Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/1168fa-fbf6-4e07-9ec7-919eefba48b5/1/Ty-iZb_Ec_nznm2_0cwyztJTc4w.roa
File: Ty-iZb_Ec_nznm2_0cwyztJTc4w.roa (raw, json)
Hash identifier: gnzJFaxmd6CjC4tK9Lw/KvBHZRZ66fs4fKxH+FjxMvY=
Subject key identifier: 4F:2F:A2:65:BF:C4:73:F9:F3:9E:6D:BF:D1:CC:32:CE:D2:53:73:8C
Certificate issuer: /CN=cf40185f552cd975276c03464f50c7a5d351564c
Certificate serial: 019A0C901ED5ECD77AC52BA686474E25C384
Authority key identifier: CF:40:18:5F:55:2C:D9:75:27:6C:03:46:4F:50:C7:A5:D3:51:56:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0AYX1Us2XUnbANGT1DHpdNRVkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/1168fa-fbf6-4e07-9ec7-919eefba48b5/1/Ty-iZb_Ec_nznm2_0cwyztJTc4w.roa
Signing time: Wed 22 Oct 2025 15:36:02 +0000
ROA not before: Wed 22 Oct 2025 15:36:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 193.222.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/1168fa-fbf6-4e07-9ec7-919eefba48b5/1/z0AYX1Us2XUnbANGT1DHpdNRVkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/1168fa-fbf6-4e07-9ec7-919eefba48b5/1/z0AYX1Us2XUnbANGT1DHpdNRVkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/z0AYX1Us2XUnbANGT1DHpdNRVkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:90:1e:d5:ec:d7:7a:c5:2b:a6:86:47:4e:25:c3:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf40185f552cd975276c03464f50c7a5d351564c
Validity
Not Before: Oct 22 15:36:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f2fa265bfc473f9f39e6dbfd1cc32ced253738c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:1c:c3:4c:19:91:82:5e:22:c7:28:80:82:
c4:2c:e7:3f:30:70:63:00:2b:39:26:17:b9:1e:3d:
0a:9e:fa:ef:b1:e0:8c:1e:5e:79:07:6c:2d:ef:13:
f7:cb:0e:37:eb:48:3a:fe:29:cb:8d:01:ef:c8:9e:
43:24:de:cd:57:b4:98:ce:3c:24:e5:3d:3a:36:57:
54:65:89:80:0d:6e:82:16:58:2e:41:46:f6:c7:6d:
de:95:fb:1c:92:69:2c:b4:00:fd:21:50:e8:34:88:
c5:1b:00:26:48:0f:fa:e8:81:91:9c:00:0d:02:45:
18:11:19:4e:8b:d2:8a:82:69:7c:b6:f9:e9:5b:dd:
ff:46:e7:88:3a:7f:0f:73:43:db:96:8b:9b:f1:7c:
be:ab:1a:ee:11:69:17:0e:93:af:40:4c:6c:cd:2b:
01:67:6b:e0:76:7d:18:71:6e:a8:b6:12:05:ce:86:
f3:5d:ee:c2:75:f2:16:34:fd:84:6d:0d:1d:30:68:
8b:3c:00:54:df:08:cf:73:81:bc:54:8c:53:51:55:
a3:c4:55:48:63:8e:ee:72:fe:cf:6d:76:02:9a:f1:
80:0a:fe:18:e0:37:db:4d:a3:50:15:8f:1a:0f:1e:
47:db:d3:c8:d0:59:58:33:2f:1a:eb:7c:3b:b5:eb:
1f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2F:A2:65:BF:C4:73:F9:F3:9E:6D:BF:D1:CC:32:CE:D2:53:73:8C
X509v3 Authority Key Identifier:
keyid:CF:40:18:5F:55:2C:D9:75:27:6C:03:46:4F:50:C7:A5:D3:51:56:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0AYX1Us2XUnbANGT1DHpdNRVkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/1168fa-fbf6-4e07-9ec7-919eefba48b5/1/Ty-iZb_Ec_nznm2_0cwyztJTc4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/1168fa-fbf6-4e07-9ec7-919eefba48b5/1/z0AYX1Us2XUnbANGT1DHpdNRVkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.222.61.0/24
