Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/YtUH2HDR3BMnJYA_6-3_zRl7jZU.roa
File: YtUH2HDR3BMnJYA_6-3_zRl7jZU.roa (raw, json)
Hash identifier: mRR9x/8i4cOPBCC7EZm8Vzd5VETg0SnKsjvRtyU6XQ4=
Subject key identifier: 62:D5:07:D8:70:D1:DC:13:27:25:80:3F:EB:ED:FF:CD:19:7B:8D:95
Certificate issuer: /CN=dfd046af5edc11964096dc20f6af1de55d9c9030
Certificate serial: 019EBB340F2E9437CFE1C891760B86EB0975
Authority key identifier: DF:D0:46:AF:5E:DC:11:96:40:96:DC:20:F6:AF:1D:E5:5D:9C:90:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/YtUH2HDR3BMnJYA_6-3_zRl7jZU.roa
Signing time: Fri 12 Jun 2026 09:40:11 +0000
ROA not before: Fri 12 Jun 2026 09:40:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200040
IP address blocks: 131.222.240.0/24 maxlen: 24
131.222.241.0/24 maxlen: 24
185.190.19.0/24 maxlen: 24
195.18.8.0/24 maxlen: 24
2a14:10c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/39BGr17cEZZAltwg9q8d5V2ckDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/39BGr17cEZZAltwg9q8d5V2ckDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bb:34:0f:2e:94:37:cf:e1:c8:91:76:0b:86:eb:09:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd046af5edc11964096dc20f6af1de55d9c9030
Validity
Not Before: Jun 12 09:40:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=62d507d870d1dc132725803febedffcd197b8d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:af:b2:3b:fe:06:21:22:6d:fa:13:64:af:74:
59:1e:3c:27:f8:da:ab:9d:80:62:40:cc:81:6c:f2:
24:92:4a:61:dd:90:49:ca:82:d5:dd:dc:09:21:35:
87:13:f6:ae:f2:cf:e2:a9:a5:2c:26:1d:58:18:81:
48:58:f6:86:9f:a1:2e:c8:62:21:a4:a1:2b:05:54:
66:e4:73:d7:fc:3f:89:80:0d:31:9a:36:9f:fe:8a:
07:79:db:bf:3c:79:39:b4:63:20:fd:92:1a:95:61:
1a:a8:aa:f4:3d:3c:23:0e:40:7c:44:70:16:97:89:
7d:1a:e9:b8:f7:a7:4d:69:be:cd:9a:93:1c:67:53:
87:b8:f9:89:4c:bd:f6:1c:e4:7a:9b:c9:59:65:b3:
73:88:a0:cc:88:1d:37:e8:6a:a7:dc:c9:0d:7d:55:
77:bc:92:1a:39:2d:9e:5c:ea:24:78:87:68:81:aa:
13:75:46:c7:0a:cd:62:e5:7a:fa:a4:f2:c3:64:1b:
d9:1d:11:3b:8e:99:68:5f:fe:6a:a7:62:49:06:7d:
73:d1:5c:22:d2:e8:be:ad:60:69:64:57:39:03:42:
30:b0:f1:12:6e:c0:d3:b4:b8:c1:4e:03:12:88:10:
05:e2:14:3c:4d:e6:0d:52:37:35:79:24:27:04:ea:
37:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:D5:07:D8:70:D1:DC:13:27:25:80:3F:EB:ED:FF:CD:19:7B:8D:95
X509v3 Authority Key Identifier:
keyid:DF:D0:46:AF:5E:DC:11:96:40:96:DC:20:F6:AF:1D:E5:5D:9C:90:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/YtUH2HDR3BMnJYA_6-3_zRl7jZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/39BGr17cEZZAltwg9q8d5V2ckDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.222.240.0/23
