Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/ya9LYPXvHEEXO5XvEJTV9ST8Zk0.roa
File: ya9LYPXvHEEXO5XvEJTV9ST8Zk0.roa (raw, json)
Hash identifier: cgKvDxCnzGGms11PufhD9gT5FhjHVHi9rSIbt12B0YM=
Subject key identifier: C9:AF:4B:60:F5:EF:1C:41:17:3B:95:EF:10:94:D5:F5:24:FC:66:4D
Certificate issuer: /CN=93202129969576ce357fae26c9c7cf98a8250ea6
Certificate serial: 019E737153060A77FBE72EE13E749B5BB1F8
Authority key identifier: 93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/ya9LYPXvHEEXO5XvEJTV9ST8Zk0.roa
Signing time: Fri 29 May 2026 11:14:26 +0000
ROA not before: Fri 29 May 2026 11:14:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6677
IP address blocks: 31.209.192.0/18 maxlen: 18
85.220.0.0/17 maxlen: 17
157.157.0.0/16 maxlen: 16
157.157.2.0/24 maxlen: 24
157.157.4.0/24 maxlen: 24
157.157.136.0/24 maxlen: 24
157.157.184.0/22 maxlen: 22
157.157.221.0/24 maxlen: 24
192.147.34.0/24 maxlen: 24
194.105.224.0/19 maxlen: 19
194.105.224.0/24 maxlen: 24
212.30.192.0/19 maxlen: 19
212.30.212.0/24 maxlen: 24
213.167.128.0/19 maxlen: 19
213.167.150.0/24 maxlen: 24
213.167.152.0/24 maxlen: 24
2001:1a98::/29 maxlen: 29
2001:1a98::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.mft
rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:71:53:06:0a:77:fb:e7:2e:e1:3e:74:9b:5b:b1:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93202129969576ce357fae26c9c7cf98a8250ea6
Validity
Not Before: May 29 11:14:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c9af4b60f5ef1c41173b95ef1094d5f524fc664d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b3:c8:8e:a7:62:27:65:21:4b:de:a3:e5:3e:
65:ec:c5:06:6a:63:e1:72:a2:c0:d7:5f:3a:24:9f:
4f:e9:74:d6:79:b0:d2:c9:8a:06:fa:1d:23:3c:29:
be:44:0f:86:a2:44:86:73:1a:25:06:3a:7d:98:b6:
58:2b:ea:b5:b9:51:81:58:f3:31:1b:66:cf:96:6f:
b1:ac:ca:ec:28:dc:42:38:62:3c:a5:bf:f6:8e:6e:
b9:d7:d0:5a:c7:1d:84:85:66:ab:f4:7c:fb:c2:33:
27:31:db:da:57:71:58:bf:7a:82:75:28:bc:bb:e3:
95:2b:e6:1b:0a:60:69:5a:29:2b:0e:02:e3:3a:a6:
03:49:cb:df:97:a6:c2:e0:42:a0:cd:31:d7:9e:ea:
87:d0:14:8e:40:bb:b7:4f:c8:d9:53:91:dd:d7:74:
9f:49:2e:5a:eb:e3:72:f7:dd:6d:a0:df:04:76:43:
4a:37:9f:32:b4:44:50:bb:23:27:b1:e3:f6:f0:4c:
13:2c:26:a4:c4:43:54:f3:13:3e:8d:89:b6:aa:b9:
96:d5:b6:37:81:b4:d5:80:b4:b5:18:e9:95:fc:e9:
e0:9b:53:d3:70:70:5a:2e:e8:2b:37:52:75:d8:f3:
67:3c:11:d5:ce:35:67:fd:2c:89:da:c5:46:03:d1:
c7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AF:4B:60:F5:EF:1C:41:17:3B:95:EF:10:94:D5:F5:24:FC:66:4D
X509v3 Authority Key Identifier:
keyid:93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/ya9LYPXvHEEXO5XvEJTV9ST8Zk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.192.0/18
