Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/fYv_uI425O_TkQY8_zwBOC4lbPE.roa
File: fYv_uI425O_TkQY8_zwBOC4lbPE.roa (raw, json)
Hash identifier: EBCYkQ8iKX92k+snSDXolS8HUxPllJnfcozp+PEItK8=
Subject key identifier: 7D:8B:FF:B8:8E:36:E4:EF:D3:91:06:3C:FF:3C:01:38:2E:25:6C:F1
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019D1BE2740386185E98B9B8FC6C43A2BD09
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/fYv_uI425O_TkQY8_zwBOC4lbPE.roa
Signing time: Mon 23 Mar 2026 18:08:38 +0000
ROA not before: Mon 23 Mar 2026 18:08:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204339
IP address blocks: 45.134.12.0/24 maxlen: 24
45.134.13.0/24 maxlen: 24
95.81.93.0/24 maxlen: 24
95.81.119.0/24 maxlen: 24
95.81.120.0/24 maxlen: 24
103.85.112.0/24 maxlen: 24
103.85.113.0/24 maxlen: 24
104.128.131.0/24 maxlen: 24
104.128.142.0/24 maxlen: 24
104.128.143.0/24 maxlen: 24
135.136.181.0/24 maxlen: 24
135.136.182.0/24 maxlen: 24
135.136.183.0/24 maxlen: 24
135.136.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:e2:74:03:86:18:5e:98:b9:b8:fc:6c:43:a2:bd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Mar 23 18:08:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7d8bffb88e36e4efd391063cff3c01382e256cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:db:b8:f9:cc:90:ae:c8:b0:35:f3:ba:83:de:
5e:9c:96:01:19:32:85:65:0f:d6:f2:c8:04:2d:20:
38:23:7a:1e:40:b9:89:3c:fe:18:7c:07:5d:f8:ba:
f0:c9:8f:f2:54:0a:99:bf:5b:43:4d:5c:24:10:55:
34:06:7d:69:86:05:6d:39:e8:bf:fa:19:44:8a:8f:
ae:e1:2c:25:bc:bb:9b:42:8c:07:d8:ce:84:2c:65:
c6:fd:c6:94:8b:49:bf:2d:87:77:3f:e8:ee:89:0b:
42:c6:32:62:0d:60:eb:1c:23:cb:e8:b8:f8:82:d3:
3d:9a:6c:a3:88:c7:b4:fb:d2:1d:2a:15:50:66:36:
be:e4:d9:40:1d:8a:70:78:91:98:3a:ff:53:49:7b:
ff:db:21:66:8d:0b:47:6c:a5:d0:d2:4d:95:f9:f3:
8d:67:0a:b6:6b:46:d6:2a:84:71:d4:58:ea:d0:bb:
cc:01:b6:7e:73:f0:04:30:a2:b2:be:36:d2:64:e0:
a7:b4:ad:5b:c6:55:1d:e0:5e:09:d8:fa:8c:a1:e2:
c9:45:9a:0f:cb:03:d5:b9:b3:8c:7c:76:47:9a:eb:
58:a0:28:e8:a2:19:ae:8a:e9:4b:ee:70:02:42:57:
3c:9b:14:42:f7:53:c2:99:cb:ec:22:38:5e:94:0f:
f4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8B:FF:B8:8E:36:E4:EF:D3:91:06:3C:FF:3C:01:38:2E:25:6C:F1
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/fYv_uI425O_TkQY8_zwBOC4lbPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.12.0/23
95.81.93.0/24
