Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/pYVSN2AB9mwBr8yDS1zYwXrTuMQ.roa
File: pYVSN2AB9mwBr8yDS1zYwXrTuMQ.roa (raw, json)
Hash identifier: xWYPQfiNQqIYcOLgwTTjRZ9fSTqKYlkmjs7r1ngIGF4=
Subject key identifier: A5:85:52:37:60:01:F6:6C:01:AF:CC:83:4B:5C:D8:C1:7A:D3:B8:C4
Certificate issuer: /CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Certificate serial: 019C91A48FB6A8987D7090BB5D048DD5900D
Authority key identifier: 0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/pYVSN2AB9mwBr8yDS1zYwXrTuMQ.roa
Signing time: Tue 24 Feb 2026 21:53:26 +0000
ROA not before: Tue 24 Feb 2026 21:53:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 62.69.144.0/21 maxlen: 24
193.42.155.0/24 maxlen: 24
193.200.230.0/24 maxlen: 24
194.9.117.0/24 maxlen: 24
194.59.189.0/24 maxlen: 24
194.59.190.0/23 maxlen: 24
194.146.118.0/24 maxlen: 24
195.43.88.0/23 maxlen: 24
2001:7f8:8::/48 maxlen: 48
2001:7f8:2b::/48 maxlen: 48
2001:7f8:2c::/48 maxlen: 48
2a01:9ec0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.mft
rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:91:a4:8f:b6:a8:98:7d:70:90:bb:5d:04:8d:d5:90:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Validity
Not Before: Feb 24 21:53:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a58552376001f66c01afcc834b5cd8c17ad3b8c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ca:0b:96:ff:a6:b5:3c:75:bd:4f:43:95:83:
7c:fb:9a:cf:b8:c9:02:e2:fd:99:0e:72:79:05:bf:
85:7f:22:7f:fc:ac:27:18:b5:56:40:bd:fc:f6:2a:
93:a2:cc:62:73:7c:a2:c2:66:6e:40:fd:e5:46:95:
a7:6c:ad:c4:03:55:42:1a:c3:77:9d:5a:9e:f5:38:
83:00:26:34:93:33:7b:08:af:df:26:fd:d1:f5:6d:
c5:cd:e4:e7:e3:6b:46:f6:4f:f6:37:71:43:c2:77:
da:03:64:da:cd:5d:37:59:9c:88:35:e0:f1:48:89:
90:e6:1a:e3:13:92:23:4a:44:87:7a:8d:05:81:38:
c7:4a:9b:33:67:f4:52:86:98:0c:d7:ef:7f:cc:f4:
b1:5d:32:d2:23:c3:22:cd:cd:9b:e1:c2:f1:d0:60:
76:4a:06:56:e9:cc:4c:75:e7:f1:3d:25:70:88:b3:
58:23:08:d2:07:2d:a6:a8:65:f6:cc:ca:92:49:b3:
bc:60:24:dd:13:20:e6:c8:92:ea:1c:cf:21:ac:f6:
14:9b:24:44:b2:05:0b:d1:29:0a:c3:7a:5b:32:9a:
be:92:95:2a:6e:87:d0:9f:ed:e1:2b:16:a4:7a:57:
3e:ad:96:e2:39:a8:58:f4:48:dc:ce:ee:4a:b0:bd:
8d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:85:52:37:60:01:F6:6C:01:AF:CC:83:4B:5C:D8:C1:7A:D3:B8:C4
X509v3 Authority Key Identifier:
keyid:0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/pYVSN2AB9mwBr8yDS1zYwXrTuMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.69.144.0/21
193.42.155.0/24
193.200.230.0/24
194.9.117.0/24
194.59.189.0-194.59.191.255
194.146.118.0/24
195.43.88.0/23
IPv6:
2001:7f8:8::/48
2001:7f8:2b::-2001:7f8:2c:ffff:ffff:ffff:ffff:ffff
2a01:9ec0::/29
Signature Algorithm: sha256WithRSAEncryption
39:d2:80:7a:05:53:33:4e:e1:f2:a7:2e:24:be:8b:e3:90:04:
f4:b0:b6:d5:1e:51:75:b2:2c:96:34:8e:d9:c3:3c:25:32:ee:
dc:2c:ea:59:bd:74:0d:f6:f7:e6:61:c0:8d:13:ac:a6:dd:25:
cc:65:a2:f2:2a:59:fb:d6:b0:81:07:e2:fd:b1:bd:0e:cb:6e:
f3:9b:96:06:e7:f3:e8:f9:7c:d6:38:69:b4:9c:4c:cd:e4:ce:
ce:92:af:68:65:28:3d:8c:c4:66:5d:a9:95:0e:2a:cf:52:39:
5b:ea:c0:fc:67:1c:4d:7b:9d:3e:cf:62:cc:29:cd:6d:01:6f:
80:4c:f8:11:0b:e1:bd:d3:9e:b4:20:54:b4:46:5c:82:9a:a4:
48:8a:79:a2:d1:08:8e:ca:87:97:e6:0a:53:93:53:e0:bd:3b:
ee:f4:de:d5:89:15:d7:2f:a7:ac:1e:77:14:90:40:e0:b0:0d:
ab:5b:bb:49:e3:59:c2:f2:ec:9e:f2:50:9d:e4:31:a0:52:ce:
2f:7d:05:dd:ee:4d:04:08:75:43:c8:a8:48:3b:81:eb:ce:2a:
d7:bf:b0:b5:aa:78:d4:b7:96:a3:0a:d8:49:30:9b:8e:71:08:
54:c1:85:01:7a:ff:7b:42:b4:8d:2c:6c:72:63:82:b3:93:ac:
0d:0e:2e:af
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZyRpI+2qJh9cJC7XQSN1ZANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjE1MjFhNzEyNzE1N2Y3ZGFmMGFkMDkxMzk0YWQ1YTFj
Y2U3NzkwHhcNMjYwMjI0MjE1MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg1NTIzNzYwMDFmNjZjMDFhZmNjODM0YjVjZDhjMTdhZDNiOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsoLlv+mtTx1vU9DlYN8+5rPuMkC
4v2ZDnJ5Bb+FfyJ//KwnGLVWQL389iqTosxic3yiwmZuQP3lRpWnbK3EA1VCGsN3
nVqe9TiDACY0kzN7CK/fJv3R9W3FzeTn42tG9k/2N3FDwnfaA2TazV03WZyINeDx
SImQ5hrjE5IjSkSHeo0FgTjHSpszZ/RShpgM1+9/zPSxXTLSI8Mizc2b4cLx0GB2
SgZW6cxMdefxPSVwiLNYIwjSBy2mqGX2zMqSSbO8YCTdEyDmyJLqHM8hrPYUmyRE
sgUL0SkKw3pbMpq+kpUqbofQn+3hKxakelc+rZbiOahY9Ejczu5KsL2N5wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFKWFUjdgAfZsAa/Mg0tc2MF607jEMB8GA1UdIwQY
MBaAFA8hUhpxJxV/fa8K0JE5StWhzOd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQt
ZmFkNWZkNzk3MGJhLzEvcFlWU04yQUI5bXdCcjh5RFMxell3WHJUdU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQtZmFkNWZkNzk3MGJh
LzEvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjA4BAIAATAyAwQDPkWQAwQA
wSqbAwQAwcjmAwQAwgl1MAwDBADCO70DBAbCO4ADBADCknYDBAHDK1gwKgQCAAIw
JAMHACABB/gACDASAwcAIAEH+AArAwcAIAEH+AAsAwUDKgGewDANBgkqhkiG9w0B
AQsFAAOCAQEAOdKAegVTM07h8qcuJL6L45AE9LC21R5RdbIsljSO2cM8JTLu3Czq
Wb10Dfb35mHAjROspt0lzGWi8ipZ+9awgQfi/bG9Dstu85uWBufz6Pl81jhptJxM
zeTOzpKvaGUoPYzEZl2plQ4qz1I5W+rA/GccTXudPs9izCnNbQFvgEz4EQvhvdOe
tCBUtEZcgpqkSIp5otEIjsqHl+YKU5NT4L077vTe1YkV1y+nrB53FJBA4LANq1u7
SeNZwvLsnvJQneQxoFLOL30F3e5NBAh1Q8ioSDuB684q17+wtap41LeWowrYSTCb
jnEIVMGFAXr/e0K0jSxscmOCs5OsDQ4urw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:26:14 2026 by rpki-client