Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/yxfGyEYWVoZFDcTt4Jv2iRkRwlI.roa
File: yxfGyEYWVoZFDcTt4Jv2iRkRwlI.roa (raw, json)
Hash identifier: JFc83iGMLXO8EMSMsHPQAAn1PO8Q9NwkH4mV2gRieGw=
Subject key identifier: CB:17:C6:C8:46:16:56:86:45:0D:C4:ED:E0:9B:F6:89:19:11:C2:52
Certificate issuer: /CN=a0acca9c4fe9bf9edf3bc6e5cabc52838d93cb13
Certificate serial: 019D059081B72F758C12F8C2AC232C7FD447
Authority key identifier: A0:AC:CA:9C:4F:E9:BF:9E:DF:3B:C6:E5:CA:BC:52:83:8D:93:CB:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKzKnE_pv57fO8blyrxSg42TyxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/yxfGyEYWVoZFDcTt4Jv2iRkRwlI.roa
Signing time: Thu 19 Mar 2026 10:07:29 +0000
ROA not before: Thu 19 Mar 2026 10:07:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397477
IP address blocks: 185.174.144.0/24 maxlen: 24
185.174.146.0/24 maxlen: 24
185.174.147.0/24 maxlen: 24
194.247.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/oKzKnE_pv57fO8blyrxSg42TyxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/oKzKnE_pv57fO8blyrxSg42TyxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKzKnE_pv57fO8blyrxSg42TyxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:90:81:b7:2f:75:8c:12:f8:c2:ac:23:2c:7f:d4:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0acca9c4fe9bf9edf3bc6e5cabc52838d93cb13
Validity
Not Before: Mar 19 10:07:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cb17c6c846165686450dc4ede09bf6891911c252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0e:71:6e:c8:8a:be:c2:c6:98:96:4d:73:82:
7d:be:a8:4a:6b:18:a6:03:39:e2:0f:8b:1d:12:1f:
06:f8:c2:fb:cf:e2:f0:2a:fc:70:71:24:88:ca:22:
01:3d:82:08:ab:45:f6:6d:ca:79:31:20:dd:1b:7e:
08:2f:05:2d:32:0d:f0:fc:2d:13:c8:dc:fe:68:f3:
c8:fe:7a:00:af:98:cd:78:0d:9b:0d:ba:e4:cd:88:
2b:93:bd:25:05:91:1f:a7:59:9c:35:78:24:50:02:
72:b7:48:fd:dc:95:ae:50:dc:8d:42:b3:f4:b8:6d:
d9:56:e5:9d:90:5b:cd:34:22:93:31:fc:86:33:2d:
d4:a2:c3:08:9c:1b:b6:43:82:5f:eb:9a:11:59:ee:
7e:f9:cf:d9:38:d7:7e:69:d2:bb:2b:fb:73:d6:da:
b1:30:ca:c5:9a:fa:20:34:a3:72:9c:fa:2f:e0:a2:
1d:d8:f8:7e:84:e7:34:7e:b7:90:b0:5d:eb:f3:d9:
55:2a:05:8e:f0:65:33:1e:21:1d:bf:ed:5e:61:10:
d4:de:ce:29:d7:52:cc:c5:19:ae:33:85:fa:c9:46:
d8:6e:42:5c:b5:49:1e:e1:78:54:95:ab:d9:e4:77:
d7:3e:23:ae:7e:ea:ca:2c:bb:33:ab:2c:05:4c:1c:
dd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:17:C6:C8:46:16:56:86:45:0D:C4:ED:E0:9B:F6:89:19:11:C2:52
X509v3 Authority Key Identifier:
keyid:A0:AC:CA:9C:4F:E9:BF:9E:DF:3B:C6:E5:CA:BC:52:83:8D:93:CB:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKzKnE_pv57fO8blyrxSg42TyxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/yxfGyEYWVoZFDcTt4Jv2iRkRwlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/oKzKnE_pv57fO8blyrxSg42TyxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.144.0/24
