Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/YzVPBOj4oRBmxckuX-Zvgqs0Leo.roa
File: YzVPBOj4oRBmxckuX-Zvgqs0Leo.roa (raw, json)
Hash identifier: lr/0YuAq1URHW8+4zqFhbsMmRz7j7xx2Oqrz3s9t7EI=
Subject key identifier: 63:35:4F:04:E8:F8:A1:10:66:C5:C9:2E:5F:E6:6F:82:AB:34:2D:EA
Certificate issuer: /CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Certificate serial: 019E3B7E0BEAB9208216D43D3122F6ACD5AD
Authority key identifier: E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/YzVPBOj4oRBmxckuX-Zvgqs0Leo.roa
Signing time: Mon 18 May 2026 14:29:36 +0000
ROA not before: Mon 18 May 2026 14:29:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216139
IP address blocks: 77.221.132.0/24 maxlen: 24
77.221.133.0/24 maxlen: 24
88.210.20.0/23 maxlen: 24
109.120.141.0/24 maxlen: 24
109.120.142.0/24 maxlen: 24
109.120.154.0/24 maxlen: 24
130.49.160.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 13:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3b:7e:0b:ea:b9:20:82:16:d4:3d:31:22:f6:ac:d5:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Validity
Not Before: May 18 14:29:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=63354f04e8f8a11066c5c92e5fe66f82ab342dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6b:ea:a3:75:c2:aa:f3:06:fa:76:3a:cf:de:
b7:42:4c:37:c6:bf:b4:fb:30:66:02:55:ec:99:b8:
83:74:8d:ca:6e:84:f8:8f:d1:88:eb:70:5f:0c:47:
2e:e8:18:75:30:9d:fd:c0:1f:d9:03:fc:bc:a3:1a:
07:55:21:65:59:f6:a0:61:8c:73:d5:28:93:3c:05:
56:0a:62:24:20:74:10:74:0a:b4:3e:bd:2e:0b:fa:
85:d2:ca:99:76:e1:6f:40:bd:20:61:84:ea:04:8f:
9b:d1:75:4f:b2:4b:ac:f7:8e:32:b0:8f:f8:73:21:
60:52:02:7f:f5:b2:73:64:d0:ca:e6:b6:67:df:50:
db:01:24:df:80:82:5e:83:e3:ed:0c:a6:ad:37:a0:
a8:30:c3:a7:fc:c0:d7:cf:9e:92:bc:5a:7e:13:cc:
44:65:d7:87:02:81:d6:72:0d:53:26:34:4b:af:90:
9c:24:79:eb:3f:b6:00:74:5e:88:fe:11:62:d8:2e:
14:7e:9b:7e:78:00:62:4a:c8:cd:19:73:bc:55:eb:
3f:b0:43:c1:e5:b3:a7:8e:61:97:de:f0:53:f8:17:
77:91:3d:ce:74:b1:f7:b6:73:68:4d:97:95:ff:53:
42:77:e2:33:e8:a1:eb:62:e7:fc:c6:c9:83:2a:c0:
04:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:35:4F:04:E8:F8:A1:10:66:C5:C9:2E:5F:E6:6F:82:AB:34:2D:EA
X509v3 Authority Key Identifier:
keyid:E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/YzVPBOj4oRBmxckuX-Zvgqs0Leo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.132.0/23
88.210.20.0/23
109.120.141.0-109.120.142.255
109.120.154.0/24
130.49.160.0/22
