Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/Y4W9-9x4sADcW2PdcF8RiPXF1ro.roa
File: Y4W9-9x4sADcW2PdcF8RiPXF1ro.roa (raw, json)
Hash identifier: UkFNKZqofOqEuSi5Q60lTYhnFQ9XAVK3ZjjXPvghvFY=
Subject key identifier: 63:85:BD:FB:DC:78:B0:00:DC:5B:63:DD:70:5F:11:88:F5:C5:D6:BA
Certificate issuer: /CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Certificate serial: 019EA20E5B4B25473E8A9D79D4C7BA60EB0A
Authority key identifier: 61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/Y4W9-9x4sADcW2PdcF8RiPXF1ro.roa
Signing time: Sun 07 Jun 2026 12:28:30 +0000
ROA not before: Sun 07 Jun 2026 12:28:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213922
IP address blocks: 62.164.156.0/22 maxlen: 24
89.126.232.0/24 maxlen: 24
91.188.248.0/24 maxlen: 24
91.188.249.0/24 maxlen: 24
91.188.250.0/23 maxlen: 24
91.202.245.0/24 maxlen: 24
91.202.246.0/23 maxlen: 24
185.109.28.0/22 maxlen: 24
2a0c:6ec0:2::/48 maxlen: 48
2a0c:6ec0:3::/48 maxlen: 48
2a0c:6ec0:a01::/48 maxlen: 48
2a0c:6ec0:b00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a2:0e:5b:4b:25:47:3e:8a:9d:79:d4:c7:ba:60:eb:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Validity
Not Before: Jun 7 12:28:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6385bdfbdc78b000dc5b63dd705f1188f5c5d6ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:38:0f:ce:08:e6:c9:21:9d:70:5d:f1:cf:59:
27:78:0a:3f:d1:31:f7:11:10:24:aa:69:c6:84:21:
dd:26:45:3e:76:ab:d3:cc:ac:45:6d:c7:29:2d:b0:
07:56:b5:b6:f4:39:ee:c9:44:7a:85:e5:e8:51:79:
2c:56:ea:13:44:70:4f:af:f2:76:9e:55:98:82:68:
57:66:48:26:87:ff:e7:44:ff:aa:d3:3d:c1:07:72:
bc:f6:45:4e:ce:3b:7f:84:ee:8f:27:0e:83:98:a7:
f0:65:96:03:8b:3e:e7:a5:b0:f2:11:b4:95:eb:0b:
80:5c:89:18:4a:56:88:7b:24:67:83:67:23:f3:e0:
3e:2b:9c:24:c0:9f:15:71:86:56:86:ba:ec:96:4d:
94:81:f1:46:e7:b8:1c:14:05:2e:69:cb:0c:9a:16:
f9:61:8e:e5:70:45:9a:cb:95:a3:7b:b6:6a:c0:69:
16:16:3a:f4:18:71:a6:13:7b:28:fe:f5:d7:02:ad:
7d:65:2b:f4:e3:e5:4d:27:d4:fd:2b:77:ca:ab:cd:
0b:4b:a6:15:66:3f:4d:51:86:27:46:91:20:4a:b0:
e5:f8:e5:d2:36:84:10:cd:9f:aa:a8:98:3c:7e:05:
66:27:81:4e:9a:3d:a8:f8:31:6b:e7:16:e3:5d:96:
b9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:85:BD:FB:DC:78:B0:00:DC:5B:63:DD:70:5F:11:88:F5:C5:D6:BA
X509v3 Authority Key Identifier:
keyid:61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/Y4W9-9x4sADcW2PdcF8RiPXF1ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.156.0/22
89.126.232.0/24
91.188.248.0/22
91.202.245.0-91.202.247.255
185.109.28.0/22
IPv6:
2a0c:6ec0:2::/47
