Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/yDl9LxaoKrm9XLZfh6yXOpVb3lI.roa
File: yDl9LxaoKrm9XLZfh6yXOpVb3lI.roa (raw, json)
Hash identifier: XpG3yY/SPa3BoZ1kFVeBj2d3GmuxqPGC19vRZ0EDSHM=
Subject key identifier: C8:39:7D:2F:16:A8:2A:B9:BD:5C:B6:5F:87:AC:97:3A:95:5B:DE:52
Certificate issuer: /CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
Certificate serial: 019D9CB9E0BF378F6B71FFECD575B2605AD2
Authority key identifier: 6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/yDl9LxaoKrm9XLZfh6yXOpVb3lI.roa
Signing time: Fri 17 Apr 2026 18:35:20 +0000
ROA not before: Fri 17 Apr 2026 18:35:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42237
IP address blocks: 91.236.116.0/24 maxlen: 24
185.217.0.0/24 maxlen: 24
185.217.1.0/24 maxlen: 24
185.246.128.0/24 maxlen: 24
185.246.129.0/24 maxlen: 24
185.246.130.0/24 maxlen: 24
193.105.134.0/24 maxlen: 24
2a0b:c040::/32 maxlen: 32
2a0b:c041::/32 maxlen: 32
2a0d:8980::/32 maxlen: 32
2a0d:8981::/32 maxlen: 32
2a0d:8982::/32 maxlen: 32
2a0d:8983::/32 maxlen: 32
2a0d:8984::/32 maxlen: 32
2a0d:8985::/32 maxlen: 32
2a0d:8986::/32 maxlen: 32
2a0d:8987::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/anmPD-T03_3-0sjmLSNUMPSTd80.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/anmPD-T03_3-0sjmLSNUMPSTd80.mft
rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 21:23:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:b9:e0:bf:37:8f:6b:71:ff:ec:d5:75:b2:60:5a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
Validity
Not Before: Apr 17 18:35:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c8397d2f16a82ab9bd5cb65f87ac973a955bde52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c0:9b:88:7a:28:75:a5:ed:d2:72:b6:c8:2e:
f7:e4:60:05:4f:ad:ba:fd:23:4c:d0:9b:4b:b7:5c:
8b:ba:55:33:1f:1e:4b:f2:cf:52:f2:31:f4:60:32:
13:b5:51:d6:a7:56:98:df:33:7d:c4:5f:97:ae:5d:
ab:e3:19:f0:55:e7:6c:e1:6b:6c:30:77:5b:b1:89:
38:25:68:52:0c:f2:19:06:47:6e:5e:88:49:42:96:
b2:83:5c:d4:4c:ec:e8:1c:4a:16:a5:0c:25:5c:7b:
54:08:b0:f3:60:1a:36:6c:d2:23:8a:97:e0:cb:5b:
33:b6:d7:ff:fe:fe:93:d2:66:5f:38:08:8e:18:05:
c2:04:8a:a4:b0:ca:56:12:4c:cb:49:3d:73:a5:ac:
42:16:03:ef:4f:d7:c1:8b:27:a4:13:3a:13:ff:af:
c6:3d:d8:f9:d7:a5:bb:6a:cb:db:3c:84:23:a7:75:
57:47:c7:b9:2d:3f:ed:d0:24:ac:1a:1b:9c:8f:da:
25:80:33:d5:d0:34:ff:9e:5d:94:5f:80:6c:d4:b8:
f5:07:87:12:62:65:c5:7d:ce:3f:b0:2f:01:b4:f5:
60:33:99:3a:f9:9b:81:d3:7a:7e:f6:60:a7:50:8d:
8b:df:41:58:88:bb:9c:3e:1a:4e:31:e2:5c:91:be:
7f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:39:7D:2F:16:A8:2A:B9:BD:5C:B6:5F:87:AC:97:3A:95:5B:DE:52
X509v3 Authority Key Identifier:
keyid:6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/yDl9LxaoKrm9XLZfh6yXOpVb3lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/anmPD-T03_3-0sjmLSNUMPSTd80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.116.0/24
185.217.0.0/23
185.246.128.0-185.246.130.255
193.105.134.0/24
IPv6:
2a0b:c040::/31
2a0d:8980::/29
Signature Algorithm: sha256WithRSAEncryption
6c:3f:53:3e:f1:13:34:df:2f:64:af:25:5e:2b:ec:a3:f8:5a:
b3:46:47:bf:2b:35:cb:5e:60:2d:bc:3e:13:99:5f:7c:f5:20:
75:18:12:d7:3f:63:e2:b3:a8:8b:de:32:6e:1c:4e:c9:20:75:
b2:24:a4:f3:21:a3:66:79:81:bd:be:38:30:b2:95:cb:b3:de:
06:48:a3:be:02:34:5a:ff:b0:b3:bf:44:d4:92:f8:81:43:ef:
5a:2e:19:a4:ee:73:da:63:ac:b2:be:de:cc:d7:0c:43:70:b0:
3e:c0:9d:37:c4:e6:8b:c0:97:da:d8:c9:3f:c3:03:e5:ce:62:
c2:6c:fd:28:a9:d1:05:5e:85:ce:15:6b:20:60:f4:06:b7:1d:
9d:51:8d:3f:6e:67:c3:21:a6:e5:0c:08:27:c9:a9:28:3d:b9:
bc:62:23:6a:4c:91:9d:7d:7d:6b:a1:91:3c:a2:1b:b5:ac:8e:
43:d7:b5:48:9a:bf:ef:52:03:67:3f:bd:74:83:16:72:d0:07:
51:67:33:1a:48:ff:96:6f:42:10:78:e6:0f:27:50:73:0f:e1:
d3:5d:aa:a4:a1:99:8c:59:f7:41:f0:75:61:69:81:58:34:8f:
27:d3:ef:7d:a8:f2:e0:42:c6:6c:c0:86:62:19:26:0e:90:0b:
8c:3e:54:a2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ2cueC/N49rcf/s1XWyYFrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNzk4ZjBmZTRmNGRmZmRmZWQyYzhlNjJkMjM1NDMwZjQ5
Mzc3Y2QwHhcNMjYwNDE3MTgzNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODM5N2QyZjE2YTgyYWI5YmQ1Y2I2NWY4N2FjOTczYTk1NWJkZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8CbiHoodaXt0nK2yC735GAFT626
/SNM0JtLt1yLulUzHx5L8s9S8jH0YDITtVHWp1aY3zN9xF+Xrl2r4xnwVeds4Wts
MHdbsYk4JWhSDPIZBkduXohJQpayg1zUTOzoHEoWpQwlXHtUCLDzYBo2bNIjipfg
y1szttf//v6T0mZfOAiOGAXCBIqksMpWEkzLST1zpaxCFgPvT9fBiyekEzoT/6/G
Pdj516W7asvbPIQjp3VXR8e5LT/t0CSsGhucj9olgDPV0DT/nl2UX4Bs1Lj1B4cS
YmXFfc4/sC8BtPVgM5k6+ZuB03p+9mCnUI2L30FYiLucPhpOMeJckb5/xQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMg5fS8WqCq5vVy2X4eslzqVW95SMB8GA1UdIwQY
MBaAFGp5jw/k9N/9/tLI5i0jVDD0k3fNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMt
NzdjZjgxMDQxMDgzLzEveURsOUx4YW9Lcm05WExaZmg2eVhPcFZiM2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMtNzdjZjgxMDQxMDgz
LzEvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgAwQAW+x0AwQB
udkAMAwDBAe59oADBAC59oIDBADBaYYwFAQCAAIwDgMFASoLwEADBQMqDYmAMA0G
CSqGSIb3DQEBCwUAA4IBAQBsP1M+8RM03y9kryVeK+yj+FqzRke/KzXLXmAtvD4T
mV989SB1GBLXP2Pis6iL3jJuHE7JIHWyJKTzIaNmeYG9vjgwspXLs94GSKO+AjRa
/7Czv0TUkviBQ+9aLhmk7nPaY6yyvt7M1wxDcLA+wJ03xOaLwJfa2Mk/wwPlzmLC
bP0oqdEFXoXOFWsgYPQGtx2dUY0/bmfDIablDAgnyakoPbm8YiNqTJGdfX1roZE8
ohu1rI5D17VImr/vUgNnP710gxZy0AdRZzMaSP+Wb0IQeOYPJ1BzD+HTXaqkoZmM
WfdB8HVhaYFYNI8n0+99qPLgQsZswIZiGSYOkAuMPlSi
-----END CERTIFICATE-----
Generated at Sat Apr 18 06:24:15 2026 by rpki-client