Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yhb5MBbbdwO6w10DVXxElCz_r7c.roa
File: yhb5MBbbdwO6w10DVXxElCz_r7c.roa (raw, json)
Hash identifier: Z0mm/Mm8Vvkg/EmPBRJfg5IC6j7suSJi8kDIDebAlp8=
Subject key identifier: CA:16:F9:30:16:DB:77:03:BA:C3:5D:03:55:7C:44:94:2C:FF:AF:B7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019C6AC4922156400DAEC6A7D72457387108
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yhb5MBbbdwO6w10DVXxElCz_r7c.roa
Signing time: Tue 17 Feb 2026 08:43:13 +0000
ROA not before: Tue 17 Feb 2026 08:43:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 62.76.236.0/24 maxlen: 24
62.76.237.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
193.124.206.0/24 maxlen: 24
194.58.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.24.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.54.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.255.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
212.193.20.0/24 maxlen: 24
212.193.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6a:c4:92:21:56:40:0d:ae:c6:a7:d7:24:57:38:71:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 17 08:43:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ca16f93016db7703bac35d03557c44942cffafb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b3:65:e3:4f:5f:99:07:95:fa:d3:03:14:18:
72:57:c6:07:53:63:a6:36:7c:cc:47:01:ae:42:89:
78:d7:a2:e2:e5:ac:17:18:b9:58:92:79:34:f8:df:
cc:3e:dd:90:b1:70:48:86:d0:b4:d0:82:dd:80:dd:
8d:56:23:64:3d:df:27:39:2e:f4:75:94:b8:c0:24:
e5:1d:56:96:6b:19:df:42:83:87:d6:0e:f2:8a:92:
4c:6e:48:6e:0b:f2:73:5b:bc:6f:2a:1e:82:67:9b:
6b:1c:df:2e:35:d1:4c:a1:08:5b:a4:12:57:6b:73:
0a:05:1a:72:cf:ba:06:71:96:f4:7e:90:fe:65:93:
d8:06:02:47:d9:bb:10:a2:d8:4d:f0:41:79:ae:90:
45:f0:b4:2a:3d:42:ba:c5:0e:44:fc:64:50:a8:af:
cd:41:01:c5:2c:78:b3:1f:04:21:b3:f5:59:52:a5:
cb:5a:d8:11:ee:1b:89:c4:30:bb:b0:4b:b8:ab:16:
0c:0d:9e:00:6f:e5:51:bc:ae:d2:0a:58:33:19:3d:
5e:71:8d:c2:0b:5d:f5:f5:ab:9c:b4:cd:59:19:04:
06:87:45:15:f1:cb:9c:e4:90:de:d1:d5:e8:61:52:
8e:c9:bf:3f:63:b1:49:31:e6:ea:2b:6f:b0:49:73:
bf:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:16:F9:30:16:DB:77:03:BA:C3:5D:03:55:7C:44:94:2C:FF:AF:B7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/yhb5MBbbdwO6w10DVXxElCz_r7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.236.0/23
193.124.17.0/24
193.124.206.0/24
194.58.56.0/24
194.58.154.0/23
194.87.24.0/24
194.87.51.0/24
194.87.54.0/23
194.87.125.0/24
194.87.233.0/24
194.87.255.0/24
195.133.9.0/24
212.193.20.0/24
212.193.23.0/24
Signature Algorithm: sha256WithRSAEncryption
53:33:29:f0:14:3d:2c:2a:3c:e1:19:97:30:41:25:09:64:6c:
40:5a:dc:94:93:5a:c9:80:92:53:19:0a:6e:59:03:1e:e7:19:
d6:ff:d4:4e:af:c8:1b:1b:db:2e:a7:31:ac:fc:b9:b5:6d:6f:
e3:d5:e3:3d:a8:59:eb:2e:f6:66:75:05:fd:0c:ba:7c:40:77:
58:f2:c1:de:2f:5a:a5:1f:64:7d:0f:e2:fb:ab:69:95:a1:71:
42:cc:8f:82:ed:c8:c7:46:46:e9:52:25:1d:91:81:85:08:5c:
18:3c:16:7b:4f:4b:d4:c8:a5:d0:3e:73:fe:cf:ab:05:d8:f8:
93:cd:ef:67:b7:86:8f:34:79:db:bb:c9:66:e9:a0:e1:82:0a:
94:be:48:48:a1:d0:13:9b:b3:87:3f:42:4d:05:dd:69:60:41:
31:45:02:61:ec:87:4f:38:a0:8d:c6:23:df:22:a7:24:1f:3d:
ae:70:02:65:b2:db:4a:af:7e:f7:97:3b:73:87:c1:ca:00:57:
3b:8f:0e:1e:3d:af:76:28:3c:0e:1c:1e:5c:07:5e:29:d3:d8:
23:98:9d:7f:db:ce:74:4a:5b:0d:ca:f0:cc:73:9b:56:1c:1f:
bf:12:3e:40:5f:2d:fd:5d:d6:d0:78:cc:8a:6a:c9:a2:4c:4c:
39:e0:af:ec
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZxqxJIhVkANrsan1yRXOHEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwMjE3MDg0MzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE2ZjkzMDE2ZGI3NzAzYmFjMzVkMDM1NTdjNDQ5NDJjZmZhZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27Nl409fmQeV+tMDFBhyV8YHU2Om
NnzMRwGuQol416Li5awXGLlYknk0+N/MPt2QsXBIhtC00ILdgN2NViNkPd8nOS70
dZS4wCTlHVaWaxnfQoOH1g7yipJMbkhuC/JzW7xvKh6CZ5trHN8uNdFMoQhbpBJX
a3MKBRpyz7oGcZb0fpD+ZZPYBgJH2bsQothN8EF5rpBF8LQqPUK6xQ5E/GRQqK/N
QQHFLHizHwQhs/VZUqXLWtgR7huJxDC7sEu4qxYMDZ4Ab+VRvK7SClgzGT1ecY3C
C1319auctM1ZGQQGh0UV8cuc5JDe0dXoYVKOyb8/Y7FJMebqK2+wSXO/KQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFMoW+TAW23cDusNdA1V8RJQs/6+3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveWhiNU1CYmJkd082dzEwRFZYeEVsQ3pfcjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBPkzsAwQA
wXwRAwQAwXzOAwQAwjo4AwQBwjqaAwQAwlcYAwQAwlczAwQBwlc2AwQAwld9AwQA
wlfpAwQAwlf/AwQAw4UJAwQA1MEUAwQA1MEXMA0GCSqGSIb3DQEBCwUAA4IBAQBT
MynwFD0sKjzhGZcwQSUJZGxAWtyUk1rJgJJTGQpuWQMe5xnW/9ROr8gbG9supzGs
/Lm1bW/j1eM9qFnrLvZmdQX9DLp8QHdY8sHeL1qlH2R9D+L7q2mVoXFCzI+C7cjH
RkbpUiUdkYGFCFwYPBZ7T0vUyKXQPnP+z6sF2PiTze9nt4aPNHnbu8lm6aDhggqU
vkhIodATm7OHP0JNBd1pYEExRQJh7IdPOKCNxiPfIqckHz2ucAJlsttKr373lztz
h8HKAFc7jw4ePa92KDwOHB5cB14p09gjmJ1/2850SlsNyvDMc5tWHB+/Ej5AXy39
XdbQeMyKasmiTEw54K/s
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:36:05 2026 by rpki-client