Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/YzpO8VmPqRTAiscSwEyGgcQi0Dk.roa
File: YzpO8VmPqRTAiscSwEyGgcQi0Dk.roa (raw, json)
Hash identifier: 6HjwbvCZxiS3ilZKcje0H+9ezmbZKBAXqwTXh4igaqk=
Subject key identifier: 63:3A:4E:F1:59:8F:A9:14:C0:8A:C7:12:C0:4C:86:81:C4:22:D0:39
Certificate issuer: /CN=544a82aa5e2eb71719b7f9f049a307b12454497e
Certificate serial: 019D1B1279F9788DAD9C97895CCC9B8D3E04
Authority key identifier: 54:4A:82:AA:5E:2E:B7:17:19:B7:F9:F0:49:A3:07:B1:24:54:49:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/YzpO8VmPqRTAiscSwEyGgcQi0Dk.roa
Signing time: Mon 23 Mar 2026 14:21:28 +0000
ROA not before: Mon 23 Mar 2026 14:21:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211381
IP address blocks: 188.137.176.0/24 maxlen: 24
188.137.177.0/24 maxlen: 24
188.137.179.0/24 maxlen: 24
188.137.180.0/24 maxlen: 24
188.137.181.0/24 maxlen: 24
188.137.182.0/24 maxlen: 24
188.137.183.0/24 maxlen: 24
188.137.224.0/24 maxlen: 24
188.137.225.0/24 maxlen: 24
188.137.227.0/24 maxlen: 24
188.137.228.0/24 maxlen: 24
188.137.229.0/24 maxlen: 24
188.137.230.0/24 maxlen: 24
188.137.231.0/24 maxlen: 24
188.137.232.0/24 maxlen: 24
188.137.233.0/24 maxlen: 24
188.137.234.0/24 maxlen: 24
188.137.235.0/24 maxlen: 24
188.137.240.0/24 maxlen: 24
188.137.241.0/24 maxlen: 24
188.137.242.0/24 maxlen: 24
188.137.243.0/24 maxlen: 24
188.137.245.0/24 maxlen: 24
188.137.246.0/24 maxlen: 24
188.137.247.0/24 maxlen: 24
188.137.248.0/24 maxlen: 24
188.137.249.0/24 maxlen: 24
188.137.250.0/24 maxlen: 24
188.137.251.0/24 maxlen: 24
188.137.252.0/24 maxlen: 24
188.137.253.0/24 maxlen: 24
188.137.254.0/24 maxlen: 24
188.137.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:12:79:f9:78:8d:ad:9c:97:89:5c:cc:9b:8d:3e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=544a82aa5e2eb71719b7f9f049a307b12454497e
Validity
Not Before: Mar 23 14:21:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=633a4ef1598fa914c08ac712c04c8681c422d039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:44:d2:85:d8:45:85:2e:2d:cd:fb:17:10:ef:
5c:c6:95:45:d4:4a:72:0b:56:7a:5d:29:ff:d1:49:
ed:4b:0b:87:ba:25:16:4d:0a:ee:3d:7e:11:0b:d5:
c7:7d:48:3a:5e:e0:b1:35:9a:b5:f4:dc:35:f9:5a:
10:cb:a2:1b:32:2e:97:de:ba:5c:ab:e3:03:70:87:
2b:9f:7f:09:ca:d7:c6:d3:2b:b1:b4:23:76:ce:19:
6c:4c:64:07:a4:09:ac:84:6a:e7:cf:aa:86:b5:af:
4c:c4:72:0e:a5:f9:ff:15:77:e4:f7:5f:ab:11:2a:
9a:cd:7f:2f:78:64:8f:e1:41:24:8c:4e:3d:46:f7:
d0:7a:d5:aa:ef:78:65:63:be:eb:31:80:3b:84:d0:
94:b8:67:3c:b5:ed:76:c7:de:8a:3e:85:db:53:df:
81:50:4c:cf:1c:91:69:3b:5b:4f:06:6a:37:88:8c:
c6:dd:9c:c6:11:da:77:59:f5:85:5a:32:3b:ab:70:
60:9e:89:c6:28:93:5f:68:78:fc:16:c2:4e:19:63:
de:d6:5b:fb:26:08:f9:6b:b3:3c:5a:91:c2:e7:70:
c8:a0:7e:04:54:87:2e:4b:88:d0:6f:d7:61:12:5a:
de:74:74:cf:25:a1:f6:ab:a6:eb:13:43:ae:14:1c:
a6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3A:4E:F1:59:8F:A9:14:C0:8A:C7:12:C0:4C:86:81:C4:22:D0:39
X509v3 Authority Key Identifier:
keyid:54:4A:82:AA:5E:2E:B7:17:19:B7:F9:F0:49:A3:07:B1:24:54:49:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/YzpO8VmPqRTAiscSwEyGgcQi0Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.137.176.0/23
188.137.179.0-188.137.183.255
188.137.224.0/23
188.137.227.0-188.137.235.255
188.137.240.0/22
188.137.245.0-188.137.255.255
Signature Algorithm: sha256WithRSAEncryption
18:0d:8f:3f:9d:6f:38:ac:63:e0:c6:f3:63:13:da:e4:eb:45:
fa:23:fc:20:cb:94:ef:e0:18:8b:b4:5c:6c:0b:d6:ca:de:a1:
7f:e2:36:2d:0b:e7:4d:dd:91:25:ff:4d:f0:d1:f4:65:38:4e:
55:17:c7:7d:12:2a:12:4d:0d:e9:1d:a1:0b:3b:af:90:2a:e5:
f7:53:6f:4f:e8:f3:58:b8:75:0c:c3:6c:37:8c:a1:51:a8:be:
01:64:5a:27:f3:12:26:a3:d5:fc:5f:35:2b:be:66:00:f4:2d:
2a:91:29:0a:0c:32:2e:85:6d:16:31:ef:b5:9c:e5:2c:07:52:
79:95:fe:5b:7f:6f:3e:27:8a:d1:24:9d:59:6a:7e:05:61:ef:
05:05:6e:3a:1a:3b:10:cb:e7:2d:cb:31:80:29:d4:c1:6c:b0:
65:05:2e:de:95:02:50:9c:85:52:6a:64:aa:af:4b:05:89:2d:
dc:77:ff:c9:90:a6:28:c7:6f:45:4f:00:f5:15:c6:34:39:67:
0e:b0:79:d3:68:25:e1:ee:b5:14:9b:5c:1a:1e:08:4d:1c:f9:
67:08:f7:c4:de:4b:c7:dc:ea:fb:1e:7a:9b:45:3a:59:19:40:
91:43:e3:d2:eb:25:4c:cb:5f:15:3c:08:59:3a:7f:e9:e8:51:
e0:21:8f:18
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZ0bEnn5eI2tnJeJXMybjT4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NGE4MmFhNWUyZWI3MTcxOWI3ZjlmMDQ5YTMwN2IxMjQ1
NDQ5N2UwHhcNMjYwMzIzMTQyMTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzNhNGVmMTU5OGZhOTE0YzA4YWM3MTJjMDRjODY4MWM0MjJkMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ETShdhFhS4tzfsXEO9cxpVF1Epy
C1Z6XSn/0UntSwuHuiUWTQruPX4RC9XHfUg6XuCxNZq19Nw1+VoQy6IbMi6X3rpc
q+MDcIcrn38JytfG0yuxtCN2zhlsTGQHpAmshGrnz6qGta9MxHIOpfn/FXfk91+r
ESqazX8veGSP4UEkjE49RvfQetWq73hlY77rMYA7hNCUuGc8te12x96KPoXbU9+B
UEzPHJFpO1tPBmo3iIzG3ZzGEdp3WfWFWjI7q3BgnonGKJNfaHj8FsJOGWPe1lv7
Jgj5a7M8WpHC53DIoH4EVIcuS4jQb9dhElredHTPJaH2q6brE0OuFBymvQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFGM6TvFZj6kUwIrHEsBMhoHEItA5MB8GA1UdIwQY
MBaAFFRKgqpeLrcXGbf58EmjB7EkVEl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVxQ3FsNHV0eGNadF9ud1NhTUhzU1JVU1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9jNTAxOGMtZmRjNi00MTRiLWJlZWYt
MDJkZTAxMjQyMjhlLzEvWXpwTzhWbVBxUlRBaXNjU3dFeUdnY1FpMERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9jNTAxOGMtZmRjNi00MTRiLWJlZWYtMDJkZTAxMjQyMjhl
LzEvVkVxQ3FsNHV0eGNadF9ud1NhTUhzU1JVU1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzBBBAIAATA7AwQBvImwMAwD
BAC8ibMDBAO8ibADBAG8ieAwDAMEALyJ4wMEAryJ6AMEAryJ8DALAwQAvIn1AwMB
vIgwDQYJKoZIhvcNAQELBQADggEBABgNjz+dbzisY+DG82MT2uTrRfoj/CDLlO/g
GIu0XGwL1sreoX/iNi0L503dkSX/TfDR9GU4TlUXx30SKhJNDekdoQs7r5Aq5fdT
b0/o81i4dQzDbDeMoVGovgFkWifzEiaj1fxfNSu+ZgD0LSqRKQoMMi6FbRYx77Wc
5SwHUnmV/lt/bz4nitEknVlqfgVh7wUFbjoaOxDL5y3LMYAp1MFssGUFLt6VAlCc
hVJqZKqvSwWJLdx3/8mQpijHb0VPAPUVxjQ5Zw6wedNoJeHutRSbXBoeCE0c+WcI
98TeS8fc6vseeptFOlkZQJFD49LrJUzLXxU8CFk6f+noUeAhjxg=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:07:32 2026 by rpki-client