Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/yAmYfSNWOzODKeGc_F5M3KVrZmQ.roa
File: yAmYfSNWOzODKeGc_F5M3KVrZmQ.roa (raw, json)
Hash identifier: NpQs0GFT+ff99QnnJq7YGDXMUTS5Irwxl9XQVU5oKe8=
Subject key identifier: C8:09:98:7D:23:56:3B:33:83:29:E1:9C:FC:5E:4C:DC:A5:6B:66:64
Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Certificate serial: 019D24CDC69929CAC59D7D95564258608CAB
Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/yAmYfSNWOzODKeGc_F5M3KVrZmQ.roa
Signing time: Wed 25 Mar 2026 11:42:38 +0000
ROA not before: Wed 25 Mar 2026 11:42:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 81.85.72.0/24 maxlen: 24
81.85.74.0/24 maxlen: 24
81.85.75.0/24 maxlen: 24
185.5.75.0/24 maxlen: 24
185.9.24.0/24 maxlen: 24
185.9.25.0/24 maxlen: 24
185.9.26.0/24 maxlen: 24
185.28.172.0/24 maxlen: 24
185.28.173.0/24 maxlen: 24
185.28.174.0/24 maxlen: 24
213.155.12.0/24 maxlen: 24
213.155.14.0/24 maxlen: 24
213.155.28.0/24 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.33.0/24 maxlen: 24
217.177.34.0/24 maxlen: 24
217.177.44.0/24 maxlen: 24
217.177.45.0/24 maxlen: 24
217.177.46.0/24 maxlen: 24
217.177.47.0/24 maxlen: 24
217.179.48.0/24 maxlen: 24
217.179.49.0/24 maxlen: 24
2a11:2cc0:2::/47 maxlen: 47
2a11:2cc0:4::/47 maxlen: 47
2a11:2cc0:6::/47 maxlen: 47
2a11:2cc0:8::/47 maxlen: 47
2a11:2cc0:10::/47 maxlen: 47
2a11:2cc0:20::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:cd:c6:99:29:ca:c5:9d:7d:95:56:42:58:60:8c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Validity
Not Before: Mar 25 11:42:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c809987d23563b338329e19cfc5e4cdca56b6664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:18:3b:bd:65:28:e0:0a:19:cb:52:3a:37:58:
ae:15:51:66:a1:87:fc:17:ba:8f:bb:3f:57:04:57:
a1:be:eb:a1:99:54:de:f1:da:b2:86:f7:1d:4a:fb:
cf:ed:38:f4:6c:36:82:ed:06:0b:cd:7b:7e:e4:98:
8e:26:8d:89:05:96:35:cd:e7:88:2d:02:80:99:07:
f3:ae:60:20:55:2e:98:6c:8c:41:70:87:a8:07:4f:
ab:95:4a:34:98:06:da:c5:38:b6:1e:30:c2:e5:36:
35:23:07:db:be:e5:69:b0:5e:1e:c3:ce:ff:a2:81:
21:30:b7:56:23:90:7b:4e:9c:51:db:2f:02:ae:44:
e9:84:39:73:d5:82:43:db:b1:28:17:93:b0:d0:64:
7b:f7:99:6c:f6:84:a6:8b:ad:24:20:dd:4a:49:c2:
b3:7b:88:6d:38:2f:af:7a:60:7e:bf:f3:a3:92:ed:
ae:fc:80:d8:dd:8b:fa:0b:5c:a5:0e:2e:4a:62:16:
5f:2b:2a:24:3c:c5:4a:a7:a9:c7:54:d6:d1:33:10:
86:46:38:51:1a:56:24:f2:91:18:75:91:6f:26:aa:
03:47:fb:16:9b:b3:78:15:dd:d0:01:b2:6f:38:47:
36:1c:21:3f:3a:97:24:df:4b:4e:6e:7b:01:85:d0:
00:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:09:98:7D:23:56:3B:33:83:29:E1:9C:FC:5E:4C:DC:A5:6B:66:64
X509v3 Authority Key Identifier:
keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/yAmYfSNWOzODKeGc_F5M3KVrZmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.72.0/24