185.190.19.0/24
195.18.8.0/24
IPv6:
2a14:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
1b:9b:25:44:8a:c0:e7:ce:e6:31:7a:9e:ba:96:89:32:4b:09:
54:1a:8f:8f:0b:22:38:8f:af:4b:07:44:f1:5c:1e:a5:8e:a0:
10:af:6b:14:91:cb:cf:b0:9b:26:cd:f6:76:ca:8d:ea:2c:7c:
a0:3f:33:39:bb:26:33:9a:72:49:7b:2b:8a:1a:22:66:2e:79:
d8:bb:4a:d8:d9:d1:88:bf:5b:86:af:6e:d1:41:00:e4:ba:47:
4d:90:16:0e:ec:72:73:74:9b:2e:86:14:f7:fb:74:14:64:a9:
78:fd:d8:e7:28:ec:50:f5:93:4c:7b:d1:2e:af:b5:2a:9b:47:
c6:f8:c3:ec:26:b2:97:48:72:78:6f:7b:42:2b:03:f3:c1:7e:
c8:d2:11:0b:d7:84:6b:8b:a9:6f:8b:fe:ed:31:45:57:9a:fd:
c8:21:8e:82:55:c4:f9:99:f9:04:18:cc:67:5a:a4:04:40:06:
46:29:a6:36:4c:48:07:dc:97:c2:4f:94:70:87:c1:e5:40:74:
af:0a:7b:87:97:df:26:d7:14:ba:da:90:8e:b7:31:4e:02:0c:
48:7e:21:35:cc:11:bd:66:32:95:f0:4b:0b:15:d5:9b:ba:f9:
d1:59:46:39:b0:15:56:ae:4a:0d:c1:c2:54:21:cd:e8:55:ae:
0d:75:83:d6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ67NA8ulDfP4ciRdguG6wl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDA0NmFmNWVkYzExOTY0MDk2ZGMyMGY2YWYxZGU1NWQ5
YzkwMzAwHhcNMjYwNjEyMDk0MDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmQ1MDdkODcwZDFkYzEzMjcyNTgwM2ZlYmVkZmZjZDE5N2I4ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAva+yO/4GISJt+hNkr3RZHjwn+Nqr
nYBiQMyBbPIkkkph3ZBJyoLV3dwJITWHE/au8s/iqaUsJh1YGIFIWPaGn6EuyGIh
pKErBVRm5HPX/D+JgA0xmjaf/ooHedu/PHk5tGMg/ZIalWEaqKr0PTwjDkB8RHAW
l4l9Gum496dNab7NmpMcZ1OHuPmJTL32HOR6m8lZZbNziKDMiB036Gqn3MkNfVV3
vJIaOS2eXOokeIdogaoTdUbHCs1i5Xr6pPLDZBvZHRE7jploX/5qp2JJBn1z0Vwi
0ui+rWBpZFc5A0IwsPESbsDTtLjBTgMSiBAF4hQ8TeYNUjc1eSQnBOo32wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGLVB9hw0dwTJyWAP+vt/80Ze42VMB8GA1UdIwQY
MBaAFN/QRq9e3BGWQJbcIPavHeVdnJAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlCR3IxN2NFWlpBbHR3ZzlxOGQ1VjJja0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iZmQwZmYtODQ1ZS00ZTEyLWFjN2Mt
NTg4ZTBkOTIzYzE1LzEvWXRVSDJIRFIzQk1uSllBXzYtM196Umw3alpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iZmQwZmYtODQ1ZS00ZTEyLWFjN2MtNTg4ZTBkOTIzYzE1
LzEvMzlCR3IxN2NFWlpBbHR3ZzlxOGQ1VjJja0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBg97wAwQA
ub4TAwQAwxIIMA0EAgACMAcDBQMqFBDAMA0GCSqGSIb3DQEBCwUAA4IBAQAbmyVE
isDnzuYxep66lokySwlUGo+PCyI4j69LB0TxXB6ljqAQr2sUkcvPsJsmzfZ2yo3q
LHygPzM5uyYzmnJJeyuKGiJmLnnYu0rY2dGIv1uGr27RQQDkukdNkBYO7HJzdJsu
hhT3+3QUZKl4/djnKOxQ9ZNMe9Eur7Uqm0fG+MPsJrKXSHJ4b3tCKwPzwX7I0hEL
14Rri6lvi/7tMUVXmv3IIY6CVcT5mfkEGMxnWqQEQAZGKaY2TEgH3JfCT5Rwh8Hl
QHSvCnuHl98m1xS62pCOtzFOAgxIfiE1zBG9ZjKV8EsLFdWbuvnRWUY5sBVWrkoN
wcJUIc3oVa4NdYPW
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:08:51 2026 by rpki-client