Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ykzFK_FVOL7AICf1m_m4fUtvmfA.roa
File: ykzFK_FVOL7AICf1m_m4fUtvmfA.roa (raw, json)
Hash identifier: b6rRkM8VyGgJND8a482PKl7S0bA+n1GfKNYd3pNbN08=
Subject key identifier: CA:4C:C5:2B:F1:55:38:BE:C0:20:27:F5:9B:F9:B8:7D:4B:6F:99:F0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D97519BD39A051DA1A765DE90919A1B2F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ykzFK_FVOL7AICf1m_m4fUtvmfA.roa
Signing time: Thu 16 Apr 2026 17:23:21 +0000
ROA not before: Thu 16 Apr 2026 17:23:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 27411
IP address blocks: 2a0c:7886:b4::/48 maxlen: 48
2a0f:1203::/32 maxlen: 32
2a0f:2707::/32 maxlen: 32
2a0f:3043::/32 maxlen: 32
2a0f:e204::/32 maxlen: 32
2a10:67c7::/32 maxlen: 32
2a10:68c6::/32 maxlen: 32
2a13:d45::/32 maxlen: 32
2a13:d46::/32 maxlen: 32
2a13:9280::/32 maxlen: 32
2a13:c907::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:51:9b:d3:9a:05:1d:a1:a7:65:de:90:91:9a:1b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 16 17:23:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ca4cc52bf15538bec02027f59bf9b87d4b6f99f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a7:b6:f5:69:06:66:00:8c:fd:4e:fe:0d:e7:
fb:7c:2c:44:bd:ef:09:f2:ef:91:6e:c4:c6:e7:36:
6c:90:91:23:05:62:21:9e:e9:d9:48:ec:5f:e0:0e:
e2:cb:a6:09:d8:7d:ef:7c:92:3a:10:7a:8c:65:cb:
8c:ca:55:c9:4a:03:bb:04:cc:d3:30:bf:5f:b4:12:
85:d6:e4:98:8f:17:37:ed:f7:ae:27:7f:9b:05:a4:
18:57:fd:fa:b2:ec:39:52:58:38:f7:fe:26:15:a1:
78:7f:eb:6f:4b:02:b9:82:4f:54:5f:2d:16:fc:b6:
ca:89:36:80:cd:96:6e:a2:e9:c8:3e:13:13:61:35:
f4:75:fd:a9:61:96:36:cd:f2:4d:a3:17:f6:c5:bf:
52:cb:57:13:f8:d9:e6:9d:d9:a8:4e:72:9d:53:8c:
6f:4c:c8:92:64:4c:d5:0b:16:2a:83:9b:aa:93:36:
67:00:f8:2e:f6:43:2c:bc:f0:cf:95:23:6e:24:96:
9b:58:e6:81:21:a1:51:c4:43:1d:80:59:d4:31:48:
f7:d4:5c:0b:c6:5e:2a:6e:a1:06:b9:f7:65:b7:14:
e2:94:5a:4a:85:d3:3c:f1:15:d3:ca:9f:19:e3:ea:
22:6b:0f:33:c4:39:5c:c2:01:c3:1c:b8:07:8d:91:
d9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4C:C5:2B:F1:55:38:BE:C0:20:27:F5:9B:F9:B8:7D:4B:6F:99:F0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ykzFK_FVOL7AICf1m_m4fUtvmfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7886:b4::/48
2a0f:1203::/32
2a0f:2707::/32
2a0f:3043::/32
2a0f:e204::/32
2a10:67c7::/32
2a10:68c6::/32
