Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/yzKXO4jXIcQhvYNB-AXjR_e7tXo.roa
File: yzKXO4jXIcQhvYNB-AXjR_e7tXo.roa (raw, json)
Hash identifier: HbKWlAXeMlwQXI/oWRqyG/+YEkJ30n/PudG/ZFxPjv0=
Subject key identifier: CB:32:97:3B:88:D7:21:C4:21:BD:83:41:F8:05:E3:47:F7:BB:B5:7A
Certificate issuer: /CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Certificate serial: 019B77C76BB2E3B952FAE0530625E8A1DFEB
Authority key identifier: 82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/yzKXO4jXIcQhvYNB-AXjR_e7tXo.roa
Signing time: Thu 01 Jan 2026 04:18:36 +0000
ROA not before: Thu 01 Jan 2026 04:18:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207551
IP address blocks: 89.35.53.0/24 maxlen: 24
117.55.199.0/24 maxlen: 24
194.54.146.0/24 maxlen: 24
194.164.87.0/24 maxlen: 24
202.181.153.0/24 maxlen: 24
203.28.15.0/24 maxlen: 24
212.6.53.0/24 maxlen: 24
2a10:2080::/29 maxlen: 29
2a10:2080::/48 maxlen: 48
2a10:2080:1::/48 maxlen: 48
2a10:2080:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.mft
rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:c7:6b:b2:e3:b9:52:fa:e0:53:06:25:e8:a1:df:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Validity
Not Before: Jan 1 04:18:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cb32973b88d721c421bd8341f805e347f7bbb57a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:12:fb:83:20:89:b7:c8:6f:a2:e5:d8:89:3f:
69:9f:98:85:0c:9b:34:7a:87:ad:2d:fd:f0:b4:3e:
45:c8:f3:06:cf:94:79:ad:aa:57:22:5d:f7:56:5e:
06:b2:82:f8:a4:03:e5:e9:fc:51:70:28:b8:ca:e5:
f5:53:29:58:29:4c:f3:47:87:ee:6f:7c:eb:8d:2e:
00:86:ca:51:93:44:3a:92:12:a1:af:30:ee:fa:88:
70:d4:f6:de:91:16:ae:d1:6c:93:9b:08:0e:62:75:
a2:70:b3:61:64:91:99:39:52:db:b6:8e:19:bb:d2:
ea:fc:20:a1:28:88:48:5b:8a:69:7a:31:4b:aa:e3:
da:34:c8:40:cc:1a:6e:6b:73:a6:c6:a4:08:f8:17:
3d:39:41:2b:d6:12:ad:fd:e3:81:b2:1f:b7:8e:fb:
45:1c:16:aa:2f:cb:03:21:c5:ae:26:1d:74:9a:10:
20:3c:f6:e6:c8:62:2e:28:39:3e:ef:8a:40:b0:a1:
fb:65:07:f2:d1:7b:3d:7e:dc:7c:b2:cf:43:c3:68:
fe:1e:82:7f:24:53:5d:90:22:cd:c6:26:ab:b2:de:
e0:b0:86:ef:f5:d6:21:82:ce:c5:44:b7:c9:2c:38:
0f:46:5b:9b:f8:b7:78:0e:75:da:ba:04:a5:4a:10:
42:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:32:97:3B:88:D7:21:C4:21:BD:83:41:F8:05:E3:47:F7:BB:B5:7A
X509v3 Authority Key Identifier:
keyid:82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/yzKXO4jXIcQhvYNB-AXjR_e7tXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.53.0/24
117.55.199.0/24
194.54.146.0/24
194.164.87.0/24
202.181.153.0/24
