Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/ydvCtvONpdehWvZyLz4a_kzVi0E.roa
File: ydvCtvONpdehWvZyLz4a_kzVi0E.roa (raw, json)
Hash identifier: V+d/f8/0Wlo4AiaUZ92fGFDRKXdfWft1w4yI/WlCqx8=
Subject key identifier: C9:DB:C2:B6:F3:8D:A5:D7:A1:5A:F6:72:2F:3E:1A:FE:4C:D5:8B:41
Certificate issuer: /CN=24f51bbdf01088d34c6baaeef86bda25a9f02196
Certificate serial: 019A4974CEBBFE208835344929C763D98EC4
Authority key identifier: 24:F5:1B:BD:F0:10:88:D3:4C:6B:AA:EE:F8:6B:DA:25:A9:F0:21:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JPUbvfAQiNNMa6ru-GvaJanwIZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/ydvCtvONpdehWvZyLz4a_kzVi0E.roa
Signing time: Mon 03 Nov 2025 11:23:03 +0000
ROA not before: Mon 03 Nov 2025 11:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 85.198.36.0/24 maxlen: 24
85.198.41.0/24 maxlen: 24
85.198.46.0/24 maxlen: 24
91.123.9.0/24 maxlen: 24
190.106.176.0/24 maxlen: 24
206.195.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/JPUbvfAQiNNMa6ru-GvaJanwIZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/JPUbvfAQiNNMa6ru-GvaJanwIZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/JPUbvfAQiNNMa6ru-GvaJanwIZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 14:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:49:74:ce:bb:fe:20:88:35:34:49:29:c7:63:d9:8e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24f51bbdf01088d34c6baaeef86bda25a9f02196
Validity
Not Before: Nov 3 11:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9dbc2b6f38da5d7a15af6722f3e1afe4cd58b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1c:f7:da:9a:11:82:3f:87:7f:20:b8:a5:4f:
45:54:6c:01:01:94:82:18:0d:f1:b9:6c:50:8d:1b:
b4:7d:19:fe:43:a5:c9:ca:be:d4:75:f7:68:03:3e:
f4:5b:e6:2b:3a:5d:fc:14:a1:78:18:dd:4c:bd:80:
82:73:f2:55:33:2d:9b:64:80:30:9f:2c:0d:f5:69:
6f:6d:ab:2f:a2:46:8a:23:8c:ac:7f:fa:05:fa:89:
92:f5:f0:f6:4b:ae:a9:09:cf:d7:fe:b8:89:78:cf:
b0:ff:13:5d:a0:96:cb:6d:a5:b3:70:0a:83:86:9e:
42:66:35:66:0a:74:3e:a4:21:18:b5:57:1e:0a:6c:
39:86:d4:f1:a7:38:f4:88:4f:fb:6a:58:74:4a:6f:
72:73:70:fa:5a:d0:7c:c6:fc:4f:c5:8d:af:cf:03:
61:c7:dd:18:14:20:8a:41:85:b7:11:c5:5b:19:1e:
9d:ff:ef:fc:d7:df:56:84:ca:12:50:18:34:8f:41:
67:e4:a7:96:ab:69:8b:b3:94:4f:be:e6:bf:02:6f:
17:08:1c:a8:6f:e9:f8:0c:56:87:96:1d:c1:c2:38:
b2:29:3b:bd:80:58:23:e3:1a:03:bb:5e:73:0a:c5:
ed:fd:b2:b5:a6:da:b4:f4:8b:12:b6:12:45:d1:9b:
a5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:DB:C2:B6:F3:8D:A5:D7:A1:5A:F6:72:2F:3E:1A:FE:4C:D5:8B:41
X509v3 Authority Key Identifier:
keyid:24:F5:1B:BD:F0:10:88:D3:4C:6B:AA:EE:F8:6B:DA:25:A9:F0:21:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JPUbvfAQiNNMa6ru-GvaJanwIZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/ydvCtvONpdehWvZyLz4a_kzVi0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/JPUbvfAQiNNMa6ru-GvaJanwIZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.36.0/24
