Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/YO6OstzVnVo9QhzrIx9loswdAJg.roa
File: YO6OstzVnVo9QhzrIx9loswdAJg.roa (raw, json)
Hash identifier: +INj2IveiQZp/sokzKmgLlYwMzOhLR6s+/Ir+302j9A=
Subject key identifier: 60:EE:8E:B2:DC:D5:9D:5A:3D:42:1C:EB:23:1F:65:A2:CC:1D:00:98
Certificate issuer: /CN=f32ca4df32dc71f411104f94b51ac14b6675824b
Certificate serial: 019EA65070B5AD8F2C1328086F6BFB84D8AD
Authority key identifier: F3:2C:A4:DF:32:DC:71:F4:11:10:4F:94:B5:1A:C1:4B:66:75:82:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yyk3zLccfQREE-UtRrBS2Z1gks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/YO6OstzVnVo9QhzrIx9loswdAJg.roa
Signing time: Mon 08 Jun 2026 08:19:09 +0000
ROA not before: Mon 08 Jun 2026 08:19:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33915
IP address blocks: 144.2.252.0/22 maxlen: 22
144.2.252.0/24 maxlen: 24
144.2.253.0/24 maxlen: 24
144.2.254.0/23 maxlen: 23
144.2.254.0/24 maxlen: 24
144.2.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/8yyk3zLccfQREE-UtRrBS2Z1gks.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/8yyk3zLccfQREE-UtRrBS2Z1gks.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yyk3zLccfQREE-UtRrBS2Z1gks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 02:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:50:70:b5:ad:8f:2c:13:28:08:6f:6b:fb:84:d8:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f32ca4df32dc71f411104f94b51ac14b6675824b
Validity
Not Before: Jun 8 08:19:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=60ee8eb2dcd59d5a3d421ceb231f65a2cc1d0098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0e:74:1c:21:ea:00:da:05:77:56:e5:a9:3c:
e8:38:af:28:bd:c6:6b:68:4f:97:bd:9c:13:ab:2d:
4d:a9:96:52:7f:19:a0:4b:ec:7a:7e:fa:e4:fc:35:
d9:3d:cb:8d:9c:af:88:c0:3c:cc:8c:5c:03:08:34:
58:e8:47:86:68:85:b4:60:1d:41:cc:f0:44:b0:6a:
67:57:ca:84:47:6e:5c:34:78:c8:85:ca:21:1b:98:
af:58:76:7a:60:b2:bd:f4:48:7c:4c:1b:6f:20:38:
b0:ad:39:8a:d2:5e:15:7b:e6:3d:ae:7b:41:d7:62:
e9:46:d3:0e:9b:c8:c2:b8:18:a5:71:c9:7e:fe:12:
c2:89:96:a6:47:1a:3b:ea:cf:12:c0:5c:a7:ac:58:
7d:60:7b:65:5a:af:ff:30:e0:cd:98:40:ac:9b:97:
ba:eb:5b:cc:d3:2e:0e:79:95:a1:fb:7f:3a:cb:0e:
39:fe:66:4a:e9:26:5f:f8:e4:ea:46:9a:ba:ad:15:
70:9f:8d:af:2e:3c:8f:81:1c:18:76:77:fe:c9:ff:
fb:10:89:e4:a7:cc:0a:d2:ac:a3:b7:a7:41:fc:d8:
b8:78:56:c8:be:1b:c3:a8:e9:41:67:85:62:78:82:
39:8a:e5:54:6d:56:53:ef:15:28:3e:fa:d1:a8:c6:
b1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EE:8E:B2:DC:D5:9D:5A:3D:42:1C:EB:23:1F:65:A2:CC:1D:00:98
X509v3 Authority Key Identifier:
