Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/yWns2c2aD7DgEaIXHwJpZc6yY4Y.roa
File: yWns2c2aD7DgEaIXHwJpZc6yY4Y.roa (raw, json)
Hash identifier: 9LIGZ0zcUZ+kWOjZmvY/bA8RuOpBFqxoZbbf7Wwudro=
Subject key identifier: C9:69:EC:D9:CD:9A:0F:B0:E0:11:A2:17:1F:02:69:65:CE:B2:63:86
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019EAB8DB7E0B7564B8486B2A1D438F77262
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/yWns2c2aD7DgEaIXHwJpZc6yY4Y.roa
Signing time: Tue 09 Jun 2026 08:44:12 +0000
ROA not before: Tue 09 Jun 2026 08:44:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.158.0/24 maxlen: 24
2.63.159.0/24 maxlen: 24
2.63.176.0/20 maxlen: 20
2.63.176.0/24 maxlen: 24
2.63.180.0/22 maxlen: 22
2.63.184.0/24 maxlen: 24
2.63.224.0/20 maxlen: 20
2.63.225.0/24 maxlen: 24
2.63.231.0/24 maxlen: 24
2.63.232.0/24 maxlen: 24
46.61.150.0/24 maxlen: 24
46.61.245.0/24 maxlen: 24
78.31.216.0/24 maxlen: 24
78.31.217.0/24 maxlen: 24
78.31.218.0/24 maxlen: 24
78.31.219.0/24 maxlen: 24
78.31.220.0/24 maxlen: 24
78.31.221.0/24 maxlen: 24
78.31.222.0/24 maxlen: 24
78.31.223.0/24 maxlen: 24
84.42.92.0/24 maxlen: 24
84.42.93.0/24 maxlen: 24
84.42.94.0/24 maxlen: 24
84.42.95.0/24 maxlen: 24
85.174.144.0/20 maxlen: 24
92.50.204.0/23 maxlen: 23
92.50.204.0/24 maxlen: 24
92.50.205.0/24 maxlen: 24
176.119.169.0/24 maxlen: 24
176.119.170.0/24 maxlen: 24
176.119.171.0/24 maxlen: 24
176.119.172.0/24 maxlen: 24
176.208.74.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
188.128.76.0/23 maxlen: 24
188.128.76.0/24 maxlen: 24
188.128.77.0/24 maxlen: 24
188.254.122.0/23 maxlen: 24
188.254.122.0/24 maxlen: 24
188.254.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 15:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ab:8d:b7:e0:b7:56:4b:84:86:b2:a1:d4:38:f7:72:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 9 08:44:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c969ecd9cd9a0fb0e011a2171f026965ceb26386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e6:3e:78:8d:8d:02:be:7f:f7:ba:b9:df:72:
bd:66:d4:51:ed:be:49:cb:f1:76:48:11:14:c8:d5:
40:10:5a:2e:73:56:1f:fe:31:13:56:d6:0c:12:ad:
5a:53:cc:87:f7:38:ea:86:4a:c0:c5:ab:79:1e:aa:
3e:44:11:4d:b5:af:bf:f2:db:a3:f0:18:cf:38:71:
1a:ba:54:be:a3:a7:a1:a6:b3:cf:ae:52:72:d3:d3:
37:fc:ae:42:33:92:c0:99:ad:71:6c:6d:1d:ee:ee:
21:fc:33:e3:36:e5:60:05:d5:7b:12:e0:8f:41:20:
18:98:17:b8:d1:ec:ef:f2:74:60:7a:49:08:99:d6:
5e:fc:d2:8a:c6:5a:34:ad:2c:c4:c6:75:ed:d6:18:
d5:8a:9e:e0:09:a1:d7:a4:fa:63:28:f8:64:bf:48:
30:70:a3:a2:c5:c8:df:e1:18:e7:96:f0:0b:63:2c:
1e:d9:ad:9a:0d:a9:8a:60:58:cb:1b:d7:8b:b5:bb:
00:ca:62:c4:f2:e1:05:b5:06:d2:38:19:c4:5b:d5:
a5:89:70:b9:4f:37:05:cc:17:4c:85:6f:89:4d:01:
e0:87:34:af:1d:1b:ae:4a:a4:32:17:27:0e:52:64:
3f:df:9a:32:80:87:07:c9:ed:9f:84:b1:1f:04:33:
7f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:69:EC:D9:CD:9A:0F:B0:E0:11:A2:17:1F:02:69:65:CE:B2:63:86
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/yWns2c2aD7DgEaIXHwJpZc6yY4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.150.0/24
46.61.245.0/24
78.31.216.0/21
84.42.92.0/22
85.174.144.0/20
92.50.204.0/23
176.119.169.0-176.119.172.255
176.208.74.0/24
176.211.120.0/22
188.128.76.0/23
188.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:c4:b0:f5:f2:d6:47:4a:e3:db:cd:e3:90:cc:bc:da:7c:16:
ad:a8:10:e9:8e:b2:87:40:45:a7:06:f2:fa:29:b9:af:77:fc:
49:38:d5:15:86:8e:b1:e7:9d:80:02:53:17:cb:f5:50:db:7a:
8e:8a:0b:26:57:6e:dd:8c:d7:76:aa:c1:99:31:53:77:f4:b7:
56:e6:1b:f2:05:c5:d1:ae:a6:81:7d:20:59:56:d6:f6:e8:fd:
9f:8f:e2:6f:09:09:a1:65:f7:ed:b0:1c:dc:f3:8c:e4:13:a5:
36:23:6f:42:11:e5:60:f5:50:70:49:94:e8:73:2f:1a:a7:58:
6d:fe:8e:10:ef:5e:2a:4b:df:ea:91:b0:ce:0e:60:b2:ae:84:
86:c5:54:f9:db:0d:2e:39:f0:91:a0:fd:69:21:a2:a8:cb:f5:
fc:6a:3e:05:90:3b:54:6a:45:c0:5f:af:e7:56:c6:67:69:6d:
01:c9:ec:b1:02:f1:eb:ea:9c:fc:8d:c3:69:02:49:4f:8f:6b:
de:b9:2e:c2:52:4a:fe:2d:6c:47:22:be:ef:e2:4a:07:a4:b3:
9c:96:46:a9:6f:0f:6f:21:63:d5:b0:4b:00:40:e8:12:4d:44:
bc:42:09:8c:f9:2a:fa:b0:52:f4:2b:80:47:2d:0e:52:21:29:
1a:79:69:58
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZ6rjbfgt1ZLhIayodQ493JiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjYwNjA5MDg0NDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTY5ZWNkOWNkOWEwZmIwZTAxMWEyMTcxZjAyNjk2NWNlYjI2Mzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OY+eI2NAr5/97q533K9ZtRR7b5J
y/F2SBEUyNVAEFouc1Yf/jETVtYMEq1aU8yH9zjqhkrAxat5Hqo+RBFNta+/8tuj
8BjPOHEaulS+o6ehprPPrlJy09M3/K5CM5LAma1xbG0d7u4h/DPjNuVgBdV7EuCP
QSAYmBe40ezv8nRgekkImdZe/NKKxlo0rSzExnXt1hjVip7gCaHXpPpjKPhkv0gw
cKOixcjf4RjnlvALYywe2a2aDamKYFjLG9eLtbsAymLE8uEFtQbSOBnEW9WliXC5
TzcFzBdMhW+JTQHghzSvHRuuSqQyFycOUmQ/35oygIcHye2fhLEfBDN/rwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFMlp7NnNmg+w4BGiFx8CaWXOsmOGMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEveVduczJjMmFEN0RnRWFJWEh3SnBaYzZ5WTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj2WAwQALj31AwQDTh/YAwQCVCpcAwQEVa6QAwQBXDLMMAwD
BACwd6kDBACwd6wDBACw0EoDBAKw03gDBAG8gEwDBAG8/nowDQYJKoZIhvcNAQEL
BQADggEBAF3EsPXy1kdK49vN45DMvNp8Fq2oEOmOsodARacG8vopua93/Ek41RWG
jrHnnYACUxfL9VDbeo6KCyZXbt2M13aqwZkxU3f0t1bmG/IFxdGupoF9IFlW1vbo
/Z+P4m8JCaFl9+2wHNzzjOQTpTYjb0IR5WD1UHBJlOhzLxqnWG3+jhDvXipL3+qR
sM4OYLKuhIbFVPnbDS458JGg/WkhoqjL9fxqPgWQO1RqRcBfr+dWxmdpbQHJ7LEC
8evqnPyNw2kCSU+Pa965LsJSSv4tbEcivu/iSgeks5yWRqlvD28hY9WwSwBA6BJN
RLxCCYz5KvqwUvQrgEctDlIhKRp5aVg=
-----END CERTIFICATE-----
Generated at Fri Jun 12 01:01:09 2026 by rpki-client