Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ysfQsx0_fA6iFiDUNQ53mZoRMsA.roa
File: ysfQsx0_fA6iFiDUNQ53mZoRMsA.roa (raw, json)
Hash identifier: kZ3rI1kP0cSEwZ4OUo3TnjicLSUB7d2OgGBqsfQhE4Q=
Subject key identifier: CA:C7:D0:B3:1D:3F:7C:0E:A2:16:20:D4:35:0E:77:99:9A:11:32:C0
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019CE793D0BB26F93CC2C4440E9FF1BFFB96
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ysfQsx0_fA6iFiDUNQ53mZoRMsA.roa
Signing time: Fri 13 Mar 2026 14:22:29 +0000
ROA not before: Fri 13 Mar 2026 14:22:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 128.0.118.0/24 maxlen: 32
185.115.206.0/24 maxlen: 32
185.133.74.0/24 maxlen: 32
185.133.195.0/24 maxlen: 32
185.137.181.0/24 maxlen: 32
185.146.195.0/24 maxlen: 32
185.205.68.0/24 maxlen: 32
185.207.212.0/24 maxlen: 32
185.240.238.0/24 maxlen: 32
185.251.234.0/24 maxlen: 32
194.113.164.0/24 maxlen: 32
194.113.169.0/24 maxlen: 32
194.113.170.0/24 maxlen: 32
194.113.172.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 23:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e7:93:d0:bb:26:f9:3c:c2:c4:44:0e:9f:f1:bf:fb:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 13 14:22:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cac7d0b31d3f7c0ea21620d4350e77999a1132c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7e:2e:5f:cd:ee:54:af:9d:39:42:57:a8:0f:
4e:0a:dd:93:43:a5:5e:4f:bb:43:32:65:5b:3e:d4:
9b:24:4e:4c:56:f4:14:cf:0d:4c:0d:22:39:d8:81:
ad:ee:c7:2a:b1:60:84:c7:a5:e5:fd:52:71:1a:1f:
08:ed:90:d9:50:c8:7d:aa:6a:d9:60:a9:a8:fd:1b:
da:eb:90:6a:46:73:53:17:cf:d3:6d:ab:ad:40:20:
82:0a:1e:a6:b8:e9:f2:6a:4e:03:0b:d1:39:92:f4:
8b:14:1e:b3:b5:2b:bb:81:77:56:10:d7:c4:40:dd:
f3:e1:c4:a1:18:00:5c:5d:7e:10:15:ac:e6:d8:d7:
22:e3:96:59:e3:80:cb:57:76:53:8e:68:10:3a:2c:
c2:74:bc:2c:7f:a3:ef:d2:af:bd:ab:4e:a0:9c:f4:
73:83:b1:e1:66:49:08:8c:cc:83:35:91:9d:48:86:
a8:1c:fa:a1:d8:a5:66:63:e5:6b:ad:93:dd:a2:1f:
1f:e1:94:e4:09:02:88:38:38:d7:b5:fd:f4:5f:8f:
ad:27:14:4d:d6:77:32:e4:dc:c5:19:4b:01:23:d7:
0a:0a:48:21:4d:17:39:11:fb:68:16:5a:21:78:3f:
0b:f5:bb:d9:69:46:bf:58:dd:6d:0e:36:98:6d:52:
e0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C7:D0:B3:1D:3F:7C:0E:A2:16:20:D4:35:0E:77:99:9A:11:32:C0
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ysfQsx0_fA6iFiDUNQ53mZoRMsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.118.0/24
185.115.206.0/24
185.133.74.0/24
185.133.195.0/24
