Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/YA1_pyzWWa8Gv9e0KPW2GWe7D-s.roa
File: YA1_pyzWWa8Gv9e0KPW2GWe7D-s.roa (raw, json)
Hash identifier: MOflryBkJh9ZGpRQOmNS6YkzzadFaTklMMTepDD7u6c=
Subject key identifier: 60:0D:7F:A7:2C:D6:59:AF:06:BF:D7:B4:28:F5:B6:19:67:BB:0F:EB
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019CE08189DFFBAF2FF407F082116C8757E8
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/YA1_pyzWWa8Gv9e0KPW2GWe7D-s.roa
Signing time: Thu 12 Mar 2026 05:25:11 +0000
ROA not before: Thu 12 Mar 2026 05:25:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 26042
IP address blocks: 2a12:bec4:1980::/44 maxlen: 44
2a12:bec4:1d50::/44 maxlen: 44
2a12:bec4:1ec0::/44 maxlen: 44
2a12:bec4:1f20::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e0:81:89:df:fb:af:2f:f4:07:f0:82:11:6c:87:57:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Mar 12 05:25:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=600d7fa72cd659af06bfd7b428f5b61967bb0feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3a:70:27:4d:8e:37:ee:64:5c:c0:d7:c7:61:
a8:f2:78:98:87:6a:4f:ae:d4:6a:ac:7a:9b:ec:e9:
78:19:27:d7:3b:9b:26:a3:3e:c9:ab:cf:a5:99:c5:
a0:2f:63:f8:9f:5b:db:94:c9:cb:0a:a9:8b:ac:72:
b6:54:72:8e:a7:59:55:f1:4a:88:55:0c:0c:4b:06:
f6:28:ad:93:cb:0c:e8:49:1b:95:e0:44:70:6a:46:
91:87:cf:c8:19:dc:7b:3c:f3:43:f5:ee:ea:55:f6:
bc:35:f9:51:50:6d:e4:c4:0c:a0:32:c3:03:67:2f:
05:05:9f:a9:8a:ee:42:fa:d0:0b:b9:be:4b:53:cc:
fa:3e:93:7b:0e:42:10:7f:02:ab:aa:1b:56:f7:97:
73:cc:02:4c:95:29:bb:09:2e:b3:51:0e:96:be:ad:
95:42:34:a4:c1:43:64:e0:35:93:b9:05:4c:52:95:
5e:fc:29:8e:32:f4:29:58:91:75:0f:90:40:6d:61:
ec:47:6b:d0:c4:46:ab:bf:37:9a:ab:af:82:7a:3a:
0f:0e:f7:61:68:2a:61:57:25:32:13:ca:5c:9d:e4:
ba:d8:d2:74:a8:27:3f:c3:4a:b0:ba:6c:d7:30:ea:
b9:d7:2b:40:04:1d:31:5c:e5:f4:1b:94:de:96:f9:
15:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0D:7F:A7:2C:D6:59:AF:06:BF:D7:B4:28:F5:B6:19:67:BB:0F:EB
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/YA1_pyzWWa8Gv9e0KPW2GWe7D-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1980::/44
2a12:bec4:1d50::/44
2a12:bec4:1ec0::/44
2a12:bec4:1f20::/44
Signature Algorithm: sha256WithRSAEncryption
9f:dd:c4:36:0f:6c:68:82:55:46:aa:f7:50:97:99:d7:11:31:
c2:90:98:01:99:11:6d:2c:34:47:6d:9d:91:65:fc:47:f7:f0:
85:d5:27:39:d2:0b:dc:39:ac:09:1f:01:20:f9:6a:ab:94:ad:
da:d1:15:93:1e:19:2c:08:a0:97:43:a0:5b:7f:bf:bf:42:4f:
26:07:29:10:3f:1b:84:a6:1c:93:6e:11:90:76:08:37:a4:ee:
89:58:64:09:6d:c8:e7:f1:6d:1a:dd:73:77:46:8a:dc:94:85:
f6:96:6d:6d:cc:60:64:6a:77:1d:fc:93:7f:bd:9a:f8:59:7a:
e6:6e:a5:ab:ed:f2:a7:d8:e8:17:53:ac:98:15:25:08:38:27:
10:c0:65:5a:db:12:c5:14:8c:73:26:9f:07:97:af:61:25:db:
7e:ec:fb:64:4b:f5:72:bf:d8:08:f6:43:47:2b:dc:13:25:91:
f0:73:66:95:a9:9e:42:92:80:4f:f0:a6:7d:ce:25:ce:1a:05:
e6:2c:3e:14:d0:b5:57:b9:2c:82:db:2d:b7:d9:63:ba:90:fc:
f3:a9:64:4e:54:ae:c8:7e:1e:15:98:0e:9e:6a:3d:7d:31:b5:
f7:a8:50:d7:da:23:41:2c:1b:07:70:bf:49:f2:ea:29:22:ad:
93:49:cb:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZzggYnf+68v9AfwghFsh1foMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjYwMzEyMDUyNTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBkN2ZhNzJjZDY1OWFmMDZiZmQ3YjQyOGY1YjYxOTY3YmIwZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTpwJ02ON+5kXMDXx2Go8niYh2pP
rtRqrHqb7Ol4GSfXO5smoz7Jq8+lmcWgL2P4n1vblMnLCqmLrHK2VHKOp1lV8UqI
VQwMSwb2KK2TywzoSRuV4ERwakaRh8/IGdx7PPND9e7qVfa8NflRUG3kxAygMsMD
Zy8FBZ+piu5C+tALub5LU8z6PpN7DkIQfwKrqhtW95dzzAJMlSm7CS6zUQ6Wvq2V
QjSkwUNk4DWTuQVMUpVe/CmOMvQpWJF1D5BAbWHsR2vQxEarvzeaq6+CejoPDvdh
aCphVyUyE8pcneS62NJ0qCc/w0qwumzXMOq51ytABB0xXOX0G5TelvkVvQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGANf6cs1lmvBr/XtCj1thlnuw/rMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvWUExX3B5eldXYThHdjllMEtQVzJHV2U3RC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKhK+xBmA
AwcEKhK+xB1QAwcEKhK+xB7AAwcEKhK+xB8gMA0GCSqGSIb3DQEBCwUAA4IBAQCf
3cQ2D2xoglVGqvdQl5nXETHCkJgBmRFtLDRHbZ2RZfxH9/CF1Sc50gvcOawJHwEg
+WqrlK3a0RWTHhksCKCXQ6Bbf7+/Qk8mBykQPxuEphyTbhGQdgg3pO6JWGQJbcjn
8W0a3XN3RorclIX2lm1tzGBkancd/JN/vZr4WXrmbqWr7fKn2OgXU6yYFSUIOCcQ
wGVa2xLFFIxzJp8Hl69hJdt+7PtkS/Vyv9gI9kNHK9wTJZHwc2aVqZ5CkoBP8KZ9
ziXOGgXmLD4U0LVXuSyC2y232WO6kPzzqWROVK7Ifh4VmA6eaj19MbX3qFDX2iNB
LBsHcL9J8uopIq2TScsc
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:03:16 2026 by rpki-client