Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/2yf1tCH7jMNoNP9CFnl8jxLd45g.roa
File: 2yf1tCH7jMNoNP9CFnl8jxLd45g.roa (raw, json)
Hash identifier: Svr9NigEiA4SgiGYKaAYteQHiJXEq9LOKw0ITI+WVyc=
Subject key identifier: DB:27:F5:B4:21:FB:8C:C3:68:34:FF:42:16:79:7C:8F:12:DD:E3:98
Certificate issuer: /CN=83f8fd7493a2fe056222db41ed693083b50eccfb
Certificate serial: 019E735E18CB63B28A0B81FEDB5186B33EBE
Authority key identifier: 83:F8:FD:74:93:A2:FE:05:62:22:DB:41:ED:69:30:83:B5:0E:CC:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/2yf1tCH7jMNoNP9CFnl8jxLd45g.roa
Signing time: Fri 29 May 2026 10:53:26 +0000
ROA not before: Fri 29 May 2026 10:53:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205111
IP address blocks: 91.103.153.0/24 maxlen: 24
91.103.155.0/24 maxlen: 24
136.143.170.0/23 maxlen: 23
136.143.170.0/24 maxlen: 24
136.143.171.0/24 maxlen: 24
144.89.64.0/23 maxlen: 23
144.89.64.0/24 maxlen: 24
144.89.65.0/24 maxlen: 24
144.89.66.0/23 maxlen: 23
144.89.66.0/24 maxlen: 24
144.89.67.0/24 maxlen: 24
185.230.212.0/23 maxlen: 23
185.230.212.0/24 maxlen: 24
185.230.213.0/24 maxlen: 24
185.230.214.0/23 maxlen: 23
185.230.214.0/24 maxlen: 24
185.230.215.0/24 maxlen: 24
199.67.72.0/23 maxlen: 23
199.67.74.0/24 maxlen: 24
199.67.75.0/24 maxlen: 24
199.67.88.0/23 maxlen: 23
199.67.90.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.mft
rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 04:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:5e:18:cb:63:b2:8a:0b:81:fe:db:51:86:b3:3e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83f8fd7493a2fe056222db41ed693083b50eccfb
Validity
Not Before: May 29 10:53:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db27f5b421fb8cc36834ff4216797c8f12dde398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4a:97:cc:d8:5d:d9:cd:29:fc:21:4b:97:aa:
c8:7f:3e:13:8b:cd:ce:41:b1:25:2f:34:fa:2e:98:
b3:c5:59:82:d6:62:ea:dd:c1:31:30:7e:67:a1:2d:
c1:37:39:e1:22:a3:85:33:39:9f:56:71:5c:aa:b6:
b4:11:60:0c:4c:36:da:da:23:c4:1d:b4:dd:68:83:
4e:a5:52:94:36:29:1d:f9:e3:60:1f:90:ac:ea:de:
c3:13:00:72:9c:90:cc:b1:32:50:71:81:79:e6:15:
e8:7a:1e:06:d2:a4:2c:da:e0:a7:c3:ea:3f:91:ad:
5f:63:84:bb:67:af:30:f3:98:f1:11:8f:cd:ca:97:
86:49:ae:85:9d:41:ad:22:b4:a1:7f:2c:73:ea:d1:
08:04:bc:06:48:1c:8a:8c:11:0b:a6:92:1d:07:45:
e6:01:80:bb:69:de:7c:74:ba:07:46:b6:c3:ae:57:
61:d5:ca:1d:22:7a:d2:9c:55:ef:ee:01:f6:78:90:
28:09:61:04:e7:50:50:3e:a8:dd:45:8a:9a:c5:20:
94:bb:aa:69:46:e1:ec:ab:eb:33:87:9b:96:cc:5f:
07:fe:69:6f:c0:c4:15:30:51:9f:b6:f3:ac:e6:51:
42:8f:1e:7b:bb:04:5c:87:ef:81:ac:a1:fd:08:00:
76:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:27:F5:B4:21:FB:8C:C3:68:34:FF:42:16:79:7C:8F:12:DD:E3:98
X509v3 Authority Key Identifier:
keyid:83:F8:FD:74:93:A2:FE:05:62:22:DB:41:ED:69:30:83:B5:0E:CC:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/2yf1tCH7jMNoNP9CFnl8jxLd45g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.153.0/24
91.103.155.0/24
136.143.170.0/23
144.89.64.0/22
185.230.212.0/22
199.67.72.0/22
199.67.88.0/22
Signature Algorithm: sha256WithRSAEncryption
06:34:a4:7b:77:0d:67:c8:29:15:29:e8:34:34:84:75:a5:6e:
43:b3:f0:08:2f:77:01:e2:80:f9:4b:92:3b:2c:d2:0d:8d:cd:
f4:40:f4:50:16:62:51:8d:73:15:e5:18:63:85:18:94:91:60:
c9:f8:7b:98:c9:08:34:6a:56:c3:1a:f1:c1:00:56:32:63:a7:
44:49:8d:ea:e7:1c:b8:0b:e9:e3:16:81:c8:85:28:69:68:b2:
69:38:b8:cf:12:af:eb:f3:6e:91:65:59:47:a6:69:97:26:10:
82:42:43:ca:99:30:bb:57:ab:99:e7:c6:97:9d:18:f5:2a:28:
2a:f8:89:54:f6:1f:78:c1:4e:80:21:cb:67:43:70:e1:78:84:
eb:2d:21:d7:0f:39:e6:51:c9:b1:04:80:df:c4:6a:2e:e7:e7:
25:7c:5e:6d:2e:c0:05:b8:af:d0:c8:19:50:7b:a5:c5:a6:87:
38:04:c3:28:18:31:73:5d:49:74:ee:51:42:0d:d7:c2:90:a1:
d6:58:42:5a:e3:40:cf:b8:94:9d:7b:a1:3d:40:a4:5c:2f:01:
bb:08:23:6d:bc:5f:6d:fd:57:07:ed:45:97:bb:15:84:de:c2:
4c:19:7d:35:eb:1d:80:00:04:55:1c:4c:0c:47:d1:54:5c:d2:
68:0d:ec:fe
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ5zXhjLY7KKC4H+21GGsz6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjhmZDc0OTNhMmZlMDU2MjIyZGI0MWVkNjkzMDgzYjUw
ZWNjZmIwHhcNMjYwNTI5MTA1MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjI3ZjViNDIxZmI4Y2MzNjgzNGZmNDIxNjc5N2M4ZjEyZGRlMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkqXzNhd2c0p/CFLl6rIfz4Ti83O
QbElLzT6LpizxVmC1mLq3cExMH5noS3BNznhIqOFMzmfVnFcqra0EWAMTDba2iPE
HbTdaINOpVKUNikd+eNgH5Cs6t7DEwBynJDMsTJQcYF55hXoeh4G0qQs2uCnw+o/
ka1fY4S7Z68w85jxEY/NypeGSa6FnUGtIrShfyxz6tEIBLwGSByKjBELppIdB0Xm
AYC7ad58dLoHRrbDrldh1codInrSnFXv7gH2eJAoCWEE51BQPqjdRYqaxSCUu6pp
RuHsq+szh5uWzF8H/mlvwMQVMFGftvOs5lFCjx57uwRch++BrKH9CAB2cQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNsn9bQh+4zDaDT/QhZ5fI8S3eOYMB8GA1UdIwQY
MBaAFIP4/XSTov4FYiLbQe1pMIO1Dsz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19qOWRKT2lfZ1ZpSXR0QjdXa3dnN1VPelBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8xMmQ2ZjItZjQ4MS00OWZkLThmMjAt
YTA0M2MyMzBmMzBkLzEvMnlmMXRDSDdqTU5vTlA5Q0ZubDhqeExkNDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8xMmQ2ZjItZjQ4MS00OWZkLThmMjAtYTA0M2MyMzBmMzBk
LzEvZ19qOWRKT2lfZ1ZpSXR0QjdXa3dnN1VPelBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAW2eZAwQA
W2ebAwQBiI+qAwQCkFlAAwQCuebUAwQCx0NIAwQCx0NYMA0GCSqGSIb3DQEBCwUA
A4IBAQAGNKR7dw1nyCkVKeg0NIR1pW5Ds/AIL3cB4oD5S5I7LNINjc30QPRQFmJR
jXMV5RhjhRiUkWDJ+HuYyQg0albDGvHBAFYyY6dESY3q5xy4C+njFoHIhShpaLJp
OLjPEq/r826RZVlHpmmXJhCCQkPKmTC7V6uZ58aXnRj1Kigq+IlU9h94wU6AIctn
Q3DheITrLSHXDznmUcmxBIDfxGou5+clfF5tLsAFuK/QyBlQe6XFpoc4BMMoGDFz
XUl07lFCDdfCkKHWWEJa40DPuJSde6E9QKRcLwG7CCNtvF9t/VcH7UWXuxWE3sJM
GX016x2AAARVHEwMR9FUXNJoDez+
-----END CERTIFICATE-----
Generated at Wed Jun 17 11:15:23 2026 by rpki-client