185.137.181.0/24
185.146.195.0/24
185.205.68.0/24
185.207.212.0/24
185.240.238.0/24
185.251.234.0/24
194.113.164.0/24
194.113.169.0-194.113.170.255
194.113.172.0/24
Signature Algorithm: sha256WithRSAEncryption
79:92:88:cf:11:d6:f8:1d:6b:a6:7f:d9:8f:95:a5:5d:49:9d:
c9:0b:2c:32:20:b6:0f:03:9b:4d:95:53:c4:38:de:ec:98:a8:
e9:03:9d:c6:49:8b:98:6c:5c:ca:1a:6d:d1:53:e1:80:16:bd:
0f:13:6c:74:dd:c8:64:a8:9e:ed:99:95:00:54:58:0e:f9:e4:
36:f3:ca:72:75:5b:45:87:ab:26:46:ab:26:82:2d:aa:85:7d:
a3:bb:60:06:10:0c:20:71:3e:43:58:cd:b4:b5:40:f4:4c:be:
ff:1c:a1:56:a0:ee:60:b9:01:9b:df:d5:65:ff:30:22:8d:b9:
2c:89:9f:a8:ee:b0:9f:44:56:73:92:a1:8a:c8:ed:3a:9b:54:
88:95:78:6a:74:fb:7e:c6:20:cf:4e:0c:69:b2:af:f0:e2:e7:
83:8e:4f:2c:0b:21:eb:cf:9f:35:46:fb:77:93:52:bd:64:2c:
b8:95:09:c7:dc:1b:b5:c5:98:fa:c6:25:e1:97:68:30:48:d9:
e9:1a:d1:49:8b:e7:8a:a0:65:c1:cf:5d:f3:a0:09:2e:0e:40:
27:f0:31:99:ea:fa:a0:1e:b7:a6:2a:c8:7d:24:a7:1c:f6:3b:
d1:82:13:d2:4a:36:8a:d4:ca:34:06:4a:42:fe:f3:08:1c:f0:
f1:ae:0c:d6
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZznk9C7Jvk8wsREDp/xv/uWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwMzEzMTQyMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWM3ZDBiMzFkM2Y3YzBlYTIxNjIwZDQzNTBlNzc5OTlhMTEzMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk34uX83uVK+dOUJXqA9OCt2TQ6Ve
T7tDMmVbPtSbJE5MVvQUzw1MDSI52IGt7scqsWCEx6Xl/VJxGh8I7ZDZUMh9qmrZ
YKmo/Rva65BqRnNTF8/TbautQCCCCh6muOnyak4DC9E5kvSLFB6ztSu7gXdWENfE
QN3z4cShGABcXX4QFazm2Nci45ZZ44DLV3ZTjmgQOizCdLwsf6Pv0q+9q06gnPRz
g7HhZkkIjMyDNZGdSIaoHPqh2KVmY+VrrZPdoh8f4ZTkCQKIODjXtf30X4+tJxRN
1ncy5NzFGUsBI9cKCkghTRc5EftoFloheD8L9bvZaUa/WN1tDjaYbVLgTQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFMrH0LMdP3wOohYg1DUOd5maETLAMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEveXNmUXN4MF9mQTZpRmlEVU5RNTNtWm9STXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAgAB2AwQA
uXPOAwQAuYVKAwQAuYXDAwQAuYm1AwQAuZLDAwQAuc1EAwQAuc/UAwQAufDuAwQA
ufvqAwQAwnGkMAwDBADCcakDBADCcaoDBADCcawwDQYJKoZIhvcNAQELBQADggEB
AHmSiM8R1vgda6Z/2Y+VpV1JnckLLDIgtg8Dm02VU8Q43uyYqOkDncZJi5hsXMoa
bdFT4YAWvQ8TbHTdyGSonu2ZlQBUWA755DbzynJ1W0WHqyZGqyaCLaqFfaO7YAYQ
DCBxPkNYzbS1QPRMvv8coVag7mC5AZvf1WX/MCKNuSyJn6jusJ9EVnOSoYrI7Tqb
VIiVeGp0+37GIM9ODGmyr/Di54OOTywLIevPnzVG+3eTUr1kLLiVCcfcG7XFmPrG
JeGXaDBI2eka0UmL54qgZcHPXfOgCS4OQCfwMZnq+qAet6YqyH0kpxz2O9GCE9JK
NorUyjQGSkL+8wgc8PGuDNY=
-----END CERTIFICATE-----
Generated at Sat Mar 14 06:13:15 2026 by rpki-client