Signature Algorithm: sha256WithRSAEncryption
44:14:4d:65:d8:44:7e:7f:0f:52:e3:dc:23:33:3b:0f:78:ef:
c0:e8:5b:6a:41:ab:3a:30:00:dc:2a:cf:b8:46:3c:6e:1f:9b:
0a:28:da:73:1b:80:5d:8f:1b:3f:2a:d5:b6:26:4e:5e:6f:5f:
8f:79:98:dc:cf:9c:83:c7:9f:1e:46:1a:33:6e:23:74:4c:6b:
69:ae:be:a3:5d:23:3d:fd:13:bd:6c:80:cb:7f:d7:be:07:f8:
5d:94:b5:37:63:f0:49:65:d7:64:b8:a4:5e:26:13:4c:2e:b8:
76:e1:2c:82:25:df:ec:6e:ca:f1:95:bb:52:fa:31:ea:c6:f0:
70:21:d8:6c:96:8d:1c:80:b2:b5:7d:28:a6:28:48:38:72:4d:
f3:21:3d:42:3a:e0:14:ac:6a:84:e1:91:40:aa:06:97:4f:d8:
6f:73:aa:33:08:bf:33:02:c9:d5:33:6c:e5:97:44:1b:4e:33:
60:b4:5b:5f:9b:fd:f7:e6:79:28:31:1e:c2:42:b6:a4:9a:45:
b2:6d:0f:fa:b1:a9:7b:6b:a1:5d:b2:21:72:a2:5a:f0:5e:ee:
3c:8c:b6:b7:cc:81:04:6c:0e:4c:37:75:9a:46:ca:d9:5c:5d:
98:a5:cb:82:7b:38:79:a8:4d:c2:ba:33:06:5c:aa:4e:80:a1:
12:32:2d:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoMkB7V7Nd6xSumhkdOJcOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNDAxODVmNTUyY2Q5NzUyNzZjMDM0NjRmNTBjN2E1ZDM1
MTU2NGMwHhcNMjUxMDIyMTUzNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJmYTI2NWJmYzQ3M2Y5ZjM5ZTZkYmZkMWNjMzJjZWQyNTM3MzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukIcw0wZkYJeIscogILELOc/MHBj
ACs5Jhe5Hj0KnvrvseCMHl55B2wt7xP3yw4360g6/inLjQHvyJ5DJN7NV7SYzjwk
5T06NldUZYmADW6CFlguQUb2x23elfsckmkstAD9IVDoNIjFGwAmSA/66IGRnAAN
AkUYERlOi9KKgml8tvnpW93/RueIOn8Pc0Pbloub8Xy+qxruEWkXDpOvQExszSsB
Z2vgdn0YcW6othIFzobzXe7CdfIWNP2EbQ0dMGiLPABU3wjPc4G8VIxTUVWjxFVI
Y47ucv7PbXYCmvGACv4Y4DfbTaNQFY8aDx5H29PI0FlYMy8a63w7tesfQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE8vomW/xHP5855tv9HMMs7SU3OMMB8GA1UdIwQY
MBaAFM9AGF9VLNl1J2wDRk9Qx6XTUVZMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBBWVgxVXMyWFVuYkFOR1QxREhwZE5SVmt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8xMTY4ZmEtZmJmNi00ZTA3LTllYzct
OTE5ZWVmYmE0OGI1LzEvVHktaVpiX0VjX256bm0yXzBjd3l6dEpUYzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8xMTY4ZmEtZmJmNi00ZTA3LTllYzctOTE5ZWVmYmE0OGI1
LzEvejBBWVgxVXMyWFVuYkFOR1QxREhwZE5SVmt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwd49MA0G
CSqGSIb3DQEBCwUAA4IBAQBEFE1l2ER+fw9S49wjMzsPeO/A6FtqQas6MADcKs+4
RjxuH5sKKNpzG4Bdjxs/KtW2Jk5eb1+PeZjcz5yDx58eRhozbiN0TGtprr6jXSM9
/RO9bIDLf9e+B/hdlLU3Y/BJZddkuKReJhNMLrh24SyCJd/sbsrxlbtS+jHqxvBw
Idhslo0cgLK1fSimKEg4ck3zIT1COuAUrGqE4ZFAqgaXT9hvc6ozCL8zAsnVM2zl
l0QbTjNgtFtfm/335nkoMR7CQrakmkWybQ/6sal7a6FdsiFyolrwXu48jLa3zIEE
bA5MN3WaRsrZXF2YpcuCezh5qE3CujMGXKpOgKESMi3l
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:30:50 2025 by rpki-client