Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/YXyh4oR6N7joebDudkoLugmlQIQ.roa
File: YXyh4oR6N7joebDudkoLugmlQIQ.roa (raw, json)
Hash identifier: F5sdovaZ70zAhJfXGm57aLmKRDHUeefJbftEDNayF8E=
Subject key identifier: 61:7C:A1:E2:84:7A:37:B8:E8:79:B0:EE:76:4A:0B:BA:09:A5:40:84
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D73AD74E8207F0BBAF8E9E7B6BC21E0BB
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/YXyh4oR6N7joebDudkoLugmlQIQ.roa
Signing time: Thu 09 Apr 2026 19:17:20 +0000
ROA not before: Thu 09 Apr 2026 19:17:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205866
IP address blocks: 2a0d:6a40::/29 maxlen: 29
2a0d:cc40::/29 maxlen: 29
2a0d:e1c0::/29 maxlen: 29
2a0d:fbc0::/29 maxlen: 29
2a0e:adc0::/29 maxlen: 29
2a0f:9a40::/29 maxlen: 29
2a11:e2c7::/32 maxlen: 32
2a12:2806::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:73:ad:74:e8:20:7f:0b:ba:f8:e9:e7:b6:bc:21:e0:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 9 19:17:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=617ca1e2847a37b8e879b0ee764a0bba09a54084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ae:71:12:3b:3c:09:97:9e:46:ce:fb:d1:1c:
71:f5:e4:f0:d8:00:7e:b1:bd:28:de:f8:d1:9f:01:
c1:29:f2:30:f4:15:2f:20:6b:5c:c3:dc:a7:cb:29:
9a:0a:61:6c:32:59:f0:a4:85:c5:96:06:4a:26:b3:
71:45:95:21:c2:cf:ff:0d:84:c5:cf:65:34:6f:bb:
ed:ab:98:fa:13:c7:b3:ae:81:0d:f5:66:a8:6a:6a:
81:bf:4e:f8:e5:48:ab:8d:39:6c:14:1b:d5:85:77:
f0:cc:d2:a9:ee:20:f4:81:dc:a1:fc:3c:e6:2f:79:
79:2d:40:28:09:b2:12:7c:59:24:30:8e:d6:28:7a:
7d:d7:ea:d3:fb:2c:a6:dd:bc:60:e1:59:0d:36:f0:
cd:53:fd:8b:af:de:5c:23:7c:a0:d7:fe:ed:07:e1:
35:4a:09:cd:fc:bd:dd:bf:29:b0:3e:94:95:ed:4f:
86:1b:ff:ec:13:f7:39:e9:e0:52:e0:39:f3:0b:45:
4d:21:56:21:45:97:4e:82:cb:0b:74:f6:7b:b0:90:
e4:65:4e:8b:63:b8:97:28:fb:d4:d4:16:8f:88:37:
39:b7:fe:a6:ef:99:ec:1a:d8:9f:25:ff:48:64:4a:
8f:33:99:d2:22:41:67:c0:6c:aa:45:a4:08:69:65:
db:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:7C:A1:E2:84:7A:37:B8:E8:79:B0:EE:76:4A:0B:BA:09:A5:40:84
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/YXyh4oR6N7joebDudkoLugmlQIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:6a40::/29
2a0d:cc40::/29
2a0d:e1c0::/29
2a0d:fbc0::/29
2a0e:adc0::/29
2a0f:9a40::/29
2a11:e2c7::/32
2a12:2806::/32
Signature Algorithm: sha256WithRSAEncryption
90:28:9e:38:b1:41:18:24:8f:12:c9:d1:df:c4:d6:e5:f0:7c:
cf:78:94:13:55:42:df:ec:46:53:07:eb:81:da:a2:61:c0:f7:
75:ef:98:41:34:70:39:74:ac:f5:8e:61:26:fe:8a:b8:08:09:
a6:72:9c:bf:21:19:a1:1d:11:5f:5e:08:55:e8:81:72:08:74:
46:18:b5:c1:fe:a4:a0:bd:31:fb:71:2c:21:9d:25:26:42:a3:
00:f0:cf:dc:eb:08:84:8b:f4:6c:79:67:36:2c:2a:10:b0:b3:
a7:5b:10:9d:f4:11:f9:7f:50:cf:bb:d1:1d:b3:f7:5d:5a:b8:
79:27:43:17:21:3b:83:44:33:92:db:cd:35:57:f5:87:9c:21:
73:0f:96:17:7b:96:54:11:f3:05:dc:74:40:59:da:75:a0:38:
02:e3:46:fb:b7:5b:8c:40:a0:15:51:2f:aa:f3:d8:80:a5:f5:
e1:e4:00:f1:5e:e3:1b:28:c9:42:af:b1:4e:c0:64:b9:d7:f6:
72:fc:06:b4:f3:fb:44:28:cd:3f:3c:ce:1f:26:87:d5:8c:44:
fc:96:e7:9b:1e:7a:88:ef:ca:34:d4:4d:88:12:d0:43:4d:1f:
e3:48:0f:9b:24:f2:9c:07:fc:6d:39:97:40:bc:0f:2c:22:9a:
16:9a:9a:19
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ1zrXToIH8Luvjp57a8IeC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNDA5MTkxNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTdjYTFlMjg0N2EzN2I4ZTg3OWIwZWU3NjRhMGJiYTA5YTU0MDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAya5xEjs8CZeeRs770Rxx9eTw2AB+
sb0o3vjRnwHBKfIw9BUvIGtcw9ynyymaCmFsMlnwpIXFlgZKJrNxRZUhws//DYTF
z2U0b7vtq5j6E8ezroEN9WaoamqBv0745UirjTlsFBvVhXfwzNKp7iD0gdyh/Dzm
L3l5LUAoCbISfFkkMI7WKHp91+rT+yym3bxg4VkNNvDNU/2Lr95cI3yg1/7tB+E1
SgnN/L3dvymwPpSV7U+GG//sE/c56eBS4DnzC0VNIVYhRZdOgssLdPZ7sJDkZU6L
Y7iXKPvU1BaPiDc5t/6m75nsGtifJf9IZEqPM5nSIkFnwGyqRaQIaWXbwwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGF8oeKEeje46Hmw7nZKC7oJpUCEMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvWVh5aDRvUjZON2pvZWJEdWRrb0x1Z21sUUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKg1qQAMF
AyoNzEADBQMqDeHAAwUDKg37wAMFAyoOrcADBQMqD5pAAwUAKhHixwMFACoSKAYw
DQYJKoZIhvcNAQELBQADggEBAJAonjixQRgkjxLJ0d/E1uXwfM94lBNVQt/sRlMH
64HaomHA93XvmEE0cDl0rPWOYSb+irgICaZynL8hGaEdEV9eCFXogXIIdEYYtcH+
pKC9MftxLCGdJSZCowDwz9zrCISL9Gx5ZzYsKhCws6dbEJ30Efl/UM+70R2z911a
uHknQxchO4NEM5LbzTVX9YecIXMPlhd7llQR8wXcdEBZ2nWgOALjRvu3W4xAoBVR
L6rz2ICl9eHkAPFe4xsoyUKvsU7AZLnX9nL8BrTz+0QozT88zh8mh9WMRPyW55se
eojvyjTUTYgS0ENNH+NID5sk8pwH/G05l0C8Dywimhaamhk=
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:48:06 2026 by rpki-client