:20:ef:28:a5:5f:
ce:8c:8c:27:1e:71:16:e8:c6:b4:ad:0a:ac:ab:87:05:a8:f8:
9e:26:a8:39:a9:59:dc:37:f6:3b:ff:08:5e:09:74:c1:23:74:
e3:1b:2d:c2:7f:69:12:a3:da:79:72:1c:de:e5:fd:ff:c7:ce:
82:ea:62:68:df:bd:ec:e7:12:e7:c3:a6:56:42:10:25:f6:e0:
a6:8d:06:aa:8e:a4:ab:79:19:42:bf:6e:f0:8e:3f:5d:46:b2:
f1:fd:dd:21:22:b4:67:ed:3b:61:d2:95:76:4e:90:1a:d4:f2:
5f:da:b4:94:b2:cd:a8:b4:9e:12:8d:2c:0f:df:eb:47:3d:f1:
31:1c:b3:aa:ae:4d:60:8e:a1:37:30:13:3a:8b:ef:cc:1e:ff:
0e:ad:61:8c:54:8c:09:0f:7a:45:ee:05:22:3a:16:fd:22:87:
54:4d:30:5d
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZ5jouorNTp2oUhyj96pwlapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjYwNTI2MDkzNDQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2I3ZTcxN2RmOWZmODI0YzYwMmFlYmY0ZTY3MWNiZGUyNjE0NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5XwYBra2W9R+9Yoa9EHV1dCmJBk
DoLT/ijAlRS1XoWujqGyPdmEoZKZfjP7nRpT0iKtO43gi7FTym70KGHwj5Wp8xoT
Ikeldy+uGLpdBhJgze4ddRRln3mNCLtfTfyV3VR3vPkCTObTm/e1m9Ku1I0Usc9l
1tWAukdPnWqXLE1mu4QxiPulHrJYuZBAeY23oU+uFSApdH5qYDldYl/quDdX6bA5
ZT+dJ+Euzv5+swwfiJHKnGh4z1jw2wm7PrgTLUDCMNM3SlEavpHruFhgDTsRHTft
CDiR0+mJitncpqIrEWdPwEE4EK8qI1+DgVnwHC9Osh3SrvIinK9TbBQljQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFGO35xffn/gkxgKuv05nHL3iYUaLMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvWTdmbkY5LWYtQ1RHQXE2X1RtY2N2ZUpoUm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBUBAIAATBOAwQALgqWAwQA
PrB+AwQATVWvAwQATVXEAwQAU+RrAwQAXyvgAwQAXyvmAwQA1AWCAwQA1AWFAwQA
1AWRAwQA1RAjAwQA1VuGAwQA1VuqMBAEAgACMAoDCAAqAQWoAAcAMA0GCSqGSIb3
DQEBCwUAA4IBAQBzMkBO/nrMIROnMJ4ttPucKGdqB5MsveVbELafX657QZtKJCd9
p0zK8oLqkE2h5tP2sj4BEsFuvX5u2xGj/3DVKw1WnqrJPw/sn8W8DdhJU/ea1OsB
IO8opV/OjIwnHnEW6Ma0rQqsq4cFqPieJqg5qVncN/Y7/wheCXTBI3TjGy3Cf2kS
o9p5chze5f3/x86C6mJo373s5xLnw6ZWQhAl9uCmjQaqjqSreRlCv27wjj9dRrLx
/d0hIrRn7Tth0pV2TpAa1PJf2rSUss2otJ4SjSwP3+tHPfExHLOqrk1gjqE3MBM6
i+/MHv8OrWGMVIwJD3pF7gUiOhb9IodUTTBd
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:03:44 2026 by rpki-client