Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/YCaEZB50rCphFHNs0SPFVykePLA.roa
File: YCaEZB50rCphFHNs0SPFVykePLA.roa (raw, json)
Hash identifier: AXiMRnv2MY2eYU5zXOJ4Cp11rWQHmU+zWOZeXxL9Un4=
Subject key identifier: 60:26:84:64:1E:74:AC:2A:61:14:73:6C:D1:23:C5:57:29:1E:3C:B0
Certificate issuer: /CN=cfd6e161dcfb7b72775149d435b79ba9d56d1417
Certificate serial: 0198619062181619203EB0FD95D333D1C8A4
Authority key identifier: CF:D6:E1:61:DC:FB:7B:72:77:51:49:D4:35:B7:9B:A9:D5:6D:14:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/YCaEZB50rCphFHNs0SPFVykePLA.roa
Signing time: Thu 31 Jul 2025 17:38:28 +0000
ROA not before: Thu 31 Jul 2025 17:38:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 5.80.0.0/15 maxlen: 15
5.81.0.0/16 maxlen: 16
31.48.0.0/13 maxlen: 13
62.6.0.0/16 maxlen: 16
62.7.0.0/16 maxlen: 16
62.172.0.0/16 maxlen: 16
81.128.0.0/11 maxlen: 11
81.128.0.0/12 maxlen: 12
86.128.0.0/10 maxlen: 10
86.128.0.0/11 maxlen: 11
86.128.0.0/12 maxlen: 12
109.144.0.0/12 maxlen: 12
185.93.168.0/22 maxlen: 22
192.12.73.0/24 maxlen: 24
193.37.160.0/20 maxlen: 20
194.79.48.0/22 maxlen: 22
195.171.0.0/16 maxlen: 16
212.82.0.0/19 maxlen: 19
213.120.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/z9bhYdz7e3J3UUnUNbebqdVtFBc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/z9bhYdz7e3J3UUnUNbebqdVtFBc.mft
rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:61:90:62:18:16:19:20:3e:b0:fd:95:d3:33:d1:c8:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfd6e161dcfb7b72775149d435b79ba9d56d1417
Validity
Not Before: Jul 31 17:38:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=602684641e74ac2a6114736cd123c557291e3cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:04:df:44:83:6c:1d:40:2c:01:38:0b:7d:51:
49:88:2f:1b:33:5f:46:ad:88:87:09:f4:48:82:d8:
9f:06:44:c2:25:cb:8f:f0:26:e1:16:d2:fc:5c:59:
09:0d:ce:0a:e5:21:67:1d:91:8c:c3:0f:15:f2:94:
fe:26:88:3b:98:a1:8c:d3:05:66:a0:36:bf:f2:18:
88:53:29:5e:55:38:d9:28:9a:bf:ff:ce:ea:dc:7c:
00:da:84:77:9f:43:74:7e:2b:c8:ad:64:84:be:16:
3b:25:a7:3b:63:9c:44:ad:80:0a:ad:51:88:6b:a9:
82:53:e4:67:0d:3f:c7:f8:da:f9:12:a5:75:6b:72:
77:e9:c4:08:0e:7f:ae:a2:7f:d2:7c:7a:c6:db:cb:
9c:ab:e5:e4:d2:31:3e:aa:ec:0c:cd:58:c7:39:96:
6f:aa:fb:40:9c:d8:8c:79:c6:01:82:58:52:a9:e6:
15:7e:59:31:6b:d1:6d:d0:9c:86:4b:d5:08:ef:21:
03:16:6f:cf:7a:1e:88:2a:28:15:1b:07:4c:c8:35:
bd:6f:8e:70:29:08:1f:f4:e1:43:55:84:f0:a3:9e:
f2:d7:66:43:2b:3f:6d:8b:48:99:64:36:16:c2:f6:
7e:08:f9:51:3e:a1:71:6a:6b:df:68:d6:7b:79:fb:
3b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:26:84:64:1E:74:AC:2A:61:14:73:6C:D1:23:C5:57:29:1E:3C:B0
X509v3 Authority Key Identifier:
keyid:CF:D6:E1:61:DC:FB:7B:72:77:51:49:D4:35:B7:9B:A9:D5:6D:14:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/YCaEZB50rCphFHNs0SPFVykePLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/z9bhYdz7e3J3UUnUNbebqdVtFBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.80.0.0/15
