Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/ycPOYoC5EGigYRPsY5jd06bUctI.roa
File: ycPOYoC5EGigYRPsY5jd06bUctI.roa (raw, json)
Hash identifier: 0z4I48mSoM+33E5faSNq5zd4kWbj90tYgYiQSwWbs+8=
Subject key identifier: C9:C3:CE:62:80:B9:10:68:A0:61:13:EC:63:98:DD:D3:A6:D4:72:D2
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 019D3EE8CEFC18CC93BB1ACDAD449D721FF8
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/ycPOYoC5EGigYRPsY5jd06bUctI.roa
Signing time: Mon 30 Mar 2026 13:22:17 +0000
ROA not before: Mon 30 Mar 2026 13:22:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61976
IP address blocks: 79.141.64.0/20 maxlen: 24
79.141.64.0/24 maxlen: 24
79.141.65.0/24 maxlen: 24
79.141.66.0/24 maxlen: 24
92.242.62.0/23 maxlen: 23
92.255.62.0/23 maxlen: 24
136.234.124.0/23 maxlen: 23
185.42.164.0/22 maxlen: 24
185.193.90.0/23 maxlen: 24
2a00:ab00:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:38:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3e:e8:ce:fc:18:cc:93:bb:1a:cd:ad:44:9d:72:1f:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Mar 30 13:22:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c9c3ce6280b91068a06113ec6398ddd3a6d472d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:91:78:e3:e3:fc:d0:fe:db:db:0d:77:b9:3d:
7a:2b:3e:36:80:03:cf:24:f8:6d:a0:a3:03:0e:51:
3e:ff:a5:ed:17:86:1f:08:e8:5e:d1:cf:9e:46:e8:
aa:36:6a:ff:01:ad:73:f3:aa:0d:16:46:20:59:92:
ac:ac:a2:73:9e:ee:b6:3f:a7:ba:17:fe:92:5c:dc:
fa:e7:81:41:4c:2b:9b:d5:3f:29:cf:37:d3:a6:85:
77:4e:94:9b:49:b6:aa:b1:95:0e:0e:98:42:fd:17:
54:e7:b1:72:9c:76:5c:d9:4d:46:ac:18:bb:ac:10:
8b:9a:f0:5c:45:1b:8b:ed:00:6b:0a:48:4a:0a:b5:
46:13:da:46:52:74:24:38:96:8b:26:e8:eb:b3:57:
75:54:38:2f:08:ab:b1:55:38:f5:da:0d:3c:87:70:
8f:88:dc:05:48:ee:a0:9a:79:2d:e8:26:28:c5:45:
36:36:ee:54:00:33:1f:f4:86:c1:d3:ab:31:d7:f3:
9f:e3:e0:dc:fd:1a:5f:76:1d:43:d2:1e:87:68:bd:
f4:d3:0c:04:16:83:f7:df:fd:4c:1d:07:ad:dc:9c:
44:83:02:34:b7:37:56:e7:80:3a:d9:8a:09:e0:96:
3d:6e:af:7b:9c:b6:10:77:3e:1d:4b:f7:da:37:d6:
67:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C3:CE:62:80:B9:10:68:A0:61:13:EC:63:98:DD:D3:A6:D4:72:D2
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/ycPOYoC5EGigYRPsY5jd06bUctI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.64.0/20
92.242.62.0/23
92.255.62.0/23
136.234.124.0/23
185.42.164.0/22
185.193.90.0/23
IPv6:
2a00:ab00:6000::/36
Signature Algorithm: sha256WithRSAEncryption
a0:b4:66:b1:e8:37:0f:2c:ff:6b:5c:0d:a0:24:ce:5c:ee:1d:
84:0d:48:10:99:1b:11:5a:37:53:21:e7:3b:2e:77:d3:5b:4d:
21:c5:fc:b2:57:7b:27:ea:4f:d0:63:a2:9a:ea:64:7e:b3:8a:
0d:7f:03:ee:96:e4:c3:ba:33:91:15:e7:47:dc:89:03:aa:db:
59:79:1f:e1:d0:84:fa:9f:f5:a8:b7:0c:c9:69:28:05:45:95:
f8:a2:10:52:11:dc:7b:73:19:77:86:c6:00:8d:1e:e2:b1:97:
55:e3:a1:c2:85:ab:44:db:e2:c5:f9:b2:6e:27:cc:99:92:14:
22:56:dd:6b:f6:e3:e8:d6:79:2b:73:fe:64:b5:27:dc:db:ef:
1a:83:cf:bb:c5:26:32:47:18:19:f8:17:38:72:43:7e:96:6b:
97:e7:99:52:ca:14:97:e8:2c:9c:37:36:ad:3f:95:98:4e:db:
46:a3:96:07:65:b8:30:0e:5a:6e:85:18:66:18:92:64:d7:2f:
a1:2e:a4:a1:db:72:40:3b:c0:eb:cb:97:74:ef:8f:e4:52:02:
24:18:81:49:a0:ab:9a:7a:39:32:ba:97:4c:fa:b7:e7:f1:9a:
16:06:58:ee:96:79:8c:dd:e6:ad:a3:70:ff:0a:02:b3:90:e3:
36:6c:01:07
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ0+6M78GMyTuxrNrUSdch/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjYwMzMwMTMyMjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWMzY2U2MjgwYjkxMDY4YTA2MTEzZWM2Mzk4ZGRkM2E2ZDQ3MmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpF44+P80P7b2w13uT16Kz42gAPP
JPhtoKMDDlE+/6XtF4YfCOhe0c+eRuiqNmr/Aa1z86oNFkYgWZKsrKJznu62P6e6
F/6SXNz654FBTCub1T8pzzfTpoV3TpSbSbaqsZUODphC/RdU57FynHZc2U1GrBi7
rBCLmvBcRRuL7QBrCkhKCrVGE9pGUnQkOJaLJujrs1d1VDgvCKuxVTj12g08h3CP
iNwFSO6gmnkt6CYoxUU2Nu5UADMf9IbB06sx1/Of4+Dc/Rpfdh1D0h6HaL300wwE
FoP33/1MHQet3JxEgwI0tzdW54A62YoJ4JY9bq97nLYQdz4dS/faN9ZntQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFMnDzmKAuRBooGET7GOY3dOm1HLSMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEveWNQT1lvQzVFR2lnWVJQc1k1amQwNmJVY3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQET41AAwQB
XPI+AwQBXP8+AwQBiOp8AwQCuSqkAwQBucFaMA4EAgACMAgDBgQqAKsAYDANBgkq
hkiG9w0BAQsFAAOCAQEAoLRmseg3Dyz/a1wNoCTOXO4dhA1IEJkbEVo3UyHnOy53
01tNIcX8sld7J+pP0GOimupkfrOKDX8D7pbkw7ozkRXnR9yJA6rbWXkf4dCE+p/1
qLcMyWkoBUWV+KIQUhHce3MZd4bGAI0e4rGXVeOhwoWrRNvixfmybifMmZIUIlbd
a/bj6NZ5K3P+ZLUn3NvvGoPPu8UmMkcYGfgXOHJDfpZrl+eZUsoUl+gsnDc2rT+V
mE7bRqOWB2W4MA5aboUYZhiSZNcvoS6kodtyQDvA68uXdO+P5FICJBiBSaCrmno5
MrqXTPq35/GaFgZY7pZ5jN3mraNw/woCs5DjNmwBBw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:40:05 2026 by rpki-client