Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/YQ-gP0kZeYU2c0LSFwYXjYGj5hQ.roa
File: YQ-gP0kZeYU2c0LSFwYXjYGj5hQ.roa (raw, json)
Hash identifier: E2d/Dy1xrKgHWhv+CLqUXvuhdHClj2t3HDBm46v1VdU=
Subject key identifier: 61:0F:A0:3F:49:19:79:85:36:73:42:D2:17:06:17:8D:81:A3:E6:14
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 019D3F70507C336A4D47A8CC922EEC699A73
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/YQ-gP0kZeYU2c0LSFwYXjYGj5hQ.roa
Signing time: Mon 30 Mar 2026 15:50:18 +0000
ROA not before: Mon 30 Mar 2026 15:50:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212512
IP address blocks: 45.82.76.0/22 maxlen: 32
45.131.155.0/24 maxlen: 32
88.218.193.0/24 maxlen: 32
185.207.153.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3f:70:50:7c:33:6a:4d:47:a8:cc:92:2e:ec:69:9a:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Mar 30 15:50:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=610fa03f49197985367342d21706178d81a3e614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:10:c4:78:4b:9e:b4:fe:97:b0:8b:5c:a1:aa:
2a:b6:4e:6e:0e:82:9d:0f:fc:87:e6:d2:1b:23:a5:
e1:ee:1c:92:58:0a:21:54:c9:44:3d:b6:bd:b4:a1:
c4:28:fb:4a:e0:d6:1d:00:04:26:bf:25:33:e2:92:
1c:f8:14:cf:50:4f:36:26:5d:8f:5e:d7:6f:6f:5a:
ee:96:3f:5f:46:f5:bd:dd:c1:3b:34:e4:40:9f:8b:
50:2b:3f:c2:c1:3c:75:bf:47:a9:fb:fd:38:f1:08:
08:5f:b0:13:b3:ba:f9:89:e6:26:15:31:56:41:17:
b0:67:0f:f4:e4:a9:c5:ca:2b:e6:a2:4b:1f:ac:d1:
28:a6:14:52:bd:af:fd:96:1d:a8:0f:59:5f:bf:ce:
5c:19:a7:d3:d6:4c:6a:8c:40:21:e9:3a:fe:42:6b:
2e:1e:7d:a5:b2:dc:a1:39:17:ef:9c:b5:88:73:c6:
d3:18:9c:f0:79:af:1e:b6:2e:a7:27:93:e2:67:8e:
20:c2:5a:9f:46:75:d4:9f:b7:cd:dc:6c:11:f8:3f:
af:5f:48:8f:c5:b7:7e:4a:6d:e6:33:06:f3:07:7e:
5e:e0:e9:86:16:51:33:88:94:91:69:3e:5b:9d:2d:
3c:ec:36:d1:d7:0e:08:85:fd:d1:fc:ef:93:b3:7a:
37:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:0F:A0:3F:49:19:79:85:36:73:42:D2:17:06:17:8D:81:A3:E6:14
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/YQ-gP0kZeYU2c0LSFwYXjYGj5hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.76.0/22
45.131.155.0/24
88.218.193.0/24
185.207.153.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:45:73:4e:1b:37:60:50:81:36:0f:01:de:df:f9:f6:02:98:
8c:73:0c:e5:9d:fe:a3:21:8f:47:a6:f5:5b:d4:41:8d:73:7c:
91:4d:67:90:ca:fa:f8:ed:5a:05:41:f4:d9:90:ce:b7:16:0f:
67:d0:bd:d5:60:47:e4:c8:4a:cf:b2:ef:81:ae:e6:54:47:66:
72:b2:3e:d1:47:f7:00:62:43:49:8f:98:8d:73:33:52:32:82:
bd:a4:1b:e8:03:72:6c:7d:a5:54:3a:73:53:60:dd:b6:b4:cd:
b7:3c:2e:07:4f:d1:a7:9d:02:c6:6d:5c:25:0f:4f:94:35:0d:
3b:77:71:dc:7e:28:95:4c:63:52:d8:ce:5a:0a:d7:df:71:f0:
aa:74:3f:51:52:32:99:89:15:94:7d:95:57:af:b8:b2:38:91:
a3:1c:b4:74:d4:e4:c8:b9:17:34:bb:9b:21:cb:4b:47:8a:47:
91:27:09:d6:f8:ef:ab:33:a5:52:e6:70:ba:0c:01:11:d1:3b:
c1:00:d8:ee:d5:fe:c9:30:2d:af:c7:83:19:aa:61:b6:4d:2b:
c1:a0:1c:97:64:c1:a7:b4:8d:74:0b:b0:a4:e3:13:24:84:ce:
53:54:56:bc:88:e4:f2:35:bd:14:e4:c4:b3:3b:c3:6f:21:1f:
d7:7d:c6:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0/cFB8M2pNR6jMki7saZpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjYwMzMwMTU1MDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTBmYTAzZjQ5MTk3OTg1MzY3MzQyZDIxNzA2MTc4ZDgxYTNlNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hDEeEuetP6XsItcoaoqtk5uDoKd
D/yH5tIbI6Xh7hySWAohVMlEPba9tKHEKPtK4NYdAAQmvyUz4pIc+BTPUE82Jl2P
Xtdvb1rulj9fRvW93cE7NORAn4tQKz/CwTx1v0ep+/048QgIX7ATs7r5ieYmFTFW
QRewZw/05KnFyivmoksfrNEophRSva/9lh2oD1lfv85cGafT1kxqjEAh6Tr+Qmsu
Hn2lstyhORfvnLWIc8bTGJzwea8eti6nJ5PiZ44gwlqfRnXUn7fN3GwR+D+vX0iP
xbd+Sm3mMwbzB35e4OmGFlEziJSRaT5bnS087DbR1w4Ihf3R/O+Ts3o3VwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGEPoD9JGXmFNnNC0hcGF42Bo+YUMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvWVEtZ1Awa1plWVUyYzBMU0Z3WVhqWUdqNWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVJMAwQA
LYObAwQAWNrBAwQAuc+ZMA0GCSqGSIb3DQEBCwUAA4IBAQArRXNOGzdgUIE2DwHe
3/n2ApiMcwzlnf6jIY9HpvVb1EGNc3yRTWeQyvr47VoFQfTZkM63Fg9n0L3VYEfk
yErPsu+BruZUR2Zysj7RR/cAYkNJj5iNczNSMoK9pBvoA3JsfaVUOnNTYN22tM23
PC4HT9GnnQLGbVwlD0+UNQ07d3HcfiiVTGNS2M5aCtffcfCqdD9RUjKZiRWUfZVX
r7iyOJGjHLR01OTIuRc0u5shy0tHikeRJwnW+O+rM6VS5nC6DAER0TvBANju1f7J
MC2vx4MZqmG2TSvBoByXZMGntI10C7Ck4xMkhM5TVFa8iOTyNb0U5MSzO8NvIR/X
fcYp
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:52:15 2026 by rpki-client