2a13:d45::-2a13:d46:ffff:ffff:ffff:ffff:ffff:ffff
2a13:9280::/32
2a13:c907::/32
Signature Algorithm: sha256WithRSAEncryption
80:44:88:d8:8a:e3:96:5a:04:ff:bc:07:b9:a0:da:b9:09:a0:
b4:f3:f4:53:4c:69:06:ff:52:c6:79:f8:6c:d2:47:fc:66:fa:
d8:76:4b:15:96:f9:54:ee:0c:d2:bd:d8:40:93:d5:94:78:3c:
8c:1a:95:a1:d3:35:b0:6c:18:33:13:de:b0:df:e0:4c:0a:1b:
e1:cc:3b:f2:b1:f0:c0:a5:07:03:74:ee:54:fc:9e:28:14:8c:
10:77:40:e2:c8:48:b8:97:20:31:4b:ea:f7:01:22:50:34:1c:
31:3a:85:0c:fd:cc:f9:8a:f8:37:21:64:4b:a3:a6:8a:9b:b8:
56:dd:6d:a2:7e:fe:cb:ec:45:5f:35:63:e1:4d:c1:40:85:39:
5c:b8:4e:f8:52:a6:b4:58:e8:34:12:aa:95:7b:76:18:c4:bf:
fb:d8:e0:70:10:04:0a:ff:e1:c7:e7:b3:c4:a3:19:69:9d:91:
91:4e:5f:1d:4f:ec:cd:4f:36:a2:24:45:b2:31:06:4e:5a:be:
2e:72:60:90:7b:5b:bc:db:f3:91:39:0a:da:39:d7:e5:b2:8a:
f1:71:2d:85:6f:f5:2c:23:c4:0d:55:3f:36:58:57:d0:d3:e6:
a4:81:b0:9a:6d:87:0f:26:e9:63:57:35:b5:ae:d2:e1:b0:ca:
aa:ee:66:fc
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZ2XUZvTmgUdoadl3pCRmhsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNDE2MTcyMzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTRjYzUyYmYxNTUzOGJlYzAyMDI3ZjU5YmY5Yjg3ZDRiNmY5OWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqe29WkGZgCM/U7+Def7fCxEve8J
8u+RbsTG5zZskJEjBWIhnunZSOxf4A7iy6YJ2H3vfJI6EHqMZcuMylXJSgO7BMzT
ML9ftBKF1uSYjxc37feuJ3+bBaQYV/36suw5Ulg49/4mFaF4f+tvSwK5gk9UXy0W
/LbKiTaAzZZuounIPhMTYTX0df2pYZY2zfJNoxf2xb9Sy1cT+NnmndmoTnKdU4xv
TMiSZEzVCxYqg5uqkzZnAPgu9kMsvPDPlSNuJJabWOaBIaFRxEMdgFnUMUj31FwL
xl4qbqEGufdltxTilFpKhdM88RXTyp8Z4+oiaw8zxDlcwgHDHLgHjZHZQwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFMpMxSvxVTi+wCAn9Zv5uH1Lb5nwMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveWt6RktfRlZPTDdBSUNmMW1fbTRmVXR2bWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAAjBRAwcAKgx4hgC0
AwUAKg8SAwMFACoPJwcDBQAqDzBDAwUAKg/iBAMFACoQZ8cDBQAqEGjGMA4DBQAq
Ew1FAwUAKhMNRgMFACoTkoADBQAqE8kHMA0GCSqGSIb3DQEBCwUAA4IBAQCARIjY
iuOWWgT/vAe5oNq5CaC08/RTTGkG/1LGefhs0kf8ZvrYdksVlvlU7gzSvdhAk9WU
eDyMGpWh0zWwbBgzE96w3+BMChvhzDvysfDApQcDdO5U/J4oFIwQd0DiyEi4lyAx
S+r3ASJQNBwxOoUM/cz5ivg3IWRLo6aKm7hW3W2ifv7L7EVfNWPhTcFAhTlcuE74
Uqa0WOg0EqqVe3YYxL/72OBwEAQK/+HH57PEoxlpnZGRTl8dT+zNTzaiJEWyMQZO
Wr4ucmCQe1u82/OROQraOdflsorxcS2Fb/UsI8QNVT82WFfQ0+akgbCabYcPJulj
VzW1rtLhsMqq7mb8
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:43:03 2026 by rpki-client