Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/Y0yvGwL8N-nOEiU7zOM6SSHHJLQ.roa
File: Y0yvGwL8N-nOEiU7zOM6SSHHJLQ.roa (raw, json)
Hash identifier: 8/QpRSCZ4OTmfd3cZORygSL1Lec3LinxRtnyUo2sHK8=
Subject key identifier: 63:4C:AF:1B:02:FC:37:E9:CE:12:25:3B:CC:E3:3A:49:21:C7:24:B4
Certificate issuer: /CN=1d4e959200aea8fb929158b73e8c0e69a88dc5e9
Certificate serial: 019D1F4B41B363ED50DAD966E1E45F111A6D
Authority key identifier: 1D:4E:95:92:00:AE:A8:FB:92:91:58:B7:3E:8C:0E:69:A8:8D:C5:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HU6VkgCuqPuSkVi3PowOaaiNxek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/Y0yvGwL8N-nOEiU7zOM6SSHHJLQ.roa
Signing time: Tue 24 Mar 2026 10:01:58 +0000
ROA not before: Tue 24 Mar 2026 10:01:58 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62275
IP address blocks: 5.62.72.0/21 maxlen: 24
45.74.200.0/21 maxlen: 24
185.40.212.0/22 maxlen: 24
185.221.72.0/22 maxlen: 24
185.234.112.0/24 maxlen: 24
193.254.12.0/22 maxlen: 24
2a01:ab40::/29 maxlen: 48
2a04:8640::/29 maxlen: 29
2a0c:8000::/29 maxlen: 29
2a0c:e2c0::/29 maxlen: 29
2a10:acc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/HU6VkgCuqPuSkVi3PowOaaiNxek.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/HU6VkgCuqPuSkVi3PowOaaiNxek.mft
rsync://rpki.ripe.net/repository/DEFAULT/HU6VkgCuqPuSkVi3PowOaaiNxek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:4b:41:b3:63:ed:50:da:d9:66:e1:e4:5f:11:1a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d4e959200aea8fb929158b73e8c0e69a88dc5e9
Validity
Not Before: Mar 24 10:01:58 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=634caf1b02fc37e9ce12253bcce33a4921c724b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a4:45:6b:20:dd:3e:81:99:c6:fb:53:e7:fa:
78:18:1a:24:65:e6:0f:9f:79:56:cb:e4:a8:3d:d0:
58:ec:4e:5e:4e:70:7b:89:7c:3f:a4:c6:7b:71:0e:
01:79:19:c8:30:29:2c:40:4f:9a:83:6c:aa:87:9d:
66:99:c1:b6:3a:0a:67:b0:67:a5:b6:79:b5:7d:ee:
6b:60:21:a7:53:36:ac:17:8a:d3:2d:82:b0:5f:24:
d9:3d:ce:da:4e:0a:bc:27:cc:3e:ee:a3:02:f3:be:
17:76:db:e3:ba:a2:f4:0e:c9:a1:b5:d7:db:d8:b5:
09:ef:f2:08:30:97:7d:af:04:06:55:86:48:e2:f4:
8b:7f:2f:df:5b:ac:50:40:88:96:14:13:fa:b2:33:
7b:b9:ff:64:12:c0:c9:b4:28:cc:ef:a7:96:af:23:
e7:0f:1d:6f:78:1e:84:91:98:fb:f7:db:75:1a:85:
0d:04:13:1f:a5:70:03:09:b8:b1:02:81:b9:52:49:
7c:a9:86:b2:d5:8b:7d:3c:66:58:90:1e:cb:9f:8a:
fe:35:c3:86:9d:da:c9:ab:ea:01:bf:66:f4:c9:5e:
0e:29:b6:e3:93:97:42:7b:6a:be:94:04:67:a0:38:
3f:9d:cd:b6:75:b8:2f:ce:c7:f7:41:e7:f4:68:3f:
05:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4C:AF:1B:02:FC:37:E9:CE:12:25:3B:CC:E3:3A:49:21:C7:24:B4
X509v3 Authority Key Identifier:
keyid:1D:4E:95:92:00:AE:A8:FB:92:91:58:B7:3E:8C:0E:69:A8:8D:C5:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HU6VkgCuqPuSkVi3PowOaaiNxek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/Y0yvGwL8N-nOEiU7zOM6SSHHJLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/04d364-560f-4b36-8f2a-2b536cf7b825/1/HU6VkgCuqPuSkVi3PowOaaiNxek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.72.0/21