2a0c:6ec0:a01::/48
2a0c:6ec0:b00::/40
Signature Algorithm: sha256WithRSAEncryption
65:2f:67:fc:b9:41:91:a8:36:57:9b:20:7a:55:0a:da:94:79:
45:c2:e8:f0:4f:af:85:3f:27:51:1f:91:4e:3c:31:e8:51:56:
0c:03:c3:b5:e7:9b:f5:2d:fb:1e:95:57:35:ee:ec:da:bf:26:
90:9c:8c:4a:84:06:a4:9e:b5:bc:c2:50:93:d5:af:18:f2:08:
53:be:4f:37:b3:18:d7:04:14:f6:18:95:be:b4:85:bc:50:6f:
51:ce:82:87:1e:e6:98:b3:4c:70:0d:d4:44:ad:75:c6:65:4e:
6a:5b:42:c9:b7:53:1a:86:e4:e3:03:25:e4:1c:69:9f:40:a2:
de:4c:6c:07:d3:c5:3d:e3:d1:75:26:5e:6b:0c:f1:d9:c3:d2:
56:ca:b8:49:85:6b:96:9e:3d:6b:72:fc:f5:86:78:c8:66:53:
08:1b:db:46:30:34:1b:4b:4a:ed:16:5d:fc:bd:f2:ee:28:16:
0f:18:9d:f2:07:b5:13:e5:bb:00:2f:b5:6f:40:26:8c:3e:db:
58:03:3a:cf:9f:c5:34:c6:e3:98:38:3d:8e:e4:c9:47:bb:66:
d7:03:f9:09:f8:f4:20:2f:cf:eb:18:cd:63:cb:4d:90:ab:5e:
d0:d8:94:db:ff:a7:38:66:c5:b3:9d:3a:3c:d0:fe:25:6e:e3:
38:38:ef:9b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ6iDltLJUc+ip151Me6YOsKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjE0NzBkMzliZTRiYTJkZDVkZjhmYTQ3YjE2Mzk2Mjc4
ZTY3MGEwHhcNMjYwNjA3MTIyODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzg1YmRmYmRjNzhiMDAwZGM1YjYzZGQ3MDVmMTE4OGY1YzVkNmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9zgPzgjmySGdcF3xz1kneAo/0TH3
ERAkqmnGhCHdJkU+dqvTzKxFbccpLbAHVrW29DnuyUR6heXoUXksVuoTRHBPr/J2
nlWYgmhXZkgmh//nRP+q0z3BB3K89kVOzjt/hO6PJw6DmKfwZZYDiz7npbDyEbSV
6wuAXIkYSlaIeyRng2cj8+A+K5wkwJ8VcYZWhrrslk2UgfFG57gcFAUuacsMmhb5
YY7lcEWay5Wje7ZqwGkWFjr0GHGmE3so/vXXAq19ZSv04+VNJ9T9K3fKq80LS6YV
Zj9NUYYnRpEgSrDl+OXSNoQQzZ+qqJg8fgVmJ4FOmj2o+DFr5xbjXZa5NQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGOFvfvceLAA3Ftj3XBfEYj1xda6MB8GA1UdIwQY
MBaAFGFhRw05vkui3V34+kexY5YnjmcKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTkt
YzI0MGJmYzljYmMxLzEvWTRXOS05eDRzQURjVzJQZGNGOFJpUFhGMXJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTktYzI0MGJmYzljYmMx
LzEvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAsBAIAATAmAwQCPqScAwQA
WX7oAwQCW7z4MAwDBABbyvUDBANbyvADBAK5bRwwIAQCAAIwGgMHASoMbsAAAgMH
ACoMbsAKAQMGACoMbsALMA0GCSqGSIb3DQEBCwUAA4IBAQBlL2f8uUGRqDZXmyB6
VQralHlFwujwT6+FPydRH5FOPDHoUVYMA8O155v1LfselVc17uzavyaQnIxKhAak
nrW8wlCT1a8Y8ghTvk83sxjXBBT2GJW+tIW8UG9RzoKHHuaYs0xwDdRErXXGZU5q
W0LJt1MahuTjAyXkHGmfQKLeTGwH08U949F1Jl5rDPHZw9JWyrhJhWuWnj1rcvz1
hnjIZlMIG9tGMDQbS0rtFl38vfLuKBYPGJ3yB7UT5bsAL7VvQCaMPttYAzrPn8U0
xuOYOD2O5MlHu2bXA/kJ+PQgL8/rGM1jy02Qq17Q2JTb/6c4ZsWznTo80P4lbuM4
OO+b
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:36:58 2026 by rpki-client