185.216.84.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:d2:80:ce:c3:8f:b9:40:f0:6a:96:29:bb:7b:ab:23:5e:c8:
37:82:18:1e:72:b5:53:b7:4a:46:36:26:3a:03:42:b2:7b:f7:
5d:22:ae:d7:5e:6d:ca:3b:69:78:c2:f4:6c:d5:2f:ed:89:e9:
c3:00:db:0b:92:8f:ae:25:98:78:2c:45:da:99:2e:f0:c3:61:
42:cb:6a:c6:60:6f:fe:77:71:ea:a1:ee:9f:49:03:f0:e9:95:
56:88:e5:b6:e9:00:f6:eb:47:4e:f8:e9:6a:4b:68:cc:aa:ec:
02:0b:8d:9d:f7:0e:c6:64:3b:8d:d2:fd:d8:05:73:c1:2d:45:
4d:4a:40:d8:ee:16:07:36:d6:56:35:05:49:0b:8f:68:95:d2:
34:d8:b6:ad:4f:5c:de:98:4a:ae:fb:07:55:66:fc:dd:7e:6e:
a5:d8:b7:34:24:3b:ca:52:e1:f1:7c:0d:fb:6e:89:b5:a4:a9:
f3:c1:9c:c5:c0:26:60:ef:82:61:2b:98:b2:c3:e5:10:0a:ee:
8f:76:81:e4:54:1e:da:e2:7c:5f:40:49:52:a1:84:dc:5f:bb:
2d:98:bf:70:02:3a:1f:04:41:d8:a0:56:ed:fa:04:24:8e:9c:
c3:20:6a:b1:53:3b:c3:ed:a6:a1:45:da:bc:4f:bc:d5:df:16:
1d:89:b5:97
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ47fgvquSCCFtQ9MSL2rNWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MWVmMjJhZGFhMTZkNTNkY2Y2MzdjNTY5ZjQxMzFmMjYy
MTViOTEwHhcNMjYwNTE4MTQyOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzM1NGYwNGU4ZjhhMTEwNjZjNWM5MmU1ZmU2NmY4MmFiMzQyZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2vqo3XCqvMG+nY6z963Qkw3xr+0
+zBmAlXsmbiDdI3KboT4j9GI63BfDEcu6Bh1MJ39wB/ZA/y8oxoHVSFlWfagYYxz
1SiTPAVWCmIkIHQQdAq0Pr0uC/qF0sqZduFvQL0gYYTqBI+b0XVPskus944ysI/4
cyFgUgJ/9bJzZNDK5rZn31DbASTfgIJeg+PtDKatN6CoMMOn/MDXz56SvFp+E8xE
ZdeHAoHWcg1TJjRLr5CcJHnrP7YAdF6I/hFi2C4Ufpt+eABiSsjNGXO8Ves/sEPB
5bOnjmGX3vBT+Bd3kT3OdLH3tnNoTZeV/1NCd+Iz6KHrYuf8xsmDKsAErQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGM1TwTo+KEQZsXJLl/mb4KrNC3qMB8GA1UdIwQY
MBaAFOke8iraoW1T3PY3xWn0Ex8mIVuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQt
MzRhZTg5MWE3MmNmLzEvWXpWUEJPajRvUkJteGNrdVgtWnZncXMwTGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQtMzRhZTg5MWE3MmNm
LzEvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBTd2EAwQB
WNIUMAwDBABteI0DBABteI4DBABteJoDBAKCMaADBAK52FQwDQYJKoZIhvcNAQEL
BQADggEBAA3SgM7Dj7lA8GqWKbt7qyNeyDeCGB5ytVO3SkY2JjoDQrJ7910irtde
bco7aXjC9GzVL+2J6cMA2wuSj64lmHgsRdqZLvDDYULLasZgb/53ceqh7p9JA/Dp
lVaI5bbpAPbrR0746WpLaMyq7AILjZ33DsZkO43S/dgFc8EtRU1KQNjuFgc21lY1
BUkLj2iV0jTYtq1PXN6YSq77B1Vm/N1+bqXYtzQkO8pS4fF8DftuibWkqfPBnMXA
JmDvgmErmLLD5RAK7o92geRUHtrifF9ASVKhhNxfuy2Yv3ACOh8EQdigVu36BCSO
nMMgarFTO8PtpqFF2rxPvNXfFh2JtZc=
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:21:38 2026 by rpki-client