
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/PYTA1op3Iq5FMX_ou9MBQ1qU5mk.roa
File: PYTA1op3Iq5FMX_ou9MBQ1qU5mk.roa (raw, json)
Hash identifier: Cp3uC0C1AiARVk/vI2RWm3VoMG34OPQkitWD3WqcxG0=
Subject key identifier: 3D:84:C0:D6:8A:77:22:AE:45:31:7F:E8:BB:D3:01:43:5A:94:E6:69
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0198806D8D66151DA629F2C8323E7A405E2B
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/PYTA1op3Iq5FMX_ou9MBQ1qU5mk.roa
Signing time: Wed 06 Aug 2025 17:28:39 +0000
ROA not before: Wed 06 Aug 2025 17:28:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206174
IP address blocks: 2a09:a506::/32 maxlen: 32
2a0c:72c0::/29 maxlen: 29
2a0c:9486::/32 maxlen: 32
2a0d:f846::/32 maxlen: 32
2a12:3044::/32 maxlen: 32
2a12:38c5::/32 maxlen: 32
2a12:39c2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 16:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:6d:8d:66:15:1d:a6:29:f2:c8:32:3e:7a:40:5e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Aug 6 17:28:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d84c0d68a7722ae45317fe8bbd301435a94e669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:17:df:9f:4d:39:dd:18:26:26:1a:a8:81:b1:
b9:0b:be:b0:be:25:43:4e:63:21:72:d6:50:70:7c:
b3:58:38:e1:c2:03:1e:ae:62:f6:73:1e:3d:5c:c0:
05:7e:ab:43:5f:20:f1:ed:8f:e8:fa:1d:ca:73:f1:
25:c7:3e:b2:f1:0b:d5:ec:4c:04:60:b8:2c:bc:e8:
26:2f:70:f5:c1:7b:46:68:c8:de:2e:cf:40:f8:93:
57:77:4a:45:b3:36:e3:e3:aa:5a:26:0f:35:7a:fc:
c9:dc:06:fc:e7:98:61:0b:18:7d:79:ee:8f:b0:1e:
65:36:c0:b8:c3:96:b7:3b:bc:3d:99:b5:bc:16:b4:
7a:18:8a:65:8a:16:33:ba:64:7c:85:15:4b:97:e7:
d9:93:7b:d4:02:6d:d4:e8:41:e5:03:b3:64:7e:87:
a8:15:6f:6e:28:b0:53:71:e1:52:58:9c:6c:df:76:
7f:0a:95:43:71:d7:bb:e5:16:c6:dc:ec:31:c4:9e:
1a:a4:b9:4f:5a:26:de:c7:dd:8d:df:1a:6d:13:09:
07:af:e7:d8:6d:bc:8f:a0:8a:5f:f7:86:01:e5:ae:
1b:e7:8b:26:e7:86:af:6a:08:3a:88:fd:69:0b:67:
c2:bd:2a:6f:64:ff:c3:e0:07:ea:85:d5:b2:7f:c6:
4f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:84:C0:D6:8A:77:22:AE:45:31:7F:E8:BB:D3:01:43:5A:94:E6:69
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/PYTA1op3Iq5FMX_ou9MBQ1qU5mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a506::/32
2a0c:72c0::/29
2a0c:9486::/32
2a0d:f846::/32
2a12:3044::/32
2a12:38c5::/32
2a12:39c2::/32
Signature Algorithm: sha256WithRSAEncryption
78:f3:64:94:0f:90:18:c7:9c:2d:3d:ce:43:7f:b9:a3:2c:67:
ff:65:3e:b9:d7:a7:9c:75:c5:1d:42:ab:04:da:25:8f:d6:04:
a9:13:89:76:18:00:0a:c1:f7:65:16:d8:ec:3d:aa:83:69:f0:
6d:56:d5:f2:76:bb:ed:4c:af:4c:a4:46:22:1e:b3:cf:df:01:
d0:9f:04:f5:40:13:e7:3e:85:f2:c8:ae:87:6f:cd:88:72:e7:
0a:19:86:43:a0:4f:eb:f0:20:3c:9e:09:d9:a2:4e:04:a2:a1:
2f:c7:a0:68:de:a9:28:75:be:ee:66:62:ce:19:2a:c5:cb:45:
81:f2:4d:d8:b6:c5:76:ef:ec:6a:ca:db:29:43:fc:1e:6b:a7:
84:cc:65:01:4a:e5:e1:8f:8e:b4:bb:71:9b:18:0a:ef:4d:ef:
e6:5c:55:a6:dc:99:db:f1:02:3f:37:df:1c:91:1a:52:2a:19:
11:a3:94:bf:08:df:6c:f4:e2:8c:21:02:8a:5b:33:32:c2:a4:
90:94:d3:eb:26:a0:8d:c0:10:31:bb:25:02:bd:f0:a6:9b:31:
cd:6e:52:c2:65:22:90:16:e7:1d:e4:21:0c:d3:c2:15:1c:e7:
b6:ce:ac:2a:24:00:82:5f:c0:90:05:f3:5e:7f:08:e1:b8:d4:
f0:b2:54:13
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZiAbY1mFR2mKfLIMj56QF4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUwODA2MTcyODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDg0YzBkNjhhNzcyMmFlNDUzMTdmZThiYmQzMDE0MzVhOTRlNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Bffn0053RgmJhqogbG5C76wviVD
TmMhctZQcHyzWDjhwgMermL2cx49XMAFfqtDXyDx7Y/o+h3Kc/Elxz6y8QvV7EwE
YLgsvOgmL3D1wXtGaMjeLs9A+JNXd0pFszbj46paJg81evzJ3Ab855hhCxh9ee6P
sB5lNsC4w5a3O7w9mbW8FrR6GIplihYzumR8hRVLl+fZk3vUAm3U6EHlA7Nkfoeo
FW9uKLBTceFSWJxs33Z/CpVDcde75RbG3OwxxJ4apLlPWibex92N3xptEwkHr+fY
bbyPoIpf94YB5a4b54sm54avagg6iP1pC2fCvSpvZP/D4AfqhdWyf8ZPBQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFD2EwNaKdyKuRTF/6LvTAUNalOZpMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvUFlUQTFvcDNJcTVGTVhfb3U5TUJRMXFVNW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKgmlBgMF
AyoMcsADBQAqDJSGAwUAKg34RgMFACoSMEQDBQAqEjjFAwUAKhI5wjANBgkqhkiG
9w0BAQsFAAOCAQEAePNklA+QGMecLT3OQ3+5oyxn/2U+udennHXFHUKrBNolj9YE
qROJdhgACsH3ZRbY7D2qg2nwbVbV8na77UyvTKRGIh6zz98B0J8E9UAT5z6F8siu
h2/NiHLnChmGQ6BP6/AgPJ4J2aJOBKKhL8egaN6pKHW+7mZizhkqxctFgfJN2LbF
du/sasrbKUP8HmunhMxlAUrl4Y+OtLtxmxgK703v5lxVptyZ2/ECPzffHJEaUioZ
EaOUvwjfbPTijCECilszMsKkkJTT6yagjcAQMbslAr3wppsxzW5SwmUikBbnHeQh
DNPCFRznts6sKiQAgl/AkAXzXn8I4bjU8LJUEw==
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:16:07 2025 by rpki-client