Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/ypRDxsb3_AxTrENYh76-1Wq0x3s.roa
File: ypRDxsb3_AxTrENYh76-1Wq0x3s.roa (raw, json)
Hash identifier: AXPwQ40+ytvDYVbgMoQ9hylazSVqs3q0IglBPe/qi70=
Subject key identifier: CA:94:43:C6:C6:F7:FC:0C:53:AC:43:58:87:BE:BE:D5:6A:B4:C7:7B
Certificate issuer: /CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Certificate serial: 019C9F62EF6A26D735EDF5D20C6753AE4E76
Authority key identifier: FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/ypRDxsb3_AxTrENYh76-1Wq0x3s.roa
Signing time: Fri 27 Feb 2026 13:56:26 +0000
ROA not before: Fri 27 Feb 2026 13:56:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12876
IP address blocks: 62.4.0.0/19 maxlen: 19
62.210.0.0/16 maxlen: 24
91.235.79.0/24 maxlen: 24
195.154.0.0/16 maxlen: 24
212.47.224.0/19 maxlen: 19
212.83.128.0/19 maxlen: 19
212.83.160.0/19 maxlen: 19
212.129.0.0/18 maxlen: 18
2001:bc8::/32 maxlen: 38
2001:bc8:1200::/39 maxlen: 48
2001:bc8:1201::/48 maxlen: 48
2001:bc8:1400::/38 maxlen: 38
2001:bc8:1800::/38 maxlen: 38
2001:bc8:1c00::/38 maxlen: 38
2001:bc8:2000::/35 maxlen: 48
2001:bc8:5400::/40 maxlen: 48
2001:bc8:e800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:62:ef:6a:26:d7:35:ed:f5:d2:0c:67:53:ae:4e:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fae16b493d2a12897caf4757bb18a02eec2cde17
Validity
Not Before: Feb 27 13:56:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ca9443c6c6f7fc0c53ac435887bebed56ab4c77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0d:7c:02:26:26:7c:40:22:85:c0:f1:cc:60:
93:90:d3:91:1a:bc:0d:e3:06:22:6d:85:00:7e:18:
d4:f5:58:0b:d6:0f:31:67:5b:ba:43:60:c9:86:92:
57:f6:6a:af:4e:d0:17:fb:b7:7c:c4:2d:fd:98:b9:
9a:19:b7:3e:3c:a2:b7:e7:94:6f:2e:c7:59:c3:c1:
ad:4c:45:1a:3b:02:4c:08:91:08:01:0c:ce:9c:37:
e1:52:de:e2:a1:9c:11:47:04:29:ad:87:2f:07:0e:
eb:d0:82:dd:49:74:6d:1c:c4:3a:ce:60:ea:64:05:
ee:68:d4:86:0d:25:d3:61:6a:08:c2:e2:67:81:e4:
fd:51:b0:25:d2:7e:7d:3a:71:66:85:12:10:34:f0:
aa:d0:2c:db:7d:d2:61:96:34:45:ed:5c:12:fa:c2:
6e:e9:c2:f0:4d:ff:92:3a:3e:b8:ca:fe:c0:33:cb:
d5:e4:bb:50:16:9d:52:27:fe:db:91:2c:42:5f:7b:
42:b4:e1:fe:59:c3:24:3f:84:65:4d:b9:2b:92:76:
57:ff:24:aa:c8:ba:09:c4:44:52:5a:d1:82:36:99:
2d:a2:9d:42:61:07:2d:55:b5:81:84:3d:de:f1:8f:
9d:e7:bc:2e:54:c6:2c:42:5d:6b:fd:75:c6:c1:d4:
6b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:94:43:C6:C6:F7:FC:0C:53:AC:43:58:87:BE:BE:D5:6A:B4:C7:7B
X509v3 Authority Key Identifier:
keyid:FA:E1:6B:49:3D:2A:12:89:7C:AF:47:57:BB:18:A0:2E:EC:2C:DE:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-uFrST0qEol8r0dXuxigLuws3hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/ypRDxsb3_AxTrENYh76-1Wq0x3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/293d36-9da2-4405-8de3-4afd8254ae43/1/1-uFrST0qEol8r0dXuxigLuws3hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.0.0/19
