Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/YkzUbwZL0Vg1nBcbqD1jADUHiJM.roa
File: YkzUbwZL0Vg1nBcbqD1jADUHiJM.roa (raw, json)
Hash identifier: 1a5Yh8zY/T5F8G0tWFJCu9eoA4PZQ4QYJBEtWX9jga0=
Subject key identifier: 62:4C:D4:6F:06:4B:D1:58:35:9C:17:1B:A8:3D:63:00:35:07:88:93
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 019CF6C5E2C14B2716E8CC55C07727DD8959
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/YkzUbwZL0Vg1nBcbqD1jADUHiJM.roa
Signing time: Mon 16 Mar 2026 13:11:29 +0000
ROA not before: Mon 16 Mar 2026 13:11:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6698
IP address blocks: 31.42.184.0/22 maxlen: 24
45.11.56.0/22 maxlen: 24
45.11.57.0/24 maxlen: 24
45.12.0.0/22 maxlen: 24
45.12.0.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.12.2.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
45.134.172.0/22 maxlen: 24
45.134.173.0/24 maxlen: 24
62.182.80.0/21 maxlen: 24
62.182.84.0/24 maxlen: 24
85.137.49.0/24 maxlen: 24
85.137.50.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
91.218.48.0/22 maxlen: 24
91.222.172.0/22 maxlen: 24
91.234.198.0/23 maxlen: 24
128.0.104.0/24 maxlen: 24
152.89.60.0/22 maxlen: 24
176.97.112.0/20 maxlen: 24
176.97.112.0/23 maxlen: 24
176.97.114.0/24 maxlen: 24
176.97.115.0/24 maxlen: 24
176.97.122.0/23 maxlen: 23
176.97.124.0/24 maxlen: 24
176.119.24.0/21 maxlen: 24
176.119.30.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
185.66.88.0/22 maxlen: 24
185.66.91.0/24 maxlen: 24
185.254.196.0/22 maxlen: 24
185.254.198.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
193.23.181.0/24 maxlen: 24
194.42.204.0/22 maxlen: 24
194.42.204.0/24 maxlen: 24
194.42.205.0/24 maxlen: 24
195.26.86.0/23 maxlen: 24
195.66.210.0/24 maxlen: 24
195.66.212.0/22 maxlen: 24
195.128.248.0/23 maxlen: 24
195.160.220.0/22 maxlen: 24
212.86.116.0/22 maxlen: 24
212.86.116.0/24 maxlen: 24
212.86.118.0/23 maxlen: 23
212.86.124.0/24 maxlen: 24
2a09:2dc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f6:c5:e2:c1:4b:27:16:e8:cc:55:c0:77:27:dd:89:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Mar 16 13:11:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=624cd46f064bd158359c171ba83d630035078893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0f:ed:57:a7:b8:c7:7d:a5:70:9f:c7:0c:07:
27:48:21:90:63:b2:4b:7a:a5:79:5f:87:aa:70:c1:
13:c5:96:39:c8:02:40:5c:c0:ec:3d:7f:0d:61:59:
77:cf:80:4b:dc:dc:d6:37:5a:13:3b:54:71:94:5b:
52:f9:97:fc:99:03:d5:24:d7:e4:90:ea:bd:c6:3e:
6b:db:e0:29:ab:bb:18:bc:c2:fd:cf:e2:92:98:f6:
86:e8:c2:bd:d7:a3:52:96:aa:f5:58:cc:90:5f:cb:
7a:11:be:9e:38:1e:c4:20:c2:3f:a3:24:50:a6:df:
f1:79:43:4c:00:cc:36:21:00:90:a0:f0:72:76:d1:
59:68:dc:d3:b6:39:c8:db:7c:8c:4f:04:9e:d7:cc:
f8:09:fa:72:19:ce:10:99:f2:e9:6e:29:7f:61:70:
ea:6d:be:e4:f4:5d:3f:07:0b:1e:3d:42:52:f5:ff:
dc:e1:54:ff:04:87:4b:8b:70:76:ff:f3:91:6c:f6:
d5:7d:6b:38:31:88:c2:c9:c7:77:bf:c3:60:1a:b7:
b5:8f:0d:f5:65:ba:58:4b:73:93:62:2b:6e:1f:1e:
ca:c7:48:67:6c:4a:dc:1e:49:6d:10:96:7d:1a:ca:
82:9b:38:8c:59:99:e4:7d:74:4e:62:71:1b:f0:d3:
