Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/749346-b08f-4931-8d4a-0538a3a14dfd/1/Yu3nVp_WWr5rQyGcfYxK17BtrSs.roa
File: Yu3nVp_WWr5rQyGcfYxK17BtrSs.roa (raw, json)
Hash identifier: M4mKyUa72k/PIr9xnS+2MIsnuRBDrxvVblz52TMfwf4=
Subject key identifier: 62:ED:E7:56:9F:D6:5A:BE:6B:43:21:9C:7D:8C:4A:D7:B0:6D:AD:2B
Certificate issuer: /CN=71f5e9ea88305f7d316a12a1d49db0e9fb896ce1
Certificate serial: 01987FF4B225D29083A25C7D7978CBAD6770
Authority key identifier: 71:F5:E9:EA:88:30:5F:7D:31:6A:12:A1:D4:9D:B0:E9:FB:89:6C:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cfXp6ogwX30xahKh1J2w6fuJbOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/749346-b08f-4931-8d4a-0538a3a14dfd/1/Yu3nVp_WWr5rQyGcfYxK17BtrSs.roa
Signing time: Wed 06 Aug 2025 15:16:39 +0000
ROA not before: Wed 06 Aug 2025 15:16:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201647
IP address blocks: 91.198.191.0/24 maxlen: 24
193.57.66.0/24 maxlen: 24
193.57.67.0/24 maxlen: 24
193.57.68.0/24 maxlen: 24
193.57.69.0/24 maxlen: 24
193.57.70.0/24 maxlen: 24
193.57.71.0/24 maxlen: 24
193.57.156.0/24 maxlen: 24
193.57.157.0/24 maxlen: 24
193.57.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/749346-b08f-4931-8d4a-0538a3a14dfd/1/cfXp6ogwX30xahKh1J2w6fuJbOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/749346-b08f-4931-8d4a-0538a3a14dfd/1/cfXp6ogwX30xahKh1J2w6fuJbOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cfXp6ogwX30xahKh1J2w6fuJbOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 13:24:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7f:f4:b2:25:d2:90:83:a2:5c:7d:79:78:cb:ad:67:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71f5e9ea88305f7d316a12a1d49db0e9fb896ce1
Validity
Not Before: Aug 6 15:16:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62ede7569fd65abe6b43219c7d8c4ad7b06dad2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ac:d9:34:a2:de:7d:09:42:95:b3:3f:5e:f9:
06:1a:ff:62:07:31:ca:7b:9a:f4:78:2a:00:e2:47:
66:7b:4e:ef:ed:0a:00:c6:1e:0f:a7:04:f1:96:a2:
77:c0:9c:77:08:4a:a0:f7:cf:a6:29:a2:ec:12:89:
e2:21:c6:eb:b7:26:9e:8e:67:fa:03:f3:7b:a0:9c:
ec:ee:32:7b:1c:e7:a9:52:88:c8:82:19:93:e7:93:
99:2b:6f:14:7b:05:61:ca:b6:60:c4:34:3a:af:73:
0c:b5:b3:e0:79:77:e1:25:af:08:7e:85:48:e3:e4:
5b:0d:49:98:19:ed:c6:b9:64:4f:76:23:d5:a9:22:
f1:2f:8e:0e:0b:5e:94:d0:70:d8:95:8c:49:f1:c2:
71:4b:ae:09:7f:01:05:5d:31:70:53:17:52:b8:73:
19:be:f2:fb:ff:b8:15:ee:f2:12:04:e6:82:ca:bb:
36:e6:45:59:a0:3c:b1:2f:a9:21:2a:d5:b6:58:7a:
19:3c:48:65:fc:8a:91:e6:de:fe:14:ce:51:61:91:
3a:aa:55:5c:dc:48:23:32:0e:72:9f:e1:97:aa:9c:
61:4e:15:47:0b:0c:a9:bb:e9:57:f1:c9:4d:ab:d8:
e5:76:3f:c4:a6:f8:2a:53:1c:e2:ca:99:71:3f:55:
89:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:ED:E7:56:9F:D6:5A:BE:6B:43:21:9C:7D:8C:4A:D7:B0:6D:AD:2B
X509v3 Authority Key Identifier:
keyid:71:F5:E9:EA:88:30:5F:7D:31:6A:12:A1:D4:9D:B0:E9:FB:89:6C:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cfXp6ogwX30xahKh1J2w6fuJbOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/749346-b08f-4931-8d4a-0538a3a14dfd/1/Yu3nVp_WWr5rQyGcfYxK17BtrSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/749346-b08f-4931-8d4a-0538a3a14dfd/1/cfXp6ogwX30xahKh1J2w6fuJbOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.191.0/24
193.57.66.0-193.57.71.255
193.57.156.0-193.57.158.255
Signature Algorithm: sha256WithRSAEncryption
6e:72:e8:3b:10:ef:95:f2:3e:eb:27:93:a2:10:ea:a0:0a:70:
55:02:fe:e0:a5:2c:ad:64:3a:07:cd:66:00:4c:56:8b:2a:23:
b5:d7:42:9b:33:ef:d3:ff:69:ca:6a:11:74:e5:a8:1a:77:a4:
54:4a:ca:e6:24:45:4f:f0:29:e5:80:2b:fd:14:60:90:33:a5:
4c:fe:37:c9:fc:95:ed:20:44:78:12:28:9a:2e:ed:ac:35:3e:
38:5d:3d:88:57:35:82:55:ac:0a:98:78:68:2f:48:80:76:ca:
8d:09:17:68:99:09:9e:cc:ca:a7:31:94:43:91:4b:89:07:15:
3d:37:e4:93:b4:78:0f:ff:3a:52:c3:a7:07:63:a5:38:08:c0:
29:2a:54:32:2f:47:63:29:37:bf:bc:7d:fa:5a:58:8c:9e:e5:
69:c2:e7:0c:ac:52:c3:8d:7f:d1:5c:83:b7:42:02:8f:d7:e8:
6e:ef:43:c2:b8:09:30:5d:17:c4:80:8d:23:b2:42:e4:ef:89:
cb:f0:da:84:3c:cd:60:3b:d3:7b:3c:f6:e0:bb:5d:66:df:dc:
82:2b:55:86:cc:e3:b3:e7:9e:1e:d9:5c:e2:2f:24:7a:13:8b:
6e:7a:6b:21:c6:72:13:c7:4c:96:39:ce:2d:b7:5e:0c:db:fe:
7c:76:1d:6f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZh/9LIl0pCDolx9eXjLrWdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZjVlOWVhODgzMDVmN2QzMTZhMTJhMWQ0OWRiMGU5ZmI4
OTZjZTEwHhcNMjUwODA2MTUxNjM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmVkZTc1NjlmZDY1YWJlNmI0MzIxOWM3ZDhjNGFkN2IwNmRhZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KzZNKLefQlClbM/XvkGGv9iBzHK
e5r0eCoA4kdme07v7QoAxh4PpwTxlqJ3wJx3CEqg98+mKaLsEoniIcbrtyaejmf6
A/N7oJzs7jJ7HOepUojIghmT55OZK28UewVhyrZgxDQ6r3MMtbPgeXfhJa8IfoVI
4+RbDUmYGe3GuWRPdiPVqSLxL44OC16U0HDYlYxJ8cJxS64JfwEFXTFwUxdSuHMZ
vvL7/7gV7vISBOaCyrs25kVZoDyxL6khKtW2WHoZPEhl/IqR5t7+FM5RYZE6qlVc
3EgjMg5yn+GXqpxhThVHCwypu+lX8clNq9jldj/EpvgqUxziyplxP1WJIwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGLt51af1lq+a0MhnH2MStewba0rMB8GA1UdIwQY
MBaAFHH16eqIMF99MWoSodSdsOn7iWzhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2ZYcDZvZ3dYMzB4YWhLaDFKMnc2ZnVKYk9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83NDkzNDYtYjA4Zi00OTMxLThkNGEt
MDUzOGEzYTE0ZGZkLzEvWXUzblZwX1dXcjVyUXlHY2ZZeEsxN0J0clNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83NDkzNDYtYjA4Zi00OTMxLThkNGEtMDUzOGEzYTE0ZGZk
LzEvY2ZYcDZvZ3dYMzB4YWhLaDFKMnc2ZnVKYk9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAW8a/MAwD
BAHBOUIDBAPBOUAwDAMEAsE5nAMEAME5njANBgkqhkiG9w0BAQsFAAOCAQEAbnLo
OxDvlfI+6yeTohDqoApwVQL+4KUsrWQ6B81mAExWiyojtddCmzPv0/9pymoRdOWo
GnekVErK5iRFT/Ap5YAr/RRgkDOlTP43yfyV7SBEeBIomi7trDU+OF09iFc1glWs
Cph4aC9IgHbKjQkXaJkJnszKpzGUQ5FLiQcVPTfkk7R4D/86UsOnB2OlOAjAKSpU
Mi9HYyk3v7x9+lpYjJ7lacLnDKxSw41/0VyDt0ICj9fobu9DwrgJMF0XxICNI7JC
5O+Jy/DahDzNYDvTezz24LtdZt/cgitVhszjs+eeHtlc4i8kehOLbnprIcZyE8dM
ljnOLbdeDNv+fHYdbw==
-----END CERTIFICATE-----
Generated at Tue Aug 12 22:42:20 2025 by rpki-client