Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/ye6mvuXzy7csS4P5Wv96CCJApj0.roa
File: ye6mvuXzy7csS4P5Wv96CCJApj0.roa (raw, json)
Hash identifier: NSM/S0z1U/vSEnlZqLyEDEH4nftKUXxOnQpUwun2eU8=
Subject key identifier: C9:EE:A6:BE:E5:F3:CB:B7:2C:4B:83:F9:5A:FF:7A:08:22:40:A6:3D
Certificate issuer: /CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Certificate serial: 019E01A2BD0357118FCFA66918CFF98F820E
Authority key identifier: CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/ye6mvuXzy7csS4P5Wv96CCJApj0.roa
Signing time: Thu 07 May 2026 08:51:42 +0000
ROA not before: Thu 07 May 2026 08:51:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208172
IP address blocks: 72.251.208.0/24 maxlen: 24
72.251.209.0/24 maxlen: 24
72.251.210.0/24 maxlen: 24
72.251.211.0/24 maxlen: 24
72.251.212.0/24 maxlen: 24
72.251.213.0/24 maxlen: 24
72.251.214.0/24 maxlen: 24
72.251.215.0/24 maxlen: 24
72.251.216.0/24 maxlen: 24
72.251.217.0/24 maxlen: 24
72.251.218.0/24 maxlen: 24
72.251.219.0/24 maxlen: 24
72.251.220.0/24 maxlen: 24
72.251.221.0/24 maxlen: 24
72.251.222.0/24 maxlen: 24
81.27.86.0/24 maxlen: 24
134.82.68.0/24 maxlen: 24
134.82.69.0/24 maxlen: 24
134.82.70.0/24 maxlen: 24
134.82.71.0/24 maxlen: 24
159.26.96.0/24 maxlen: 24
159.26.97.0/24 maxlen: 24
159.26.98.0/24 maxlen: 24
159.26.99.0/24 maxlen: 24
159.26.100.0/24 maxlen: 24
159.26.101.0/24 maxlen: 24
159.26.102.0/24 maxlen: 24
159.26.103.0/24 maxlen: 24
159.26.104.0/24 maxlen: 24
159.26.105.0/24 maxlen: 24
159.26.106.0/24 maxlen: 24
159.26.107.0/24 maxlen: 24
159.26.108.0/24 maxlen: 24
159.26.109.0/24 maxlen: 24
159.26.110.0/24 maxlen: 24
159.26.111.0/24 maxlen: 24
159.26.112.0/24 maxlen: 24
159.26.113.0/24 maxlen: 24
159.26.114.0/24 maxlen: 24
159.26.115.0/24 maxlen: 24
159.26.116.0/24 maxlen: 24
159.26.117.0/24 maxlen: 24
159.26.118.0/24 maxlen: 24
159.26.119.0/24 maxlen: 24
159.26.120.0/24 maxlen: 24
159.26.121.0/24 maxlen: 24
159.26.122.0/24 maxlen: 24
159.26.123.0/24 maxlen: 24
159.26.124.0/24 maxlen: 24
159.26.125.0/24 maxlen: 24
159.26.126.0/24 maxlen: 24
159.26.127.0/24 maxlen: 24
205.147.16.0/24 maxlen: 24
205.147.17.0/24 maxlen: 24
205.147.18.0/24 maxlen: 24
205.147.19.0/24 maxlen: 24
205.147.20.0/24 maxlen: 24
205.147.21.0/24 maxlen: 24
205.147.22.0/24 maxlen: 24
205.147.23.0/24 maxlen: 24
205.147.27.0/24 maxlen: 24
205.147.28.0/24 maxlen: 24
205.147.29.0/24 maxlen: 24
205.147.30.0/24 maxlen: 24
205.147.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.mft
rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:a2:bd:03:57:11:8f:cf:a6:69:18:cf:f9:8f:82:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Validity
Not Before: May 7 08:51:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c9eea6bee5f3cbb72c4b83f95aff7a082240a63d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:19:e2:d1:fd:80:93:6b:05:7d:16:dd:0f:4a:
bd:c1:45:e2:c4:d9:28:fe:dc:cc:dd:c4:23:fa:b3:
01:d2:4e:59:51:35:1a:e6:56:1f:21:98:18:45:e6:
5a:e7:c6:0d:c2:54:cb:39:a9:b2:22:d7:39:b8:ff:
fb:7a:cf:78:35:38:1a:c4:da:ea:89:d2:b6:1d:ba:
23:b7:17:89:0c:55:19:58:15:6e:19:bf:1d:6b:1a:
89:e2:68:20:20:f8:e7:77:28:03:11:d4:60:64:ed:
80:88:45:22:4c:6b:73:b0:9e:89:d1:36:a1:14:f4:
0d:5e:3a:e9:64:3a:26:c3:11:55:18:a1:f7:07:f2:
99:7d:29:e7:d6:c0:2f:ae:14:dc:51:7f:f2:3c:ac:
17:85:ca:c3:31:d6:9b:93:33:c1:c2:50:8d:9b:47:
8a:5c:70:1b:63:fd:db:e2:1b:3a:26:c6:e3:d8:d6:
39:a2:15:bd:a5:77:1e:48:24:aa:3b:2f:e8:f9:bf:
7b:55:46:a0:1c:db:02:f7:80:aa:85:3f:c5:18:ff:
06:c6:a1:a0:d7:08:d8:ec:55:06:6e:52:a4:92:5e:
73:cb:d8:66:4e:0d:ed:37:92:09:50:ac:df:ee:44:
77:a4:8b:26:e8:29:01:7e:b2:6a:7d:d7:e2:0f:dd:
99:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:EE:A6:BE:E5:F3:CB:B7:2C:4B:83:F9:5A:FF:7A:08:22:40:A6:3D
X509v3 Authority Key Identifier:
keyid:CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/ye6mvuXzy7csS4P5Wv96CCJApj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.251.208.0-72.251.222.255
81.27.86.0/24
134.82.68.0/22
159.26.96.0/19
205.147.16.0/21
205.147.27.0-205.147.31.255
Signature Algorithm: sha256WithRSAEncryption
6d:f0:24:18:1f:3b:9c:bb:f6:88:b9:03:da:88:fd:30:8c:8f:
09:0e:72:d6:5a:29:97:35:24:7d:4d:df:8a:00:2a:fd:73:2d:
a8:df:3a:f1:35:04:c7:2d:b7:58:8c:ac:aa:12:91:cf:80:da:
74:83:94:09:db:b1:c0:12:db:4e:ab:3b:4e:82:8a:0f:46:d0:
86:66:f4:69:d0:e2:f9:db:8e:b1:bd:fc:37:40:b6:fa:14:c9:
b1:ab:88:c6:63:2b:42:05:e0:97:da:f8:96:88:fb:42:fb:4d:
b0:87:4d:71:fd:ca:a7:e6:30:cb:df:d4:2c:87:0f:00:3c:96:
09:54:74:2a:1b:fc:34:e8:82:e9:91:fd:52:3e:70:7f:6e:97:
18:53:16:26:3c:0a:8c:7c:8f:47:3d:d8:d4:d7:04:00:47:d1:
88:e5:1f:24:9c:e9:c0:55:ae:1b:10:ff:a7:77:77:93:b3:54:
6c:39:fe:36:99:32:be:71:2f:e8:95:07:54:a8:ab:f5:d1:92:
5d:7f:0d:1b:4c:7c:29:ff:66:8a:b0:3d:f5:4e:69:f8:74:97:
64:20:c1:9e:bc:06:31:b1:6b:a1:22:15:76:00:37:d6:2a:ae:
ed:fd:d5:97:70:cb:3b:84:fc:c8:81:c1:24:94:4d:9e:65:b5:
94:4e:ed:cc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ4Bor0DVxGPz6ZpGM/5j4IOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNTc2ZDg3NmUxN2U2N2FhM2IxZjFjMTBkYWIzOWRiMjkz
NWUyMmIwHhcNMjYwNTA3MDg1MTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWVlYTZiZWU1ZjNjYmI3MmM0YjgzZjk1YWZmN2EwODIyNDBhNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxni0f2Ak2sFfRbdD0q9wUXixNko
/tzM3cQj+rMB0k5ZUTUa5lYfIZgYReZa58YNwlTLOamyItc5uP/7es94NTgaxNrq
idK2HbojtxeJDFUZWBVuGb8daxqJ4mggIPjndygDEdRgZO2AiEUiTGtzsJ6J0Tah
FPQNXjrpZDomwxFVGKH3B/KZfSnn1sAvrhTcUX/yPKwXhcrDMdabkzPBwlCNm0eK
XHAbY/3b4hs6Jsbj2NY5ohW9pXceSCSqOy/o+b97VUagHNsC94CqhT/FGP8GxqGg
1wjY7FUGblKkkl5zy9hmTg3tN5IJUKzf7kR3pIsm6CkBfrJqfdfiD92ZFQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFMnupr7l88u3LEuD+Vr/eggiQKY9MB8GA1UdIwQY
MBaAFM1XbYduF+Z6o7HxwQ2rOdspNeIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMt
MWE4MGEyZjdkN2VhLzEveWU2bXZ1WHp5N2NzUzRQNVd2OTZDQ0pBcGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMtMWE4MGEyZjdkN2Vh
LzEvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBARI+9AD
BABI+94DBABRG1YDBAKGUkQDBAWfGmADBAPNkxAwDAMEAM2TGwMEBc2TADANBgkq
hkiG9w0BAQsFAAOCAQEAbfAkGB87nLv2iLkD2oj9MIyPCQ5y1loplzUkfU3figAq
/XMtqN868TUExy23WIysqhKRz4DadIOUCduxwBLbTqs7ToKKD0bQhmb0adDi+duO
sb38N0C2+hTJsauIxmMrQgXgl9r4loj7QvtNsIdNcf3Kp+Ywy9/ULIcPADyWCVR0
Khv8NOiC6ZH9Uj5wf26XGFMWJjwKjHyPRz3Y1NcEAEfRiOUfJJzpwFWuGxD/p3d3
k7NUbDn+NpkyvnEv6JUHVKir9dGSXX8NG0x8Kf9mirA99U5p+HSXZCDBnrwGMbFr
oSIVdgA31iqu7f3Vl3DLO4T8yIHBJJRNnmW1lE7tzA==
-----END CERTIFICATE-----
Generated at Wed May 13 01:38:38 2026 by rpki-client