Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/4YYB6ffpsT4YH12UCSPN1gTEg8U.roa
File: 4YYB6ffpsT4YH12UCSPN1gTEg8U.roa (raw, json)
Hash identifier: eczMMGPJcYoQqxyIakekiaVzhDhTpqkNdbnWoIF1bCM=
Subject key identifier: E1:86:01:E9:F7:E9:B1:3E:18:1F:5D:94:09:23:CD:D6:04:C4:83:C5
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019D94AC1C85A5F61E617C2D69ED34E2A5C0
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/4YYB6ffpsT4YH12UCSPN1gTEg8U.roa
Signing time: Thu 16 Apr 2026 05:03:20 +0000
ROA not before: Thu 16 Apr 2026 05:03:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.94.213.0/24 maxlen: 24
45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
89.44.242.0/24 maxlen: 24
109.122.247.0/24 maxlen: 24
109.122.249.0/24 maxlen: 24
109.122.250.0/24 maxlen: 24
109.122.254.0/24 maxlen: 24
109.122.255.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
185.239.1.0/24 maxlen: 24
188.212.98.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 13:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:94:ac:1c:85:a5:f6:1e:61:7c:2d:69:ed:34:e2:a5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Apr 16 05:03:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e18601e9f7e9b13e181f5d940923cdd604c483c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ec:7c:22:6c:5a:31:79:0c:cb:a6:4e:2c:0c:
3a:33:60:3e:2c:2b:56:66:03:87:e8:33:23:56:02:
2b:09:96:c1:a3:ec:5a:c4:2e:9d:c9:1f:6b:32:df:
69:0b:c4:60:8c:a5:69:31:63:72:b4:71:1b:e7:c3:
a7:7c:93:ec:6b:0a:ae:13:9a:08:58:89:c9:b3:f0:
c6:7d:7d:20:c0:e7:2a:cb:6d:9f:8f:04:a3:bf:d5:
00:b5:1c:08:91:ad:d4:bb:c3:20:c4:d2:6b:5a:9f:
76:66:16:da:ef:4b:32:f9:f1:a1:a0:be:cc:15:f7:
32:85:0e:e4:19:a7:1b:80:ab:01:6f:77:31:69:0b:
bd:8f:00:01:87:b8:c2:49:2a:82:f8:76:1a:66:d9:
33:25:43:bc:f0:4d:64:d7:31:50:1d:2a:f6:72:ed:
12:90:83:a0:9f:a1:2c:79:d1:06:63:67:4f:8e:5e:
34:32:a0:38:37:b9:0f:1b:7c:ad:79:9f:2e:d2:f8:
0c:3f:3a:33:17:04:ab:97:a4:a2:8a:6e:a6:10:62:
0b:05:a5:a0:e1:17:ed:06:cc:26:de:09:17:33:4a:
ed:62:33:93:fc:b9:e6:16:cf:64:05:93:c5:23:f9:
dd:0c:9a:52:cf:1a:87:2c:57:43:a8:fa:50:44:b5:
04:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:86:01:E9:F7:E9:B1:3E:18:1F:5D:94:09:23:CD:D6:04:C4:83:C5
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/4YYB6ffpsT4YH12UCSPN1gTEg8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.213.0-45.94.215.255
89.44.240.0-89.44.242.255
109.122.247.0/24
109.122.249.0-109.122.250.255
109.122.254.0/23
185.3.200.0/24
185.239.1.0/24
188.212.98.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:49:c4:c2:83:35:06:a1:8e:d9:6b:a4:c8:56:29:61:a9:37:
fa:91:4d:4c:6b:0a:f9:da:fb:07:dd:1f:9a:0f:9c:f7:fc:2f:
cd:d6:c6:8e:d0:08:39:86:2e:48:46:26:b0:26:3a:84:ab:91:
d8:a8:9d:3d:bf:19:b7:40:cf:04:4a:a7:5d:e6:00:81:b8:db:
00:45:1d:94:04:82:16:63:fd:cb:70:b1:18:ac:c8:ab:9d:62:
e8:1f:df:02:b1:35:bf:2f:07:71:e0:5f:53:20:ca:c5:2c:1b:
8e:4e:83:03:11:57:70:ff:02:89:0f:a0:8c:8a:24:23:80:6d:
3b:39:23:9e:b0:f6:e1:be:e9:eb:4d:84:52:ed:c1:6d:ea:8e:
37:3b:cf:0f:ce:57:41:c6:13:04:64:d7:ba:43:e8:db:12:4f:
9d:02:41:47:c9:85:e1:74:27:4c:d3:5f:e6:ec:de:37:03:b4:
da:17:3c:02:f0:39:53:90:1a:d8:1e:e1:1b:2f:9e:2f:68:ca:
97:e5:f5:18:15:cd:01:99:2a:8b:a2:29:26:61:a9:4c:31:be:
a2:5c:2a:73:5d:5f:51:d0:40:2b:0d:b7:8b:c4:21:d8:ca:d4:
a2:e6:77:6d:f6:85:f0:e8:91:54:c3:3d:5f:2c:43:8b:82:5b:
9e:d1:b3:32
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ2UrByFpfYeYXwtae004qXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjYwNDE2MDUwMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTg2MDFlOWY3ZTliMTNlMTgxZjVkOTQwOTIzY2RkNjA0YzQ4M2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Ox8ImxaMXkMy6ZOLAw6M2A+LCtW
ZgOH6DMjVgIrCZbBo+xaxC6dyR9rMt9pC8RgjKVpMWNytHEb58OnfJPsawquE5oI
WInJs/DGfX0gwOcqy22fjwSjv9UAtRwIka3Uu8MgxNJrWp92Zhba70sy+fGhoL7M
FfcyhQ7kGacbgKsBb3cxaQu9jwABh7jCSSqC+HYaZtkzJUO88E1k1zFQHSr2cu0S
kIOgn6EsedEGY2dPjl40MqA4N7kPG3yteZ8u0vgMPzozFwSrl6Siim6mEGILBaWg
4RftBswm3gkXM0rtYjOT/LnmFs9kBZPFI/ndDJpSzxqHLFdDqPpQRLUE/QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOGGAen36bE+GB9dlAkjzdYExIPFMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvNFlZQjZmZnBzVDRZSDEyVUNTUE4xZ1RFZzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAAtXtUD
BAMtXtAwDAMEBFks8AMEAFks8gMEAG169zAMAwQAbXr5AwQAbXr6AwQBbXr+AwQA
uQPIAwQAue8BAwQBvNRiMA0GCSqGSIb3DQEBCwUAA4IBAQA8ScTCgzUGoY7Za6TI
VilhqTf6kU1Mawr52vsH3R+aD5z3/C/N1saO0Ag5hi5IRiawJjqEq5HYqJ09vxm3
QM8ESqdd5gCBuNsARR2UBIIWY/3LcLEYrMirnWLoH98CsTW/Lwdx4F9TIMrFLBuO
ToMDEVdw/wKJD6CMiiQjgG07OSOesPbhvunrTYRS7cFt6o43O88PzldBxhMEZNe6
Q+jbEk+dAkFHyYXhdCdM01/m7N43A7TaFzwC8DlTkBrYHuEbL54vaMqX5fUYFc0B
mSqLoikmYalMMb6iXCpzXV9R0EArDbeLxCHYytSi5ndt9oXw6JFUwz1fLEOLglue
0bMy
-----END CERTIFICATE-----
Generated at Thu Apr 16 22:35:46 2026 by rpki-client