Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/YlYRZ37O-pzL7R_8WiFUYYasSE0.roa
File: YlYRZ37O-pzL7R_8WiFUYYasSE0.roa (raw, json)
Hash identifier: pASfCwUDt1iiJW6IS3OTekooh+sWxZnThm/3hjuqE+0=
Subject key identifier: 62:56:11:67:7E:CE:FA:9C:CB:ED:1F:FC:5A:21:54:61:86:AC:48:4D
Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Certificate serial: 019B79106B123C1CBBD943BC0975AB22DFAA
Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/YlYRZ37O-pzL7R_8WiFUYYasSE0.roa
Signing time: Thu 01 Jan 2026 10:17:57 +0000
ROA not before: Thu 01 Jan 2026 10:17:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3262
IP address blocks: 192.148.167.0/24 maxlen: 24
194.30.0.0/17 maxlen: 17
194.30.28.0/24 maxlen: 24
195.16.128.0/19 maxlen: 19
212.81.128.0/17 maxlen: 17
2a03:c600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:10:6b:12:3c:1c:bb:d9:43:bc:09:75:ab:22:df:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Validity
Not Before: Jan 1 10:17:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=625611677ecefa9ccbed1ffc5a21546186ac484d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:03:2b:8c:16:0b:85:93:f1:13:d4:87:e1:
78:0b:dc:53:6c:0f:58:8a:dc:8b:cc:b7:9a:d3:f4:
c6:33:6a:ab:d9:a9:e3:a2:48:f4:0d:d5:45:35:f2:
c5:d1:2e:35:3b:d8:56:24:f5:90:e3:b0:dc:2d:00:
82:fb:03:47:16:0c:ad:b0:73:3b:df:28:0a:14:7e:
ae:d8:07:95:73:6a:ae:84:d5:c5:7c:4d:0c:1d:6a:
50:41:eb:9b:6a:47:fa:47:2c:7d:64:0d:58:e2:3c:
b5:72:33:c4:2a:4e:56:ca:7f:a0:7b:9b:d2:ac:06:
e5:32:cf:29:47:02:d0:c7:b9:5f:78:b3:46:0a:59:
08:a2:7f:ed:2b:9d:f5:bf:3a:28:ea:47:59:5c:18:
79:70:94:f2:96:dd:20:29:b6:cb:9a:e7:91:cb:54:
fa:f2:00:66:7e:0b:23:a3:09:d5:b7:64:ac:1f:d2:
0a:4b:63:60:2b:3a:93:0c:e4:d8:fd:62:64:fa:52:
8c:aa:6f:da:1b:df:c5:8e:bf:76:90:e2:c8:d7:72:
03:db:60:c4:d1:ac:b8:35:46:1c:86:2c:dd:82:d9:
7f:ef:b1:35:cd:c1:4e:86:fe:82:a7:69:1e:10:e2:
f3:31:70:63:71:02:9c:17:a6:5e:c3:25:0f:74:b8:
07:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:56:11:67:7E:CE:FA:9C:CB:ED:1F:FC:5A:21:54:61:86:AC:48:4D
X509v3 Authority Key Identifier:
keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/YlYRZ37O-pzL7R_8WiFUYYasSE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.148.167.0/24
194.30.0.0/17
195.16.128.0/19
212.81.128.0/17
IPv6:
2a03:c600::/32
Signature Algorithm: sha256WithRSAEncryption
10:36:25:12:64:46:0c:71:f6:21:a1:46:55:48:d8:61:9b:91:
15:18:41:c7:2c:bf:d2:d4:d9:00:80:d8:8f:b4:e6:04:02:6c:
72:b2:93:e1:b9:cc:67:0d:3b:90:be:8d:38:9f:6e:07:b2:ad:
63:b5:d6:f1:86:66:a5:9d:d0:55:fc:b4:37:6b:c8:83:a5:de:
e1:5b:4e:9a:fb:e8:97:5e:19:84:f3:19:20:89:23:08:d3:2f:
7a:a6:ce:9b:b4:22:5d:07:2a:b9:8b:c2:7d:98:d6:b8:0d:eb:
19:7b:20:c2:55:c3:d8:65:0f:02:87:1e:f5:a9:98:29:e2:39:
c7:5f:c7:c7:cd:86:76:8b:90:a4:9a:81:a9:3c:4f:47:7d:bf:
62:71:1b:ad:c7:67:df:c2:8c:0d:a4:2d:65:c5:6c:ae:6e:63:
c4:f3:a9:15:e1:03:a0:12:49:a4:e6:86:00:dd:97:1e:03:40:
74:67:a6:30:19:68:f7:53:39:0e:16:4f:cf:42:3f:52:2d:23:
79:87:6b:e0:f9:9d:87:03:9a:3d:77:1c:3e:1d:98:36:8e:03:
e5:47:c1:b6:aa:b9:af:07:9b:51:e9:eb:5a:f5:bc:e3:67:30:
b5:66:99:01:1d:5e:a3:81:a8:6b:4a:70:f9:41:eb:db:7d:1d:
f4:23:1c:3f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZt5EGsSPBy72UO8CXWrIt+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YWRiODI1ZjlmZGJjYTBjZDdjNzkwMWRlYjdhMjJhZTE3
OTdjMDYwHhcNMjYwMTAxMTAxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjU2MTE2NzdlY2VmYTljY2JlZDFmZmM1YTIxNTQ2MTg2YWM0ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFEDK4wWC4WT8RPUh+F4C9xTbA9Y
ityLzLea0/TGM2qr2anjokj0DdVFNfLF0S41O9hWJPWQ47DcLQCC+wNHFgytsHM7
3ygKFH6u2AeVc2quhNXFfE0MHWpQQeubakf6Ryx9ZA1Y4jy1cjPEKk5Wyn+ge5vS
rAblMs8pRwLQx7lfeLNGClkIon/tK531vzoo6kdZXBh5cJTylt0gKbbLmueRy1T6
8gBmfgsjownVt2SsH9IKS2NgKzqTDOTY/WJk+lKMqm/aG9/Fjr92kOLI13ID22DE
0ay4NUYchizdgtl/77E1zcFOhv6Cp2keEOLzMXBjcQKcF6ZewyUPdLgHBQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGJWEWd+zvqcy+0f/FohVGGGrEhNMB8GA1UdIwQY
MBaAFGmtuCX5/bygzXx5Ad63oirheXwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAt
MzIzNjI2N2M4Nzk5LzEvWWxZUlozN08tcHpMN1JfOFdpRlVZWWFzU0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAtMzIzNjI2N2M4Nzk5
LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwJSnAwQH
wh4AAwQFwxCAAwQH1FGAMA0EAgACMAcDBQAqA8YAMA0GCSqGSIb3DQEBCwUAA4IB
AQAQNiUSZEYMcfYhoUZVSNhhm5EVGEHHLL/S1NkAgNiPtOYEAmxyspPhucxnDTuQ
vo04n24Hsq1jtdbxhmalndBV/LQ3a8iDpd7hW06a++iXXhmE8xkgiSMI0y96ps6b
tCJdByq5i8J9mNa4DesZeyDCVcPYZQ8Chx71qZgp4jnHX8fHzYZ2i5CkmoGpPE9H
fb9icRutx2ffwowNpC1lxWyubmPE86kV4QOgEkmk5oYA3ZceA0B0Z6YwGWj3UzkO
Fk/PQj9SLSN5h2vg+Z2HA5o9dxw+HZg2jgPlR8G2qrmvB5tR6eta9bzjZzC1ZpkB
HV6jgahrSnD5QevbfR30Ixw/
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:56:01 2026 by rpki-client