Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/y-o-RSzrKEuqqhmI3pTqkmepJlI.roa
File: y-o-RSzrKEuqqhmI3pTqkmepJlI.roa (raw, json)
Hash identifier: sDw4Jnk/P1UOG7+pA/2W/NiRNcR8k81PrPrZaCHdMUU=
Subject key identifier: CB:EA:3E:45:2C:EB:28:4B:AA:AA:19:88:DE:94:EA:92:67:A9:26:52
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019E1CDBF53714249BBB0D12E6193CB4732E
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/y-o-RSzrKEuqqhmI3pTqkmepJlI.roa
Signing time: Tue 12 May 2026 15:43:57 +0000
ROA not before: Tue 12 May 2026 15:43:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209737
IP address blocks: 109.236.49.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:db:f5:37:14:24:9b:bb:0d:12:e6:19:3c:b4:73:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 12 15:43:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cbea3e452ceb284baaaa1988de94ea9267a92652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b7:b1:23:38:63:23:15:83:db:e0:eb:23:b7:
8a:04:4b:6b:ea:b3:a1:6b:38:6c:bd:d9:e0:71:00:
d2:02:db:d5:e1:37:7b:5d:00:30:98:b8:88:7f:04:
93:da:43:ca:2b:b2:e4:6f:41:8c:4a:c0:66:d3:ff:
e0:c1:9f:8b:c9:7a:67:2f:a5:ad:7e:b5:6c:79:b8:
b8:41:de:c7:a7:99:9f:84:4e:55:71:a9:e4:95:40:
b3:53:f1:e6:df:8f:0f:e2:87:1d:fe:96:4b:2d:6e:
d7:fd:96:7f:2f:4b:81:a0:f8:28:fc:1e:33:48:9d:
59:07:ed:97:d0:d0:d6:90:b7:59:b7:6c:96:95:83:
dc:e8:df:70:06:10:93:9d:4f:d1:df:98:82:e0:02:
26:ff:98:ee:5d:0a:49:cb:80:81:7f:91:bd:b7:51:
fc:07:4e:05:be:2e:9b:16:73:96:57:fe:f3:64:43:
69:a0:d5:77:2e:bd:08:6c:4a:77:e6:a8:4b:b8:03:
c1:46:27:fa:73:2a:f0:bd:13:45:cd:90:5a:71:69:
0c:24:aa:51:29:02:94:23:8e:32:48:b7:2e:6e:c5:
6b:dc:4a:78:25:27:ca:8e:3d:f4:ea:3e:c5:25:c8:
49:0a:ba:bb:b9:37:39:53:bf:8a:d1:2c:6c:50:ad:
63:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EA:3E:45:2C:EB:28:4B:AA:AA:19:88:DE:94:EA:92:67:A9:26:52
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/y-o-RSzrKEuqqhmI3pTqkmepJlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0/24
109.236.51.0/24
185.254.28.0/24
193.35.155.0/24
Signature Algorithm: sha256WithRSAEncryption
25:b9:d1:23:9e:1c:fb:57:a1:0c:00:3d:ae:ab:43:be:e3:a4:
ca:04:6d:0d:f2:9a:8d:39:bb:a8:06:8f:aa:ea:5b:ef:91:d0:
41:21:44:40:c4:60:4e:2b:80:f6:82:ae:62:63:8d:80:0f:28:
5f:f3:d6:4c:91:42:99:51:d0:5d:cc:23:9a:85:48:3b:9b:99:
6c:e2:17:96:66:7e:75:6b:1a:26:46:25:72:d5:8e:9c:73:69:
15:ec:eb:bc:f4:a0:40:1c:3f:f3:b8:0b:6f:75:21:3f:0f:70:
52:7e:18:74:18:a7:40:0d:cf:99:34:76:63:ba:36:73:f8:be:
f8:06:45:29:dc:c7:cd:9b:3f:a9:9a:90:63:46:8a:db:e7:a4:
83:72:12:7e:61:fe:1a:4d:ac:2b:5f:30:52:a0:d2:83:36:56:
70:18:1a:12:6d:d0:d6:54:79:a9:1e:30:94:d4:3d:e4:40:b4:
a4:a2:8c:d6:86:b5:07:e7:89:6e:cb:13:f3:d0:bb:21:2d:da:
aa:4b:42:47:97:10:17:12:86:32:ed:2e:e8:3f:68:6d:08:5a:
0d:8c:88:99:ff:4e:7d:f6:66:fd:e2:09:48:3a:8e:28:a3:1f:
e9:2e:62:a3:31:c0:3b:c5:a6:85:63:7a:c6:31:e7:e0:b0:f5:
5c:73:e0:fb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4c2/U3FCSbuw0S5hk8tHMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjYwNTEyMTU0MzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmVhM2U0NTJjZWIyODRiYWFhYTE5ODhkZTk0ZWE5MjY3YTkyNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrexIzhjIxWD2+DrI7eKBEtr6rOh
azhsvdngcQDSAtvV4Td7XQAwmLiIfwST2kPKK7Lkb0GMSsBm0//gwZ+LyXpnL6Wt
frVsebi4Qd7Hp5mfhE5VcanklUCzU/Hm348P4ocd/pZLLW7X/ZZ/L0uBoPgo/B4z
SJ1ZB+2X0NDWkLdZt2yWlYPc6N9wBhCTnU/R35iC4AIm/5juXQpJy4CBf5G9t1H8
B04Fvi6bFnOWV/7zZENpoNV3Lr0IbEp35qhLuAPBRif6cyrwvRNFzZBacWkMJKpR
KQKUI44ySLcubsVr3Ep4JSfKjj306j7FJchJCrq7uTc5U7+K0SxsUK1j0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMvqPkUs6yhLqqoZiN6U6pJnqSZSMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEveS1vLVJTenJLRXVxcWhtSTNwVHFrbWVwSmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbewxAwQA
bewzAwQAuf4cAwQAwSObMA0GCSqGSIb3DQEBCwUAA4IBAQAludEjnhz7V6EMAD2u
q0O+46TKBG0N8pqNObuoBo+q6lvvkdBBIURAxGBOK4D2gq5iY42ADyhf89ZMkUKZ
UdBdzCOahUg7m5ls4heWZn51axomRiVy1Y6cc2kV7Ou89KBAHD/zuAtvdSE/D3BS
fhh0GKdADc+ZNHZjujZz+L74BkUp3MfNmz+pmpBjRorb56SDchJ+Yf4aTawrXzBS
oNKDNlZwGBoSbdDWVHmpHjCU1D3kQLSkoozWhrUH54luyxPz0LshLdqqS0JHlxAX
EoYy7S7oP2htCFoNjIiZ/0599mb94glIOo4oox/pLmKjMcA7xaaFY3rGMefgsPVc
c+D7
-----END CERTIFICATE-----
Generated at Wed May 13 12:12:19 2026 by rpki-client