81.85.74.0/23
185.5.75.0/24
185.9.24.0-185.9.26.255
185.28.172.0-185.28.174.255
213.155.12.0/24
213.155.14.0/24
213.155.28.0/24
217.177.32.0-217.177.34.255
217.177.44.0/22
217.179.48.0/23
IPv6:
2a11:2cc0:2::-2a11:2cc0:9:ffff:ffff:ffff:ffff:ffff
2a11:2cc0:10::/47
2a11:2cc0:20::/47
Signature Algorithm: sha256WithRSAEncryption
60:d3:a9:e5:47:91:4e:04:d5:60:b5:ea:fb:d0:fa:77:52:d9:
00:d0:ea:99:30:6b:d8:71:bc:74:a4:c9:10:9f:f6:d2:65:44:
cb:24:2a:63:d3:4b:34:b0:a9:c8:ea:43:c3:40:77:c6:12:15:
4c:45:40:ac:08:bb:2f:a5:2e:4c:92:c1:9a:38:c6:6f:1b:27:
32:a0:81:0d:a0:c1:51:31:12:e8:37:47:e8:84:10:b5:47:79:
94:58:59:7d:6b:9a:ed:56:15:32:ed:2f:c6:cd:07:3f:c9:87:
6d:c0:34:43:1f:17:6e:a4:b3:c7:70:2d:12:5c:9d:11:7a:32:
65:93:98:51:25:b0:23:95:59:f0:7a:b5:0e:57:96:c0:e3:17:
e1:a0:7c:cd:ea:67:af:51:bc:d2:fb:e7:f4:b5:78:4a:58:4d:
22:87:39:c7:0c:6a:14:c2:a6:2f:6a:92:a6:50:91:d1:6f:20:
d7:a2:e5:e0:6e:f2:da:fc:dc:f9:8b:1b:f2:d5:b1:85:5e:04:
ee:c1:f0:6a:f7:f5:05:85:2c:1a:61:03:a6:4f:11:f0:fb:17:
de:79:41:74:2d:2f:49:a9:14:3a:98:25:12:be:2a:2a:0c:58:
49:7c:b1:15:23:43:3d:f6:5d:95:fd:19:a8:7d:f0:e7:52:5d:
27:c8:e6:bd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZ0kzcaZKcrFnX2VVkJYYIyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm
NDI2MTEwHhcNMjYwMzI1MTE0MjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODA5OTg3ZDIzNTYzYjMzODMyOWUxOWNmYzVlNGNkY2E1NmI2NjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xg7vWUo4AoZy1I6N1iuFVFmoYf8
F7qPuz9XBFehvuuhmVTe8dqyhvcdSvvP7Tj0bDaC7QYLzXt+5JiOJo2JBZY1zeeI
LQKAmQfzrmAgVS6YbIxBcIeoB0+rlUo0mAbaxTi2HjDC5TY1IwfbvuVpsF4ew87/
ooEhMLdWI5B7TpxR2y8CrkTphDlz1YJD27EoF5Ow0GR795ls9oSmi60kIN1KScKz
e4htOC+vemB+v/Ojku2u/IDY3Yv6C1ylDi5KYhZfKyokPMVKp6nHVNbRMxCGRjhR
GlYk8pEYdZFvJqoDR/sWm7N4Fd3QAbJvOEc2HCE/Opck30tObnsBhdAAkQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFMgJmH0jVjszgynhnPxeTNyla2ZkMB8GA1UdIwQY
MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct
MjQyNDY2ODJiZjAwLzEveUFtWWZTTldPek9ES2VHY19GNU0zS1ZyWm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw
LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDBgBAIAATBaAwQAUVVI
AwQBUVVKAwQAuQVLMAwDBAO5CRgDBAC5CRowDAMEArkcrAMEALkcrgMEANWbDAME
ANWbDgMEANWbHDAMAwQF2bEgAwQA2bEiAwQC2bEsAwQB2bMwMCwEAgACMCYwEgMH
ASoRLMAAAgMHASoRLMAACAMHASoRLMAAEAMHASoRLMAAIDANBgkqhkiG9w0BAQsF
AAOCAQEAYNOp5UeRTgTVYLXq+9D6d1LZANDqmTBr2HG8dKTJEJ/20mVEyyQqY9NL
NLCpyOpDw0B3xhIVTEVArAi7L6UuTJLBmjjGbxsnMqCBDaDBUTES6DdH6IQQtUd5
lFhZfWua7VYVMu0vxs0HP8mHbcA0Qx8XbqSzx3AtElydEXoyZZOYUSWwI5VZ8Hq1
DleWwOMX4aB8zepnr1G80vvn9LV4SlhNIoc5xwxqFMKmL2qSplCR0W8g16Ll4G7y
2vzc+Ysb8tWxhV4E7sHwavf1BYUsGmEDpk8R8PsX3nlBdC0vSakUOpglEr4qKgxY
SXyxFSNDPfZdlf0ZqH3w51JdJ8jmvQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:49:50 2026 by rpki-client