Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/yPF0loRCib-RBbqi2Jv4YOCUxA0.roa
File: yPF0loRCib-RBbqi2Jv4YOCUxA0.roa (raw, json)
Hash identifier: JdlBl0uHJZ27lQ7T6dMHN0yLNPKJ7KQjrbCgVKBWg7c=
Subject key identifier: C8:F1:74:96:84:42:89:BF:91:05:BA:A2:D8:9B:F8:60:E0:94:C4:0D
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 019C034CCD229BE76CD7D07E9E2EB2C83EDF
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/yPF0loRCib-RBbqi2Jv4YOCUxA0.roa
Signing time: Wed 28 Jan 2026 06:31:30 +0000
ROA not before: Wed 28 Jan 2026 06:31:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137409
IP address blocks: 5.180.179.0/24 maxlen: 24
31.217.248.0/24 maxlen: 24
185.137.164.0/24 maxlen: 24
193.35.228.0/24 maxlen: 24
217.119.143.0/24 maxlen: 24
2a11:53c0::/32 maxlen: 48
2a11:53c1::/32 maxlen: 48
2a11:53c2::/32 maxlen: 48
2a11:53c3::/32 maxlen: 48
2a11:53c4::/32 maxlen: 48
2a11:53c5::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:03:4c:cd:22:9b:e7:6c:d7:d0:7e:9e:2e:b2:c8:3e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Jan 28 06:31:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c8f17496844289bf9105baa2d89bf860e094c40d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0e:91:33:9f:f2:ac:d4:a3:8a:aa:80:90:12:
bd:cf:21:39:04:67:e6:04:ef:39:a7:cd:bf:4e:40:
f2:74:61:d5:6a:40:b8:da:63:8f:17:a6:dc:84:9a:
78:b8:e4:91:d2:af:15:20:63:46:46:78:73:7c:a9:
6d:7a:9d:8f:d5:0d:c7:42:b3:55:80:16:a6:f1:4f:
04:04:b8:b0:0f:50:16:45:b6:a0:cb:4d:7d:fa:0a:
f5:31:95:b1:3a:6f:42:c6:24:b6:86:ca:8c:1d:5f:
38:b4:1a:57:8e:9d:2d:f5:50:e5:2d:14:3d:80:25:
a2:18:fd:6f:2b:ba:12:4e:31:50:ca:6e:55:c9:f6:
34:82:89:e2:80:78:e9:99:1c:cc:b8:39:c5:cb:55:
42:3f:42:bb:42:6b:4a:31:fd:5d:27:2c:50:2e:4f:
3e:70:45:95:2e:6b:2f:d1:33:d3:35:bb:df:a0:67:
ee:ab:c0:4a:1b:bb:a3:d9:86:e0:2d:46:e2:29:13:
ff:79:67:3e:46:20:b3:ac:56:27:64:d1:68:9c:ec:
6b:9d:5c:ac:d1:7b:c2:22:b8:e6:c5:88:1b:6d:39:
69:d2:02:5a:ce:75:01:26:4b:41:49:8e:9c:c5:3a:
d8:26:bb:56:b6:7a:87:2b:1b:e6:6a:89:b8:9e:c0:
1a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F1:74:96:84:42:89:BF:91:05:BA:A2:D8:9B:F8:60:E0:94:C4:0D
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/yPF0loRCib-RBbqi2Jv4YOCUxA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.179.0/24
31.217.248.0/24
185.137.164.0/24
193.35.228.0/24
217.119.143.0/24
IPv6:
2a11:53c0::-2a11:53c5:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
85:ce:24:3b:1b:a9:00:91:7a:43:63:26:ac:5a:9a:5e:ad:3c:
b3:91:eb:da:aa:61:04:65:c5:9d:88:6a:d1:ed:c0:92:6c:a2:
fe:55:5f:4b:a5:23:d1:5a:98:b7:22:1a:bc:c7:58:88:3f:36:
ca:d3:08:c0:b1:b5:8c:d9:f3:20:cc:35:c1:41:f3:ff:c7:d2:
a1:37:27:25:c9:1a:c0:50:ee:18:a6:ce:c9:53:23:c1:bb:bb:
e0:55:df:50:02:1e:16:63:62:5b:4f:dc:50:07:07:5f:d4:38:
5c:f0:57:79:75:65:e3:16:df:8f:a7:c3:ad:c3:13:d0:87:46:
6b:7a:57:b8:ac:dd:4c:92:ba:19:9f:d6:6c:f6:97:3b:f5:6a:
d9:45:a3:41:58:8e:d1:d8:27:c7:7e:ff:60:f4:d9:69:cd:10:
f7:08:90:b0:78:05:10:38:09:72:9f:a7:89:23:99:39:95:79:
a3:88:d5:78:a1:70:86:bb:52:6d:c3:3b:e3:72:9d:d8:3a:d5:
59:1c:1f:21:4e:25:24:65:59:cf:7c:8a:03:74:fb:7e:3a:9f:
8c:ae:ce:6c:37:7d:b0:a3:1b:f4:88:f0:51:5c:82:75:b6:89:
bc:b9:2c:c0:67:eb:62:46:a6:0c:73:24:37:c3:0f:86:62:39:
b7:52:8c:a8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZwDTM0im+ds19B+ni6yyD7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjYwMTI4MDYzMTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGYxNzQ5Njg0NDI4OWJmOTEwNWJhYTJkODliZjg2MGUwOTRjNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4g6RM5/yrNSjiqqAkBK9zyE5BGfm
BO85p82/TkDydGHVakC42mOPF6bchJp4uOSR0q8VIGNGRnhzfKltep2P1Q3HQrNV
gBam8U8EBLiwD1AWRbagy019+gr1MZWxOm9CxiS2hsqMHV84tBpXjp0t9VDlLRQ9
gCWiGP1vK7oSTjFQym5VyfY0gonigHjpmRzMuDnFy1VCP0K7QmtKMf1dJyxQLk8+
cEWVLmsv0TPTNbvfoGfuq8BKG7uj2YbgLUbiKRP/eWc+RiCzrFYnZNFonOxrnVys
0XvCIrjmxYgbbTlp0gJaznUBJktBSY6cxTrYJrtWtnqHKxvmaom4nsAa8QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMjxdJaEQom/kQW6otib+GDglMQNMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEveVBGMGxvUkNpYi1SQmJxaTJKdjRZT0NVeEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQABbSzAwQA
H9n4AwQAuYmkAwQAwSPkAwQA2XePMBYEAgACMBAwDgMFBioRU8ADBQEqEVPEMA0G
CSqGSIb3DQEBCwUAA4IBAQCFziQ7G6kAkXpDYyasWpperTyzkevaqmEEZcWdiGrR
7cCSbKL+VV9LpSPRWpi3Ihq8x1iIPzbK0wjAsbWM2fMgzDXBQfP/x9KhNyclyRrA
UO4Yps7JUyPBu7vgVd9QAh4WY2JbT9xQBwdf1Dhc8Fd5dWXjFt+Pp8OtwxPQh0Zr
ele4rN1MkroZn9Zs9pc79WrZRaNBWI7R2CfHfv9g9NlpzRD3CJCweAUQOAlyn6eJ
I5k5lXmjiNV4oXCGu1Jtwzvjcp3YOtVZHB8hTiUkZVnPfIoDdPt+Op+Mrs5sN32w
oxv0iPBRXIJ1tom8uSzAZ+tiRqYMcyQ3ww+GYjm3Uoyo
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:05:46 2026 by rpki-client