Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yDitwdM2BD2LDvjCK31kito5gAw.roa
File: yDitwdM2BD2LDvjCK31kito5gAw.roa (raw, json)
Hash identifier: OIdSOiOlz1JAju6SbP7Qa6UQGaNZiY1PQFs1drt6ko8=
Subject key identifier: C8:38:AD:C1:D3:36:04:3D:8B:0E:F8:C2:2B:7D:64:8A:DA:39:80:0C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019D077FD09584C15124E180A123A003939F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yDitwdM2BD2LDvjCK31kito5gAw.roa
Signing time: Thu 19 Mar 2026 19:08:30 +0000
ROA not before: Thu 19 Mar 2026 19:08:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 400992
IP address blocks: 45.150.195.0/24 maxlen: 24
45.159.79.0/24 maxlen: 24
185.121.12.0/24 maxlen: 24
185.121.15.0/24 maxlen: 24
185.196.41.0/24 maxlen: 24
185.218.16.0/24 maxlen: 24
185.218.19.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.232.205.0/24 maxlen: 24
185.236.25.0/24 maxlen: 24
185.236.26.0/24 maxlen: 24
185.236.27.0/24 maxlen: 24
185.245.34.0/24 maxlen: 24
185.245.35.0/24 maxlen: 24
185.250.180.0/24 maxlen: 24
193.17.183.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
194.48.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 16:33:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:07:7f:d0:95:84:c1:51:24:e1:80:a1:23:a0:03:93:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 19 19:08:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c838adc1d336043d8b0ef8c22b7d648ada39800c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:87:67:a9:6f:2b:f9:46:a7:fe:a0:25:d7:c3:
e4:f5:83:c1:d2:ad:be:b7:7d:f6:f7:47:fe:55:03:
a1:ec:5d:fd:b5:aa:5f:94:92:3b:bc:4b:a1:7c:0f:
1f:34:3a:fe:31:cf:21:b4:21:d9:8f:87:95:34:28:
58:2b:25:82:2e:a6:ef:31:70:9b:2a:cd:8a:c3:bf:
93:3d:31:9d:18:d5:21:14:d0:e9:c2:08:f7:cd:76:
26:2e:2d:6f:f2:66:2a:c1:ea:5c:0c:e5:3e:a3:c3:
6d:be:b5:6d:65:39:e8:4f:20:8d:31:b0:cf:0f:e8:
f5:7d:09:45:71:81:c7:27:24:d7:14:b5:5a:c6:48:
60:70:58:05:3b:6f:e3:b8:70:2e:1e:6e:a7:c4:18:
fa:60:b9:5b:f3:05:2c:56:b0:a7:f2:05:fb:e3:d5:
6f:7b:42:f1:53:e6:ef:56:21:e2:c8:42:dd:40:fd:
07:6b:39:b5:a7:85:77:cf:71:6c:8f:89:8e:3b:cc:
6f:61:5c:b0:9b:85:b6:fe:7b:d5:92:04:ee:de:36:
f2:aa:80:81:6d:67:f9:9c:e8:58:aa:da:6b:24:07:
50:8b:ba:2a:44:9a:c4:d7:7c:3e:42:e1:c4:01:33:
59:f7:fa:af:fb:7d:d0:17:8e:69:2b:47:2d:d7:0d:
21:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:38:AD:C1:D3:36:04:3D:8B:0E:F8:C2:2B:7D:64:8A:DA:39:80:0C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yDitwdM2BD2LDvjCK31kito5gAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.195.0/24
