Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/yfTEjxFKOjmUlnfDi6SnG6nk8cA.roa
File: yfTEjxFKOjmUlnfDi6SnG6nk8cA.roa (raw, json)
Hash identifier: GxQyDqFuYkZ8pXnq7jWPUCYfn9oY/9XlDJm0C2cBaPg=
Subject key identifier: C9:F4:C4:8F:11:4A:3A:39:94:96:77:C3:8B:A4:A7:1B:A9:E4:F1:C0
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019C0F1DB6638524B97F9F0ABA0C5FF64629
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/yfTEjxFKOjmUlnfDi6SnG6nk8cA.roa
Signing time: Fri 30 Jan 2026 13:35:31 +0000
ROA not before: Fri 30 Jan 2026 13:35:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 400342
IP address blocks: 2a06:cac0::/29 maxlen: 48
2a11:9600::/29 maxlen: 48
2a12:ec0::/29 maxlen: 48
2a12:1900::/29 maxlen: 48
2a12:28c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0f:1d:b6:63:85:24:b9:7f:9f:0a:ba:0c:5f:f6:46:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 30 13:35:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c9f4c48f114a3a39949677c38ba4a71ba9e4f1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:64:4b:78:0e:92:2a:0e:e1:60:f9:0e:33:bd:
3c:8d:9e:0e:22:a5:ac:ac:31:83:37:13:2c:02:d8:
04:6a:ad:92:b0:1c:28:4e:08:73:00:13:ef:a6:fd:
5f:8c:be:bf:a0:df:2f:d1:d5:41:2a:3a:7c:7c:d9:
8c:76:9f:fa:bf:78:39:a8:1c:de:3c:75:e2:3a:86:
dc:0d:53:99:7c:52:8c:f8:91:b9:b0:00:71:f0:25:
20:a4:31:be:5e:5c:ad:82:a6:5f:b9:45:91:99:06:
15:be:57:10:05:f0:41:79:5d:33:9f:ac:58:d8:99:
ed:d7:47:d0:cb:f5:9b:8f:77:b2:7b:45:98:d1:c6:
da:18:c9:27:b3:48:b1:aa:bf:47:b3:af:7d:ed:1a:
1a:ec:af:7b:9b:d7:c9:fe:e8:1f:02:f7:52:3d:33:
1e:74:f2:27:92:eb:fd:49:75:58:eb:e7:27:5c:22:
4d:d2:8d:35:37:c0:eb:bf:d9:20:d4:80:6d:ed:b2:
e1:23:19:b1:48:86:7a:c8:e8:ae:62:3c:0f:08:a8:
1c:00:2e:27:1d:ae:37:78:f8:93:c9:ef:70:f7:a6:
b0:b8:c2:b7:3b:3e:8c:e3:b4:26:68:0b:e2:c5:4a:
ad:08:c3:cd:29:c3:5c:2a:b3:6f:ba:4f:c3:45:44:
6b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F4:C4:8F:11:4A:3A:39:94:96:77:C3:8B:A4:A7:1B:A9:E4:F1:C0
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/yfTEjxFKOjmUlnfDi6SnG6nk8cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:cac0::/29
2a11:9600::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
Signature Algorithm: sha256WithRSAEncryption
98:b1:a8:08:e8:0f:b0:d1:d6:39:c6:0c:38:6f:69:e0:dc:82:
ba:96:c8:e1:87:32:1b:1c:6d:38:07:7e:e3:e7:06:95:a1:e3:
14:50:e4:c3:dd:69:a4:5a:40:09:69:cf:1c:92:63:98:03:83:
27:2e:df:35:6c:72:e2:d6:b1:90:11:32:63:74:96:f5:8b:d2:
52:f4:22:7e:2a:0f:b1:c9:f2:01:b7:b1:b0:ed:b4:bb:38:99:
ce:19:ab:56:84:2b:5d:04:d4:f9:6f:93:7b:92:e6:bc:2e:33:
73:f0:ef:8c:86:ca:1a:b7:3b:91:59:b9:94:b6:c4:77:6c:62:
ff:3d:81:e2:b3:53:5f:77:b8:da:d2:63:61:4e:62:93:e5:b8:
50:9b:a9:5b:1a:1c:a0:6d:90:be:59:3c:1e:dd:76:e0:2b:22:
60:bd:a2:97:7e:83:60:21:d0:6b:92:30:ab:44:75:7f:ad:ad:
05:62:c5:93:da:ed:36:d2:a5:32:dd:e8:75:bc:39:65:bb:64:
c6:7d:60:26:96:c3:5d:47:fd:03:54:96:c1:ee:8c:e8:68:07:
29:3b:05:e2:a1:26:20:7d:e5:69:e6:95:fa:4b:ea:84:73:62:
a9:c9:95:d6:0b:95:a6:03:b3:0f:f7:14:15:f2:14:60:1f:f2:
88:8c:6b:46
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZwPHbZjhSS5f58Kugxf9kYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjYwMTMwMTMzNTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWY0YzQ4ZjExNGEzYTM5OTQ5Njc3YzM4YmE0YTcxYmE5ZTRmMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGRLeA6SKg7hYPkOM708jZ4OIqWs
rDGDNxMsAtgEaq2SsBwoTghzABPvpv1fjL6/oN8v0dVBKjp8fNmMdp/6v3g5qBze
PHXiOobcDVOZfFKM+JG5sABx8CUgpDG+XlytgqZfuUWRmQYVvlcQBfBBeV0zn6xY
2Jnt10fQy/Wbj3eye0WY0cbaGMkns0ixqr9Hs6997Roa7K97m9fJ/ugfAvdSPTMe
dPInkuv9SXVY6+cnXCJN0o01N8Drv9kg1IBt7bLhIxmxSIZ6yOiuYjwPCKgcAC4n
Ha43ePiTye9w96awuMK3Oz6M47QmaAvixUqtCMPNKcNcKrNvuk/DRURrcQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMn0xI8RSjo5lJZ3w4ukpxup5PHAMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEveWZURWp4RktPam1VbG5mRGk2U25HNm5rOGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgbKwAMF
AyoRlgADBQMqEg7AAwUDKhIZAAMFAyoSKMAwDQYJKoZIhvcNAQELBQADggEBAJix
qAjoD7DR1jnGDDhvaeDcgrqWyOGHMhscbTgHfuPnBpWh4xRQ5MPdaaRaQAlpzxyS
Y5gDgycu3zVscuLWsZARMmN0lvWL0lL0In4qD7HJ8gG3sbDttLs4mc4Zq1aEK10E
1Plvk3uS5rwuM3Pw74yGyhq3O5FZuZS2xHdsYv89geKzU193uNrSY2FOYpPluFCb
qVsaHKBtkL5ZPB7dduArImC9opd+g2Ah0GuSMKtEdX+trQVixZPa7TbSpTLd6HW8
OWW7ZMZ9YCaWw11H/QNUlsHujOhoByk7BeKhJiB95WnmlfpL6oRzYqnJldYLlaYD
sw/3FBXyFGAf8oiMa0Y=
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:20:54 2026 by rpki-client