Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/YpERScUPA382FK4NL5ibHCIFyDk.roa
File: YpERScUPA382FK4NL5ibHCIFyDk.roa (raw, json)
Hash identifier: 3Ct/GtumEcJr0cG9KaRMbw6tKj791i3q2bQpl5vvwFY=
Subject key identifier: 62:91:11:49:C5:0F:03:7F:36:14:AE:0D:2F:98:9B:1C:22:05:C8:39
Certificate issuer: /CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Certificate serial: 019EA8BFF121DD9D92F4FF96679A2A266DDF
Authority key identifier: D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/YpERScUPA382FK4NL5ibHCIFyDk.roa
Signing time: Mon 08 Jun 2026 19:40:11 +0000
ROA not before: Mon 08 Jun 2026 19:40:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33835
IP address blocks: 92.42.216.0/21 maxlen: 21
217.169.240.0/20 maxlen: 20
217.169.242.0/23 maxlen: 23
217.169.246.0/23 maxlen: 23
2a02:2440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:bf:f1:21:dd:9d:92:f4:ff:96:67:9a:2a:26:6d:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Validity
Not Before: Jun 8 19:40:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=62911149c50f037f3614ae0d2f989b1c2205c839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:07:ab:8f:1e:35:95:7a:1f:30:15:9d:0e:43:
26:59:ac:a5:c6:9b:a7:0c:38:bb:97:6c:7a:6b:6c:
85:68:df:79:1e:8c:d8:7a:bb:7a:d3:ea:d1:d6:07:
f3:e4:44:b1:bf:d6:2d:6c:73:a2:b2:97:ec:54:f8:
cb:aa:42:50:67:1e:0d:f8:59:87:c3:0d:dc:73:d5:
f9:bd:eb:9f:e7:9d:da:e3:d7:87:ac:b3:ef:06:68:
f0:a0:28:14:fa:73:39:84:3f:4a:2d:ef:bd:3b:38:
bb:28:b5:36:e0:95:f3:7a:38:55:a9:d6:b8:02:0d:
e6:c4:ed:b4:3c:a0:62:f3:20:5d:84:71:e2:58:e1:
78:dc:26:2d:8f:58:6b:e8:81:55:43:62:87:ed:41:
d7:ab:5d:7e:6a:ea:ef:5f:10:4b:c1:b5:93:ff:e7:
5a:02:e1:b7:93:1a:ea:24:3a:58:04:dc:d6:2e:64:
80:cb:ee:c1:ba:0c:8d:10:9c:b2:bc:78:07:f7:37:
e6:2c:95:79:fe:04:3d:81:92:95:45:04:17:dd:37:
a3:57:b3:d4:dd:df:0b:37:e9:3d:42:8b:bf:97:88:
47:85:52:5a:59:9c:61:87:7c:f7:30:ae:2b:2a:92:
85:2a:db:b2:ac:78:43:0c:64:be:0c:cb:1a:ea:8b:
e4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:91:11:49:C5:0F:03:7F:36:14:AE:0D:2F:98:9B:1C:22:05:C8:39
X509v3 Authority Key Identifier:
keyid:D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/YpERScUPA382FK4NL5ibHCIFyDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.216.0/21
217.169.240.0/20
IPv6:
2a02:2440::/32
Signature Algorithm: sha256WithRSAEncryption
c2:1d:14:45:2e:35:b2:8d:e9:80:a0:ad:19:51:27:89:1b:1e:
2e:ef:49:2e:63:cd:b3:b4:7a:39:c4:b5:15:d0:f8:bf:5d:7c:
0d:a1:ca:41:92:52:93:69:e6:e0:e8:ee:2b:73:0e:75:ee:32:
e9:5a:ce:56:56:cb:80:41:02:2d:4f:9a:76:21:1a:07:1c:29:
05:54:87:64:d8:32:dc:ef:53:71:9b:81:bb:54:44:bf:24:5a:
8b:7e:01:86:98:d8:68:94:78:72:2a:0d:05:3a:40:1f:74:11:
f8:f4:c5:6b:20:f8:b2:02:2e:ce:5d:83:d9:cf:85:9d:af:9a:
c1:e2:ab:9d:2c:47:8e:cf:4b:8f:62:d1:d1:6d:96:78:9e:96:
1d:7c:46:f5:f3:e7:d8:f4:6f:6a:c1:fe:37:8a:94:a9:fc:ca:
dd:14:6b:88:88:c9:0d:1d:d3:45:43:66:3c:f2:e0:f7:9a:35:
25:02:a6:9c:14:7d:17:81:a9:94:98:77:bc:aa:0b:f8:5c:3c:
d9:ad:d3:57:6b:be:d1:a3:38:81:60:5c:61:70:e6:8d:71:47:
20:f7:5a:27:b2:12:bb:07:b4:ea:b3:18:3b:e5:db:da:eb:36:
a5:1a:6e:45:d0:fc:5c:4c:d5:11:8c:e1:c0:0d:1a:82:0e:c9:
43:41:2d:74
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ6ov/Eh3Z2S9P+WZ5oqJm3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODU1NWY5YTUyNzI3ZjZiY2Y3MTVjYjQ3NTBhMmE0YTZj
MzUxNjEwHhcNMjYwNjA4MTk0MDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjkxMTE0OWM1MGYwMzdmMzYxNGFlMGQyZjk4OWIxYzIyMDVjODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAerjx41lXofMBWdDkMmWaylxpun
DDi7l2x6a2yFaN95HozYert60+rR1gfz5ESxv9YtbHOispfsVPjLqkJQZx4N+FmH
ww3cc9X5veuf553a49eHrLPvBmjwoCgU+nM5hD9KLe+9Ozi7KLU24JXzejhVqda4
Ag3mxO20PKBi8yBdhHHiWOF43CYtj1hr6IFVQ2KH7UHXq11+aurvXxBLwbWT/+da
AuG3kxrqJDpYBNzWLmSAy+7BugyNEJyyvHgH9zfmLJV5/gQ9gZKVRQQX3TejV7PU
3d8LN+k9Qou/l4hHhVJaWZxhh3z3MK4rKpKFKtuyrHhDDGS+DMsa6ovkwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGKREUnFDwN/NhSuDS+YmxwiBcg5MB8GA1UdIwQY
MBaAFNSFVfmlJyf2vPcVy0dQoqSmw1FhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2Et
MDJhYmY4NTcyZmNiLzEvWXBFUlNjVVBBMzgyRks0Tkw1aWJIQ0lGeURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2EtMDJhYmY4NTcyZmNi
LzEvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXCrYAwQE
2anwMA0EAgACMAcDBQAqAiRAMA0GCSqGSIb3DQEBCwUAA4IBAQDCHRRFLjWyjemA
oK0ZUSeJGx4u70kuY82ztHo5xLUV0Pi/XXwNocpBklKTaebg6O4rcw517jLpWs5W
VsuAQQItT5p2IRoHHCkFVIdk2DLc71Nxm4G7VES/JFqLfgGGmNholHhyKg0FOkAf
dBH49MVrIPiyAi7OXYPZz4Wdr5rB4qudLEeOz0uPYtHRbZZ4npYdfEb18+fY9G9q
wf43ipSp/MrdFGuIiMkNHdNFQ2Y88uD3mjUlAqacFH0XgamUmHe8qgv4XDzZrdNX
a77RoziBYFxhcOaNcUcg91onshK7B7Tqsxg75dva6zalGm5F0PxcTNURjOHADRqC
DslDQS10
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:23:35 2026 by rpki-client