Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yAD8VP-SFrvLPagFVVrVmulh8fk.roa
File: yAD8VP-SFrvLPagFVVrVmulh8fk.roa (raw, json)
Hash identifier: 4+nkmldZDzjwtkcMvF05Wn5bUYOGwiO7VCTzH7RQw5k=
Subject key identifier: C8:00:FC:54:FF:92:16:BB:CB:3D:A8:05:55:5A:D5:9A:E9:61:F1:F9
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 019A3FC2D0989DE985716C1D4525BAD90FB7
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yAD8VP-SFrvLPagFVVrVmulh8fk.roa
Signing time: Sat 01 Nov 2025 14:12:03 +0000
ROA not before: Sat 01 Nov 2025 14:12:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34872
IP address blocks: 45.154.97.0/24 maxlen: 32
45.154.99.0/24 maxlen: 32
62.3.50.0/24 maxlen: 32
194.28.98.0/23 maxlen: 32
2a0c:b640::/32 maxlen: 128
2a0c:b641::/44 maxlen: 128
2a0c:b641:10::/44 maxlen: 128
2a0c:b641:50::/44 maxlen: 128
2a0c:b641:60::/44 maxlen: 128
2a0c:b641:530::/44 maxlen: 128
2a0c:b641:5e0::/44 maxlen: 48
2a0c:b641:6d0::/44 maxlen: 128
2a0c:b641:70f::/48 maxlen: 128
2a0c:b641:820::/44 maxlen: 128
2a0f:8400::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3f:c2:d0:98:9d:e9:85:71:6c:1d:45:25:ba:d9:0f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Nov 1 14:12:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c800fc54ff9216bbcb3da805555ad59ae961f1f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:67:cb:ab:53:d5:2b:6d:d2:2a:ed:92:b2:3a:
af:5d:d0:e2:4c:ee:8d:ce:05:7a:04:2a:9b:94:ee:
e4:6f:d0:3f:86:43:0b:86:b2:cf:7d:c0:7d:1b:06:
12:49:54:08:48:fb:e8:f1:6a:14:95:e0:d0:df:fa:
ac:44:b9:86:ff:97:29:06:32:d4:96:a9:1f:12:ae:
d4:72:45:b8:f1:8c:57:6c:94:42:77:20:13:06:93:
50:f9:28:ba:7c:1e:4c:db:9b:37:86:b5:2b:b2:c1:
d2:39:4c:a1:9b:51:f3:e3:20:ba:9b:2d:71:25:47:
fa:db:4b:30:2c:72:4c:86:4e:ee:af:98:a7:2b:0d:
5a:f7:b3:4a:26:eb:fe:2f:09:09:7e:9b:5a:1c:c8:
61:0d:ef:49:02:42:5e:98:ff:28:b0:d3:c9:3f:ca:
89:bc:c2:e8:67:1c:cc:cd:a6:dc:74:b6:ac:a9:84:
41:98:59:07:bd:b6:aa:06:5b:cb:56:7d:88:3d:5a:
1a:12:2f:c0:3d:2f:7b:e5:1f:dc:25:27:a4:df:8f:
d9:17:df:25:9b:16:12:6d:c6:21:7b:3b:22:fe:07:
2e:21:78:0f:ff:52:2f:10:ad:a4:51:50:d9:12:fe:
f8:99:5b:e1:89:e4:33:93:ab:d0:42:b3:62:fd:65:
3a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:00:FC:54:FF:92:16:BB:CB:3D:A8:05:55:5A:D5:9A:E9:61:F1:F9
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/yAD8VP-SFrvLPagFVVrVmulh8fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
45.154.99.0/24
62.3.50.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:50::-2a0c:b641:6f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:530::/44
