Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/YmwUCnBD8zc7hnCaYzFS1FXBKks.roa
File: YmwUCnBD8zc7hnCaYzFS1FXBKks.roa (raw, json)
Hash identifier: yImSLDVjhlkQ0X2UIt+K01tSFGalTr+lR1Nbf7LaW8o=
Subject key identifier: 62:6C:14:0A:70:43:F3:37:3B:86:70:9A:63:31:52:D4:55:C1:2A:4B
Certificate issuer: /CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Certificate serial: 019C8F752C80D59E87A8AA75E42419546A22
Authority key identifier: D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/YmwUCnBD8zc7hnCaYzFS1FXBKks.roa
Signing time: Tue 24 Feb 2026 11:42:26 +0000
ROA not before: Tue 24 Feb 2026 11:42:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39500
IP address blocks: 185.154.68.0/24 maxlen: 24
185.154.69.0/24 maxlen: 24
185.154.70.0/24 maxlen: 24
185.154.71.0/24 maxlen: 24
193.47.191.0/24 maxlen: 24
2001:67c:1f4::/48 maxlen: 48
2a07:7f40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/2SLY1F-YXcOJbJF2p9SNdljLT2g.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/2SLY1F-YXcOJbJF2p9SNdljLT2g.mft
rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:75:2c:80:d5:9e:87:a8:aa:75:e4:24:19:54:6a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Validity
Not Before: Feb 24 11:42:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=626c140a7043f3373b86709a633152d455c12a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fa:06:fa:63:74:4d:d1:7e:c8:f8:e0:52:f1:
d4:8a:f8:be:3a:32:9a:44:82:d9:81:96:40:bc:91:
55:a0:df:99:5a:47:f3:68:65:3b:b3:50:84:a2:69:
5d:4f:4b:c3:7f:6d:bc:de:02:38:23:d0:9c:97:61:
45:3f:f2:39:95:87:e7:d4:dd:2b:d6:9a:8e:87:43:
97:ff:73:89:03:7d:87:95:41:b8:17:a4:6c:c7:5d:
ae:00:6c:23:3c:e3:96:fb:48:61:ef:94:d0:21:ae:
0e:f6:76:4f:f0:c6:50:33:54:37:fb:fd:c0:b7:df:
8b:58:6b:a8:88:a4:76:95:fc:30:fa:65:43:e2:db:
6f:05:c0:59:b7:64:4e:34:26:19:50:d2:6d:44:ad:
aa:27:37:66:a7:27:90:68:01:42:2e:d9:fd:bc:a9:
9e:41:ce:95:c7:4a:0d:fd:7f:0c:c8:2a:65:b2:d5:
b8:f9:85:bf:b3:20:0a:95:df:78:45:9c:0b:2e:7c:
f9:35:41:69:d3:0b:5c:d0:ad:1e:91:92:bc:96:40:
b0:5f:d3:e0:11:c3:8e:d6:1f:56:6b:74:3a:f4:de:
a8:72:fa:e6:79:dd:72:ff:35:ef:de:4b:6b:e8:fe:
97:02:4b:04:e0:57:69:3e:59:ae:15:5f:5a:63:28:
65:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6C:14:0A:70:43:F3:37:3B:86:70:9A:63:31:52:D4:55:C1:2A:4B
X509v3 Authority Key Identifier:
keyid:D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/YmwUCnBD8zc7hnCaYzFS1FXBKks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/2SLY1F-YXcOJbJF2p9SNdljLT2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.68.0/22
193.47.191.0/24
IPv6:
2001:67c:1f4::/48
2a07:7f40::/29
