Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/yX2U7K3A_lF9PFCEnCcVxg9pI2I.roa
File: yX2U7K3A_lF9PFCEnCcVxg9pI2I.roa (raw, json)
Hash identifier: t622V4g1oH4ceGgfz22V8mzXigeHqlsHyh0wvrDPbR0=
Subject key identifier: C9:7D:94:EC:AD:C0:FE:51:7D:3C:50:84:9C:27:15:C6:0F:69:23:62
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 019DDD5BBB353FAB375EF70D258B7476AAFE
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/yX2U7K3A_lF9PFCEnCcVxg9pI2I.roa
Signing time: Thu 30 Apr 2026 07:47:49 +0000
ROA not before: Thu 30 Apr 2026 07:47:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200019
IP address blocks: 80.96.58.0/23 maxlen: 24
80.96.68.0/24 maxlen: 24
80.96.108.0/24 maxlen: 24
80.96.112.0/24 maxlen: 24
80.96.113.0/24 maxlen: 24
80.97.124.0/24 maxlen: 24
80.97.128.0/20 maxlen: 20
81.180.92.0/23 maxlen: 24
85.120.81.0/24 maxlen: 24
85.120.252.0/24 maxlen: 24
85.120.253.0/24 maxlen: 24
85.121.4.0/23 maxlen: 24
85.121.149.0/24 maxlen: 24
85.121.183.0/24 maxlen: 24
85.122.114.0/24 maxlen: 24
194.102.105.0/24 maxlen: 24
217.156.8.0/23 maxlen: 24
217.156.64.0/24 maxlen: 24
217.156.65.0/24 maxlen: 24
217.156.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:dd:5b:bb:35:3f:ab:37:5e:f7:0d:25:8b:74:76:aa:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Apr 30 07:47:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c97d94ecadc0fe517d3c50849c2715c60f692362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cb:f5:ff:3b:3f:01:98:8a:aa:64:da:3f:f3:
36:aa:6e:16:de:1e:45:b4:9d:29:40:bd:03:50:63:
e1:db:16:a4:8e:fe:37:0e:aa:90:4a:73:18:9a:4c:
6c:c0:6e:e5:e3:3c:67:8e:f9:53:20:92:91:3b:fa:
2d:29:7d:95:5d:4a:f2:fb:73:59:e8:af:2e:e2:87:
a5:f1:09:05:47:0e:94:e0:51:95:41:37:8f:7d:7f:
0e:d1:70:a5:67:55:fa:f8:cf:cd:0d:75:65:e0:74:
c3:a5:3a:05:b7:b8:fa:a8:dc:89:5a:94:a6:d5:a6:
54:e0:ae:a9:0b:8f:ca:fe:68:fd:48:dd:1a:ea:ce:
76:94:3c:70:b9:b7:81:10:bb:95:38:de:ce:ba:c8:
cf:99:b1:6e:31:2b:e9:4d:fe:c6:bc:4e:14:e6:42:
00:fa:b0:00:dc:5f:01:b2:3e:47:bf:6a:89:0e:ac:
cb:12:8b:88:8a:db:57:40:53:7c:29:f5:30:97:9e:
79:0a:e1:28:8a:1c:a3:d1:d5:07:90:e1:5d:3a:f3:
81:9d:16:c6:2a:c7:46:e6:02:a4:41:cb:01:70:31:
ff:44:d9:a7:65:6b:d8:2f:90:71:3e:5b:63:ce:1d:
de:90:26:b0:fa:dd:35:80:05:19:dc:b0:df:4a:a2:
02:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7D:94:EC:AD:C0:FE:51:7D:3C:50:84:9C:27:15:C6:0F:69:23:62
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/yX2U7K3A_lF9PFCEnCcVxg9pI2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.58.0/23
80.96.68.0/24
80.96.108.0/24
