Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/VYPTeU3GTpRqMWirs-4J0ak-y0Y.roa
File: VYPTeU3GTpRqMWirs-4J0ak-y0Y.roa (raw, json)
Hash identifier: Q0x74IuPW45MM/QoYobdWOJwgU/vwyNB9bVYzPX6+yM=
Subject key identifier: 55:83:D3:79:4D:C6:4E:94:6A:31:68:AB:B3:EE:09:D1:A9:3E:CB:46
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 019C528370F1350DB8C64563B8EE378186EF
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/VYPTeU3GTpRqMWirs-4J0ak-y0Y.roa
Signing time: Thu 12 Feb 2026 15:41:11 +0000
ROA not before: Thu 12 Feb 2026 15:41:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43519
IP address blocks: 149.20.120.0/24 maxlen: 24
149.20.121.0/24 maxlen: 24
149.20.122.0/24 maxlen: 24
149.20.123.0/24 maxlen: 24
213.248.192.0/24 maxlen: 24
213.248.193.0/24 maxlen: 24
213.248.194.0/24 maxlen: 24
213.248.200.0/24 maxlen: 24
213.248.201.0/24 maxlen: 24
213.248.202.0/24 maxlen: 24
213.248.203.0/24 maxlen: 24
213.248.204.0/24 maxlen: 24
213.248.205.0/24 maxlen: 24
213.248.206.0/24 maxlen: 24
213.248.207.0/24 maxlen: 24
213.248.216.0/24 maxlen: 24
213.248.217.0/24 maxlen: 24
213.248.218.0/24 maxlen: 24
213.248.219.0/24 maxlen: 24
213.248.220.0/24 maxlen: 24
213.248.221.0/24 maxlen: 24
213.248.222.0/24 maxlen: 24
213.248.223.0/24 maxlen: 24
213.248.254.0/24 maxlen: 24
2a01:618:200::/48 maxlen: 48
2a01:618:2fc::/48 maxlen: 48
2a01:618:2fd::/48 maxlen: 48
2a01:618:2fe::/48 maxlen: 48
2a01:618:2ff::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:402::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:618:407::/48 maxlen: 48
2a01:618:408::/48 maxlen: 48
2a01:618:409::/48 maxlen: 48
2a01:618:4ff::/48 maxlen: 48
2a01:61e:1::/48 maxlen: 48
2a01:61e:2::/48 maxlen: 48
2a01:61e:3::/48 maxlen: 48
2a01:61e:4::/48 maxlen: 48
2a01:61e:5::/48 maxlen: 48
2a01:61e:6::/48 maxlen: 48
2a01:61e:fffc::/48 maxlen: 48
2a01:61e:fffd::/48 maxlen: 48
2a01:61e:fffe::/48 maxlen: 48
2a01:61e:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:52:83:70:f1:35:0d:b8:c6:45:63:b8:ee:37:81:86:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Feb 12 15:41:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5583d3794dc64e946a3168abb3ee09d1a93ecb46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b9:92:fd:b7:91:46:74:5a:ff:9b:a6:f7:70:
47:f0:6c:ec:2d:bd:cb:8d:57:aa:8a:8d:55:eb:5a:
a7:1c:17:a1:d8:c1:c7:a1:98:37:53:22:06:7f:c1:
58:b9:20:8c:98:03:f8:3a:17:4d:e2:ae:57:23:1a:
41:de:54:d9:06:b4:d5:cb:cf:43:83:f5:b6:6c:73:
ce:7c:fc:aa:15:65:18:14:2d:c2:81:9a:2e:c0:43:
5d:0c:5e:1b:6c:2b:7e:07:29:6a:4e:10:f1:60:f5:
cf:fd:3e:2f:f4:ab:da:6e:d7:c7:6a:f9:c5:45:63:
53:8e:d8:78:aa:61:a2:f4:b8:90:88:13:d2:03:24:
b3:f1:06:08:05:ab:12:67:b7:ca:ae:37:9c:23:42:
08:43:fb:1d:85:49:a1:32:2a:41:b2:41:26:3e:97:
d8:f7:5b:4b:7a:60:25:7d:ee:6c:28:b0:35:c6:ac:
23:4c:99:d2:b8:14:35:32:48:a6:49:8e:a6:86:3d:
2a:e6:10:0d:d3:51:ed:a7:64:f3:09:41:10:ca:e1:
bf:aa:34:59:4e:5d:7c:0f:5b:44:fc:b8:af:dd:65:
96:3a:b2:04:2c:d0:52:8f:b2:95:e0:94:03:6c:40:
8c:15:16:5e:cb:0e:f1:ef:20:57:1b:6a:c3:bd:c9:
86:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:83:D3:79:4D:C6:4E:94:6A:31:68:AB:B3:EE:09:D1:A9:3E:CB:46
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/VYPTeU3GTpRqMWirs-4J0ak-y0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.120.0/22
213.248.192.0-213.248.194.255
213.248.200.0/21
213.248.216.0/21
213.248.254.0/24
IPv6:
2a01:618:200::/48
2a01:618:2fc::/46
2a01:618:400::-2a01:618:409:ffff:ffff:ffff:ffff:ffff
2a01:618:4ff::/48
2a01:61e:1::-2a01:61e:6:ffff:ffff:ffff:ffff:ffff
2a01:61e:fffc::/46
Signature Algorithm: sha256WithRSAEncryption
34:44:17:41:18:89:f2:97:db:11:bd:68:a0:13:47:7b:15:05:
28:82:fc:91:90:02:8c:e4:bc:b0:39:0a:08:21:bb:57:1c:69:
2b:49:96:9f:b1:1d:fe:88:84:73:c2:69:4a:db:61:d2:d1:e4:
3e:e7:95:ec:ee:2a:38:74:5b:35:e8:f9:24:2a:8f:ab:ad:4d:
63:f1:5b:82:f8:14:99:b4:e9:af:03:da:a7:b4:d0:63:ec:a8:
ab:00:84:80:a6:42:db:f7:73:bd:a4:42:8a:39:8c:e0:27:17:
b2:2e:6e:0e:a4:da:76:0c:86:13:af:87:e2:5f:ce:7b:09:59:
52:9e:3d:d8:b4:ad:18:78:9d:67:5a:15:15:d8:8a:0e:23:80:
54:ac:a8:96:ab:49:30:e5:96:b1:a0:c1:eb:20:fa:a2:d8:a3:
63:84:02:86:8c:16:7a:44:df:e3:b9:f2:c8:19:cc:ed:32:90:
23:63:10:36:9c:15:98:fe:b8:83:58:e9:7f:8d:c2:70:b3:9f:
a7:f3:02:f9:03:2e:7a:19:4c:7e:2f:40:34:f2:6b:50:ec:ce:
6a:6e:16:44:8b:7f:97:b9:ac:f6:7c:e7:18:24:3f:1a:69:56:
dc:03:19:e8:ad:44:ec:4b:c0:fe:44:76:8f:d6:63:98:b9:bb:
a5:a8:f6:81
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZxSg3DxNQ24xkVjuO43gYbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjYwMjEyMTU0MTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTgzZDM3OTRkYzY0ZTk0NmEzMTY4YWJiM2VlMDlkMWE5M2VjYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLmS/beRRnRa/5um93BH8GzsLb3L
jVeqio1V61qnHBeh2MHHoZg3UyIGf8FYuSCMmAP4OhdN4q5XIxpB3lTZBrTVy89D
g/W2bHPOfPyqFWUYFC3CgZouwENdDF4bbCt+BylqThDxYPXP/T4v9KvabtfHavnF
RWNTjth4qmGi9LiQiBPSAySz8QYIBasSZ7fKrjecI0IIQ/sdhUmhMipBskEmPpfY
91tLemAlfe5sKLA1xqwjTJnSuBQ1MkimSY6mhj0q5hAN01Htp2TzCUEQyuG/qjRZ
Tl18D1tE/Liv3WWWOrIELNBSj7KV4JQDbECMFRZeyw7x7yBXG2rDvcmGvQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFFWD03lNxk6UajFoq7PuCdGpPstGMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvVllQVGVVM0dUcFJxTVdpcnMtNEowYWsteTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTAsBAIAATAmAwQClRR4
MAwDBAbV+MADBADV+MIDBAPV+MgDBAPV+NgDBADV+P4wUQQCAAIwSwMHACoBBhgC
AAMHAioBBhgC/DARAwYCKgEGGAQDBwEqAQYYBAgDBwAqAQYYBP8wEgMHACoBBh4A
AQMHACoBBh4ABgMHAioBBh7//DANBgkqhkiG9w0BAQsFAAOCAQEANEQXQRiJ8pfb
Eb1ooBNHexUFKIL8kZACjOS8sDkKCCG7VxxpK0mWn7Ed/oiEc8JpStth0tHkPueV
7O4qOHRbNej5JCqPq61NY/FbgvgUmbTprwPap7TQY+yoqwCEgKZC2/dzvaRCijmM
4CcXsi5uDqTadgyGE6+H4l/OewlZUp492LStGHidZ1oVFdiKDiOAVKyolqtJMOWW
saDB6yD6otijY4QChowWekTf47nyyBnM7TKQI2MQNpwVmP64g1jpf43CcLOfp/MC
+QMuehlMfi9ANPJrUOzOam4WRIt/l7ms9nznGCQ/GmlW3AMZ6K1E7EvA/kR2j9Zj
mLm7paj2gQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:52:29 2026 by rpki-client