2a0c:b641:5e0::/44
2a0c:b641:6d0::/44
2a0c:b641:70f::/48
2a0c:b641:820::/44
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
82:96:19:e5:de:3c:4a:6c:92:9f:49:96:8e:c5:9d:79:30:3c:
50:73:9f:6d:51:39:18:2f:89:c4:bc:eb:5a:49:d8:b4:4f:80:
a0:2f:af:1a:cd:49:ab:7f:ce:31:4e:33:7d:97:22:a6:06:55:
f8:9c:8d:5e:20:32:63:1d:97:c0:f2:0f:05:8f:af:73:b7:ec:
d2:5d:d8:6d:6f:82:1a:bf:7b:3d:31:a3:21:0c:9f:60:17:dd:
b2:ee:99:40:80:04:c2:7a:c3:65:5c:de:f8:69:98:2b:a2:93:
41:56:7e:56:75:ff:e8:0c:c6:c0:7d:a1:f9:22:ea:79:c2:e1:
ed:d7:3b:25:19:d0:a8:fa:01:cc:77:65:a4:3f:01:1c:d1:14:
5e:02:8d:7d:4e:47:2e:44:e2:16:c6:43:42:f8:63:5a:da:e3:
2a:51:aa:21:9e:41:75:6b:c7:4d:c7:cc:25:9b:20:5e:cc:e7:
cf:7b:e5:1b:7c:32:5b:5c:d4:d6:21:fd:6f:9c:02:17:2c:81:
83:82:19:04:12:e0:a4:2d:c3:38:c5:2f:22:c8:75:23:c2:c4:
73:c7:33:91:24:9d:db:75:32:1b:4f:85:bc:d0:fd:1f:be:91:
c6:48:ad:19:04:4a:cf:7a:39:b5:4f:cc:47:b3:c2:63:5c:e0:
f4:39:60:5e
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZo/wtCYnemFcWwdRSW62Q+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUxMTAxMTQxMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODAwZmM1NGZmOTIxNmJiY2IzZGE4MDU1NTVhZDU5YWU5NjFmMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2fLq1PVK23SKu2SsjqvXdDiTO6N
zgV6BCqblO7kb9A/hkMLhrLPfcB9GwYSSVQISPvo8WoUleDQ3/qsRLmG/5cpBjLU
lqkfEq7UckW48YxXbJRCdyATBpNQ+Si6fB5M25s3hrUrssHSOUyhm1Hz4yC6my1x
JUf620swLHJMhk7ur5inKw1a97NKJuv+LwkJfptaHMhhDe9JAkJemP8osNPJP8qJ
vMLoZxzMzabcdLasqYRBmFkHvbaqBlvLVn2IPVoaEi/APS975R/cJSek34/ZF98l
mxYSbcYhezsi/gcuIXgP/1IvEK2kUVDZEv74mVvhieQzk6vQQrNi/WU6IwIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFMgA/FT/kha7yz2oBVVa1ZrpYfH5MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEveUFEOFZQLVNGcnZMUGFnRlZWclZtdWxoOGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjAeBAIAATAYAwQALZph
AwQALZpjAwQAPgMyAwQBwhxiMGAEAgACMFowEAMFBioMtkADBwUqDLZBAAAwEgMH
BCoMtkEAUAMHBCoMtkEAYAMHBCoMtkEFMAMHBCoMtkEF4AMHBCoMtkEG0AMHACoM
tkEHDwMHBCoMtkEIIAMFACoPhAAwDQYJKoZIhvcNAQELBQADggEBAIKWGeXePEps
kp9Jlo7FnXkwPFBzn21RORgvicS861pJ2LRPgKAvrxrNSat/zjFOM32XIqYGVfic
jV4gMmMdl8DyDwWPr3O37NJd2G1vghq/ez0xoyEMn2AX3bLumUCABMJ6w2Vc3vhp
mCuik0FWflZ1/+gMxsB9ofki6nnC4e3XOyUZ0Kj6Acx3ZaQ/ARzRFF4CjX1ORy5E
4hbGQ0L4Y1ra4ypRqiGeQXVrx03HzCWbIF7M58975Rt8Mltc1NYh/W+cAhcsgYOC
GQQS4KQtwzjFLyLIdSPCxHPHM5Ekndt1MhtPhbzQ/R++kcZIrRkESs96ObVPzEez
wmNc4PQ5YF4=
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:05:39 2025 by rpki-client