Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/1ade0c-9aed-437b-8f18-27f2dca47a2c/1/ylMtZ7R7fkeUU1B9KHOMXQfIdGs.roa
File: ylMtZ7R7fkeUU1B9KHOMXQfIdGs.roa (raw, json)
Hash identifier: DSXOCCTFabtrlzKxDb8ds7fUzGa0VH3hHQbIA5SQrgQ=
Subject key identifier: CA:53:2D:67:B4:7B:7E:47:94:53:50:7D:28:73:8C:5D:07:C8:74:6B
Certificate issuer: /CN=39550a9b752c7397f6f69eaa6a80f09ba7f7d82a
Certificate serial: 0198562282700D0DACA4029EA5E374B793E9
Authority key identifier: 39:55:0A:9B:75:2C:73:97:F6:F6:9E:AA:6A:80:F0:9B:A7:F7:D8:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OVUKm3Usc5f29p6qaoDwm6f32Co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/1ade0c-9aed-437b-8f18-27f2dca47a2c/1/ylMtZ7R7fkeUU1B9KHOMXQfIdGs.roa
Signing time: Tue 29 Jul 2025 12:22:38 +0000
ROA not before: Tue 29 Jul 2025 12:22:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212644
IP address blocks: 188.208.132.0/23 maxlen: 23
188.208.132.0/24 maxlen: 24
188.208.133.0/24 maxlen: 24
2a0d:7000::/32 maxlen: 32
2a0d:7000:132::/48 maxlen: 48
2a0d:7000:133::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/1ade0c-9aed-437b-8f18-27f2dca47a2c/1/OVUKm3Usc5f29p6qaoDwm6f32Co.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/1ade0c-9aed-437b-8f18-27f2dca47a2c/1/OVUKm3Usc5f29p6qaoDwm6f32Co.mft
rsync://rpki.ripe.net/repository/DEFAULT/OVUKm3Usc5f29p6qaoDwm6f32Co.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:22:82:70:0d:0d:ac:a4:02:9e:a5:e3:74:b7:93:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39550a9b752c7397f6f69eaa6a80f09ba7f7d82a
Validity
Not Before: Jul 29 12:22:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca532d67b47b7e479453507d28738c5d07c8746b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ec:41:28:2d:87:8b:6f:85:14:62:7e:39:df:
51:12:94:fe:eb:7c:3f:c4:86:fe:ce:92:65:ad:d2:
74:95:63:1e:ca:ca:51:77:e5:53:38:b2:bc:7c:69:
96:da:9d:ce:54:b8:92:2c:3c:43:c7:59:e4:6b:ab:
f1:51:52:51:3b:f9:21:b0:dc:2f:48:b5:db:35:76:
ad:4f:0b:c1:e3:31:54:49:40:6e:77:28:50:aa:12:
00:35:1e:89:05:07:e9:1d:62:ae:b6:75:71:b5:72:
1c:ce:dc:4a:58:64:ea:e3:26:53:71:88:bd:0d:ad:
e3:b1:be:93:42:c6:5e:5e:63:ae:e7:4c:d1:fa:a4:
14:a6:13:d7:5e:99:fc:a6:69:8b:d9:54:2c:c0:58:
91:8f:16:18:b6:ee:68:98:29:99:65:c4:24:70:cb:
68:89:0f:4d:d2:b2:50:e3:4e:05:76:bf:1b:66:21:
b9:df:bb:11:dd:77:4b:8b:b8:58:20:6f:e2:0f:04:
88:d4:3f:fb:7c:53:5a:38:e6:03:4e:60:a6:a5:31:
b8:7b:23:88:3a:ab:0f:5c:1f:40:8b:51:b6:2a:b6:
16:d2:c0:72:c9:e9:54:04:64:87:5e:db:86:f4:10:
e1:9a:4a:2c:0e:46:d0:76:d3:26:9a:fb:70:3f:eb:
2a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:53:2D:67:B4:7B:7E:47:94:53:50:7D:28:73:8C:5D:07:C8:74:6B
X509v3 Authority Key Identifier:
keyid:39:55:0A:9B:75:2C:73:97:F6:F6:9E:AA:6A:80:F0:9B:A7:F7:D8:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OVUKm3Usc5f29p6qaoDwm6f32Co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/1ade0c-9aed-437b-8f18-27f2dca47a2c/1/ylMtZ7R7fkeUU1B9KHOMXQfIdGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/1ade0c-9aed-437b-8f18-27f2dca47a2c/1/OVUKm3Usc5f29p6qaoDwm6f32Co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.132.0/23
IPv6:
2a0d:7000::/32
Signature Algorithm: sha256WithRSAEncryption
58:dc:2a:fb:12:dd:14:f8:bf:6c:40:1c:6b:d9:58:af:f0:db:
34:d5:77:15:39:c6:54:48:04:59:dc:43:86:f0:3a:58:80:0a:
c2:14:f7:54:0e:3e:16:55:b4:a0:5d:52:39:73:01:65:30:67:
ea:23:ab:09:9e:92:3e:c4:16:11:c3:02:6a:fb:99:bd:c6:3b:
6f:e8:7d:c6:ce:5d:a3:08:d9:2f:6f:c6:b5:c2:f5:8f:cf:9d:
04:4b:08:86:2b:61:3d:c7:23:07:07:af:e1:5c:d5:46:96:52:
d5:55:d3:a2:01:3a:7e:41:dc:ec:4f:bc:23:63:b9:42:79:0b:
a2:64:af:72:30:cb:5c:89:ac:7b:cb:c3:98:66:01:1d:a3:66:
ca:a7:33:ac:88:3e:b3:e2:82:94:70:83:d4:eb:aa:1c:e5:8c:
b4:ee:d6:d2:aa:ca:63:48:30:ee:5b:ed:cc:1b:0a:56:38:02:
60:1a:16:15:7e:70:ce:0b:84:af:74:80:cb:81:9b:1c:35:4e:
b5:d0:0c:c3:8b:d0:33:ba:57:aa:9f:18:70:e6:c1:f4:50:94:
d2:14:cd:e6:93:de:3d:37:dc:83:10:95:3f:90:45:17:dd:26:
7d:06:e7:ae:fd:7a:66:d0:95:c9:ce:cc:16:76:ac:a6:48:53:
db:ac:70:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZhWIoJwDQ2spAKepeN0t5PpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NTUwYTliNzUyYzczOTdmNmY2OWVhYTZhODBmMDliYTdm
N2Q4MmEwHhcNMjUwNzI5MTIyMjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTUzMmQ2N2I0N2I3ZTQ3OTQ1MzUwN2QyODczOGM1ZDA3Yzg3NDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyexBKC2Hi2+FFGJ+Od9REpT+63w/
xIb+zpJlrdJ0lWMeyspRd+VTOLK8fGmW2p3OVLiSLDxDx1nka6vxUVJRO/khsNwv
SLXbNXatTwvB4zFUSUBudyhQqhIANR6JBQfpHWKutnVxtXIcztxKWGTq4yZTcYi9
Da3jsb6TQsZeXmOu50zR+qQUphPXXpn8pmmL2VQswFiRjxYYtu5omCmZZcQkcMto
iQ9N0rJQ404Fdr8bZiG537sR3XdLi7hYIG/iDwSI1D/7fFNaOOYDTmCmpTG4eyOI
OqsPXB9Ai1G2KrYW0sByyelUBGSHXtuG9BDhmkosDkbQdtMmmvtwP+sqqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMpTLWe0e35HlFNQfShzjF0HyHRrMB8GA1UdIwQY
MBaAFDlVCpt1LHOX9vaeqmqA8Jun99gqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ZVS20zVXNjNWYyOXA2cWFvRHdtNmYzMkNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8xYWRlMGMtOWFlZC00MzdiLThmMTgt
MjdmMmRjYTQ3YTJjLzEveWxNdFo3Ujdma2VVVTFCOUtIT01YUWZJZEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8xYWRlMGMtOWFlZC00MzdiLThmMTgtMjdmMmRjYTQ3YTJj
LzEvT1ZVS20zVXNjNWYyOXA2cWFvRHdtNmYzMkNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBvNCEMA0E
AgACMAcDBQAqDXAAMA0GCSqGSIb3DQEBCwUAA4IBAQBY3Cr7Et0U+L9sQBxr2Viv
8Ns01XcVOcZUSARZ3EOG8DpYgArCFPdUDj4WVbSgXVI5cwFlMGfqI6sJnpI+xBYR
wwJq+5m9xjtv6H3Gzl2jCNkvb8a1wvWPz50ESwiGK2E9xyMHB6/hXNVGllLVVdOi
ATp+QdzsT7wjY7lCeQuiZK9yMMtciax7y8OYZgEdo2bKpzOsiD6z4oKUcIPU66oc
5Yy07tbSqspjSDDuW+3MGwpWOAJgGhYVfnDOC4SvdIDLgZscNU610AzDi9Azuleq
nxhw5sH0UJTSFM3mk949N9yDEJU/kEUX3SZ9Bueu/Xpm0JXJzswWdqymSFPbrHD+
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:32:25 2025 by rpki-client