Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/yOrvlFjeOz6HRgN7M7RpLwrjM4c.roa
File: yOrvlFjeOz6HRgN7M7RpLwrjM4c.roa (raw, json)
Hash identifier: zxQgMHs7sORcUwU2cibCj/HDlkWnlXy2pP3grChdFik=
Subject key identifier: C8:EA:EF:94:58:DE:3B:3E:87:46:03:7B:33:B4:69:2F:0A:E3:33:87
Certificate issuer: /CN=7b6ed027d37bd6109a0311e2869d344ad95935f9
Certificate serial: 019A2FADB0531FCE4210749EECECB4825610
Authority key identifier: 7B:6E:D0:27:D3:7B:D6:10:9A:03:11:E2:86:9D:34:4A:D9:59:35:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e27QJ9N71hCaAxHihp00StlZNfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/yOrvlFjeOz6HRgN7M7RpLwrjM4c.roa
Signing time: Wed 29 Oct 2025 11:15:03 +0000
ROA not before: Wed 29 Oct 2025 11:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211468
IP address blocks: 185.190.38.0/24 maxlen: 24
188.241.55.0/24 maxlen: 24
194.169.166.0/24 maxlen: 24
194.169.167.0/24 maxlen: 24
2a0f:8880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/e27QJ9N71hCaAxHihp00StlZNfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/e27QJ9N71hCaAxHihp00StlZNfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/e27QJ9N71hCaAxHihp00StlZNfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2f:ad:b0:53:1f:ce:42:10:74:9e:ec:ec:b4:82:56:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b6ed027d37bd6109a0311e2869d344ad95935f9
Validity
Not Before: Oct 29 11:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8eaef9458de3b3e8746037b33b4692f0ae33387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:26:db:10:16:89:1c:f8:28:e1:1c:1a:ea:1c:
59:fb:d6:9f:e0:32:58:a2:27:84:24:d4:6f:0c:ef:
33:85:7c:37:8f:3f:53:fd:7b:10:aa:ec:1c:d9:67:
ec:cf:94:4c:61:a4:f4:ca:f7:1e:03:34:2b:9e:bc:
6f:95:2e:80:d3:72:7c:61:65:7e:07:bd:99:b7:e2:
93:8d:f8:e4:14:8d:ef:3d:29:f4:a9:b6:8d:e3:a0:
2b:6c:e3:31:e1:1b:a5:46:fe:40:c5:33:d4:e6:da:
57:61:ef:73:2c:0a:f8:c1:93:3a:2d:c0:98:fe:8f:
ee:18:7f:d9:47:24:dc:b6:b1:14:93:9b:7a:3e:d3:
ce:07:ea:00:e6:6b:d1:af:89:ad:24:60:d3:d0:4b:
e7:67:68:03:42:24:12:6a:5b:5c:b9:40:d9:25:b8:
5a:e4:a2:de:ca:55:6d:1e:29:32:bf:69:85:20:b7:
f6:2d:f0:75:c1:e0:13:f9:83:fd:00:31:df:0d:57:
a0:e0:a0:89:bb:3a:d3:59:7b:4f:89:b8:ef:c1:f4:
35:08:34:18:04:84:ef:14:9a:75:27:30:26:6e:78:
fc:68:58:0c:a2:cd:4b:7a:a9:73:fd:4c:f7:23:c5:
1f:85:7e:68:4e:dc:d7:3b:55:8e:c9:da:b1:3b:a8:
f9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EA:EF:94:58:DE:3B:3E:87:46:03:7B:33:B4:69:2F:0A:E3:33:87
X509v3 Authority Key Identifier:
keyid:7B:6E:D0:27:D3:7B:D6:10:9A:03:11:E2:86:9D:34:4A:D9:59:35:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e27QJ9N71hCaAxHihp00StlZNfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/yOrvlFjeOz6HRgN7M7RpLwrjM4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/597e45-cde4-4c34-8bea-c97e373d704c/1/e27QJ9N71hCaAxHihp00StlZNfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.38.0/24