45.74.200.0/21
185.40.212.0/22
185.221.72.0/22
185.234.112.0/24
193.254.12.0/22
IPv6:
2a01:ab40::/29
2a04:8640::/29
2a0c:8000::/29
2a0c:e2c0::/29
2a10:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
36:8c:a3:bc:0e:a6:4a:81:d1:e7:9c:c8:74:32:81:4e:79:07:
ef:73:74:33:8c:1d:e8:a2:d2:7d:45:e1:42:50:4f:35:87:a3:
33:8f:2d:2d:ec:39:1c:48:7a:97:db:cf:a1:5c:56:4a:9c:ce:
ac:43:a7:8d:6f:96:6f:0f:8d:d7:b4:74:16:af:2f:01:c7:0f:
af:2e:ab:2b:f4:fc:ef:38:dd:31:8e:c6:6f:8a:4a:0b:18:15:
32:0d:66:75:70:6b:fe:5f:5c:1b:13:53:30:2d:2a:b6:58:a0:
19:ac:05:b5:9e:8c:d3:e5:90:6e:db:91:d1:41:fb:ed:1e:1e:
32:d7:aa:37:0e:12:61:06:07:80:e2:5d:c9:76:c8:c8:f2:8f:
19:d5:a8:f0:27:3d:33:d2:64:40:ed:75:ca:6a:4a:a3:6a:b6:
2e:c3:c9:e6:5f:13:47:48:cf:6b:94:45:1d:0b:07:20:32:bc:
71:bf:65:ed:83:b4:ce:02:0b:28:fc:88:ab:34:92:7d:03:7a:
ea:0e:86:7e:66:03:d2:38:fa:ab:13:81:9a:93:1e:c5:85:79:
11:15:87:f7:be:9a:d0:c7:72:72:4b:00:42:d3:a8:78:d8:88:
77:a4:a4:8e:c8:2a:af:e5:e2:d4:da:9b:e0:3d:a3:9a:ec:42:
83:43:b8:68
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZ0fS0GzY+1Q2tlm4eRfERptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNGU5NTkyMDBhZWE4ZmI5MjkxNThiNzNlOGMwZTY5YTg4
ZGM1ZTkwHhcNMjYwMzI0MTAwMTU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzRjYWYxYjAyZmMzN2U5Y2UxMjI1M2JjY2UzM2E0OTIxYzcyNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKRFayDdPoGZxvtT5/p4GBokZeYP
n3lWy+SoPdBY7E5eTnB7iXw/pMZ7cQ4BeRnIMCksQE+ag2yqh51mmcG2OgpnsGel
tnm1fe5rYCGnUzasF4rTLYKwXyTZPc7aTgq8J8w+7qMC874XdtvjuqL0Dsmhtdfb
2LUJ7/IIMJd9rwQGVYZI4vSLfy/fW6xQQIiWFBP6sjN7uf9kEsDJtCjM76eWryPn
Dx1veB6EkZj799t1GoUNBBMfpXADCbixAoG5Ukl8qYay1Yt9PGZYkB7Ln4r+NcOG
ndrJq+oBv2b0yV4OKbbjk5dCe2q+lARnoDg/nc22dbgvzsf3Qef0aD8FKQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFGNMrxsC/DfpzhIlO8zjOkkhxyS0MB8GA1UdIwQY
MBaAFB1OlZIArqj7kpFYtz6MDmmojcXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFU2VmtnQ3VxUHVTa1ZpM1Bvd09hYWlOeGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wNGQzNjQtNTYwZi00YjM2LThmMmEt
MmI1MzZjZjdiODI1LzEvWTB5dkd3TDhOLW5PRWlVN3pPTTZTU0hISkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wNGQzNjQtNTYwZi00YjM2LThmMmEtMmI1MzZjZjdiODI1
LzEvSFU2VmtnQ3VxUHVTa1ZpM1Bvd09hYWlOeGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAqBAIAATAkAwQDBT5IAwQD
LUrIAwQCuSjUAwQCud1IAwQAuepwAwQCwf4MMCkEAgACMCMDBQMqAatAAwUDKgSG
QAMFAyoMgAADBQMqDOLAAwUDKhCswDANBgkqhkiG9w0BAQsFAAOCAQEANoyjvA6m
SoHR55zIdDKBTnkH73N0M4wd6KLSfUXhQlBPNYejM48tLew5HEh6l9vPoVxWSpzO
rEOnjW+Wbw+N17R0Fq8vAccPry6rK/T87zjdMY7Gb4pKCxgVMg1mdXBr/l9cGxNT
MC0qtligGawFtZ6M0+WQbtuR0UH77R4eMteqNw4SYQYHgOJdyXbIyPKPGdWo8Cc9
M9JkQO11ympKo2q2LsPJ5l8TR0jPa5RFHQsHIDK8cb9l7YO0zgILKPyIqzSSfQN6
6g6GfmYD0jj6qxOBmpMexYV5ERWH976a0MdycksAQtOoeNiId6Skjsgqr+Xi1Nqb
4D2jmuxCg0O4aA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:22:56 2026 by rpki-client