85.220.0.0/17
157.157.0.0/16
192.147.34.0/24
194.105.224.0/19
212.30.192.0/19
213.167.128.0/19
IPv6:
2001:1a98::/29
Signature Algorithm: sha256WithRSAEncryption
2c:4b:43:3e:a6:49:74:00:56:57:d2:45:bf:ad:92:e6:90:e8:
95:3d:75:66:cc:cf:cf:fb:05:64:13:bc:ac:99:12:f3:bf:81:
2b:78:49:6c:06:c2:0b:3d:8a:28:2f:6c:17:7f:7c:10:e6:29:
93:a3:e8:4a:fe:c3:bb:bf:34:01:bd:e2:a9:c0:1c:14:03:2f:
ad:42:e8:63:c6:56:e8:17:26:72:5b:c5:1b:ae:34:cd:25:c9:
da:20:11:2a:d3:b5:e7:35:97:cc:f5:35:f5:5b:17:35:ee:6a:
89:05:ae:06:36:7a:96:0f:a2:b9:ea:55:e9:8b:94:21:b6:39:
c2:28:4e:e5:a5:1e:9e:13:d7:db:67:50:5d:41:a7:22:1f:4a:
f0:5e:5d:a8:63:e1:03:14:6c:3f:21:8e:74:69:a4:27:a9:24:
7c:96:bf:35:cf:02:d0:19:9d:2b:16:04:94:7c:6b:2a:0d:0f:
c3:69:11:d7:3b:fc:d1:87:f4:77:cf:ed:2d:ae:84:d4:5e:48:
29:47:cb:5a:eb:3a:54:32:47:10:62:53:98:04:a1:42:08:c5:
58:9a:96:6a:a5:ef:0c:b2:12:90:8b:95:5a:bf:8f:84:5c:da:
ed:59:17:65:fd:eb:d9:22:7c:9f:0c:16:ac:09:00:1e:aa:4b:
11:f6:fe:6f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ5zcVMGCnf75y7hPnSbW7H4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjAyMTI5OTY5NTc2Y2UzNTdmYWUyNmM5YzdjZjk4YTgy
NTBlYTYwHhcNMjYwNTI5MTExNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFmNGI2MGY1ZWYxYzQxMTczYjk1ZWYxMDk0ZDVmNTI0ZmM2NjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLPIjqdiJ2UhS96j5T5l7MUGamPh
cqLA1186JJ9P6XTWebDSyYoG+h0jPCm+RA+GokSGcxolBjp9mLZYK+q1uVGBWPMx
G2bPlm+xrMrsKNxCOGI8pb/2jm6519Baxx2EhWar9Hz7wjMnMdvaV3FYv3qCdSi8
u+OVK+YbCmBpWikrDgLjOqYDScvfl6bC4EKgzTHXnuqH0BSOQLu3T8jZU5Hd13Sf
SS5a6+Ny991toN8EdkNKN58ytERQuyMnseP28EwTLCakxENU8xM+jYm2qrmW1bY3
gbTVgLS1GOmV/Ongm1PTcHBaLugrN1J12PNnPBHVzjVn/SyJ2sVGA9HHJwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMmvS2D17xxBFzuV7xCU1fUk/GZNMB8GA1UdIwQY
MBaAFJMgISmWlXbONX+uJsnHz5ioJQ6mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMt
NWFkNThhYmZiYjFmLzEveWE5TFlQWHZIRUVYTzVYdkVKVFY5U1Q4WmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMtNWFkNThhYmZiYjFm
LzEva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGH9HAAwQH
VdwAAwMAnZ0DBADAkyIDBAXCaeADBAXUHsADBAXVp4AwDQQCAAIwBwMFAyABGpgw
DQYJKoZIhvcNAQELBQADggEBACxLQz6mSXQAVlfSRb+tkuaQ6JU9dWbMz8/7BWQT
vKyZEvO/gSt4SWwGwgs9iigvbBd/fBDmKZOj6Er+w7u/NAG94qnAHBQDL61C6GPG
VugXJnJbxRuuNM0lydogESrTtec1l8z1NfVbFzXuaokFrgY2epYPornqVemLlCG2
OcIoTuWlHp4T19tnUF1BpyIfSvBeXahj4QMUbD8hjnRppCepJHyWvzXPAtAZnSsW
BJR8ayoND8NpEdc7/NGH9HfP7S2uhNReSClHy1rrOlQyRxBiU5gEoUIIxVialmql
7wyyEpCLlVq/j4Rc2u1ZF2X969kifJ8MFqwJAB6qSxH2/m8=
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:21:30 2026 by rpki-client