85.198.41.0/24
85.198.46.0/24
91.123.9.0/24
190.106.176.0/24
206.195.143.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:f7:50:63:af:4b:3e:85:ce:9c:31:15:95:44:ac:11:05:09:
e5:74:21:90:d9:51:c8:24:ad:73:35:26:43:7c:3f:94:9d:2b:
e9:1f:90:8b:28:25:9e:61:b5:d4:dd:da:19:d0:72:b3:53:39:
eb:a4:a7:63:ff:23:1b:e9:8b:15:d0:10:28:c2:6b:21:17:05:
12:76:be:49:02:20:bd:31:dd:fe:07:6d:a2:e9:eb:71:6d:41:
a5:48:c0:7d:86:e3:b3:e2:f4:45:0a:c0:e9:b3:56:d9:fe:c6:
bf:62:de:e8:83:cc:78:5b:5d:f1:90:0e:8c:37:ed:2d:2d:04:
7f:a5:53:2a:9a:6a:06:c4:5f:c2:ec:b7:fd:d1:1f:cc:a8:e5:
1e:97:b1:d2:27:bf:66:d6:6f:b2:14:86:87:0a:5d:f7:b2:95:
47:57:d1:84:45:f4:f2:ff:dd:7b:98:36:ac:fc:95:9d:d1:1a:
b8:7a:a5:d8:f8:04:1c:cf:6e:9c:79:49:37:63:fd:07:d0:96:
a0:1d:e9:f8:1c:e4:e2:e4:c3:93:30:6d:58:30:13:c6:95:6e:
c4:85:a2:b8:b3:57:4f:90:97:97:d5:eb:c9:84:5d:cc:57:0c:
a9:a1:2f:05:92:5e:b4:d2:b9:18:fa:01:2f:67:10:7a:65:16:
0d:60:b6:57
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZpJdM67/iCINTRJKcdj2Y7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZjUxYmJkZjAxMDg4ZDM0YzZiYWFlZWY4NmJkYTI1YTlm
MDIxOTYwHhcNMjUxMTAzMTEyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWRiYzJiNmYzOGRhNWQ3YTE1YWY2NzIyZjNlMWFmZTRjZDU4YjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhz32poRgj+HfyC4pU9FVGwBAZSC
GA3xuWxQjRu0fRn+Q6XJyr7UdfdoAz70W+YrOl38FKF4GN1MvYCCc/JVMy2bZIAw
nywN9WlvbasvokaKI4ysf/oF+omS9fD2S66pCc/X/riJeM+w/xNdoJbLbaWzcAqD
hp5CZjVmCnQ+pCEYtVceCmw5htTxpzj0iE/7alh0Sm9yc3D6WtB8xvxPxY2vzwNh
x90YFCCKQYW3EcVbGR6d/+/8199WhMoSUBg0j0Fn5KeWq2mLs5RPvua/Am8XCByo
b+n4DFaHlh3BwjiyKTu9gFgj4xoDu15zCsXt/bK1ptq09IsSthJF0ZulawIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMnbwrbzjaXXoVr2ci8+Gv5M1YtBMB8GA1UdIwQY
MBaAFCT1G73wEIjTTGuq7vhr2iWp8CGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlBVYnZmQVFpTk5NYTZydS1HdmFKYW53SVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9lOGViZDYtNTYxZC00MmFmLWJiMzYt
NTIwMWEyM2Q3YTQ5LzEveWR2Q3R2T05wZGVoV3ZaeUx6NGFfa3pWaTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9lOGViZDYtNTYxZC00MmFmLWJiMzYtNTIwMWEyM2Q3YTQ5
LzEvSlBVYnZmQVFpTk5NYTZydS1HdmFKYW53SVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVcYkAwQA
VcYpAwQAVcYuAwQAW3sJAwQAvmqwAwQAzsOPMA0GCSqGSIb3DQEBCwUAA4IBAQDT
91Bjr0s+hc6cMRWVRKwRBQnldCGQ2VHIJK1zNSZDfD+UnSvpH5CLKCWeYbXU3doZ
0HKzUznrpKdj/yMb6YsV0BAowmshFwUSdr5JAiC9Md3+B22i6etxbUGlSMB9huOz
4vRFCsDps1bZ/sa/Yt7og8x4W13xkA6MN+0tLQR/pVMqmmoGxF/C7Lf90R/MqOUe
l7HSJ79m1m+yFIaHCl33spVHV9GERfTy/917mDas/JWd0Rq4eqXY+AQcz26ceUk3
Y/0H0JagHen4HOTi5MOTMG1YMBPGlW7EhaK4s1dPkJeX1evJhF3MVwypoS8Fkl60
0rkY+gEvZxB6ZRYNYLZX
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:50:18 2025 by rpki-client