Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/Yri4YyNnj9vEbzeMbkLzknKX1jM.roa
File: Yri4YyNnj9vEbzeMbkLzknKX1jM.roa (raw, json)
Hash identifier: l2+YAHSYB7oInXAv9Se95ZujsZdgb43G3fB7F4lj8iE=
Subject key identifier: 62:B8:B8:63:23:67:8F:DB:C4:6F:37:8C:6E:42:F3:92:72:97:D6:33
Certificate issuer: /CN=550b7c0c8bae610f7e519c0485a4773bceb48dab
Certificate serial: 019D77659867DCB836C9E107888EB42CF924
Authority key identifier: 55:0B:7C:0C:8B:AE:61:0F:7E:51:9C:04:85:A4:77:3B:CE:B4:8D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/Yri4YyNnj9vEbzeMbkLzknKX1jM.roa
Signing time: Fri 10 Apr 2026 12:37:19 +0000
ROA not before: Fri 10 Apr 2026 12:37:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34619
IP address blocks: 37.148.208.0/21 maxlen: 24
80.253.240.0/24 maxlen: 24
80.253.241.0/24 maxlen: 24
80.253.242.0/24 maxlen: 24
85.159.64.0/21 maxlen: 24
89.19.0.0/19 maxlen: 24
94.73.128.0/18 maxlen: 24
185.22.184.0/22 maxlen: 24
185.22.184.0/24 maxlen: 24
185.22.185.0/24 maxlen: 24
185.22.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/VQt8DIuuYQ9-UZwEhaR3O860jas.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/VQt8DIuuYQ9-UZwEhaR3O860jas.mft
rsync://rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:77:65:98:67:dc:b8:36:c9:e1:07:88:8e:b4:2c:f9:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=550b7c0c8bae610f7e519c0485a4773bceb48dab
Validity
Not Before: Apr 10 12:37:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=62b8b86323678fdbc46f378c6e42f3927297d633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9f:8b:fb:98:b5:a8:09:76:b1:fb:98:3a:97:
e7:d0:ce:c1:88:db:70:73:74:a5:5d:38:2c:24:a5:
b9:fd:a4:90:ae:54:78:60:45:c9:0f:c3:7b:d7:05:
9b:e0:a6:27:40:8f:7f:36:6f:61:25:c3:7a:ad:6a:
d6:2a:38:5f:be:26:8f:f8:f7:51:a5:4b:6b:23:ee:
23:5c:cc:dd:e8:6b:7b:da:a2:a0:10:45:e8:40:f7:
8f:32:a8:d7:b8:db:91:b1:74:b9:d0:64:be:7e:66:
74:e0:bb:a1:87:0a:23:6b:b8:31:ef:0b:ff:0c:d6:
bd:5b:50:19:2d:03:5f:e3:40:ea:11:81:07:fc:29:
5f:b5:94:0c:73:93:39:a1:4d:59:6e:ed:1d:40:54:
79:be:c5:86:93:0f:e2:ae:f6:a8:9a:06:9d:92:38:
e7:1c:40:ed:a7:06:20:6e:1b:5e:d4:4e:c2:f7:f8:
98:fc:30:db:ab:6d:dd:3f:9c:96:a1:97:73:5e:e6:
ce:b0:00:0b:2d:b1:b7:a4:d4:37:c1:6b:bf:17:72:
86:d4:8e:e2:ad:d0:60:42:31:3d:0d:c7:2b:34:f5:
04:8d:e3:a0:ba:d2:eb:90:cb:56:2c:51:cd:76:01:
37:8a:06:58:23:35:39:e0:b3:0b:07:76:aa:28:bb:
98:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B8:B8:63:23:67:8F:DB:C4:6F:37:8C:6E:42:F3:92:72:97:D6:33
X509v3 Authority Key Identifier:
keyid:55:0B:7C:0C:8B:AE:61:0F:7E:51:9C:04:85:A4:77:3B:CE:B4:8D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/Yri4YyNnj9vEbzeMbkLzknKX1jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/VQt8DIuuYQ9-UZwEhaR3O860jas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.208.0/21