45.159.79.0/24
185.121.12.0/24
185.121.15.0/24
185.196.41.0/24
185.218.16.0/24
185.218.19.0/24
185.223.82.0/24
185.232.205.0/24
185.236.25.0-185.236.27.255
185.245.34.0/23
185.250.180.0/24
193.17.183.0/24
194.5.65.0/24
194.48.142.0/24
Signature Algorithm: sha256WithRSAEncryption
65:25:34:c0:8a:0f:a0:24:ca:97:7e:84:91:38:4c:c1:8a:7e:
1b:95:1e:01:24:ec:81:84:46:6c:1e:13:15:21:d7:a6:73:09:
58:b1:10:d3:7d:d2:55:10:76:9c:a7:14:1f:89:42:de:30:3c:
a7:f4:60:d7:5e:45:12:5c:53:bf:bb:5b:9f:b0:34:e3:da:b2:
3a:e4:f2:31:43:49:98:cd:17:08:4a:3d:09:63:75:7a:a1:89:
fa:79:ed:cc:e5:c3:28:98:9c:69:20:7e:d5:80:e8:f7:73:92:
bc:59:a1:25:4a:3d:19:44:c5:89:d7:ab:df:82:1e:c7:46:04:
cd:e0:43:3c:23:0c:12:4b:30:72:09:b2:30:40:01:11:14:bc:
28:d5:87:02:8b:94:ef:8e:85:b6:24:a6:92:f4:73:f0:9e:8c:
d5:7f:61:74:23:04:28:e7:53:30:7c:c6:43:16:76:5b:6a:ae:
1b:b3:f7:3f:a6:8f:9a:0d:cf:3d:2d:f6:34:a4:2c:e4:c4:3d:
8d:cc:82:2d:4d:c3:c9:a9:11:94:0f:07:da:3c:f3:e6:a2:c4:
4d:36:8e:cb:58:e4:87:5d:16:4a:5c:57:f0:00:24:34:05:dc:
6d:7f:07:b1:c3:36:d9:e2:d4:5c:74:55:9a:1b:37:d1:fe:f0:
2e:9b:4b:f2
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZ0Hf9CVhMFRJOGAoSOgA5OfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMzE5MTkwODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODM4YWRjMWQzMzYwNDNkOGIwZWY4YzIyYjdkNjQ4YWRhMzk4MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4dnqW8r+Uan/qAl18Pk9YPB0q2+
t33290f+VQOh7F39tapflJI7vEuhfA8fNDr+Mc8htCHZj4eVNChYKyWCLqbvMXCb
Ks2Kw7+TPTGdGNUhFNDpwgj3zXYmLi1v8mYqwepcDOU+o8NtvrVtZTnoTyCNMbDP
D+j1fQlFcYHHJyTXFLVaxkhgcFgFO2/juHAuHm6nxBj6YLlb8wUsVrCn8gX749Vv
e0LxU+bvViHiyELdQP0Hazm1p4V3z3Fsj4mOO8xvYVywm4W2/nvVkgTu3jbyqoCB
bWf5nOhYqtprJAdQi7oqRJrE13w+QuHEATNZ9/qv+33QF45pK0ct1w0hVwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFMg4rcHTNgQ9iw74wit9ZIraOYAMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveURpdHdkTTJCRDJMRHZqQ0szMWtpdG81Z0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQALZbDAwQA
LZ9PAwQAuXkMAwQAuXkPAwQAucQpAwQAudoQAwQAudoTAwQAud9SAwQAuejNMAwD
BAC57BkDBAK57BgDBAG59SIDBAC5+rQDBADBEbcDBADCBUEDBADCMI4wDQYJKoZI
hvcNAQELBQADggEBAGUlNMCKD6Akypd+hJE4TMGKfhuVHgEk7IGERmweExUh16Zz
CVixENN90lUQdpynFB+JQt4wPKf0YNdeRRJcU7+7W5+wNOPasjrk8jFDSZjNFwhK
PQljdXqhifp57czlwyiYnGkgftWA6PdzkrxZoSVKPRlExYnXq9+CHsdGBM3gQzwj
DBJLMHIJsjBAAREUvCjVhwKLlO+OhbYkppL0c/CejNV/YXQjBCjnUzB8xkMWdltq
rhuz9z+mj5oNzz0t9jSkLOTEPY3Mgi1Nw8mpEZQPB9o88+aixE02jstY5IddFkpc
V/AAJDQF3G1/B7HDNtni1Fx0VZobN9H+8C6bS/I=
-----END CERTIFICATE-----
Generated at Thu Mar 19 22:34:27 2026 by rpki-client