80.96.112.0/23
80.97.124.0/24
80.97.128.0/20
81.180.92.0/23
85.120.81.0/24
85.120.252.0/23
85.121.4.0/23
85.121.149.0/24
85.121.183.0/24
85.122.114.0/24
194.102.105.0/24
217.156.8.0/23
217.156.64.0/23
217.156.123.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:5b:a3:3b:de:bd:25:38:01:26:43:55:80:ef:4f:78:c4:2a:
58:78:34:4a:a3:e0:2e:25:88:5c:4a:b7:44:17:a1:e0:72:ff:
34:6b:64:ea:2d:85:1e:7a:24:ac:53:aa:8c:bc:cb:51:88:f7:
a8:27:89:92:87:c0:f7:8e:fc:0d:ed:3a:ec:b9:d1:fa:a7:7a:
ad:f8:3b:04:80:aa:e3:0e:b9:38:6c:ea:6f:d2:6c:f1:01:15:
3b:f3:2c:79:81:24:80:c1:f6:e1:85:e1:44:17:b7:f8:22:a5:
dc:a3:55:1b:dd:87:f5:d0:ae:f9:6d:13:72:65:b5:40:6a:d5:
37:97:b6:53:db:3a:cd:5d:8b:8e:28:70:af:5c:b1:fb:af:04:
fb:10:b5:ef:7b:fe:6c:4c:97:17:92:3f:9a:b6:fb:77:38:09:
27:6b:26:03:63:68:fa:33:6f:db:6b:0f:55:d1:0e:c7:8b:d3:
da:e6:0b:e1:83:4b:ed:91:ba:65:02:22:58:9f:a3:2f:ab:2d:
94:38:7d:dd:bf:dd:5c:81:3b:e0:50:5c:13:93:96:24:fb:9b:
ac:36:49:cd:e2:98:7d:15:01:aa:2b:be:dc:19:a5:0f:ee:12:
74:98:e9:b2:fe:68:72:e3:e9:5a:59:5b:2e:d7:ed:d7:4e:96:
42:30:03:d1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZ3dW7s1P6s3XvcNJYt0dqr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwNDMwMDc0NzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdkOTRlY2FkYzBmZTUxN2QzYzUwODQ5YzI3MTVjNjBmNjkyMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucv1/zs/AZiKqmTaP/M2qm4W3h5F
tJ0pQL0DUGPh2xakjv43DqqQSnMYmkxswG7l4zxnjvlTIJKRO/otKX2VXUry+3NZ
6K8u4oel8QkFRw6U4FGVQTePfX8O0XClZ1X6+M/NDXVl4HTDpToFt7j6qNyJWpSm
1aZU4K6pC4/K/mj9SN0a6s52lDxwubeBELuVON7OusjPmbFuMSvpTf7GvE4U5kIA
+rAA3F8Bsj5Hv2qJDqzLEouIittXQFN8KfUwl555CuEoihyj0dUHkOFdOvOBnRbG
KsdG5gKkQcsBcDH/RNmnZWvYL5BxPltjzh3ekCaw+t01gAUZ3LDfSqIC+QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFMl9lOytwP5RfTxQhJwnFcYPaSNiMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEveVgyVTdLM0FfbEY5UEZDRW5DY1Z4ZzlwSTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBUGA6AwQA
UGBEAwQAUGBsAwQBUGBwAwQAUGF8AwQEUGGAAwQBUbRcAwQAVXhRAwQBVXj8AwQB
VXkEAwQAVXmVAwQAVXm3AwQAVXpyAwQAwmZpAwQB2ZwIAwQB2ZxAAwQA2Zx7MA0G
CSqGSIb3DQEBCwUAA4IBAQC1W6M73r0lOAEmQ1WA7094xCpYeDRKo+AuJYhcSrdE
F6Hgcv80a2TqLYUeeiSsU6qMvMtRiPeoJ4mSh8D3jvwN7TrsudH6p3qt+DsEgKrj
Drk4bOpv0mzxARU78yx5gSSAwfbhheFEF7f4IqXco1Ub3Yf10K75bRNyZbVAatU3
l7ZT2zrNXYuOKHCvXLH7rwT7ELXve/5sTJcXkj+atvt3OAknayYDY2j6M2/baw9V
0Q7Hi9Pa5gvhg0vtkbplAiJYn6Mvqy2UOH3dv91cgTvgUFwTk5Yk+5usNknN4ph9
FQGqK77cGaUP7hJ0mOmy/mhy4+laWVsu1+3XTpZCMAPR
-----END CERTIFICATE-----
Generated at Wed May 13 06:26:53 2026 by rpki-client