Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/YpNQsqMdStbjNN3S7a_DESiBG8c.roa
File: YpNQsqMdStbjNN3S7a_DESiBG8c.roa (raw, json)
Hash identifier: rW/NJ838iEIy4mWJeYbDa62oyyAeAyZO8CdAfSOuZj8=
Subject key identifier: 62:93:50:B2:A3:1D:4A:D6:E3:34:DD:D2:ED:AF:C3:11:28:81:1B:C7
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 019DD91FBE3BDA6B519981C6416D8C5D085E
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/YpNQsqMdStbjNN3S7a_DESiBG8c.roa
Signing time: Wed 29 Apr 2026 12:03:49 +0000
ROA not before: Wed 29 Apr 2026 12:03:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210976
IP address blocks: 78.40.216.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
176.57.212.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
185.247.18.0/24 maxlen: 24
185.247.19.0/24 maxlen: 24
188.225.14.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
2a03:6f02::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d9:1f:be:3b:da:6b:51:99:81:c6:41:6d:8c:5d:08:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Apr 29 12:03:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=629350b2a31d4ad6e334ddd2edafc31128811bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:cd:88:4e:3a:40:ea:f7:71:f7:6d:74:10:8e:
a4:bb:19:90:71:a9:bc:44:17:18:46:39:d2:6a:89:
ac:15:5c:cc:d8:eb:6b:86:bc:d0:45:c2:65:46:91:
1c:d5:e2:c6:6c:6d:c2:50:f9:2e:a9:53:83:3d:05:
23:39:d3:68:c5:28:23:f7:1c:34:45:32:68:5c:bd:
ca:70:06:51:c1:0a:14:3f:46:38:6d:c0:38:8c:a4:
34:84:9f:74:42:05:fb:d5:bd:b1:bd:d8:3c:4f:65:
10:70:0e:ce:d5:d4:3d:af:73:7d:9a:30:f8:04:45:
4f:f0:ca:1b:b5:d3:61:01:ad:9f:8f:47:0e:73:4e:
bd:f2:ea:a1:d8:81:5a:a4:ca:df:50:5d:17:b5:b7:
04:2c:fa:8f:7b:e1:cf:a0:c4:1f:a6:78:3e:66:26:
84:8c:68:a5:9e:a8:e5:4d:b1:de:24:13:10:ff:c0:
fc:d4:35:ac:4c:a7:3b:70:03:67:b0:5b:21:a2:4b:
1d:b0:ee:dc:bf:b6:fd:4a:c9:1c:30:84:a0:0b:53:
4e:4b:13:cd:07:70:b8:97:34:81:8a:2e:c4:00:06:
ab:c3:fd:d4:4a:ef:6a:38:06:50:01:45:15:9e:d5:
14:c2:54:1c:de:2d:de:71:07:48:9f:38:ba:2c:f1:
9e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:93:50:B2:A3:1D:4A:D6:E3:34:DD:D2:ED:AF:C3:11:28:81:1B:C7
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/YpNQsqMdStbjNN3S7a_DESiBG8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.212.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
185.247.18.0/23
188.225.14.0/24
194.35.117.0/24
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f02::/64
Signature Algorithm: sha256WithRSAEncryption
16:29:7b:20:fd:25:ef:b0:d2:ab:e8:c6:56:a4:ae:d6:10:fd:
3b:72:47:17:8f:40:03:c9:f3:8c:ad:50:d6:3e:b4:de:a1:ab:
67:86:bc:b2:0d:14:02:ae:48:6e:c9:d5:fe:4a:de:3f:16:c8:
a8:aa:23:bc:39:8e:96:23:82:73:e1:b3:df:6a:f8:69:c9:b3:
c7:38:7e:a2:c2:80:c8:f1:f3:99:a3:f4:92:b2:d1:ad:26:e8:
af:d3:75:7d:1b:06:60:11:01:b6:1c:d3:0b:52:ab:06:e8:85:
6d:d2:0a:dc:9d:ca:2e:d2:ef:5f:c5:76:d1:0d:27:7a:4b:0d:
0c:1e:3b:12:e4:4a:e5:e5:88:11:e3:72:7c:2d:57:79:a7:73:
c8:68:51:f1:57:bb:0c:55:d7:dd:5e:08:76:c0:20:5b:c4:ad:
e9:be:a9:e3:ae:1c:e9:99:ad:e8:72:01:7b:7e:a0:97:0e:9f:
b1:4b:9c:d4:8a:98:17:e6:11:26:85:1a:07:d4:64:48:9a:9d:
7d:4c:5e:69:b4:00:f8:b6:92:62:cc:dd:c5:de:05:7c:d9:a8:
6d:06:ed:e8:e4:07:46:7a:c9:96:e1:14:4a:a1:1c:18:77:c1:
f1:cf:64:1f:3b:f3:6d:8e:eb:5e:af:83:51:1d:18:5f:08:42:
9e:ef:e8:37
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZ3ZH7472mtRmYHGQW2MXQheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjYwNDI5MTIwMzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjkzNTBiMmEzMWQ0YWQ2ZTMzNGRkZDJlZGFmYzMxMTI4ODExYmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3M2ITjpA6vdx9210EI6kuxmQcam8
RBcYRjnSaomsFVzM2OtrhrzQRcJlRpEc1eLGbG3CUPkuqVODPQUjOdNoxSgj9xw0
RTJoXL3KcAZRwQoUP0Y4bcA4jKQ0hJ90QgX71b2xvdg8T2UQcA7O1dQ9r3N9mjD4
BEVP8MobtdNhAa2fj0cOc0698uqh2IFapMrfUF0XtbcELPqPe+HPoMQfpng+ZiaE
jGilnqjlTbHeJBMQ/8D81DWsTKc7cANnsFshoksdsO7cv7b9SskcMISgC1NOSxPN
B3C4lzSBii7EAAarw/3USu9qOAZQAUUVntUUwlQc3i3ecQdInzi6LPGeLwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFGKTULKjHUrW4zTd0u2vwxEogRvHMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvWXBOUXNxTWRTdGJqTk4zUzdhX0RFU2lCRzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzByBAIAATBsAwQATijY
AwQBVcFcAwQAVcFfAwQAV/kyAwQAWb/kAwQAWpznAwQAXuR6AwQAsDnUAwQAsDnd
AwQAuWhwAwQAuWhzAwQBufcSAwQAvOEOAwQAwiN1AwQA2RlbAwQA2RlfAwQA2Zfl
AwQA2ZfnMBEEAgACMAsDCQAqA28CAAAAADANBgkqhkiG9w0BAQsFAAOCAQEAFil7
IP0l77DSq+jGVqSu1hD9O3JHF49AA8nzjK1Q1j603qGrZ4a8sg0UAq5IbsnV/kre
PxbIqKojvDmOliOCc+Gz32r4acmzxzh+osKAyPHzmaP0krLRrSbor9N1fRsGYBEB
thzTC1KrBuiFbdIK3J3KLtLvX8V20Q0neksNDB47EuRK5eWIEeNyfC1XeadzyGhR
8Ve7DFXX3V4IdsAgW8St6b6p464c6Zmt6HIBe36glw6fsUuc1IqYF+YRJoUaB9Rk
SJqdfUxeabQA+LaSYszdxd4FfNmobQbt6OQHRnrJluEUSqEcGHfB8c9kHzvzbY7r
Xq+DUR0YXwhCnu/oNw==
-----END CERTIFICATE-----
Generated at Wed May 13 04:03:12 2026 by rpki-client