Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ymsD-htB8Y1r4Jq4jR0MDQ8-rvE.roa
File: ymsD-htB8Y1r4Jq4jR0MDQ8-rvE.roa (raw, json)
Hash identifier: G68Nw/CDT7uVbRZl6vHQpr74c3pzBFPQr/EsmyABcZc=
Subject key identifier: CA:6B:03:FA:1B:41:F1:8D:6B:E0:9A:B8:8D:1D:0C:0D:0F:3E:AE:F1
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019C896387772CFA71D680CE04CE763F8F45
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ymsD-htB8Y1r4Jq4jR0MDQ8-rvE.roa
Signing time: Mon 23 Feb 2026 07:25:27 +0000
ROA not before: Mon 23 Feb 2026 07:25:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39855
IP address blocks: 45.144.197.0/24 maxlen: 24
46.244.18.0/24 maxlen: 24
46.244.19.0/24 maxlen: 24
46.244.97.0/24 maxlen: 24
46.244.108.0/23 maxlen: 24
46.244.110.0/24 maxlen: 24
46.244.114.0/24 maxlen: 24
46.244.115.0/24 maxlen: 24
92.240.144.0/22 maxlen: 24
92.240.149.0/24 maxlen: 24
92.240.151.0/24 maxlen: 24
124.198.136.0/22 maxlen: 24
158.173.131.0/24 maxlen: 24
158.173.168.0/22 maxlen: 24
170.62.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:89:63:87:77:2c:fa:71:d6:80:ce:04:ce:76:3f:8f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 23 07:25:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ca6b03fa1b41f18d6be09ab88d1d0c0d0f3eaef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:78:4d:4f:ad:ea:4b:67:df:ec:ba:df:6c:36:
74:c2:8e:fd:5d:4e:34:a3:26:0e:4d:ef:bc:e0:00:
9d:09:53:77:02:50:64:fc:a4:f2:ef:db:27:c6:cc:
5c:34:be:13:a9:2b:90:92:da:38:d4:52:0e:d2:1e:
62:5a:d1:8f:01:3d:6d:98:33:ec:f1:a1:84:3c:ad:
30:48:25:7f:8b:43:45:d0:7a:a2:2d:fa:59:a2:ea:
65:15:47:2e:a7:5a:bf:ea:42:c5:81:2f:94:d6:05:
de:eb:45:c8:f5:62:77:5e:72:a3:1d:24:d7:19:96:
30:63:bf:e2:89:76:10:4c:05:4e:64:24:b7:92:32:
ec:9c:2c:65:87:d8:ce:bf:4c:63:20:94:aa:87:ba:
48:33:d8:3d:e3:95:37:22:ac:c3:0d:0d:26:0c:be:
81:e2:13:10:bc:a0:b7:35:25:5b:64:1d:7c:c5:2e:
41:e1:c6:a8:9c:b4:21:18:ef:d0:22:df:96:42:b4:
c0:76:f6:ab:62:ce:13:ed:61:28:d2:8c:02:18:eb:
80:ad:74:ad:69:60:6d:f5:9e:7c:e4:3e:53:ed:76:
b4:c5:6e:20:4b:bc:36:ca:6f:0e:be:a9:c9:3f:a7:
88:18:1f:0f:ba:e6:45:57:1c:00:26:c6:82:eb:60:
9f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:6B:03:FA:1B:41:F1:8D:6B:E0:9A:B8:8D:1D:0C:0D:0F:3E:AE:F1
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ymsD-htB8Y1r4Jq4jR0MDQ8-rvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.197.0/24
46.244.18.0/23
46.244.97.0/24
46.244.108.0-46.244.110.255