95.81.119.0-95.81.120.255
103.85.112.0/23
104.128.131.0/24
104.128.142.0/23
135.136.181.0-135.136.183.255
135.136.189.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ae:f4:ce:ad:8c:13:1a:64:03:e0:f7:a0:b6:e7:4f:05:d9:
a6:dc:1e:91:03:9e:74:ad:ac:53:3e:76:b7:0c:99:55:ff:e7:
2d:4b:60:52:bb:9f:0a:96:b0:cb:80:a4:fd:50:23:9f:99:3a:
b7:53:a7:7c:0b:d0:79:49:56:5e:ab:ef:c0:2b:e5:a0:05:dd:
d0:28:b3:1a:13:aa:99:44:69:83:b1:5e:cb:d4:67:9b:a7:c6:
f9:c4:d8:9c:ff:86:a3:e2:ea:f2:9b:81:a2:8e:87:19:20:ec:
a2:61:4d:c9:8f:e0:72:7f:f9:47:78:eb:0d:60:6a:7e:8b:fd:
38:ab:f3:59:d0:8f:1e:67:52:ad:ad:28:fa:43:03:a8:93:f8:
36:cd:3c:7c:bb:a6:3f:fe:9e:4b:58:33:74:c4:88:26:e3:0c:
7f:43:86:34:be:f2:af:46:0f:d0:2d:3e:50:ad:71:6e:86:ac:
c5:7f:7a:f6:f7:65:4a:0d:6d:72:e8:cd:13:b1:1a:ea:2e:0c:
e5:13:8b:c1:ba:25:b4:d7:f9:65:d4:f5:c0:5e:7c:8d:32:48:
9f:8b:b8:2e:b9:0d:34:31:9c:86:db:0c:12:99:a5:43:55:ec:
42:71:82:af:b8:37:de:bc:00:f5:b2:d3:0d:4f:54:bb:f6:e8:
d7:f9:d6:4c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZ0b4nQDhhhemLm4/GxDor0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjYwMzIzMTgwODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDhiZmZiODhlMzZlNGVmZDM5MTA2M2NmZjNjMDEzODJlMjU2Y2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9u4+cyQrsiwNfO6g95enJYBGTKF
ZQ/W8sgELSA4I3oeQLmJPP4YfAdd+LrwyY/yVAqZv1tDTVwkEFU0Bn1phgVtOei/
+hlEio+u4SwlvLubQowH2M6ELGXG/caUi0m/LYd3P+juiQtCxjJiDWDrHCPL6Lj4
gtM9mmyjiMe0+9IdKhVQZja+5NlAHYpweJGYOv9TSXv/2yFmjQtHbKXQ0k2V+fON
Zwq2a0bWKoRx1Fjq0LvMAbZ+c/AEMKKyvjbSZOCntK1bxlUd4F4J2PqMoeLJRZoP
ywPVubOMfHZHmutYoCjoohmuiulL7nACQlc8mxRC91PCmcvsIjhelA/0uwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFH2L/7iONuTv05EGPP88ATguJWzxMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvZll2X3VJNDI1T19Ua1FZOF96d0JPQzRsYlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBLYYMAwQA
X1FdMAwDBABfUXcDBABfUXgDBAFnVXADBABogIMDBAFogI4wDAMEAIeItQMEA4eI
sAMEAIeIvTANBgkqhkiG9w0BAQsFAAOCAQEATK70zq2MExpkA+D3oLbnTwXZptwe
kQOedK2sUz52twyZVf/nLUtgUrufCpawy4Ck/VAjn5k6t1OnfAvQeUlWXqvvwCvl
oAXd0CizGhOqmURpg7Fey9Rnm6fG+cTYnP+Go+Lq8puBoo6HGSDsomFNyY/gcn/5
R3jrDWBqfov9OKvzWdCPHmdSra0o+kMDqJP4Ns08fLumP/6eS1gzdMSIJuMMf0OG
NL7yr0YP0C0+UK1xboasxX969vdlSg1tcujNE7Ea6i4M5ROLwboltNf5ZdT1wF58
jTJIn4u4LrkNNDGchtsMEpmlQ1XsQnGCr7g33rwA9bLTDU9Uu/bo1/nWTA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:11:38 2026 by rpki-client