Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/Y-KOAHOLABX3sY4gJm3A6nvrqgk.roa
File: Y-KOAHOLABX3sY4gJm3A6nvrqgk.roa (raw, json)
Hash identifier: jTbxGKNlR+XX6Qac6sKrcuIPfzi6QGetIT0dTM9/L6c=
Subject key identifier: 63:E2:8E:00:73:8B:00:15:F7:B1:8E:20:26:6D:C0:EA:7B:EB:AA:09
Certificate issuer: /CN=0b9d86096a49110cf9bf670240b519315b66abcb
Certificate serial: 019E9292BAA93C420A513A3E861AE5A8A9CE
Authority key identifier: 0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/Y-KOAHOLABX3sY4gJm3A6nvrqgk.roa
Signing time: Thu 04 Jun 2026 12:19:09 +0000
ROA not before: Thu 04 Jun 2026 12:19:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20559
IP address blocks: 5.172.40.0/21 maxlen: 24
31.200.208.0/21 maxlen: 24
37.220.168.0/21 maxlen: 21
45.13.164.0/22 maxlen: 24
45.133.196.0/22 maxlen: 24
45.146.124.0/22 maxlen: 24
46.19.216.0/21 maxlen: 24
46.226.88.0/21 maxlen: 24
85.209.108.0/22 maxlen: 24
88.218.152.0/22 maxlen: 24
91.210.127.0/24 maxlen: 24
91.218.148.0/22 maxlen: 24
91.224.248.0/23 maxlen: 24
93.186.176.0/20 maxlen: 24
185.46.64.0/22 maxlen: 24
185.51.56.0/22 maxlen: 24
185.113.84.0/22 maxlen: 24
185.122.116.0/22 maxlen: 24
193.37.204.0/22 maxlen: 24
193.187.188.0/22 maxlen: 24
194.213.112.0/23 maxlen: 24
2a00:d10::/32 maxlen: 48
2a00:d1c0::/32 maxlen: 32
2a02:ac40::/29 maxlen: 29
2a03:3400::/32 maxlen: 48
2a06:6940::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 07:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:92:92:ba:a9:3c:42:0a:51:3a:3e:86:1a:e5:a8:a9:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b9d86096a49110cf9bf670240b519315b66abcb
Validity
Not Before: Jun 4 12:19:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=63e28e00738b0015f7b18e20266dc0ea7bebaa09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0b:47:90:e7:ad:f6:eb:ca:29:f6:87:9a:80:
91:a6:5a:43:06:9a:60:7a:2f:fa:f2:5d:89:7f:74:
4a:8e:95:93:f5:24:66:41:74:20:4c:f2:7d:f7:ac:
9c:d5:65:15:65:20:95:b2:cb:0c:80:9e:48:ed:b9:
a1:56:51:f0:7f:1c:74:c2:ff:37:29:6e:f3:80:67:
6e:73:71:d2:8a:07:31:6a:34:7a:47:82:f9:67:f2:
fa:0a:8f:52:08:c3:b3:63:3d:2d:18:b4:c5:64:7c:
6e:59:5c:94:62:9d:f0:ea:22:08:54:9c:95:af:83:
44:ec:2e:91:07:11:62:9b:35:4c:2e:c5:51:08:c3:
0d:3c:9d:57:7f:d2:93:98:a5:29:2b:62:3f:77:ac:
d1:a9:65:43:7f:9d:ee:c7:72:2b:ac:1d:1e:4c:76:
60:bd:50:c2:b6:3d:a9:60:fc:38:c1:36:84:ae:a9:
a4:18:02:78:6f:f2:fd:ff:3d:b0:50:9b:5e:9e:fe:
fd:2b:22:38:e1:a0:33:e6:b6:84:21:e2:51:c7:f4:
14:4d:4b:67:8f:1d:f3:b6:7b:93:7e:c3:cb:fb:b0:
18:3b:45:5d:06:5b:c5:db:17:59:a4:33:96:f6:84:
47:96:7f:4f:ba:2b:8d:45:e7:65:66:7e:66:f1:7f:
5f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E2:8E:00:73:8B:00:15:F7:B1:8E:20:26:6D:C0:EA:7B:EB:AA:09
X509v3 Authority Key Identifier:
keyid:0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/Y-KOAHOLABX3sY4gJm3A6nvrqgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.40.0/21
31.200.208.0/21
37.220.168.0/21
45.13.164.0/22
45.133.196.0/22
45.146.124.0/22
46.19.216.0/21
46.226.88.0/21
85.209.108.0/22
88.218.152.0/22
91.210.127.0/24