Signature Algorithm: sha256WithRSAEncryption
31:17:f6:68:7f:45:8a:36:7c:11:9a:5a:bf:8d:8e:32:b1:22:
ca:33:78:55:41:60:93:17:d4:65:ae:06:9b:3e:45:52:fb:0b:
71:40:f4:75:c9:09:fe:b7:5b:b2:71:e2:d8:bb:f4:94:76:df:
52:6a:10:8b:b5:35:33:4b:7e:ab:21:ff:32:77:97:06:08:80:
23:5f:ef:16:ac:11:23:61:5b:89:60:d6:dd:40:54:8a:4a:81:
ce:21:00:89:38:d7:f1:3d:37:70:d2:41:ac:8f:a0:69:e3:ae:
bc:61:4f:d7:9b:0f:5a:3e:8e:fa:41:10:07:22:cc:5b:08:08:
13:67:f3:b9:2f:02:c8:73:a2:65:d5:81:01:52:a9:a8:e9:57:
38:5f:45:e7:67:41:c6:a8:5e:b4:ef:6b:d3:23:28:50:c5:d2:
7d:6b:68:48:43:ec:ba:65:bb:89:ab:64:c5:a6:42:95:27:e4:
56:d5:bc:e9:06:91:3f:97:a7:71:6c:ec:d1:74:8a:b7:de:fa:
22:96:56:e2:19:9a:07:23:76:b7:b9:3e:c3:02:c0:8c:52:e0:
c4:4c:90:ed:0a:48:a7:53:d1:a5:9a:35:62:ab:a3:45:06:c3:
f1:e5:09:6a:8c:cf:07:ce:55:57:e9:b2:b9:f3:2d:73:b7:18:
1d:4f:28:ae
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZyPdSyA1Z6HqKp15CQZVGoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MjJkOGQ0NWY5ODVkYzM4OTZjOTE3NmE3ZDQ4ZDc2NThj
YjRmNjgwHhcNMjYwMjI0MTE0MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZjMTQwYTcwNDNmMzM3M2I4NjcwOWE2MzMxNTJkNDU1YzEyYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvoG+mN0TdF+yPjgUvHUivi+OjKa
RILZgZZAvJFVoN+ZWkfzaGU7s1CEomldT0vDf2283gI4I9Ccl2FFP/I5lYfn1N0r
1pqOh0OX/3OJA32HlUG4F6Rsx12uAGwjPOOW+0hh75TQIa4O9nZP8MZQM1Q3+/3A
t9+LWGuoiKR2lfww+mVD4ttvBcBZt2RONCYZUNJtRK2qJzdmpyeQaAFCLtn9vKme
Qc6Vx0oN/X8MyCplstW4+YW/syAKld94RZwLLnz5NUFp0wtc0K0ekZK8lkCwX9Pg
EcOO1h9Wa3Q69N6ocvrmed1y/zXv3ktr6P6XAksE4FdpPlmuFV9aYyhljwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGJsFApwQ/M3O4ZwmmMxUtRVwSpLMB8GA1UdIwQY
MBaAFNki2NRfmF3DiWyRdqfUjXZYy09oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlNMWTFGLVlYY09KYkpGMnA5U05kbGpMVDJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC85MDAyZTItZGMwNC00YzM5LTkyMzUt
NTRkNWQwNGUzNDZkLzEvWW13VUNuQkQ4emM3aG5DYVl6RlMxRlhCS2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC85MDAyZTItZGMwNC00YzM5LTkyMzUtNTRkNWQwNGUzNDZk
LzEvMlNMWTFGLVlYY09KYkpGMnA5U05kbGpMVDJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuZpEAwQA
wS+/MBYEAgACMBADBwAgAQZ8AfQDBQMqB39AMA0GCSqGSIb3DQEBCwUAA4IBAQAx
F/Zof0WKNnwRmlq/jY4ysSLKM3hVQWCTF9RlrgabPkVS+wtxQPR1yQn+t1uyceLY
u/SUdt9SahCLtTUzS36rIf8yd5cGCIAjX+8WrBEjYVuJYNbdQFSKSoHOIQCJONfx
PTdw0kGsj6Bp4668YU/Xmw9aPo76QRAHIsxbCAgTZ/O5LwLIc6Jl1YEBUqmo6Vc4
X0XnZ0HGqF6072vTIyhQxdJ9a2hIQ+y6ZbuJq2TFpkKVJ+RW1bzpBpE/l6dxbOzR
dIq33voillbiGZoHI3a3uT7DAsCMUuDETJDtCkinU9GlmjViq6NFBsPx5QlqjM8H
zlVX6bK58y1ztxgdTyiu
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:06:07 2026 by rpki-client