Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/YVZ-GH3S7Iq0JxeBAHpFVD2_Lx4.roa
File: YVZ-GH3S7Iq0JxeBAHpFVD2_Lx4.roa (raw, json)
Hash identifier: kM6UtuYisVsArbzf8eESDr1kRHymSG53rA/gBdAULqA=
Subject key identifier: 61:56:7E:18:7D:D2:EC:8A:B4:27:17:81:00:7A:45:54:3D:BF:2F:1E
Certificate issuer: /CN=f1b15e77af4edde11192c6fecd50b21cd379d421
Certificate serial: 019D6CEFAD84999C71C72C6A76466EBCAA0F
Authority key identifier: F1:B1:5E:77:AF:4E:DD:E1:11:92:C6:FE:CD:50:B2:1C:D3:79:D4:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bFed69O3eERksb-zVCyHNN51CE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/YVZ-GH3S7Iq0JxeBAHpFVD2_Lx4.roa
Signing time: Wed 08 Apr 2026 11:52:19 +0000
ROA not before: Wed 08 Apr 2026 11:52:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198335
IP address blocks: 80.248.128.0/21 maxlen: 24
109.163.200.0/21 maxlen: 24
155.2.160.0/20 maxlen: 20
155.2.160.0/22 maxlen: 22
155.2.164.0/22 maxlen: 22
155.2.168.0/22 maxlen: 22
155.2.172.0/22 maxlen: 22
176.241.248.0/21 maxlen: 24
185.194.184.0/22 maxlen: 22
185.194.186.0/24 maxlen: 24
185.194.187.0/24 maxlen: 24
2a00:5a40::/29 maxlen: 29
2a00:5a40::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/8bFed69O3eERksb-zVCyHNN51CE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/8bFed69O3eERksb-zVCyHNN51CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8bFed69O3eERksb-zVCyHNN51CE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 Apr 2026 11:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6c:ef:ad:84:99:9c:71:c7:2c:6a:76:46:6e:bc:aa:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b15e77af4edde11192c6fecd50b21cd379d421
Validity
Not Before: Apr 8 11:52:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=61567e187dd2ec8ab4271781007a45543dbf2f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4b:66:8b:2c:70:29:52:4e:d2:65:ae:4b:1c:
67:c8:6c:11:fd:0f:39:b9:7e:92:44:f9:f9:3f:58:
b1:22:46:3d:18:e9:9b:44:72:fe:71:60:f6:9e:80:
51:49:8f:52:ab:ae:62:ab:f5:93:ce:3a:4c:b3:38:
f6:22:54:36:92:ce:3a:30:72:7c:55:1e:7c:45:cd:
81:f3:23:92:c4:67:1e:08:be:60:c2:fd:2e:5e:3e:
0f:2c:c2:4c:6d:ad:24:0b:fe:8a:4e:ea:d8:c3:a5:
3c:86:04:dd:8f:54:6f:07:f0:e6:d6:d5:f8:5c:fb:
4b:1d:6f:cb:7c:46:c6:c7:5b:5f:d6:0a:80:c1:30:
06:77:e3:e4:1d:f0:77:17:4b:38:ce:04:e4:5c:50:
05:1a:a0:85:06:d1:a2:15:af:5d:4c:6b:2c:3e:53:
3e:a1:8b:3c:09:2d:ae:56:b0:8e:b6:7d:89:9d:cc:
f8:ed:9d:47:a6:3d:6d:2a:81:ee:14:11:a2:64:19:
d8:f0:87:87:3d:1d:da:d6:b9:67:2c:e7:54:c5:62:
8c:56:05:ef:e4:a8:c0:50:18:db:9e:ef:a7:ee:cc:
a8:be:2f:55:d6:fc:2c:98:d7:82:91:1a:1a:2a:57:
3c:6f:3d:75:71:2d:9f:56:5e:ab:82:2e:0f:83:b9:
cc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:56:7E:18:7D:D2:EC:8A:B4:27:17:81:00:7A:45:54:3D:BF:2F:1E
X509v3 Authority Key Identifier:
keyid:F1:B1:5E:77:AF:4E:DD:E1:11:92:C6:FE:CD:50:B2:1C:D3:79:D4:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bFed69O3eERksb-zVCyHNN51CE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/YVZ-GH3S7Iq0JxeBAHpFVD2_Lx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/8bFed69O3eERksb-zVCyHNN51CE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.248.128.0/21
109.163.200.0/21
155.2.160.0/20
176.241.248.0/21
185.194.184.0/22
IPv6:
2a00:5a40::/29
Signature Algorithm: sha256WithRSAEncryption
48:fe:0d:b3:a7:81:67:67:b4:89:f9:32:a2:7c:65:49:d1:1e:
f4:66:01:bc:d5:e0:6d:c7:6b:45:bd:df:76:9e:17:25:c3:04:
fa:b9:29:46:fe:55:13:e0:c2:ce:84:20:26:15:c2:e3:fb:fe:
09:a1:82:f8:d8:ee:08:28:47:14:62:df:8a:d4:85:c1:20:58:
41:00:8a:ab:87:b5:b0:bd:e7:65:f4:16:68:42:31:05:bf:c2:
7c:df:d1:d3:e1:c9:16:d3:2e:37:22:75:f6:84:69:99:3d:8f:
b3:87:4e:9d:cb:88:72:b5:55:b5:19:4e:68:bf:d5:13:c8:0c:
7d:c2:66:3a:47:5d:12:c9:89:d2:99:3b:73:b7:c6:f8:20:01:
81:ac:16:ee:42:d0:69:b8:58:bf:34:08:85:35:1f:f4:21:85:
bc:10:47:27:e1:08:dc:a1:82:26:88:22:f2:23:5a:95:a7:df:
38:b8:9e:7e:4f:b9:2f:33:2a:1e:57:11:c2:e1:fa:78:1f:33:
60:14:df:41:b5:94:b5:76:05:40:14:3a:dc:bd:17:7f:9d:0c:
15:01:0e:38:ba:3d:56:56:b5:7c:5e:19:aa:4d:0d:10:a6:bc:
a8:7f:a8:d1:d8:4b:b5:30:0d:8b:2a:f5:47:2e:a9:c1:ec:3a:
97:99:7e:5c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ1s762EmZxxxyxqdkZuvKoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjE1ZTc3YWY0ZWRkZTExMTkyYzZmZWNkNTBiMjFjZDM3
OWQ0MjEwHhcNMjYwNDA4MTE1MjE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTU2N2UxODdkZDJlYzhhYjQyNzE3ODEwMDdhNDU1NDNkYmYyZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UtmiyxwKVJO0mWuSxxnyGwR/Q85
uX6SRPn5P1ixIkY9GOmbRHL+cWD2noBRSY9Sq65iq/WTzjpMszj2IlQ2ks46MHJ8
VR58Rc2B8yOSxGceCL5gwv0uXj4PLMJMba0kC/6KTurYw6U8hgTdj1RvB/Dm1tX4
XPtLHW/LfEbGx1tf1gqAwTAGd+PkHfB3F0s4zgTkXFAFGqCFBtGiFa9dTGssPlM+
oYs8CS2uVrCOtn2Jncz47Z1Hpj1tKoHuFBGiZBnY8IeHPR3a1rlnLOdUxWKMVgXv
5KjAUBjbnu+n7syovi9V1vwsmNeCkRoaKlc8bz11cS2fVl6rgi4Pg7nM0wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGFWfhh90uyKtCcXgQB6RVQ9vy8eMB8GA1UdIwQY
MBaAFPGxXnevTt3hEZLG/s1QshzTedQhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJGZWQ2OU8zZUVSa3NiLXpWQ3lITk41MUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy81MDBmYTktNmZiOC00NzY4LTgwZGUt
MTM0MGNjNWIzZDU3LzEvWVZaLUdIM1M3SXEwSnhlQkFIcEZWRDJfTHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy81MDBmYTktNmZiOC00NzY4LTgwZGUtMTM0MGNjNWIzZDU3
LzEvOGJGZWQ2OU8zZUVSa3NiLXpWQ3lITk41MUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDUPiAAwQD
baPIAwQEmwKgAwQDsPH4AwQCucK4MA0EAgACMAcDBQMqAFpAMA0GCSqGSIb3DQEB
CwUAA4IBAQBI/g2zp4FnZ7SJ+TKifGVJ0R70ZgG81eBtx2tFvd92nhclwwT6uSlG
/lUT4MLOhCAmFcLj+/4JoYL42O4IKEcUYt+K1IXBIFhBAIqrh7Wwvedl9BZoQjEF
v8J839HT4ckW0y43InX2hGmZPY+zh06dy4hytVW1GU5ov9UTyAx9wmY6R10SyYnS
mTtzt8b4IAGBrBbuQtBpuFi/NAiFNR/0IYW8EEcn4QjcoYImiCLyI1qVp984uJ5+
T7kvMyoeVxHC4fp4HzNgFN9BtZS1dgVAFDrcvRd/nQwVAQ44uj1WVrV8XhmqTQ0Q
pryof6jR2Eu1MA2LKvVHLqnB7DqXmX5c
-----END CERTIFICATE-----
Generated at Tue Apr 14 15:15:26 2026 by rpki-client