Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PYAhWaZUowIGrqeW6CB4pMcqd4Q.roa
File: PYAhWaZUowIGrqeW6CB4pMcqd4Q.roa (raw, json)
Hash identifier: ZxFwgLcxsV0McmvOTXcX2ntiT4G8GqpFB/14jFAh7q0=
Subject key identifier: 3D:80:21:59:A6:54:A3:02:06:AE:A7:96:E8:20:78:A4:C7:2A:77:84
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019ECAB622831B63511643AA9F84A55BF68C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PYAhWaZUowIGrqeW6CB4pMcqd4Q.roa
Signing time: Mon 15 Jun 2026 09:56:34 +0000
ROA not before: Mon 15 Jun 2026 09:56:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63023
IP address blocks: 2.56.117.0/24 maxlen: 24
5.180.23.0/24 maxlen: 24
45.9.5.0/24 maxlen: 24
45.9.17.0/24 maxlen: 24
45.66.164.0/24 maxlen: 24
45.82.253.0/24 maxlen: 24
45.86.71.0/24 maxlen: 24
45.86.76.0/24 maxlen: 24
45.86.77.0/24 maxlen: 24
45.88.160.0/22 maxlen: 24
45.88.170.0/24 maxlen: 24
45.88.171.0/24 maxlen: 24
45.88.178.0/24 maxlen: 24
45.88.179.0/24 maxlen: 24
45.88.181.0/24 maxlen: 24
45.89.96.0/24 maxlen: 24
45.89.98.0/24 maxlen: 24
45.89.197.0/24 maxlen: 24
45.89.198.0/24 maxlen: 24
45.89.199.0/24 maxlen: 24
45.136.115.0/24 maxlen: 24
45.149.112.0/24 maxlen: 24
92.118.229.0/24 maxlen: 24
95.214.248.0/24 maxlen: 24
139.28.234.0/23 maxlen: 24
141.98.167.0/24 maxlen: 24
171.22.110.0/23 maxlen: 24
185.161.70.0/24 maxlen: 24
185.166.152.0/24 maxlen: 24
194.36.38.0/24 maxlen: 24
213.59.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 19:42:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ca:b6:22:83:1b:63:51:16:43:aa:9f:84:a5:5b:f6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 15 09:56:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3d802159a654a30206aea796e82078a4c72a7784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c9:a2:11:58:ab:2a:f4:56:44:dd:cf:21:63:
ee:ac:ef:27:f8:0d:38:c9:9c:7f:d6:4a:b5:74:f7:
16:34:53:20:60:96:0a:31:2f:7c:bf:b5:33:01:f7:
96:22:ab:36:0c:23:07:10:7f:0e:dd:c4:79:d8:83:
e9:67:4f:3b:84:55:81:f5:21:c7:80:1b:2a:0f:66:
c4:2e:50:8e:34:b3:d3:20:9e:8a:00:a2:38:00:ef:
8f:44:9d:92:d8:05:92:41:13:b6:25:b4:ef:66:ba:
3b:c8:76:63:70:11:af:db:3f:b5:2b:49:00:df:d2:
80:12:39:69:06:54:8f:21:c7:6f:8e:b3:a3:7c:d3:
61:6a:07:7e:6a:49:d8:b5:ba:00:f8:f8:0d:65:cd:
43:95:de:b3:4c:24:e4:4d:ec:ce:bd:de:a2:50:df:
79:54:b8:0f:38:a9:f4:9a:71:c1:24:f2:fb:f3:48:
78:4d:f9:76:1a:12:27:a1:c1:59:73:a7:73:8f:3e:
93:1f:7e:0c:4f:c7:68:eb:8a:bd:fb:a2:e9:52:c1:
cd:4c:03:e9:04:e0:0d:7b:f7:f4:14:3c:18:b5:74:
01:cf:f3:30:92:4e:9f:10:79:f4:82:ff:08:4c:1c:
c9:b1:b1:95:42:03:96:60:76:26:0f:00:b0:96:b6:
ee:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:80:21:59:A6:54:A3:02:06:AE:A7:96:E8:20:78:A4:C7:2A:77:84
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PYAhWaZUowIGrqeW6CB4pMcqd4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.117.0/24
