Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/iYM-FIy7T-G9R6n2wd4TYw9TnIk.roa
File: iYM-FIy7T-G9R6n2wd4TYw9TnIk.roa (raw, json)
Hash identifier: PXUoRcNc7FF2/MrTmkvz/siqH/fXjLpzh1E05qTAFP8=
Subject key identifier: 89:83:3E:14:8C:BB:4F:E1:BD:47:A9:F6:C1:DE:13:63:0F:53:9C:89
Certificate issuer: /CN=544a82aa5e2eb71719b7f9f049a307b12454497e
Certificate serial: 019DBF5D3F590394F1691B4FB925DE1A7850
Authority key identifier: 54:4A:82:AA:5E:2E:B7:17:19:B7:F9:F0:49:A3:07:B1:24:54:49:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/iYM-FIy7T-G9R6n2wd4TYw9TnIk.roa
Signing time: Fri 24 Apr 2026 12:00:52 +0000
ROA not before: Fri 24 Apr 2026 12:00:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211381
IP address blocks: 188.137.176.0/24 maxlen: 24
188.137.177.0/24 maxlen: 24
188.137.179.0/24 maxlen: 24
188.137.180.0/24 maxlen: 24
188.137.181.0/24 maxlen: 24
188.137.182.0/24 maxlen: 24
188.137.183.0/24 maxlen: 24
188.137.224.0/24 maxlen: 24
188.137.225.0/24 maxlen: 24
188.137.227.0/24 maxlen: 24
188.137.228.0/24 maxlen: 24
188.137.229.0/24 maxlen: 24
188.137.230.0/24 maxlen: 24
188.137.231.0/24 maxlen: 24
188.137.232.0/24 maxlen: 24
188.137.233.0/24 maxlen: 24
188.137.234.0/24 maxlen: 24
188.137.235.0/24 maxlen: 24
188.137.236.0/24 maxlen: 24
188.137.237.0/24 maxlen: 24
188.137.238.0/24 maxlen: 24
188.137.239.0/24 maxlen: 24
188.137.240.0/24 maxlen: 24
188.137.241.0/24 maxlen: 24
188.137.242.0/24 maxlen: 24
188.137.243.0/24 maxlen: 24
188.137.245.0/24 maxlen: 24
188.137.246.0/24 maxlen: 24
188.137.247.0/24 maxlen: 24
188.137.248.0/24 maxlen: 24
188.137.249.0/24 maxlen: 24
188.137.250.0/24 maxlen: 24
188.137.251.0/24 maxlen: 24
188.137.252.0/24 maxlen: 24
188.137.253.0/24 maxlen: 24
188.137.254.0/24 maxlen: 24
188.137.255.0/24 maxlen: 24
212.43.144.0/24 maxlen: 24
212.43.145.0/24 maxlen: 24
212.43.146.0/24 maxlen: 24
212.43.147.0/24 maxlen: 24
212.43.148.0/24 maxlen: 24
212.43.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bf:5d:3f:59:03:94:f1:69:1b:4f:b9:25:de:1a:78:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=544a82aa5e2eb71719b7f9f049a307b12454497e
Validity
Not Before: Apr 24 12:00:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=89833e148cbb4fe1bd47a9f6c1de13630f539c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9f:80:0a:74:95:cb:1f:77:e1:e2:2e:bf:a4:
5a:1f:13:19:de:81:33:cf:1d:11:6a:32:45:5a:cb:
53:d7:6d:33:ed:eb:7c:fe:8e:fc:30:57:6f:09:c0:
67:a6:21:97:22:96:c7:ff:03:42:55:a5:cd:5f:7f:
33:91:90:e5:c7:44:61:b6:36:c1:5d:2c:08:1b:dd:
cb:59:3d:9b:7d:11:69:7e:1b:4e:b8:3d:52:f7:6d:
97:6e:45:37:90:0d:3e:23:34:7b:a8:9e:19:95:f8:
da:fa:84:83:a6:0a:dc:29:c3:25:c8:18:1a:b2:e0:
2a:88:45:c6:84:74:2a:72:23:a3:3b:a7:a7:27:f0:
e3:7c:57:e9:a2:60:30:e4:f8:57:26:54:41:25:d0:
f3:1d:0a:9d:7f:9e:5c:7b:75:af:40:8a:58:be:3d:
c0:0b:8a:14:c0:e7:d6:0a:37:79:e0:26:dd:b3:9e:
24:55:4e:44:91:3a:fd:0c:59:69:94:0e:2a:f3:db:
bb:65:57:5c:07:29:99:76:90:1e:cb:f6:2e:a8:ba:
30:ac:b8:c7:8b:a0:32:ee:cb:81:cd:16:1b:7b:8b:
47:73:7b:bc:5d:a9:e9:37:c4:a3:18:4d:e7:ac:7b:
2a:dc:17:28:71:23:d6:36:0f:7e:56:c3:9c:c7:82:
6f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:83:3E:14:8C:BB:4F:E1:BD:47:A9:F6:C1:DE:13:63:0F:53:9C:89