80.253.240.0-80.253.242.255
85.159.64.0/21
89.19.0.0/19
94.73.128.0/18
185.22.184.0/22
Signature Algorithm: sha256WithRSAEncryption
18:8d:76:1e:e1:87:c9:70:0f:bb:c2:66:15:f7:66:f2:fe:ea:
4c:66:a0:37:a2:01:48:cd:7f:75:9b:1f:06:6c:5e:43:1a:a0:
df:36:27:4e:ab:34:b0:4d:06:a1:52:c1:6f:4f:53:af:06:fa:
61:8c:f6:df:77:71:91:fd:19:3c:00:8e:38:0a:33:46:c3:cf:
1b:12:22:04:ba:b2:05:dc:5e:af:d4:8f:6d:07:8e:03:4d:07:
4a:9c:d5:cd:b9:51:66:05:a3:00:ca:80:ab:5a:4e:88:03:1f:
45:59:e7:e4:d1:eb:5c:8d:b8:ed:76:71:70:44:eb:78:33:a7:
2a:ae:bf:d6:f8:43:30:66:49:24:73:16:0a:06:c7:84:27:e2:
60:c9:51:8a:26:15:a4:e1:17:f8:4f:83:64:c5:92:cd:53:9c:
af:f3:27:46:27:60:47:c2:90:c2:3a:ae:52:0e:76:5f:14:82:
02:58:51:d4:8a:17:af:6e:52:eb:65:1b:fa:be:e8:71:b8:df:
7d:c7:70:b2:92:d7:eb:d1:30:6c:c9:6c:61:f0:f9:e5:8c:52:
c9:74:e0:ed:72:56:ef:9f:29:82:fb:7b:23:a1:d6:a5:f7:97:
52:95:89:00:0a:36:b3:5a:ef:66:7a:4a:2d:fb:66:4c:a9:37:
e0:a5:1d:25
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ13ZZhn3Lg2yeEHiI60LPkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MGI3YzBjOGJhZTYxMGY3ZTUxOWMwNDg1YTQ3NzNiY2Vi
NDhkYWIwHhcNMjYwNDEwMTIzNzE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmI4Yjg2MzIzNjc4ZmRiYzQ2ZjM3OGM2ZTQyZjM5MjcyOTdkNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ+L+5i1qAl2sfuYOpfn0M7BiNtw
c3SlXTgsJKW5/aSQrlR4YEXJD8N71wWb4KYnQI9/Nm9hJcN6rWrWKjhfviaP+PdR
pUtrI+4jXMzd6Gt72qKgEEXoQPePMqjXuNuRsXS50GS+fmZ04Luhhwoja7gx7wv/
DNa9W1AZLQNf40DqEYEH/ClftZQMc5M5oU1Zbu0dQFR5vsWGkw/irvaomgadkjjn
HEDtpwYgbhte1E7C9/iY/DDbq23dP5yWoZdzXubOsAALLbG3pNQ3wWu/F3KG1I7i
rdBgQjE9DccrNPUEjeOgutLrkMtWLFHNdgE3igZYIzU54LMLB3aqKLuYDQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGK4uGMjZ4/bxG83jG5C85Jyl9YzMB8GA1UdIwQY
MBaAFFULfAyLrmEPflGcBIWkdzvOtI2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlF0OERJdXVZUTktVVp3RWhhUjNPODYwamFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hZWRiMDMtYjA0Yy00MjEyLTgxM2It
ZmYyNWJhNTk5MDMxLzEvWXJpNFl5Tm5qOXZFYnplTWJrTHprbktYMWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hZWRiMDMtYjA0Yy00MjEyLTgxM2ItZmYyNWJhNTk5MDMx
LzEvVlF0OERJdXVZUTktVVp3RWhhUjNPODYwamFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDJZTQMAwD
BARQ/fADBABQ/fIDBANVn0ADBAVZEwADBAZeSYADBAK5FrgwDQYJKoZIhvcNAQEL
BQADggEBABiNdh7hh8lwD7vCZhX3ZvL+6kxmoDeiAUjNf3WbHwZsXkMaoN82J06r
NLBNBqFSwW9PU68G+mGM9t93cZH9GTwAjjgKM0bDzxsSIgS6sgXcXq/Uj20HjgNN
B0qc1c25UWYFowDKgKtaTogDH0VZ5+TR61yNuO12cXBE63gzpyquv9b4QzBmSSRz
FgoGx4Qn4mDJUYomFaThF/hPg2TFks1TnK/zJ0YnYEfCkMI6rlIOdl8UggJYUdSK
F69uUutlG/q+6HG4333HcLKS1+vRMGzJbGHw+eWMUsl04O1yVu+fKYL7eyOh1qX3
l1KViQAKNrNa72Z6Si37ZkypN+ClHSU=
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:10:38 2026 by rpki-client