185.174.146.0/23
194.247.178.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:98:f3:cf:24:7a:b5:53:2d:bd:82:bc:1d:0e:24:d5:9f:5b:
8e:1e:2f:d6:0d:56:06:e7:21:c9:08:5e:cf:10:44:2c:5b:02:
de:4d:32:ac:c2:2a:47:24:3a:8d:72:90:f4:fe:83:9d:dc:9a:
21:ae:46:28:31:f3:32:22:62:86:af:2a:02:23:a5:e3:23:ac:
0a:91:88:71:15:e6:a9:ce:f5:d8:a6:8b:91:fd:c2:83:ab:da:
b2:c2:8b:40:8e:b5:e6:66:39:1e:17:a9:54:94:bb:1a:18:68:
58:28:b6:66:9d:7b:a1:c2:64:92:c9:02:fe:b2:41:b6:f9:90:
60:08:68:77:67:08:ee:5b:29:34:8d:ed:d7:7a:1a:06:c9:67:
e2:bb:5a:32:1b:fd:f5:7a:de:17:f8:9b:d7:71:e9:41:d8:6e:
3d:0e:d8:04:84:ce:28:e4:c0:fc:68:77:a4:ad:29:79:e4:88:
bf:6c:2d:76:dd:4b:f4:86:e3:33:dd:83:64:5d:b4:95:ec:19:
56:4a:ca:14:7c:a6:f3:b1:26:60:45:a4:78:6e:4a:89:11:9d:
24:da:d5:ef:b2:30:43:21:63:e7:6a:18:d4:ea:2c:dd:44:b8:
8b:9d:cf:42:ff:a1:c4:f7:de:bb:df:6a:68:00:b9:5d:a4:68:
2b:94:05:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ0FkIG3L3WMEvjCrCMsf9RHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWNjYTljNGZlOWJmOWVkZjNiYzZlNWNhYmM1MjgzOGQ5
M2NiMTMwHhcNMjYwMzE5MTAwNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjE3YzZjODQ2MTY1Njg2NDUwZGM0ZWRlMDliZjY4OTE5MTFjMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA5xbsiKvsLGmJZNc4J9vqhKaxim
AzniD4sdEh8G+ML7z+LwKvxwcSSIyiIBPYIIq0X2bcp5MSDdG34ILwUtMg3w/C0T
yNz+aPPI/noAr5jNeA2bDbrkzYgrk70lBZEfp1mcNXgkUAJyt0j93JWuUNyNQrP0
uG3ZVuWdkFvNNCKTMfyGMy3UosMInBu2Q4Jf65oRWe5++c/ZONd+adK7K/tz1tqx
MMrFmvogNKNynPov4KId2Ph+hOc0freQsF3r89lVKgWO8GUzHiEdv+1eYRDU3s4p
11LMxRmuM4X6yUbYbkJctUke4XhUlavZ5HfXPiOufurKLLszqywFTBzdpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMsXxshGFlaGRQ3E7eCb9okZEcJSMB8GA1UdIwQY
MBaAFKCsypxP6b+e3zvG5cq8UoONk8sTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0t6S25FX3B2NTdmTzhibHlyeFNnNDJUeXhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83YjYxMTAtOGM0Yi00YWY2LWE3Y2Et
MmVkZmUyNWJiNThhLzEveXhmR3lFWVdWb1pGRGNUdDRKdjJpUmtSd2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83YjYxMTAtOGM0Yi00YWY2LWE3Y2EtMmVkZmUyNWJiNThh
LzEvb0t6S25FX3B2NTdmTzhibHlyeFNnNDJUeXhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAua6QAwQB
ua6SAwQAwveyMA0GCSqGSIb3DQEBCwUAA4IBAQA/mPPPJHq1Uy29grwdDiTVn1uO
Hi/WDVYG5yHJCF7PEEQsWwLeTTKswipHJDqNcpD0/oOd3JohrkYoMfMyImKGryoC
I6XjI6wKkYhxFeapzvXYpouR/cKDq9qywotAjrXmZjkeF6lUlLsaGGhYKLZmnXuh
wmSSyQL+skG2+ZBgCGh3ZwjuWyk0je3XehoGyWfiu1oyG/31et4X+JvXcelB2G49
DtgEhM4o5MD8aHekrSl55Ii/bC123Uv0huMz3YNkXbSV7BlWSsoUfKbzsSZgRaR4
bkqJEZ0k2tXvsjBDIWPnahjU6izdRLiLnc9C/6HE996732poALldpGgrlAWc
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:46:59 2026 by rpki-client