Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/YGaK4456uaQPYysoG6qe_dm8930.roa
File: YGaK4456uaQPYysoG6qe_dm8930.roa (raw, json)
Hash identifier: hiRyD58SyGyD94TTEyJZ+uJYXj1TMGmD1AQAjMA9d1c=
Subject key identifier: 60:66:8A:E3:8E:7A:B9:A4:0F:63:2B:28:1B:AA:9E:FD:D9:BC:F7:7D
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 019C694D33B1ECA788BF7048074FC6015558
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/YGaK4456uaQPYysoG6qe_dm8930.roa
Signing time: Tue 17 Feb 2026 01:53:13 +0000
ROA not before: Tue 17 Feb 2026 01:53:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
91.205.228.0/24 maxlen: 24
185.92.45.0/24 maxlen: 24
185.92.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:69:4d:33:b1:ec:a7:88:bf:70:48:07:4f:c6:01:55:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Feb 17 01:53:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=60668ae38e7ab9a40f632b281baa9efdd9bcf77d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b1:26:aa:1b:2a:50:0d:39:61:2a:70:fc:1f:
9b:6f:bc:7b:97:68:bf:40:b8:f4:07:92:e0:6c:34:
75:32:ab:d0:da:6d:bb:34:1b:67:64:98:dc:ff:26:
1f:f3:52:65:05:ea:3a:65:2a:9d:fb:1a:6f:01:69:
96:17:61:b9:01:64:0d:43:aa:0b:ad:94:6e:1e:35:
e4:d4:39:21:16:f5:fd:bf:a4:f6:0c:4f:6c:0c:4c:
bc:a2:c7:25:dc:f6:84:2e:f9:05:61:92:75:06:5b:
bd:10:15:d0:79:3b:9d:c8:44:37:51:90:c0:53:ce:
78:65:f5:f1:79:b2:c5:88:b5:5f:98:dc:19:e5:6d:
85:dc:94:0c:07:7c:62:09:b3:46:04:f9:cb:64:92:
9e:03:5c:17:d6:69:f6:40:56:b1:87:6b:1c:f6:14:
62:bd:25:9d:98:0f:72:b5:b0:ed:aa:11:ec:60:44:
78:d8:2e:16:76:24:ba:35:1a:e6:65:a3:71:2d:13:
44:70:64:eb:a9:2c:94:19:d5:00:7e:4c:62:83:14:
be:e1:9e:d6:30:ee:97:df:a8:d5:f6:96:4d:69:83:
0f:2a:c4:ce:8f:a6:76:41:0e:08:03:c2:b0:d1:d8:
b1:d1:33:cc:d0:73:d2:50:bd:ee:39:0b:e2:3b:fb:
9e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:66:8A:E3:8E:7A:B9:A4:0F:63:2B:28:1B:AA:9E:FD:D9:BC:F7:7D
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/YGaK4456uaQPYysoG6qe_dm8930.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
91.205.228.0/24
185.92.45.0-185.92.46.255
Signature Algorithm: sha256WithRSAEncryption
9c:79:0f:72:35:c3:63:84:c6:91:9f:c1:b1:49:08:47:40:a5:
0c:be:5b:c1:ce:6c:80:41:92:b5:d5:69:51:4b:96:ea:26:76:
2a:38:c5:c4:c9:2f:a8:23:5d:3d:18:2b:6a:ff:6a:e6:b9:a9:
89:c5:8c:56:4f:47:e7:48:24:66:2a:7c:29:da:54:29:e0:45:
9f:00:37:d9:9e:cc:c5:60:1e:40:fe:9a:94:c2:34:77:3f:c2:
f6:2d:e8:08:30:63:03:88:4e:38:d7:5b:0c:24:e3:66:1d:91:
26:7c:01:78:f5:9f:92:5e:a9:4e:8f:bb:c9:a9:c4:ec:4a:f2:
d6:0c:5a:a1:de:1d:5d:56:99:84:57:13:e1:80:b1:ba:c8:54:
9d:27:19:98:7f:25:72:3c:bb:4f:ea:2b:a2:80:00:66:1c:2a:
83:03:a0:0a:a5:ca:5a:84:fd:77:b2:89:f9:27:86:81:f7:f1:
3b:be:5d:8f:80:9b:6a:0f:bb:28:83:0e:e2:20:27:f0:54:58:
88:3b:03:d4:f5:fd:03:d1:5b:6e:b4:ea:d2:1f:62:ec:c1:b5:
71:5b:53:1b:77:0d:8a:5b:81:72:cc:87:92:05:4c:f1:97:85:
e5:4d:b1:9f:34:ff:80:6e:34:06:0c:d3:1b:98:da:6c:0b:7d:
fc:0c:19:1c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZxpTTOx7KeIv3BIB0/GAVVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjYwMjE3MDE1MzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDY2OGFlMzhlN2FiOWE0MGY2MzJiMjgxYmFhOWVmZGQ5YmNmNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobEmqhsqUA05YSpw/B+bb7x7l2i/
QLj0B5LgbDR1MqvQ2m27NBtnZJjc/yYf81JlBeo6ZSqd+xpvAWmWF2G5AWQNQ6oL
rZRuHjXk1DkhFvX9v6T2DE9sDEy8oscl3PaELvkFYZJ1Blu9EBXQeTudyEQ3UZDA
U854ZfXxebLFiLVfmNwZ5W2F3JQMB3xiCbNGBPnLZJKeA1wX1mn2QFaxh2sc9hRi
vSWdmA9ytbDtqhHsYER42C4WdiS6NRrmZaNxLRNEcGTrqSyUGdUAfkxigxS+4Z7W
MO6X36jV9pZNaYMPKsTOj6Z2QQ4IA8Kw0dix0TPM0HPSUL3uOQviO/ueWQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGBmiuOOermkD2MrKBuqnv3ZvPd9MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvWUdhSzQ0NTZ1YVFQWXlzb0c2cWVfZG04OTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALiViAwQA
LiVxAwQAW83kMAwDBAC5XC0DBAC5XC4wDQYJKoZIhvcNAQELBQADggEBAJx5D3I1
w2OExpGfwbFJCEdApQy+W8HObIBBkrXVaVFLluomdio4xcTJL6gjXT0YK2r/aua5
qYnFjFZPR+dIJGYqfCnaVCngRZ8AN9mezMVgHkD+mpTCNHc/wvYt6AgwYwOITjjX
Wwwk42YdkSZ8AXj1n5JeqU6Pu8mpxOxK8tYMWqHeHV1WmYRXE+GAsbrIVJ0nGZh/
JXI8u0/qK6KAAGYcKoMDoAqlylqE/XeyifknhoH38Tu+XY+Am2oPuyiDDuIgJ/BU
WIg7A9T1/QPRW2606tIfYuzBtXFbUxt3DYpbgXLMh5IFTPGXheVNsZ80/4BuNAYM
0xuY2mwLffwMGRw=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:02:49 2026 by rpki-client