X509v3 Authority Key Identifier:
keyid:54:4A:82:AA:5E:2E:B7:17:19:B7:F9:F0:49:A3:07:B1:24:54:49:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEqCql4utxcZt_nwSaMHsSRUSX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/iYM-FIy7T-G9R6n2wd4TYw9TnIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c5018c-fdc6-414b-beef-02de0124228e/1/VEqCql4utxcZt_nwSaMHsSRUSX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.137.176.0/23
188.137.179.0-188.137.183.255
188.137.224.0/23
188.137.227.0-188.137.243.255
188.137.245.0-188.137.255.255
212.43.144.0-212.43.149.255
Signature Algorithm: sha256WithRSAEncryption
67:88:e1:a9:47:5a:cf:fc:88:e5:37:db:8b:5c:41:a8:26:53:
96:fd:8a:5f:ff:b7:10:22:f0:36:ad:6a:ad:b4:dd:1c:99:59:
b4:91:fa:5a:94:91:91:47:37:2c:d5:8f:d1:a3:67:88:cf:aa:
d0:e6:e3:ba:84:64:12:78:2e:1e:c9:ea:c2:6a:75:50:be:63:
a1:6c:63:b7:f3:90:2e:e1:f0:3d:db:21:7a:4a:e9:de:33:b2:
a3:44:57:af:36:c9:af:8c:0e:2b:d3:82:11:db:48:42:90:4d:
dd:e0:28:e0:13:8c:e1:73:0e:88:49:a9:bb:3e:d2:13:54:96:
91:b8:cd:ab:6b:e6:0d:e2:8b:a6:8e:d8:c0:86:00:c1:ed:24:
27:ad:13:51:a6:13:2e:0f:de:e3:65:76:73:1c:41:1f:d5:43:
d2:65:40:90:16:71:bc:d4:43:85:78:7a:24:25:a9:3e:d5:92:
36:3e:32:a4:ae:ee:87:27:1a:48:09:69:fa:bd:47:77:7f:b7:
e3:81:9c:d2:47:c2:07:04:e0:4e:c4:3a:04:b6:a9:b9:68:6b:
33:eb:ea:39:d5:f8:6f:d8:39:fc:13:e3:5a:3e:65:5c:f3:00:
c5:9f:b9:90:63:4e:06:0f:0b:7c:ff:5f:85:f9:aa:c8:57:8f:
79:1c:8d:5a
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZ2/XT9ZA5TxaRtPuSXeGnhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NGE4MmFhNWUyZWI3MTcxOWI3ZjlmMDQ5YTMwN2IxMjQ1
NDQ5N2UwHhcNMjYwNDI0MTIwMDUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTgzM2UxNDhjYmI0ZmUxYmQ0N2E5ZjZjMWRlMTM2MzBmNTM5Yzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5+ACnSVyx934eIuv6RaHxMZ3oEz
zx0RajJFWstT120z7et8/o78MFdvCcBnpiGXIpbH/wNCVaXNX38zkZDlx0RhtjbB
XSwIG93LWT2bfRFpfhtOuD1S922XbkU3kA0+IzR7qJ4Zlfja+oSDpgrcKcMlyBga
suAqiEXGhHQqciOjO6enJ/DjfFfpomAw5PhXJlRBJdDzHQqdf55ce3WvQIpYvj3A
C4oUwOfWCjd54Cbds54kVU5EkTr9DFlplA4q89u7ZVdcBymZdpAey/YuqLowrLjH
i6Ay7suBzRYbe4tHc3u8XanpN8SjGE3nrHsq3BcocSPWNg9+VsOcx4JveQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFImDPhSMu0/hvUep9sHeE2MPU5yJMB8GA1UdIwQY
MBaAFFRKgqpeLrcXGbf58EmjB7EkVEl+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVxQ3FsNHV0eGNadF9ud1NhTUhzU1JVU1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9jNTAxOGMtZmRjNi00MTRiLWJlZWYt
MDJkZTAxMjQyMjhlLzEvaVlNLUZJeTdULUc5UjZuMndkNFRZdzlUbklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9jNTAxOGMtZmRjNi00MTRiLWJlZWYtMDJkZTAxMjQyMjhl
LzEvVkVxQ3FsNHV0eGNadF9ud1NhTUhzU1JVU1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzBJBAIAATBDAwQBvImwMAwD
BAC8ibMDBAO8ibADBAG8ieAwDAMEALyJ4wMEAryJ8DALAwQAvIn1AwMBvIgwDAME
BNQrkAMEAdQrlDANBgkqhkiG9w0BAQsFAAOCAQEAZ4jhqUdaz/yI5Tfbi1xBqCZT
lv2KX/+3ECLwNq1qrbTdHJlZtJH6WpSRkUc3LNWP0aNniM+q0ObjuoRkEnguHsnq
wmp1UL5joWxjt/OQLuHwPdshekrp3jOyo0RXrzbJr4wOK9OCEdtIQpBN3eAo4BOM
4XMOiEmpuz7SE1SWkbjNq2vmDeKLpo7YwIYAwe0kJ60TUaYTLg/e42V2cxxBH9VD
0mVAkBZxvNRDhXh6JCWpPtWSNj4ypK7uhycaSAlp+r1Hd3+344Gc0kfCBwTgTsQ6
BLapuWhrM+vqOdX4b9g5/BPjWj5lXPMAxZ+5kGNOBg8LfP9fhfmqyFePeRyNWg==
-----END CERTIFICATE-----
Generated at Wed May 13 07:56:44 2026 by rpki-client