46.244.114.0/23
92.240.144.0/22
92.240.149.0/24
92.240.151.0/24
124.198.136.0/22
158.173.131.0/24
158.173.168.0/22
170.62.240.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:31:25:ca:cc:5e:91:e2:cf:d1:d5:bf:13:2d:14:1f:e7:cb:
99:28:b0:e8:3c:20:70:ac:f9:8f:16:7a:41:4f:13:65:ee:19:
e3:11:e1:ae:23:ea:7d:53:de:35:7b:07:b0:e8:b8:0c:87:0c:
3d:d8:6b:f9:8f:92:91:45:13:93:6f:c4:d4:f3:72:be:21:93:
09:a4:e0:2c:43:ae:25:ec:8d:e5:28:8f:9d:29:90:2f:5c:52:
3c:df:62:6c:58:db:dd:41:b2:e5:b9:59:39:9d:bf:4f:90:0e:
1e:11:de:91:8e:25:85:12:95:b2:8a:9c:7e:75:e9:5c:7c:c5:
af:2b:4f:6a:17:83:6c:87:6c:c3:91:d3:76:d9:2f:af:2c:4a:
37:40:7d:10:e2:f2:3a:7f:d2:aa:29:91:5d:8c:0d:4a:be:76:
1d:96:99:fa:c6:64:7d:7d:1f:15:3a:5e:c8:98:d7:e9:08:69:
ac:84:05:c4:dc:db:7a:aa:20:2b:e5:fd:5c:37:ee:86:fc:6e:
02:c5:1d:b5:52:87:48:21:4a:d6:c7:69:fe:0e:aa:9b:81:43:
00:3a:ef:a2:e5:be:66:71:ea:e0:61:64:fd:f2:8e:d9:15:ac:
b7:e5:4e:e6:7d:9f:13:50:3c:82:90:64:e0:2e:f6:d4:7b:42:
87:a7:ac:f8
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZyJY4d3LPpx1oDOBM52P49FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMjIzMDcyNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTZiMDNmYTFiNDFmMThkNmJlMDlhYjg4ZDFkMGMwZDBmM2VhZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynhNT63qS2ff7LrfbDZ0wo79XU40
oyYOTe+84ACdCVN3AlBk/KTy79snxsxcNL4TqSuQkto41FIO0h5iWtGPAT1tmDPs
8aGEPK0wSCV/i0NF0HqiLfpZouplFUcup1q/6kLFgS+U1gXe60XI9WJ3XnKjHSTX
GZYwY7/iiXYQTAVOZCS3kjLsnCxlh9jOv0xjIJSqh7pIM9g945U3IqzDDQ0mDL6B
4hMQvKC3NSVbZB18xS5B4caonLQhGO/QIt+WQrTAdvarYs4T7WEo0owCGOuArXSt
aWBt9Z585D5T7Xa0xW4gS7w2ym8OvqnJP6eIGB8PuuZFVxwAJsaC62CfHwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFMprA/obQfGNa+CauI0dDA0PPq7xMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEveW1zRC1odEI4WTFyNEpxNGpSME1EUTgtcnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALZDFAwQB
LvQSAwQALvRhMAwDBAIu9GwDBAAu9G4DBAEu9HIDBAJc8JADBABc8JUDBABc8JcD
BAJ8xogDBACerYMDBAKeragDBAKqPvAwDQYJKoZIhvcNAQELBQADggEBAI4xJcrM
XpHiz9HVvxMtFB/ny5kosOg8IHCs+Y8WekFPE2XuGeMR4a4j6n1T3jV7B7DouAyH
DD3Ya/mPkpFFE5NvxNTzcr4hkwmk4CxDriXsjeUoj50pkC9cUjzfYmxY291BsuW5
WTmdv0+QDh4R3pGOJYUSlbKKnH516Vx8xa8rT2oXg2yHbMOR03bZL68sSjdAfRDi
8jp/0qopkV2MDUq+dh2WmfrGZH19HxU6XsiY1+kIaayEBcTc23qqICvl/Vw37ob8
bgLFHbVSh0ghStbHaf4OqpuBQwA676LlvmZx6uBhZP3yjtkVrLflTuZ9nxNQPIKQ
ZOAu9tR7QoenrPg=
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:56:37 2026 by rpki-client