91.218.148.0/22
91.224.248.0/23
93.186.176.0/20
185.46.64.0/22
185.51.56.0/22
185.113.84.0/22
185.122.116.0/22
193.37.204.0/22
193.187.188.0/22
194.213.112.0/23
IPv6:
2a00:d10::/32
2a00:d1c0::/32
2a02:ac40::/29
2a03:3400::/32
2a06:6940::/29
Signature Algorithm: sha256WithRSAEncryption
cd:f1:fc:2e:70:22:30:2c:59:a4:b8:f6:44:9a:1c:26:ca:73:
e6:f5:3b:6f:16:8e:d2:be:e9:76:d6:07:1c:fb:41:53:f7:3c:
a0:09:d5:cc:b0:df:af:9a:16:20:43:37:03:78:1c:dc:4b:e8:
6e:3b:5e:f4:4b:af:76:73:b2:49:10:a3:43:5e:09:95:89:fc:
2b:bc:b5:69:a0:20:0c:12:94:31:72:6f:87:c6:28:31:ac:2f:
87:3b:59:6f:f0:55:eb:ea:9c:fa:b5:48:34:9c:89:07:ea:4e:
07:3d:e1:2a:45:d7:07:d0:2b:0f:4a:b7:60:51:60:2d:fb:a7:
6b:df:2b:01:b1:57:ad:f1:fc:c0:10:df:df:f5:fe:8a:0d:35:
ec:22:24:e9:ed:ed:d5:3d:1b:8a:a3:68:60:c3:ed:0f:a5:ec:
37:7b:d9:de:87:a4:3c:5e:c4:75:fc:4c:be:76:1b:45:9b:cf:
65:b3:c8:34:d3:fd:ca:b3:71:f6:bc:9c:43:f5:6f:61:75:4f:
8a:9c:3b:f1:c2:b8:14:14:ba:47:b0:f5:4e:94:c1:ae:b0:ff:
2b:3d:6f:c5:b8:ea:18:66:ee:58:21:b6:68:a4:2d:b8:8c:3c:
d2:f9:cb:d3:97:1f:18:8e:d3:d5:73:47:9a:ce:e2:d1:d3:54:
19:4c:d4:c9
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZ6SkrqpPEIKUTo+hhrlqKnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOWQ4NjA5NmE0OTExMGNmOWJmNjcwMjQwYjUxOTMxNWI2
NmFiY2IwHhcNMjYwNjA0MTIxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2UyOGUwMDczOGIwMDE1ZjdiMThlMjAyNjZkYzBlYTdiZWJhYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQtHkOet9uvKKfaHmoCRplpDBppg
ei/68l2Jf3RKjpWT9SRmQXQgTPJ996yc1WUVZSCVsssMgJ5I7bmhVlHwfxx0wv83
KW7zgGduc3HSigcxajR6R4L5Z/L6Co9SCMOzYz0tGLTFZHxuWVyUYp3w6iIIVJyV
r4NE7C6RBxFimzVMLsVRCMMNPJ1Xf9KTmKUpK2I/d6zRqWVDf53ux3IrrB0eTHZg
vVDCtj2pYPw4wTaErqmkGAJ4b/L9/z2wUJtenv79KyI44aAz5raEIeJRx/QUTUtn
jx3ztnuTfsPL+7AYO0VdBlvF2xdZpDOW9oRHln9PuiuNRedlZn5m8X9f6wIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFGPijgBziwAV97GOICZtwOp766oJMB8GA1UdIwQY
MBaAFAudhglqSREM+b9nAkC1GTFbZqvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzUyR0NXcEpFUXo1djJjQ1FMVVpNVnRtcThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8xZTFhOTctZjI3Ni00YTUxLWIxYjUt
OGMxMDkwOWE0ODVjLzEvWS1LT0FIT0xBQlgzc1k0Z0ptM0E2bnZycWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8xZTFhOTctZjI3Ni00YTUxLWIxYjUtOGMxMDkwOWE0ODVj
LzEvQzUyR0NXcEpFUXo1djJjQ1FMVVpNVnRtcThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBhAQCAAEwfgMEAwWs
KAMEAx/I0AMEAyXcqAMEAi0NpAMEAi2FxAMEAi2SfAMEAy4T2AMEAy7iWAMEAlXR
bAMEAljamAMEAFvSfwMEAlvalAMEAVvg+AMEBF26sAMEArkuQAMEArkzOAMEArlx
VAMEArl6dAMEAsElzAMEAsG7vAMEAcLVcDApBAIAAjAjAwUAKgANEAMFACoA0cAD
BQMqAqxAAwUAKgM0AAMFAyoGaUAwDQYJKoZIhvcNAQELBQADggEBAM3x/C5wIjAs
WaS49kSaHCbKc+b1O28WjtK+6XbWBxz7QVP3PKAJ1cyw36+aFiBDNwN4HNxL6G47
XvRLr3ZzskkQo0NeCZWJ/Cu8tWmgIAwSlDFyb4fGKDGsL4c7WW/wVevqnPq1SDSc
iQfqTgc94SpF1wfQKw9Kt2BRYC37p2vfKwGxV63x/MAQ39/1/ooNNewiJOnt7dU9
G4qjaGDD7Q+l7Dd72d6HpDxexHX8TL52G0Wbz2WzyDTT/cqzcfa8nEP1b2F1T4qc
O/HCuBQUukew9U6Uwa6w/ys9b8W46hhm7lghtmikLbiMPNL5y9OXHxiO09VzR5rO
4tHTVBlM1Mk=
-----END CERTIFICATE-----
Generated at Fri Jun 12 13:04:38 2026 by rpki-client