Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YnHYwwLqBU2nGOWMUdqItoadiRM.roa
File: YnHYwwLqBU2nGOWMUdqItoadiRM.roa (raw, json)
Hash identifier: ffUBEJ3XNvNRizTaTMEPTG9oGcTFohVErk9LUxz3a7I=
Subject key identifier: 62:71:D8:C3:02:EA:05:4D:A7:18:E5:8C:51:DA:88:B6:86:9D:89:13
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019DD41883E9EFA14B9838B216727F232884
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YnHYwwLqBU2nGOWMUdqItoadiRM.roa
Signing time: Tue 28 Apr 2026 12:37:49 +0000
ROA not before: Tue 28 Apr 2026 12:37:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216127
IP address blocks: 195.58.38.0/24 maxlen: 24
195.58.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d4:18:83:e9:ef:a1:4b:98:38:b2:16:72:7f:23:28:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 28 12:37:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6271d8c302ea054da718e58c51da88b6869d8913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b5:4d:89:09:a2:46:94:64:ea:6d:3e:7b:16:
33:fb:76:3f:f5:c3:02:7d:85:c4:9d:6c:5e:2f:76:
b5:13:49:f6:9f:dd:8d:87:a8:83:9e:65:0f:ed:aa:
1d:e4:05:55:27:2c:dc:be:86:9e:b5:35:0f:1c:3a:
5b:29:ba:55:e5:57:d7:d4:58:70:c2:c3:d7:ba:07:
3e:39:ae:90:d1:42:4b:e0:dc:33:4e:4a:7b:7a:42:
e3:b0:38:b8:37:81:ad:b3:d6:05:52:68:4d:94:a3:
84:19:17:9a:12:e4:32:06:bd:57:8b:5b:80:4f:2f:
f1:38:c0:89:1c:47:bc:e8:3e:db:15:ff:86:de:04:
a2:69:c2:b9:dc:d8:5d:08:b5:23:7e:d6:ee:13:a0:
7e:46:ea:92:63:67:bd:53:ca:38:82:46:05:7f:92:
28:e8:36:13:43:ff:b0:ea:cb:4a:8a:77:48:ec:6b:
5e:45:20:82:16:68:52:19:c3:01:aa:6c:53:c8:55:
33:90:e2:7e:43:ef:cf:25:b4:99:05:1d:c1:42:bf:
8f:f7:8c:f9:d0:d4:c2:f0:b6:95:30:e7:b7:f8:20:
28:19:47:31:85:d9:30:e8:c8:39:43:be:c4:17:32:
b3:43:7c:1e:6b:8d:cb:e4:a0:6b:14:8d:33:e4:d8:
2e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:71:D8:C3:02:EA:05:4D:A7:18:E5:8C:51:DA:88:B6:86:9D:89:13
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YnHYwwLqBU2nGOWMUdqItoadiRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.38.0/23
Signature Algorithm: sha256WithRSAEncryption
19:67:8a:d4:4a:d3:08:77:7b:27:15:b6:36:0d:0c:24:3c:4c:
03:01:ae:e9:c8:3f:b0:14:03:87:84:32:22:d1:c0:ad:19:35:
5b:e9:d0:d2:c5:00:22:db:85:af:86:82:95:7f:00:55:45:6d:
03:9a:c7:8f:a3:04:d5:cb:22:05:b4:f9:38:76:93:8b:a5:24:
41:e9:9c:0c:ed:34:dc:1c:1f:b2:6b:2a:e8:6c:42:57:6e:34:
ca:05:20:6f:cf:b8:23:3f:68:b6:76:75:18:9e:49:e1:1a:b2:
6b:a2:9a:5a:97:7c:30:c0:31:e8:b1:2f:2f:56:58:b9:1d:99:
2e:09:f9:9b:c9:fe:46:c5:ac:24:08:43:6c:72:64:0d:d6:b9:
f1:c7:6d:d2:01:fe:de:77:0e:3d:59:7f:be:d3:e1:bc:77:79:
dd:0d:02:55:c2:16:ea:5a:75:6c:b1:7f:24:46:23:83:b2:9e:
8a:52:bc:d8:d1:90:19:20:bc:fe:16:98:db:76:ba:e3:70:5e:
8b:71:36:39:6b:7d:d8:f4:93:9a:34:32:88:30:9e:57:bd:bb:
fe:8e:4f:a7:4b:65:fd:ba:5c:82:79:ab:5e:9f:cc:55:55:36:
b1:81:f8:d8:9b:38:19:cf:a7:55:d4:19:ff:fc:1e:bd:1a:db:
f9:7c:dd:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3UGIPp76FLmDiyFnJ/IyiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwNDI4MTIzNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjcxZDhjMzAyZWEwNTRkYTcxOGU1OGM1MWRhODhiNjg2OWQ4OTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLVNiQmiRpRk6m0+exYz+3Y/9cMC
fYXEnWxeL3a1E0n2n92Nh6iDnmUP7aod5AVVJyzcvoaetTUPHDpbKbpV5VfX1Fhw
wsPXugc+Oa6Q0UJL4NwzTkp7ekLjsDi4N4Gts9YFUmhNlKOEGReaEuQyBr1Xi1uA
Ty/xOMCJHEe86D7bFf+G3gSiacK53NhdCLUjftbuE6B+RuqSY2e9U8o4gkYFf5Io
6DYTQ/+w6stKindI7GteRSCCFmhSGcMBqmxTyFUzkOJ+Q+/PJbSZBR3BQr+P94z5
0NTC8LaVMOe3+CAoGUcxhdkw6Mg5Q77EFzKzQ3wea43L5KBrFI0z5NguGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJx2MMC6gVNpxjljFHaiLaGnYkTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWW5IWXd3THFCVTJuR09XTVVkcUl0b2FkaVJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzomMA0G
CSqGSIb3DQEBCwUAA4IBAQAZZ4rUStMId3snFbY2DQwkPEwDAa7pyD+wFAOHhDIi
0cCtGTVb6dDSxQAi24WvhoKVfwBVRW0DmsePowTVyyIFtPk4dpOLpSRB6ZwM7TTc
HB+yayrobEJXbjTKBSBvz7gjP2i2dnUYnknhGrJroppal3wwwDHosS8vVli5HZku
Cfmbyf5GxawkCENscmQN1rnxx23SAf7edw49WX++0+G8d3ndDQJVwhbqWnVssX8k
RiODsp6KUrzY0ZAZILz+FpjbdrrjcF6LcTY5a33Y9JOaNDKIMJ5Xvbv+jk+nS2X9
ulyCeaten8xVVTaxgfjYmzgZz6dV1Bn//B69Gtv5fN00
-----END CERTIFICATE-----
Generated at Tue May 12 21:45:04 2026 by rpki-client