62.210.0.0/16
91.235.79.0/24
195.154.0.0/16
212.47.224.0/19
212.83.128.0/18
212.129.0.0/18
IPv6:
2001:bc8::/32
Signature Algorithm: sha256WithRSAEncryption
3f:bd:57:65:39:02:7c:b7:03:40:22:8c:8b:91:39:de:e6:24:
5d:7e:45:ca:33:e7:ab:dc:1b:06:ad:f2:d3:d7:e4:15:cd:33:
07:97:7f:63:da:f0:39:e4:d8:8b:af:09:11:3c:32:4e:8a:a7:
df:e7:4d:fd:39:54:b0:ed:94:78:33:10:87:26:ee:7d:fe:d9:
d5:26:de:e2:a4:44:94:0e:90:40:35:e7:5a:cf:57:9c:5d:1e:
e4:40:16:8b:29:b0:9d:a5:bd:97:cf:1c:00:47:6e:59:23:48:
62:d2:1f:ef:73:07:ca:d7:3c:9f:80:ac:64:a7:19:aa:7b:fa:
8a:00:f7:64:03:a1:3a:cf:db:14:20:ab:a0:ed:62:31:56:bc:
db:a1:70:3c:5a:88:bf:e9:dc:62:e6:3e:19:bd:e7:a9:b5:7f:
8b:8d:49:48:e7:5e:3d:1d:13:9f:84:48:88:ef:85:49:2b:3b:
79:db:28:67:b4:96:16:94:80:0d:df:ef:0a:b2:ec:6d:1c:23:
f3:b5:e2:63:7f:99:f5:9b:2b:23:1d:c1:95:c8:71:8f:6c:68:
88:23:18:13:a5:1f:6e:f7:6e:f9:e9:ea:03:ad:33:3a:75:a1:
fe:81:79:e5:23:bc:8d:5c:b8:ff:e6:8e:15:6d:e5:56:8e:40:
47:b3:bd:8f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZyfYu9qJtc17fXSDGdTrk52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZTE2YjQ5M2QyYTEyODk3Y2FmNDc1N2JiMThhMDJlZWMy
Y2RlMTcwHhcNMjYwMjI3MTM1NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTk0NDNjNmM2ZjdmYzBjNTNhYzQzNTg4N2JlYmVkNTZhYjRjNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg18AiYmfEAihcDxzGCTkNORGrwN
4wYibYUAfhjU9VgL1g8xZ1u6Q2DJhpJX9mqvTtAX+7d8xC39mLmaGbc+PKK355Rv
LsdZw8GtTEUaOwJMCJEIAQzOnDfhUt7ioZwRRwQprYcvBw7r0ILdSXRtHMQ6zmDq
ZAXuaNSGDSXTYWoIwuJngeT9UbAl0n59OnFmhRIQNPCq0CzbfdJhljRF7VwS+sJu
6cLwTf+SOj64yv7AM8vV5LtQFp1SJ/7bkSxCX3tCtOH+WcMkP4RlTbkrknZX/ySq
yLoJxERSWtGCNpktop1CYQctVbWBhD3e8Y+d57wuVMYsQl1r/XXGwdRrwwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMqUQ8bG9/wMU6xDWIe+vtVqtMd7MB8GA1UdIwQY
MBaAFPrha0k9KhKJfK9HV7sYoC7sLN4XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS11RnJTVDBxRW9sOHIwZFh1eGlnTHV3czNoYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvMjkzZDM2LTlkYTItNDQwNS04ZGUz
LTRhZmQ4MjU0YWU0My8xL3lwUkR4c2IzX0F4VHJFTlloNzYtMVdxMHgzcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvMjkzZDM2LTlkYTItNDQwNS04ZGUzLTRhZmQ4MjU0YWU0
My8xLzEtdUZyU1QwcUVvbDhyMGRYdXhpZ0x1d3MzaGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUAYIKwYBBQUHAQcBAf8EQTA/MC4EAgABMCgDBAU+BAAD
AwA+0gMEAFvrTwMDAMOaAwQF1C/gAwQG1FOAAwQG1IEAMA0EAgACMAcDBQAgAQvI
MA0GCSqGSIb3DQEBCwUAA4IBAQA/vVdlOQJ8twNAIoyLkTne5iRdfkXKM+er3BsG
rfLT1+QVzTMHl39j2vA55NiLrwkRPDJOiqff5039OVSw7ZR4MxCHJu59/tnVJt7i
pESUDpBANedaz1ecXR7kQBaLKbCdpb2XzxwAR25ZI0hi0h/vcwfK1zyfgKxkpxmq
e/qKAPdkA6E6z9sUIKug7WIxVrzboXA8Woi/6dxi5j4ZveeptX+LjUlI5149HROf
hEiI74VJKzt52yhntJYWlIAN3+8KsuxtHCPzteJjf5n1mysjHcGVyHGPbGiIIxgT
pR9u92756eoDrTM6daH+gXnlI7yNXLj/5o4VbeVWjkBHs72P
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:00:30 2026 by rpki-client