keyid:F3:2C:A4:DF:32:DC:71:F4:11:10:4F:94:B5:1A:C1:4B:66:75:82:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yyk3zLccfQREE-UtRrBS2Z1gks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/YO6OstzVnVo9QhzrIx9loswdAJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/4edbec-ffea-4062-89cb-656600c9e440/1/8yyk3zLccfQREE-UtRrBS2Z1gks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.252.0/22
Signature Algorithm: sha256WithRSAEncryption
06:3d:98:31:ab:b5:0b:20:b0:69:b8:3b:83:d2:11:ee:66:0a:
4c:18:49:67:c9:c6:90:70:3b:09:f6:08:f9:a7:63:55:c5:e8:
35:e1:74:65:87:06:57:65:e5:ee:8e:36:96:80:cb:d6:0d:60:
86:2e:f2:85:08:66:c1:64:7d:ea:d5:e5:46:fc:86:4a:33:41:
4f:c7:2e:0a:19:1d:0b:02:2c:c4:d0:37:65:90:51:bf:7a:c5:
98:63:5c:02:bd:a0:7c:29:b6:5a:4d:55:62:8f:94:dc:b9:70:
e3:74:60:90:ea:d4:44:f7:15:c5:d4:e4:73:82:b3:60:47:06:
d5:3d:ec:f7:73:39:17:c2:d6:45:bc:76:b4:e7:fb:75:e1:da:
79:6a:8f:c3:be:01:6b:dd:ac:43:69:8a:df:ea:94:ed:12:c7:
dc:5f:fa:20:d9:f2:c9:93:51:ff:38:f3:bf:45:d6:a0:50:c4:
ef:62:f0:c9:66:00:75:2e:4a:08:3c:dd:66:1a:92:b6:d7:fd:
50:1d:b0:64:3e:b5:d4:ad:61:f2:5b:94:64:e4:86:2b:f4:bc:
7e:26:e8:37:8a:ca:ee:d6:a3:2b:4d:d6:bf:6a:b9:72:be:46:
ca:ad:01:d5:13:3b:d8:e4:8c:e0:6e:40:29:fc:fd:63:d2:85:
8c:d7:c6:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6mUHC1rY8sEygIb2v7hNitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMmNhNGRmMzJkYzcxZjQxMTEwNGY5NGI1MWFjMTRiNjY3
NTgyNGIwHhcNMjYwNjA4MDgxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVlOGViMmRjZDU5ZDVhM2Q0MjFjZWIyMzFmNjVhMmNjMWQwMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ50HCHqANoFd1blqTzoOK8ovcZr
aE+XvZwTqy1NqZZSfxmgS+x6fvrk/DXZPcuNnK+IwDzMjFwDCDRY6EeGaIW0YB1B
zPBEsGpnV8qER25cNHjIhcohG5ivWHZ6YLK99Eh8TBtvIDiwrTmK0l4Ve+Y9rntB
12LpRtMOm8jCuBilccl+/hLCiZamRxo76s8SwFynrFh9YHtlWq//MODNmECsm5e6
61vM0y4OeZWh+386yw45/mZK6SZf+OTqRpq6rRVwn42vLjyPgRwYdnf+yf/7EInk
p8wK0qyjt6dB/Ni4eFbIvhvDqOlBZ4VieII5iuVUbVZT7xUoPvrRqMaxVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDujrLc1Z1aPUIc6yMfZaLMHQCYMB8GA1UdIwQY
MBaAFPMspN8y3HH0ERBPlLUawUtmdYJLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHl5azN6TGNjZlFSRUUtVXRSckJTMloxZ2tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS80ZWRiZWMtZmZlYS00MDYyLTg5Y2It
NjU2NjAwYzllNDQwLzEvWU82T3N0elZuVm85UWh6ckl4OWxvc3dkQUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS80ZWRiZWMtZmZlYS00MDYyLTg5Y2ItNjU2NjAwYzllNDQw
LzEvOHl5azN6TGNjZlFSRUUtVXRSckJTMloxZ2tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkAL8MA0G
CSqGSIb3DQEBCwUAA4IBAQAGPZgxq7ULILBpuDuD0hHuZgpMGElnycaQcDsJ9gj5
p2NVxeg14XRlhwZXZeXujjaWgMvWDWCGLvKFCGbBZH3q1eVG/IZKM0FPxy4KGR0L
AizE0DdlkFG/esWYY1wCvaB8KbZaTVVij5TcuXDjdGCQ6tRE9xXF1ORzgrNgRwbV
Pez3czkXwtZFvHa05/t14dp5ao/DvgFr3axDaYrf6pTtEsfcX/og2fLJk1H/OPO/
RdagUMTvYvDJZgB1LkoIPN1mGpK21/1QHbBkPrXUrWHyW5Rk5IYr9Lx+Jug3isru
1qMrTda/arlyvkbKrQHVEzvY5IzgbkAp/P1j0oWM18a4
-----END CERTIFICATE-----
Generated at Fri Jun 12 08:28:00 2026 by rpki-client