31.48.0.0/13
62.6.0.0/15
62.172.0.0/16
81.128.0.0/11
86.128.0.0/10
109.144.0.0/12
185.93.168.0/22
192.12.73.0/24
193.37.160.0/20
194.79.48.0/22
195.171.0.0/16
212.82.0.0/19
213.120.0.0/14
Signature Algorithm: sha256WithRSAEncryption
8b:f9:ae:eb:db:ea:2a:3d:80:71:bd:3d:48:8f:82:d4:dc:72:
28:6e:95:62:c9:3c:b2:b2:1c:ee:74:39:dc:cb:6d:27:88:b8:
c0:8d:c7:c1:72:c4:5c:37:bf:20:1a:43:2b:87:4a:3f:c4:f5:
68:2e:17:30:d4:8c:2e:19:3c:c9:70:bd:f8:bc:f5:9e:ab:52:
68:15:6c:16:f5:49:e9:85:47:1e:f0:f6:b9:32:ec:f6:13:74:
33:d6:fa:2f:77:b8:22:f8:d8:1b:bc:f6:0e:86:dd:5e:65:43:
66:5e:c2:6e:67:ad:bd:9d:d5:3f:4f:17:e0:ec:4f:70:5e:1f:
4d:01:af:59:dc:a4:9a:1e:e5:74:7b:00:63:2e:c9:16:79:5d:
e2:a9:e6:ed:39:07:ef:ab:fa:9c:ef:13:e4:0d:d0:3a:2a:a8:
7d:e9:65:e7:45:5e:3d:6e:30:9e:c5:89:ef:e5:94:80:ce:58:
31:fc:fc:13:6c:f2:0e:19:62:05:df:0d:9a:6b:5f:21:ca:80:
14:59:27:6c:7a:71:d2:c0:75:8a:99:2f:1f:96:7e:52:e7:33:
fc:03:df:5b:77:14:9a:a6:2a:a5:f4:89:fd:ff:2c:0b:1d:73:
0c:62:8b:a0:6d:fc:fd:f1:37:d3:e9:e1:ac:e1:71:bd:c6:c0:
26:36:3c:8a
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZhhkGIYFhkgPrD9ldMz0cikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZDZlMTYxZGNmYjdiNzI3NzUxNDlkNDM1Yjc5YmE5ZDU2
ZDE0MTcwHhcNMjUwNzMxMTczODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDI2ODQ2NDFlNzRhYzJhNjExNDczNmNkMTIzYzU1NzI5MWUzY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQTfRINsHUAsATgLfVFJiC8bM19G
rYiHCfRIgtifBkTCJcuP8CbhFtL8XFkJDc4K5SFnHZGMww8V8pT+Jog7mKGM0wVm
oDa/8hiIUyleVTjZKJq//87q3HwA2oR3n0N0fivIrWSEvhY7Jac7Y5xErYAKrVGI
a6mCU+RnDT/H+Nr5EqV1a3J36cQIDn+uon/SfHrG28ucq+Xk0jE+quwMzVjHOZZv
qvtAnNiMecYBglhSqeYVflkxa9Ft0JyGS9UI7yEDFm/Peh6IKigVGwdMyDW9b45w
KQgf9OFDVYTwo57y12ZDKz9ti0iZZDYWwvZ+CPlRPqFxamvfaNZ7efs7BQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFGAmhGQedKwqYRRzbNEjxVcpHjywMB8GA1UdIwQY
MBaAFM/W4WHc+3tyd1FJ1DW3m6nVbRQXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejliaFlkejdlM0ozVVVuVU5iZWJxZFZ0RkJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS84NTIxNDAtYTI3Zi00NDliLWI1ZmYt
MjIzNzQyZWU0Mzc1LzEvWUNhRVpCNTByQ3BoRkhOczBTUEZWeWtlUExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS84NTIxNDAtYTI3Zi00NDliLWI1ZmYtMjIzNzQyZWU0Mzc1
LzEvejliaFlkejdlM0ozVVVuVU5iZWJxZFZ0RkJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBRBAIAATBLAwMBBVADAwMf
MAMDAT4GAwMAPqwDAwVRgAMDBlaAAwMEbZADBAK5XagDBADADEkDBATBJaADBALC
TzADAwDDqwMEBdRSAAMDAtV4MA0GCSqGSIb3DQEBCwUAA4IBAQCL+a7r2+oqPYBx
vT1Ij4LU3HIobpViyTyyshzudDncy20niLjAjcfBcsRcN78gGkMrh0o/xPVoLhcw
1IwuGTzJcL34vPWeq1JoFWwW9UnphUce8Pa5Muz2E3Qz1vovd7gi+NgbvPYOht1e
ZUNmXsJuZ629ndU/Txfg7E9wXh9NAa9Z3KSaHuV0ewBjLskWeV3iqebtOQfvq/qc
7xPkDdA6Kqh96WXnRV49bjCexYnv5ZSAzlgx/PwTbPIOGWIF3w2aa18hyoAUWSds
enHSwHWKmS8fln5S5zP8A99bdxSapiql9In9/ywLHXMMYougbfz98TfT6eGs4XG9
xsAmNjyK
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:55:34 2025 by rpki-client