188.241.55.0/24
194.169.166.0/23
IPv6:
2a0f:8880::/29
Signature Algorithm: sha256WithRSAEncryption
93:2a:de:a1:85:d5:b6:e9:01:37:5b:aa:98:42:1f:ca:39:ee:
12:e8:33:4c:0f:ab:59:b0:a1:68:8c:38:cb:01:1f:4e:36:ba:
41:a7:e8:f8:91:95:ce:3a:57:f6:b5:79:b9:a4:02:a7:44:d3:
74:b4:8a:22:0c:55:16:bc:0c:a7:fb:7e:77:87:64:b5:88:33:
fa:e3:e4:90:45:33:6a:63:26:53:ca:3f:e5:3b:38:5a:62:27:
65:b6:8a:06:f8:8c:19:a8:53:2b:f9:a0:66:e6:c5:27:d6:29:
39:5a:81:e1:79:29:dd:8b:f3:75:da:d3:38:b4:98:78:de:fa:
b7:7a:20:26:50:46:c7:55:47:a7:22:d2:c8:8d:bd:6a:11:ed:
96:a7:e6:ed:74:5b:7a:19:24:0e:d0:0a:a1:17:0a:6d:e1:23:
19:10:c4:54:da:64:da:62:e4:09:41:5e:e4:48:a9:f2:cc:14:
ba:12:58:b7:63:62:72:ba:b3:a2:a9:d8:76:58:58:20:17:2b:
1f:b2:ef:1d:85:9d:d3:47:b9:93:20:fe:70:88:0b:a4:a5:73:
56:c2:ad:b3:6f:69:19:f7:60:98:41:8d:79:98:64:87:d2:61:
50:4a:20:f2:73:f4:54:b4:ce:55:2f:03:d0:fd:77:d3:98:76:
e3:01:c9:e6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZovrbBTH85CEHSe7Oy0glYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNmVkMDI3ZDM3YmQ2MTA5YTAzMTFlMjg2OWQzNDRhZDk1
OTM1ZjkwHhcNMjUxMDI5MTExNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGVhZWY5NDU4ZGUzYjNlODc0NjAzN2IzM2I0NjkyZjBhZTMzMzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArybbEBaJHPgo4Rwa6hxZ+9af4DJY
oieEJNRvDO8zhXw3jz9T/XsQquwc2Wfsz5RMYaT0yvceAzQrnrxvlS6A03J8YWV+
B72Zt+KTjfjkFI3vPSn0qbaN46ArbOMx4RulRv5AxTPU5tpXYe9zLAr4wZM6LcCY
/o/uGH/ZRyTctrEUk5t6PtPOB+oA5mvRr4mtJGDT0EvnZ2gDQiQSaltcuUDZJbha
5KLeylVtHikyv2mFILf2LfB1weAT+YP9ADHfDVeg4KCJuzrTWXtPibjvwfQ1CDQY
BITvFJp1JzAmbnj8aFgMos1Leqlz/Uz3I8UfhX5oTtzXO1WOydqxO6j5YwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMjq75RY3js+h0YDezO0aS8K4zOHMB8GA1UdIwQY
MBaAFHtu0CfTe9YQmgMR4oadNErZWTX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTI3UUo5TjcxaENhQXhIaWhwMDBTdGxaTmZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OTdlNDUtY2RlNC00YzM0LThiZWEt
Yzk3ZTM3M2Q3MDRjLzEveU9ydmxGamVPejZIUmdON003UnBMd3JqTTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy81OTdlNDUtY2RlNC00YzM0LThiZWEtYzk3ZTM3M2Q3MDRj
LzEvZTI3UUo5TjcxaENhQXhIaWhwMDBTdGxaTmZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAub4mAwQA
vPE3AwQBwqmmMA0EAgACMAcDBQMqD4iAMA0GCSqGSIb3DQEBCwUAA4IBAQCTKt6h
hdW26QE3W6qYQh/KOe4S6DNMD6tZsKFojDjLAR9ONrpBp+j4kZXOOlf2tXm5pAKn
RNN0tIoiDFUWvAyn+353h2S1iDP64+SQRTNqYyZTyj/lOzhaYidltooG+IwZqFMr
+aBm5sUn1ik5WoHheSndi/N12tM4tJh43vq3eiAmUEbHVUenItLIjb1qEe2Wp+bt
dFt6GSQO0AqhFwpt4SMZEMRU2mTaYuQJQV7kSKnyzBS6Eli3Y2JyurOiqdh2WFgg
Fysfsu8dhZ3TR7mTIP5wiAukpXNWwq2zb2kZ92CYQY15mGSH0mFQSiDyc/RUtM5V
LwPQ/XfTmHbjAcnm
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:25:50 2025 by rpki-client