f5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4C:D4:6F:06:4B:D1:58:35:9C:17:1B:A8:3D:63:00:35:07:88:93
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/YkzUbwZL0Vg1nBcbqD1jADUHiJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.184.0/22
45.11.56.0/22
45.12.0.0/22
45.134.172.0/22
62.182.80.0/21
85.137.49.0-85.137.50.255
91.208.115.0/24
91.218.48.0/22
91.222.172.0/22
91.234.198.0/23
128.0.104.0/24
152.89.60.0/22
176.97.112.0/20
176.119.24.0/21
185.66.88.0/22
185.254.196.0/22
193.23.181.0/24
194.42.204.0/22
195.26.86.0/23
195.66.210.0/24
195.66.212.0/22
195.128.248.0/23
195.160.220.0/22
212.86.116.0/22
212.86.124.0/24
IPv6:
2a09:2dc2::/32
Signature Algorithm: sha256WithRSAEncryption
25:8b:49:50:48:1f:f8:00:4b:40:1a:e8:56:b3:fd:8c:76:a6:
3f:b8:da:13:a8:7e:f7:24:fb:5d:0f:f1:fe:8c:78:15:b7:82:
7f:97:9f:f8:78:99:86:2f:4e:3c:47:4f:34:de:0f:73:83:da:
61:30:81:ac:b6:c8:18:86:a0:a5:38:91:c6:fd:b3:01:31:6b:
c2:ce:8a:35:e1:92:a6:c6:88:92:20:89:a8:7b:2f:fc:3c:d8:
f7:66:a7:25:66:86:69:d4:1f:3c:3b:ed:9e:fc:c8:d6:30:44:
51:22:1e:11:23:eb:0e:de:c5:23:88:e0:c8:4f:41:87:95:6d:
9f:47:d5:41:a4:9f:b4:25:69:7a:a3:bd:0e:58:81:21:6a:18:
61:6c:a0:b5:95:82:e3:bb:2e:10:f2:de:17:fd:09:a9:c9:a9:
9a:ff:f3:7e:3a:41:a1:52:db:04:d9:04:da:2f:02:5f:e0:8e:
ee:73:fa:4e:69:d2:c9:9e:32:28:2e:a3:33:b4:b8:a5:8a:58:
13:d4:b9:07:ea:f2:f6:8a:50:c7:37:05:ec:4f:89:9f:7c:1a:
3a:de:e2:17:1d:ce:ad:db:d4:cc:0e:ec:d7:56:97:fc:35:df:
94:7a:31:8d:55:7b:30:58:4c:96:0d:d0:a9:20:db:52:f9:94:
85:3d:2c:00
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZz2xeLBSycW6MxVwHcn3YlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjYwMzE2MTMxMTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRjZDQ2ZjA2NGJkMTU4MzU5YzE3MWJhODNkNjMwMDM1MDc4ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyA/tV6e4x32lcJ/HDAcnSCGQY7JL
eqV5X4eqcMETxZY5yAJAXMDsPX8NYVl3z4BL3NzWN1oTO1RxlFtS+Zf8mQPVJNfk
kOq9xj5r2+Apq7sYvML9z+KSmPaG6MK916NSlqr1WMyQX8t6Eb6eOB7EIMI/oyRQ
pt/xeUNMAMw2IQCQoPBydtFZaNzTtjnI23yMTwSe18z4CfpyGc4QmfLpbil/YXDq
bb7k9F0/BwsePUJS9f/c4VT/BIdLi3B2//ORbPbVfWs4MYjCycd3v8NgGre1jw31
ZbpYS3OTYituHx7Kx0hnbErcHkltEJZ9GsqCmziMWZnkfXROYnEb8NP1KQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFGJM1G8GS9FYNZwXG6g9YwA1B4iTMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvWWt6VWJ3WkwwVmcxbkJjYnFEMWpBRFVIaUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzCBpQQCAAEwgZ4DBAIf
KrgDBAItCzgDBAItDAADBAIthqwDBAM+tlAwDAMEAFWJMQMEAFWJMgMEAFvQcwME
AlvaMAMEAlverAMEAVvqxgMEAIAAaAMEAphZPAMEBLBhcAMEA7B3GAMEArlCWAME
Arn+xAMEAMEXtQMEAsIqzAMEAcMaVgMEAMNC0gMEAsNC1AMEAcOA+AMEAsOg3AME
AtRWdAMEANRWfDANBAIAAjAHAwUAKgktwjANBgkqhkiG9w0BAQsFAAOCAQEAJYtJ
UEgf+ABLQBroVrP9jHamP7jaE6h+9yT7XQ/x/ox4FbeCf5ef+HiZhi9OPEdPNN4P
c4PaYTCBrLbIGIagpTiRxv2zATFrws6KNeGSpsaIkiCJqHsv/DzY92anJWaGadQf
PDvtnvzI1jBEUSIeESPrDt7FI4jgyE9Bh5Vtn0fVQaSftCVpeqO9DliBIWoYYWyg
tZWC47suEPLeF/0Jqcmpmv/zfjpBoVLbBNkE2i8CX+CO7nP6TmnSyZ4yKC6jM7S4
pYpYE9S5B+ry9opQxzcF7E+Jn3waOt7iFx3OrdvUzA7s11aX/DXflHoxjVV7MFhM
lg3QqSDbUvmUhT0sAA==
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:26:47 2026 by rpki-client