5.180.23.0/24
45.9.5.0/24
45.9.17.0/24
45.66.164.0/24
45.82.253.0/24
45.86.71.0/24
45.86.76.0/23
45.88.160.0/22
45.88.170.0/23
45.88.178.0/23
45.88.181.0/24
45.89.96.0/24
45.89.98.0/24
45.89.197.0-45.89.199.255
45.136.115.0/24
45.149.112.0/24
92.118.229.0/24
95.214.248.0/24
139.28.234.0/23
141.98.167.0/24
171.22.110.0/23
185.161.70.0/24
185.166.152.0/24
194.36.38.0/24
213.59.112.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:68:64:4e:47:01:72:bf:ea:1d:17:79:74:84:e1:96:16:a3:
22:47:ec:92:57:7e:0a:e1:ba:55:b6:6a:5f:fe:a7:4c:d7:54:
61:8f:38:26:b7:2f:94:dd:fd:cc:56:b0:ed:9f:ac:81:85:74:
2e:ed:31:de:39:3e:11:eb:88:70:7b:b0:3a:3d:41:50:79:33:
e3:a8:d6:ee:bd:5b:50:52:0c:0a:3d:92:f5:89:38:fa:ba:06:
78:f4:4a:18:e6:9e:c3:5a:66:13:01:cf:d1:d2:4b:18:18:e6:
57:76:af:18:e8:5b:ee:42:14:cd:61:c1:a2:1b:cb:81:cb:e4:
d2:f8:bf:7a:fe:3c:27:14:2c:42:48:4a:46:22:f4:1e:e3:87:
6e:60:28:9a:db:b6:c8:e3:05:58:b6:f6:1f:2f:e3:79:51:f6:
4c:d6:dc:95:95:6e:bc:20:22:02:b5:eb:7d:c2:9c:5e:bb:9f:
75:2d:c6:0c:6d:d9:55:42:16:80:47:60:4a:e5:56:00:35:6f:
d2:1a:0c:1b:37:af:30:40:84:f6:43:86:58:9d:21:8c:41:a5:
94:c6:0f:13:de:eb:e4:40:db:55:85:da:9b:1d:f2:13:bf:b4:
2e:0c:69:42:a5:9a:cf:59:cc:5e:33:61:78:8c:75:84:60:8b:
1d:9a:fd:03
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZ7KtiKDG2NRFkOqn4SlW/aMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNjE1MDk1NjM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDgwMjE1OWE2NTRhMzAyMDZhZWE3OTZlODIwNzhhNGM3MmE3Nzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8miEVirKvRWRN3PIWPurO8n+A04
yZx/1kq1dPcWNFMgYJYKMS98v7UzAfeWIqs2DCMHEH8O3cR52IPpZ087hFWB9SHH
gBsqD2bELlCONLPTIJ6KAKI4AO+PRJ2S2AWSQRO2JbTvZro7yHZjcBGv2z+1K0kA
39KAEjlpBlSPIcdvjrOjfNNhagd+aknYtboA+PgNZc1Dld6zTCTkTezOvd6iUN95
VLgPOKn0mnHBJPL780h4Tfl2GhInocFZc6dzjz6TH34MT8do64q9+6LpUsHNTAPp
BOANe/f0FDwYtXQBz/Mwkk6fEHn0gv8ITBzJsbGVQgOWYHYmDwCwlrbuswIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFD2AIVmmVKMCBq6nluggeKTHKneEMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvUFlBaFdhWlVvd0lHcnFlVzZDQjRwTWNxZDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAC
OHUDBAAFtBcDBAAtCQUDBAAtCREDBAAtQqQDBAAtUv0DBAAtVkcDBAEtVkwDBAIt
WKADBAEtWKoDBAEtWLIDBAAtWLUDBAAtWWADBAAtWWIwDAMEAC1ZxQMEAy1ZwAME
AC2IcwMEAC2VcAMEAFx25QMEAF/W+AMEAYsc6gMEAI1ipwMEAasWbgMEALmhRgME
ALmmmAMEAMIkJgMEANU7cDANBgkqhkiG9w0BAQsFAAOCAQEA1mhkTkcBcr/qHRd5
dIThlhajIkfskld+CuG6VbZqX/6nTNdUYY84JrcvlN39zFaw7Z+sgYV0Lu0x3jk+
EeuIcHuwOj1BUHkz46jW7r1bUFIMCj2S9Yk4+roGePRKGOaew1pmEwHP0dJLGBjm
V3avGOhb7kIUzWHBohvLgcvk0vi/ev48JxQsQkhKRiL0HuOHbmAomtu2yOMFWLb2
Hy/jeVH2TNbclZVuvCAiArXrfcKcXrufdS3GDG3ZVUIWgEdgSuVWADVv0hoMGzev
MECE9kOGWJ0hjEGllMYPE97r5EDbVYXamx3yE7+0LgxpQqWaz1nMXjNheIx1hGCL
HZr9Aw==
-----END CERTIFICATE-----
Generated at Thu Jun 18 03:45:29 2026 by rpki-client