Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/y_gojKnDnZzZHsEeNnZQ31G1uz4.roa
File: y_gojKnDnZzZHsEeNnZQ31G1uz4.roa (raw, json)
Hash identifier: 2YwGvv1al1j+1E58q+1oxnaZ/qrlC5OmEg9/J8iZ+tU=
Subject key identifier: CB:F8:28:8C:A9:C3:9D:9C:D9:1E:C1:1E:36:76:50:DF:51:B5:BB:3E
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019DCF12C5A4CBCC60F86A5832E154543CD3
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/y_gojKnDnZzZHsEeNnZQ31G1uz4.roa
Signing time: Mon 27 Apr 2026 13:13:26 +0000
ROA not before: Mon 27 Apr 2026 13:13:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62240
IP address blocks: 45.150.181.0/24 maxlen: 24
45.150.182.0/24 maxlen: 24
45.150.183.0/24 maxlen: 24
84.51.232.0/24 maxlen: 24
92.51.234.0/24 maxlen: 24
92.51.235.0/24 maxlen: 24
92.51.255.0/24 maxlen: 24
103.210.196.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
147.90.119.0/24 maxlen: 24
155.2.180.0/24 maxlen: 24
155.2.181.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
192.140.220.0/24 maxlen: 24
192.140.221.0/24 maxlen: 24
203.188.165.0/24 maxlen: 24
203.188.181.0/24 maxlen: 24
213.254.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 01:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:12:c5:a4:cb:cc:60:f8:6a:58:32:e1:54:54:3c:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 27 13:13:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cbf8288ca9c39d9cd91ec11e367650df51b5bb3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:81:3c:12:05:a2:af:f0:e6:3c:cf:e5:8e:ec:
28:df:1e:d3:5c:fb:cd:fe:72:25:7c:79:3e:48:e9:
06:a7:6f:c9:95:4d:84:a6:e4:9c:75:bd:3e:c7:29:
4e:d5:da:a3:1c:19:2a:bd:54:9e:76:9c:aa:b9:73:
0a:e8:1e:37:36:f0:cc:d3:a7:84:85:f2:a2:31:0e:
e3:ac:55:61:9f:bd:29:d0:da:f5:89:c0:44:6d:f6:
ce:93:c4:45:9a:bd:e6:7a:d4:f0:1e:40:78:c5:a3:
b5:35:59:95:dc:29:4a:f6:d1:bf:d7:37:a5:a5:96:
b3:3c:49:78:71:f2:81:39:02:c2:b8:0f:a4:d1:f6:
bd:64:68:50:92:ad:5c:f7:93:a4:d6:61:78:af:05:
ea:1d:e0:c3:fe:42:a1:89:2e:47:e3:d5:51:3e:cc:
43:f9:e9:d7:57:7b:b8:e9:10:9d:6f:d9:44:37:dc:
e2:b5:57:20:a5:94:44:9b:aa:9d:1d:f7:36:ec:93:
30:9a:1e:40:93:bb:14:2c:f7:19:40:5a:c1:1a:9b:
4f:b2:ef:35:9a:c2:4e:1a:c0:97:2e:ed:ca:4e:7f:
01:a5:1c:e7:3e:3f:69:d6:27:6c:f0:ba:66:3e:b5:
08:8d:3f:b5:1f:60:ac:f9:bf:63:70:22:20:f2:ba:
a4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F8:28:8C:A9:C3:9D:9C:D9:1E:C1:1E:36:76:50:DF:51:B5:BB:3E
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/y_gojKnDnZzZHsEeNnZQ31G1uz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.181.0-45.150.183.255