203.28.15.0/24
212.6.53.0/24
IPv6:
2a10:2080::/29
Signature Algorithm: sha256WithRSAEncryption
71:3d:d0:a7:97:51:de:e7:41:76:74:b4:6f:10:1e:85:8b:bc:
31:51:01:4e:ab:68:fb:6a:e0:41:82:d9:54:73:91:93:73:0f:
87:a1:b9:a7:2d:a8:27:f9:e4:6b:d9:7f:6f:6b:47:d8:ba:4c:
58:c6:0e:89:28:d3:11:a5:64:5b:6c:58:04:b7:3d:fa:3a:16:
5d:21:f8:b3:af:c7:73:84:16:e7:49:0f:73:c2:f8:a2:ed:31:
4d:bd:d9:88:44:00:b6:8e:9b:b9:3e:41:67:aa:29:d3:7f:73:
49:2a:28:9a:1a:23:18:7a:0e:59:2f:e5:81:54:d6:1a:1c:f0:
07:60:72:25:10:5e:bf:9d:a0:4f:f6:11:04:0b:e6:fb:0e:5c:
56:0d:72:44:22:fa:a5:45:f6:f3:43:58:81:db:59:85:76:74:
b0:9e:e3:45:30:8a:66:4c:ee:84:a6:c0:e1:37:69:98:fb:48:
3c:1c:b7:23:a2:fe:ce:d6:70:a9:15:ee:15:a7:a6:37:c1:06:
88:ba:b3:74:17:b7:30:10:bf:af:96:a2:f4:7e:98:62:b0:33:
33:72:b8:0c:84:89:37:2e:0e:4d:62:2e:f1:e2:02:70:ee:ca:
e2:38:7d:0b:eb:9b:e9:27:7f:f9:3c:74:ae:b4:90:bf:58:fa:
8b:91:67:7a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZt3x2uy47lS+uBTBiXood/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjJlMGQwMGRkNzcxYTllNGQ2MGJiZjRiZTUyMTE0ZWE3
N2RiMDMwHhcNMjYwMTAxMDQxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjMyOTczYjg4ZDcyMWM0MjFiZDgzNDFmODA1ZTM0N2Y3YmJiNTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RL7gyCJt8hvouXYiT9pn5iFDJs0
eoetLf3wtD5FyPMGz5R5rapXIl33Vl4GsoL4pAPl6fxRcCi4yuX1UylYKUzzR4fu
b3zrjS4AhspRk0Q6khKhrzDu+ohw1PbekRau0WyTmwgOYnWicLNhZJGZOVLbto4Z
u9Lq/CChKIhIW4ppejFLquPaNMhAzBpua3OmxqQI+Bc9OUEr1hKt/eOBsh+3jvtF
HBaqL8sDIcWuJh10mhAgPPbmyGIuKDk+74pAsKH7ZQfy0Xs9ftx8ss9Dw2j+HoJ/
JFNdkCLNxiarst7gsIbv9dYhgs7FRLfJLDgPRlub+Ld4DnXaugSlShBCjwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMsylzuI1yHEIb2DQfgF40f3u7V6MB8GA1UdIwQY
MBaAFIKy4NAN13Gp5NYLv0vlIRTqd9sDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2It
MDZkM2M0ZTYzYzIwLzEveXpLWE80alhJY1FodllOQi1BWGpSX2U3dFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2ItMDZkM2M0ZTYzYzIw
LzEvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAWSM1AwQA
dTfHAwQAwjaSAwQAwqRXAwQAyrWZAwQAyxwPAwQA1AY1MA0EAgACMAcDBQMqECCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBxPdCnl1He50F2dLRvEB6Fi7wxUQFOq2j7auBB
gtlUc5GTcw+HobmnLagn+eRr2X9va0fYukxYxg6JKNMRpWRbbFgEtz36OhZdIfiz
r8dzhBbnSQ9zwvii7TFNvdmIRAC2jpu5PkFnqinTf3NJKiiaGiMYeg5ZL+WBVNYa
HPAHYHIlEF6/naBP9hEEC+b7DlxWDXJEIvqlRfbzQ1iB21mFdnSwnuNFMIpmTO6E
psDhN2mY+0g8HLcjov7O1nCpFe4Vp6Y3wQaIurN0F7cwEL+vlqL0fphisDMzcrgM
hIk3Lg5NYi7x4gJw7sriOH0L65vpJ3/5PHSutJC/WPqLkWd6
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:44:31 2026 by rpki-client