Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/YMptQVK4HH5vDul8RiYPM5BA3i4.roa
File: YMptQVK4HH5vDul8RiYPM5BA3i4.roa (raw, json)
Hash identifier: 6IlPlDIrNnILGNV4XcoHgemdeW+kMLsTXUGyZB/VOA8=
Subject key identifier: 60:CA:6D:41:52:B8:1C:7E:6F:0E:E9:7C:46:26:0F:33:90:40:DE:2E
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 019E316D17E435F9409A367F7FD0D3C2AC0B
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/YMptQVK4HH5vDul8RiYPM5BA3i4.roa
Signing time: Sat 16 May 2026 15:34:53 +0000
ROA not before: Sat 16 May 2026 15:34:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209181
IP address blocks: 185.11.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 22:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:31:6d:17:e4:35:f9:40:9a:36:7f:7f:d0:d3:c2:ac:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: May 16 15:34:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=60ca6d4152b81c7e6f0ee97c46260f339040de2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9d:79:69:f7:7c:0d:71:5a:93:99:1b:20:1a:
8b:95:95:33:c6:aa:fe:6b:44:1b:04:23:b1:a7:90:
1b:d0:92:f6:88:d6:58:c2:9b:72:0c:7d:d3:c6:dd:
2c:32:34:ba:1b:b8:af:74:68:6a:8a:94:e8:0b:7f:
e1:5a:78:44:b2:09:e2:c3:d9:38:70:64:25:28:78:
f5:7c:26:4a:40:87:c4:2f:6b:fc:90:95:0b:7c:70:
c2:d3:ac:62:eb:4a:33:1e:65:bb:74:5d:55:e5:7c:
70:a8:87:f1:a8:c9:a4:fc:08:57:e0:e3:e0:48:75:
9a:bc:99:96:30:d7:8f:02:23:b1:d4:27:50:ef:8b:
87:1e:e6:44:33:41:43:af:b2:49:76:23:82:b9:6d:
0e:18:7b:ab:87:1f:76:42:04:58:a2:7f:4f:d9:ac:
61:1a:65:5b:6e:81:6a:c9:65:e7:67:16:50:4c:d1:
50:b9:23:91:b7:8c:90:25:d5:eb:52:cd:1f:42:c6:
67:47:72:20:2f:4a:6b:dc:46:73:8a:ff:36:5d:a7:
fe:d2:d0:2d:45:96:8f:a5:e2:87:96:eb:d3:7c:17:
45:c7:a0:59:3c:3c:8a:f3:cd:b6:61:fd:5c:58:dc:
64:b2:17:f1:53:e1:93:0f:dd:ca:2a:af:09:61:f2:
30:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:CA:6D:41:52:B8:1C:7E:6F:0E:E9:7C:46:26:0F:33:90:40:DE:2E
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/YMptQVK4HH5vDul8RiYPM5BA3i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.219.0/24
Signature Algorithm: sha256WithRSAEncryption
52:11:70:5c:a5:c9:d6:a2:84:da:4c:f5:81:8b:6b:43:83:a5:
90:b1:cc:8a:31:9f:82:fb:4b:da:82:25:c0:5d:a9:2d:ca:65:
1f:09:da:8e:de:92:06:fa:31:83:54:0c:08:3c:9b:75:84:8c:
7f:27:da:3d:9d:0e:4e:ab:bd:49:28:3d:d1:f0:96:aa:b5:2f:
c7:ac:2a:b4:79:75:6c:d6:4a:cc:03:0f:3d:c0:99:41:6a:45:
b2:04:0f:35:9f:43:14:96:c0:82:85:6d:cd:1a:06:01:32:97:
8a:90:10:66:7f:ce:17:0d:71:2b:18:a5:28:e0:a4:32:3b:5c:
45:9a:62:97:cb:32:9d:a2:04:00:87:0a:86:17:62:f1:e7:af:
e5:9f:7f:bd:ff:85:e6:7f:39:c6:39:3f:50:8c:45:7e:dd:31:
1f:d1:3f:08:93:57:3f:7e:78:12:43:aa:85:37:1e:0b:c4:2e:
c9:7d:ad:e6:c7:4d:33:7a:d1:73:b2:84:f4:ad:2d:ef:c2:a1:
cd:78:96:99:01:32:ce:ad:f5:91:0b:31:b8:cb:50:ec:a6:d2:
a2:5b:b4:80:27:00:cc:48:75:b5:e9:2e:98:1e:83:c4:e0:ff:
9d:1f:95:fe:62:63:4a:90:1d:27:52:2c:a3:a1:b6:39:6b:97:
57:fa:3c:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4xbRfkNflAmjZ/f9DTwqwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjYwNTE2MTUzNDUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGNhNmQ0MTUyYjgxYzdlNmYwZWU5N2M0NjI2MGYzMzkwNDBkZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl515afd8DXFak5kbIBqLlZUzxqr+
a0QbBCOxp5Ab0JL2iNZYwptyDH3Txt0sMjS6G7ivdGhqipToC3/hWnhEsgniw9k4
cGQlKHj1fCZKQIfEL2v8kJULfHDC06xi60ozHmW7dF1V5XxwqIfxqMmk/AhX4OPg
SHWavJmWMNePAiOx1CdQ74uHHuZEM0FDr7JJdiOCuW0OGHurhx92QgRYon9P2axh
GmVbboFqyWXnZxZQTNFQuSORt4yQJdXrUs0fQsZnR3IgL0pr3EZziv82Xaf+0tAt
RZaPpeKHluvTfBdFx6BZPDyK8822Yf1cWNxkshfxU+GTD93KKq8JYfIw9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDKbUFSuBx+bw7pfEYmDzOQQN4uMB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvWU1wdFFWSzRISDV2RHVsOFJpWVBNNUJBM2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQvbMA0G
CSqGSIb3DQEBCwUAA4IBAQBSEXBcpcnWooTaTPWBi2tDg6WQscyKMZ+C+0vagiXA
XaktymUfCdqO3pIG+jGDVAwIPJt1hIx/J9o9nQ5Oq71JKD3R8JaqtS/HrCq0eXVs
1krMAw89wJlBakWyBA81n0MUlsCChW3NGgYBMpeKkBBmf84XDXErGKUo4KQyO1xF
mmKXyzKdogQAhwqGF2Lx56/ln3+9/4XmfznGOT9QjEV+3TEf0T8Ik1c/fngSQ6qF
Nx4LxC7Jfa3mx00zetFzsoT0rS3vwqHNeJaZATLOrfWRCzG4y1DsptKiW7SAJwDM
SHW16S6YHoPE4P+dH5X+YmNKkB0nUiyjobY5a5dX+jxR
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:41:09 2026 by rpki-client