Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/YtVS-aK9rlFruoFrqFlIl1-G7xQ.roa
File: YtVS-aK9rlFruoFrqFlIl1-G7xQ.roa (raw, json)
Hash identifier: 01nxSlc7uYxsqEh9WpT7cgExFmnD4WF+M8+hN9BsatQ=
Subject key identifier: 62:D5:52:F9:A2:BD:AE:51:6B:BA:81:6B:A8:59:48:97:5F:86:EF:14
Certificate issuer: /CN=df895a3ee2211b6ee2df7202f09a426680d66269
Certificate serial: 01984FFEF26C36610A5F69D8EC09054F96AF
Authority key identifier: DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/YtVS-aK9rlFruoFrqFlIl1-G7xQ.roa
Signing time: Mon 28 Jul 2025 07:46:05 +0000
ROA not before: Mon 28 Jul 2025 07:46:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216300
IP address blocks: 77.105.129.0/24 maxlen: 24
77.105.130.0/24 maxlen: 24
77.105.132.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.135.0/24 maxlen: 24
77.105.160.0/24 maxlen: 24
77.105.164.0/24 maxlen: 24
185.225.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 07:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4f:fe:f2:6c:36:61:0a:5f:69:d8:ec:09:05:4f:96:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df895a3ee2211b6ee2df7202f09a426680d66269
Validity
Not Before: Jul 28 07:46:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62d552f9a2bdae516bba816ba85948975f86ef14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c6:de:9a:13:c5:94:b0:2b:e7:ae:2c:1a:a2:
9c:26:3f:b9:8d:ca:99:cb:c7:48:05:53:26:fd:0d:
14:a1:2a:0e:c9:34:29:37:90:dc:a0:ef:0c:33:81:
cc:06:22:c8:85:74:16:fd:32:b2:6c:f2:2b:3d:29:
8a:d1:fd:e6:3c:aa:6f:98:af:df:08:a1:bf:b2:e8:
30:36:bb:ac:4a:0c:29:f4:3e:2a:0c:91:1c:11:99:
89:36:1a:da:87:32:a6:2f:fd:d2:81:5a:f9:c7:db:
44:94:a9:44:e3:ab:6c:a7:75:03:ac:bf:b0:76:04:
73:87:eb:4e:c0:d9:5b:e5:41:18:4f:0c:97:35:8b:
fc:52:10:48:23:43:29:cc:62:0b:84:f1:36:72:72:
2e:51:7a:88:c8:38:1a:94:d2:70:52:5c:04:3b:00:
2f:a6:64:3c:8c:b3:01:2a:2f:77:61:3c:ae:ea:59:
7b:56:21:a3:fa:24:bf:6b:92:c2:4f:6b:9d:fe:2e:
e2:30:fa:6d:31:aa:f3:25:81:19:65:cd:ef:07:ea:
55:9c:94:17:b6:9f:8f:fe:9a:f5:96:7b:ff:30:4c:
e6:84:da:e5:4b:d7:80:e5:04:c3:38:c8:5c:10:20:
59:bc:02:e0:60:27:85:03:3b:9b:87:d1:52:64:f1:
87:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:D5:52:F9:A2:BD:AE:51:6B:BA:81:6B:A8:59:48:97:5F:86:EF:14
X509v3 Authority Key Identifier:
keyid:DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/YtVS-aK9rlFruoFrqFlIl1-G7xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.129.0-77.105.130.255
77.105.132.0/24
77.105.134.0/23
77.105.160.0/24
77.105.164.0/24
185.225.202.0/24
Signature Algorithm: sha256WithRSAEncryption
