Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/nyEYNc_PtO4QoUwC3iOyBCPk0wQ.roa
File: nyEYNc_PtO4QoUwC3iOyBCPk0wQ.roa (raw, json)
Hash identifier: hp68ljnGn6WBzjjiaJx9jN9FM7xYYm0YWSh0AzIw1fY=
Subject key identifier: 9F:21:18:35:CF:CF:B4:EE:10:A1:4C:02:DE:23:B2:04:23:E4:D3:04
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 019A4E3CDE4CD5C66A7CF3A7312EEA9D8361
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/nyEYNc_PtO4QoUwC3iOyBCPk0wQ.roa
Signing time: Tue 04 Nov 2025 09:40:03 +0000
ROA not before: Tue 04 Nov 2025 09:40:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35704
IP address blocks: 2a02:11ff:400::/46 maxlen: 46
2a02:11ff:404::/46 maxlen: 46
2a02:11ff:408::/46 maxlen: 46
2a02:11ff:40c::/46 maxlen: 46
2a02:11ff:410::/46 maxlen: 46
2a02:11ff:414::/46 maxlen: 46
2a02:11ff:418::/46 maxlen: 46
2a02:11ff:41c::/46 maxlen: 46
2a02:11ff:420::/46 maxlen: 46
2a02:11ff:424::/46 maxlen: 46
2a02:11ff:428::/46 maxlen: 46
2a02:11ff:42c::/46 maxlen: 46
2a02:11ff:430::/46 maxlen: 46
2a02:11ff:434::/46 maxlen: 46
2a02:11ff:438::/46 maxlen: 46
2a02:11ff:43c::/46 maxlen: 46
2a02:11ff:440::/46 maxlen: 46
2a02:11ff:444::/46 maxlen: 46
2a02:11ff:448::/46 maxlen: 46
2a02:11ff:44c::/46 maxlen: 46
2a02:11ff:450::/46 maxlen: 46
2a02:11ff:454::/46 maxlen: 46
2a02:11ff:458::/46 maxlen: 46
2a02:11ff:45c::/46 maxlen: 46
2a02:11ff:460::/46 maxlen: 46
2a02:11ff:464::/46 maxlen: 46
2a02:11ff:468::/46 maxlen: 46
2a02:11ff:46c::/46 maxlen: 46
2a02:11ff:470::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:3c:de:4c:d5:c6:6a:7c:f3:a7:31:2e:ea:9d:83:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: Nov 4 09:40:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f211835cfcfb4ee10a14c02de23b20423e4d304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c9:2e:69:3b:a5:95:22:2e:8f:a7:d8:25:dc:
d1:ae:70:69:40:d6:dd:48:16:b8:a4:0f:c2:6a:ad:
a7:ab:b6:b3:ae:78:ab:73:29:2f:4c:28:52:1f:5f:
67:7b:a8:31:52:0c:6f:9f:03:d3:06:d2:f7:70:33:
11:60:dc:a9:52:c4:fd:c3:83:7d:97:ae:4e:80:f4:
56:6d:ad:99:5a:da:22:29:1f:20:e3:79:48:18:19:
75:78:66:04:f5:28:af:6a:a8:7b:51:87:88:b3:51:
17:e6:36:f2:e5:eb:fc:55:eb:46:50:49:99:d4:3a:
36:71:b0:86:76:1f:dc:a2:9b:09:58:be:00:a2:60:
10:23:91:1a:c5:25:f9:4e:02:db:66:cb:4b:b6:2b:
03:c4:b0:52:a4:5c:c9:5b:32:d7:67:e6:c4:15:2e:
7f:05:2f:70:f0:4b:56:70:2e:24:2b:10:1a:a0:b3:
2a:ae:63:45:4c:95:d7:83:92:67:1f:53:f2:9b:72:
4d:97:71:65:2e:08:e6:e9:64:54:d5:2d:1d:7d:54:
a7:20:d9:7d:a6:8e:c3:6d:c1:48:8c:df:a4:cd:96:
7d:e5:87:05:e1:de:76:8c:7f:98:4b:ba:54:c5:c1:
f4:02:48:57:60:07:ab:6e:a0:ec:ff:dc:89:60:94:
17:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:21:18:35:CF:CF:B4:EE:10:A1:4C:02:DE:23:B2:04:23:E4:D3:04
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/nyEYNc_PtO4QoUwC3iOyBCPk0wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:11ff:400::-2a02:11ff:473:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
82:1b:3d:e0:c7:52:f3:91:e5:e5:6a:0d:6d:43:6e:94:1c:bb:
43:f6:3d:0c:77:ab:07:91:b2:65:ca:ea:6a:19:96:22:d7:31:
fc:30:95:f7:b5:7a:b2:b9:2e:71:88:e3:d4:7b:ee:14:b8:43:
bc:48:66:f1:10:56:9e:c3:3c:ec:60:e3:8d:ac:05:71:14:b6:
e4:ab:f0:b1:85:5f:9f:01:8f:58:e6:2e:19:94:2c:37:5d:9a:
7a:54:e7:2f:05:2d:81:f1:12:47:a7:c6:ed:cd:11:ae:22:68:
52:1b:2c:75:91:06:23:b2:57:46:a9:d1:9a:be:ab:59:c8:77:
9b:4a:8e:8e:2d:ed:ae:0e:08:12:85:bf:14:20:4e:73:7b:8c:
b0:ba:75:54:1f:c9:9b:cf:70:ae:6a:5e:08:dd:fc:08:ae:3f:
94:10:38:27:81:5e:87:b8:c6:f7:6d:70:42:3d:05:ab:71:c2:
2b:a2:e0:d2:e2:5c:ca:cc:65:aa:59:a3:0f:de:3a:6c:2a:b9:
b2:2b:f6:26:81:18:08:e8:65:5b:5c:b3:0e:ca:d5:60:c6:c2:
d6:2d:00:cb:85:26:4e:23:a5:dd:92:62:bf:65:39:55:58:aa:
cd:5f:de:c3:bf:26:5b:fc:b7:3c:68:cd:b3:0d:8a:0c:61:d9:
2a:3e:9a:60
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZpOPN5M1cZqfPOnMS7qnYNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjUxMTA0MDk0MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjIxMTgzNWNmY2ZiNGVlMTBhMTRjMDJkZTIzYjIwNDIzZTRkMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlckuaTullSIuj6fYJdzRrnBpQNbd
SBa4pA/Caq2nq7azrnircykvTChSH19ne6gxUgxvnwPTBtL3cDMRYNypUsT9w4N9
l65OgPRWba2ZWtoiKR8g43lIGBl1eGYE9Sivaqh7UYeIs1EX5jby5ev8VetGUEmZ
1Do2cbCGdh/copsJWL4AomAQI5EaxSX5TgLbZstLtisDxLBSpFzJWzLXZ+bEFS5/
BS9w8EtWcC4kKxAaoLMqrmNFTJXXg5JnH1Pym3JNl3FlLgjm6WRU1S0dfVSnINl9
po7DbcFIjN+kzZZ95YcF4d52jH+YS7pUxcH0AkhXYAerbqDs/9yJYJQXjwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJ8hGDXPz7TuEKFMAt4jsgQj5NMEMB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvbnlFWU5jX1B0TzRRb1V3QzNpT3lCQ1BrMHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBgIqAhH/
BAMHAioCEf8EcDANBgkqhkiG9w0BAQsFAAOCAQEAghs94MdS85Hl5WoNbUNulBy7
Q/Y9DHerB5GyZcrqahmWItcx/DCV97V6srkucYjj1HvuFLhDvEhm8RBWnsM87GDj
jawFcRS25KvwsYVfnwGPWOYuGZQsN12aelTnLwUtgfESR6fG7c0RriJoUhssdZEG
I7JXRqnRmr6rWch3m0qOji3trg4IEoW/FCBOc3uMsLp1VB/Jm89wrmpeCN38CK4/
lBA4J4Feh7jG921wQj0Fq3HCK6Lg0uJcysxlqlmjD946bCq5siv2JoEYCOhlW1yz
DsrVYMbC1i0Ay4UmTiOl3ZJiv2U5VViqzV/ew78mW/y3PGjNsw2KDGHZKj6aYA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:12:44 2025 by rpki-client