84.51.232.0/24
92.51.234.0/23
92.51.255.0/24
103.210.196.0/24
107.150.166.0/24
147.90.119.0/24
155.2.180.0/23
185.161.111.0/24
192.140.220.0/23
203.188.165.0/24
203.188.181.0/24
213.254.160.0/24
Signature Algorithm: sha256WithRSAEncryption
14:4e:da:a2:7f:29:d3:1d:06:75:1a:3a:96:6d:e5:b0:73:34:
93:12:9a:56:f7:b5:a7:0b:b0:19:d3:a3:94:c2:8f:d7:77:d6:
3c:e6:60:dc:be:4a:9e:a6:51:40:3c:e2:6e:ad:38:46:a0:75:
ac:9e:7d:a8:d4:d4:66:8b:aa:09:4b:2f:5f:a4:7c:39:5b:3a:
80:6a:f3:a7:f1:75:6e:39:b7:f2:49:5d:a0:ea:8d:47:14:c4:
86:d0:45:a6:b7:c9:6e:61:7b:d3:9a:4b:2a:63:2f:42:7f:49:
eb:3c:63:7b:98:c2:40:87:56:79:eb:69:1f:77:7f:30:b4:b0:
d7:81:80:f2:ac:1c:71:71:93:64:67:bb:d8:1b:4f:53:87:b3:
dd:0e:67:44:2d:0c:d2:d3:03:ab:5c:04:10:d3:46:97:f1:30:
ff:f4:94:b1:13:bd:5d:61:65:5f:75:31:b2:08:2b:16:f9:1c:
11:e9:75:90:1a:9b:8c:da:6a:d2:a6:b2:43:03:b2:61:b3:5f:
30:9e:d6:ff:45:ec:e4:c4:a6:81:2f:f4:b1:b5:cb:4e:08:08:
59:88:c8:5d:41:7b:98:49:a8:3c:32:85:62:71:bf:bb:28:f2:
c9:fc:37:09:44:50:46:a2:67:e4:33:71:70:dd:5a:1a:ee:19:
2f:16:b5:ed
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZ3PEsWky8xg+GpYMuFUVDzTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNDI3MTMxMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY4Mjg4Y2E5YzM5ZDljZDkxZWMxMWUzNjc2NTBkZjUxYjViYjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoE8EgWir/DmPM/ljuwo3x7TXPvN
/nIlfHk+SOkGp2/JlU2EpuScdb0+xylO1dqjHBkqvVSedpyquXMK6B43NvDM06eE
hfKiMQ7jrFVhn70p0Nr1icBEbfbOk8RFmr3metTwHkB4xaO1NVmV3ClK9tG/1zel
pZazPEl4cfKBOQLCuA+k0fa9ZGhQkq1c95Ok1mF4rwXqHeDD/kKhiS5H49VRPsxD
+enXV3u46RCdb9lEN9zitVcgpZREm6qdHfc27JMwmh5Ak7sULPcZQFrBGptPsu81
msJOGsCXLu3KTn8BpRznPj9p1ids8LpmPrUIjT+1H2Cs+b9jcCIg8rqkPQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFMv4KIypw52c2R7BHjZ2UN9Rtbs+MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEveV9nb2pLbkRuWnpaSHNFZU5uWlEzMUcxdXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWMAwDBAAtlrUD
BAMtlrADBABUM+gDBAFcM+oDBABcM/8DBABn0sQDBABrlqYDBACTWncDBAGbArQD
BAC5oW8DBAHAjNwDBADLvKUDBADLvLUDBADV/qAwDQYJKoZIhvcNAQELBQADggEB
ABRO2qJ/KdMdBnUaOpZt5bBzNJMSmlb3tacLsBnTo5TCj9d31jzmYNy+Sp6mUUA8
4m6tOEagdayefajU1GaLqglLL1+kfDlbOoBq86fxdW45t/JJXaDqjUcUxIbQRaa3
yW5he9OaSypjL0J/Ses8Y3uYwkCHVnnraR93fzC0sNeBgPKsHHFxk2Rnu9gbT1OH
s90OZ0QtDNLTA6tcBBDTRpfxMP/0lLETvV1hZV91MbIIKxb5HBHpdZAam4zaatKm
skMDsmGzXzCe1v9F7OTEpoEv9LG1y04ICFmIyF1Be5hJqDwyhWJxv7so8sn8NwlE
UEaiZ+QzcXDdWhruGS8Wte0=
-----END CERTIFICATE-----
Generated at Wed May 13 11:18:53 2026 by rpki-client