21:dc:19:ea:1b:7a:56:48:cf:a5:22:de:ad:b2:df:c3:cd:39:
dc:61:62:aa:f8:4a:dc:e5:ca:2f:80:30:db:22:02:bf:86:0f:
a4:61:7b:03:d7:91:e5:2d:7d:4d:18:06:5d:92:ac:d9:05:f8:
81:d7:25:ff:f1:ae:23:c1:54:1a:3f:00:52:94:07:ff:5a:4c:
19:0e:09:0d:a8:36:bd:b4:5e:58:9f:55:03:96:a2:da:5a:49:
08:8f:3b:5a:f9:4a:42:57:a5:6f:20:7b:1c:2f:1d:0f:ed:14:
31:ae:9d:a9:d1:65:ab:97:77:7d:7d:59:8b:fc:4a:43:41:c1:
94:19:a8:d0:a0:ee:2b:3c:0e:29:c6:f8:7b:41:67:0f:ce:2f:
a0:54:68:d6:82:21:46:34:1c:1f:04:1c:3c:54:10:da:3c:a9:
04:48:25:7f:3e:10:6c:98:b9:ff:08:5a:1c:11:9d:b3:1f:fd:
12:52:52:27:9e:b4:ee:ec:1b:a6:de:22:01:f1:72:47:50:1c:
d1:bf:97:d4:84:40:18:cf:7e:cd:bd:9b:30:f3:e7:0f:ad:ce:
2f:12:17:81:b2:50:b5:77:ad:13:1c:df:b5:ca:8b:f4:8b:08:
47:6f:c1:00:d8:75:73:25:5f:a4:14:c6:71:95:76:3d:ac:3c:
46:1c:ed:7c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZhP/vJsNmEKX2nY7AkFT5avMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODk1YTNlZTIyMTFiNmVlMmRmNzIwMmYwOWE0MjY2ODBk
NjYyNjkwHhcNMjUwNzI4MDc0NjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmQ1NTJmOWEyYmRhZTUxNmJiYTgxNmJhODU5NDg5NzVmODZlZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcbemhPFlLAr564sGqKcJj+5jcqZ
y8dIBVMm/Q0UoSoOyTQpN5DcoO8MM4HMBiLIhXQW/TKybPIrPSmK0f3mPKpvmK/f
CKG/sugwNrusSgwp9D4qDJEcEZmJNhrahzKmL/3SgVr5x9tElKlE46tsp3UDrL+w
dgRzh+tOwNlb5UEYTwyXNYv8UhBII0MpzGILhPE2cnIuUXqIyDgalNJwUlwEOwAv
pmQ8jLMBKi93YTyu6ll7ViGj+iS/a5LCT2ud/i7iMPptMarzJYEZZc3vB+pVnJQX
tp+P/pr1lnv/MEzmhNrlS9eA5QTDOMhcECBZvALgYCeFAzubh9FSZPGH/QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGLVUvmiva5Ra7qBa6hZSJdfhu8UMB8GA1UdIwQY
MBaAFN+JWj7iIRtu4t9yAvCaQmaA1mJpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRsYVB1SWhHMjdpMzNJQzhKcENab0RXWW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8xYTcyYTctMjc3ZC00NGY1LTg3ZGUt
NzBiMmViZDUxNDM4LzEvWXRWUy1hSzlybEZydW9GcnFGbElsMS1HN3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8xYTcyYTctMjc3ZC00NGY1LTg3ZGUtNzBiMmViZDUxNDM4
LzEvMzRsYVB1SWhHMjdpMzNJQzhKcENab0RXWW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABNaYED
BABNaYIDBABNaYQDBAFNaYYDBABNaaADBABNaaQDBAC54cowDQYJKoZIhvcNAQEL
BQADggEBACHcGeobelZIz6Ui3q2y38PNOdxhYqr4Stzlyi+AMNsiAr+GD6RhewPX
keUtfU0YBl2SrNkF+IHXJf/xriPBVBo/AFKUB/9aTBkOCQ2oNr20XlifVQOWotpa
SQiPO1r5SkJXpW8gexwvHQ/tFDGunanRZauXd319WYv8SkNBwZQZqNCg7is8DinG
+HtBZw/OL6BUaNaCIUY0HB8EHDxUENo8qQRIJX8+EGyYuf8IWhwRnbMf/RJSUiee
tO7sG6beIgHxckdQHNG/l9SEQBjPfs29mzDz5w+tzi8SF4GyULV3rRMc37XKi/SL
CEdvwQDYdXMlX6QUxnGVdj2sPEYc7Xw=
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:23:15 2025 by rpki-client