Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/yedVX2Bb1fw9QHeEL7aMz-eiDBc.roa
File: yedVX2Bb1fw9QHeEL7aMz-eiDBc.roa (raw, json)
Hash identifier: nTi5nmxACtrhi4lwIaboxq43TOZLUrk6W1f8QXWcQkQ=
Subject key identifier: C9:E7:55:5F:60:5B:D5:FC:3D:40:77:84:2F:B6:8C:CF:E7:A2:0C:17
Certificate issuer: /CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Certificate serial: 019A534C56B8A72E58E9AB2FA3D59AAE0FDB
Authority key identifier: A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/yedVX2Bb1fw9QHeEL7aMz-eiDBc.roa
Signing time: Wed 05 Nov 2025 09:15:03 +0000
ROA not before: Wed 05 Nov 2025 09:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.157.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 06:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:4c:56:b8:a7:2e:58:e9:ab:2f:a3:d5:9a:ae:0f:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71a2a2db4d7418e9bf4f93c8c046a0161663c62
Validity
Not Before: Nov 5 09:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9e7555f605bd5fc3d4077842fb68ccfe7a20c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:26:a5:ca:99:f1:71:06:64:73:fe:1a:85:cf:
0a:e5:2f:16:5b:26:4a:28:5d:73:91:bd:ac:e7:7c:
7c:8b:b7:a8:1c:2c:47:65:00:2f:2e:e7:9f:19:18:
2f:d0:dd:61:73:1a:02:7f:c7:c9:bc:f4:fe:d2:af:
61:42:8e:d5:9c:e5:99:79:6e:28:4c:f8:33:c4:46:
76:27:95:ee:2a:4a:a0:ab:05:e1:87:95:4d:9e:fd:
b8:b1:3f:16:e3:2e:14:a8:15:bd:40:39:38:59:93:
3c:0f:77:98:a4:f2:6e:6a:31:75:3d:cf:f8:7a:d6:
d6:14:8f:29:72:ed:15:00:17:c9:74:e7:b1:d2:07:
a5:ab:6c:da:99:b8:93:a8:1d:9f:e2:7e:c0:6e:8e:
49:0b:dd:5b:24:51:11:91:1e:c9:54:46:e8:de:58:
cc:c5:3d:08:66:aa:3c:aa:f1:7d:7b:e8:f1:a6:30:
d7:df:6a:bd:91:00:fd:09:17:6c:45:28:4a:3d:44:
3b:2a:55:74:26:36:12:dd:3d:e6:a6:55:e8:82:8d:
02:33:5c:4c:32:86:4c:11:d6:06:b5:da:59:84:31:
49:56:11:95:83:9f:da:cf:7c:e2:7f:23:dd:7d:cb:
5a:73:6b:fa:17:b2:86:7b:4e:ad:ba:d2:eb:78:5f:
76:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E7:55:5F:60:5B:D5:FC:3D:40:77:84:2F:B6:8C:CF:E7:A2:0C:17
X509v3 Authority Key Identifier:
keyid:A7:1A:2A:2D:B4:D7:41:8E:9B:F4:F9:3C:8C:04:6A:01:61:66:3C:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxoqLbTXQY6b9Pk8jARqAWFmPGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/yedVX2Bb1fw9QHeEL7aMz-eiDBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/b7abdf-3be1-4642-9f3e-f1f0b9598f32/1/pxoqLbTXQY6b9Pk8jARqAWFmPGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.51.0/24
Signature Algorithm: sha256WithRSAEncryption
51:25:de:6d:a3:c8:1b:23:a7:d6:4b:2a:ba:9a:cd:97:22:9d:
3d:8e:fe:77:b4:d9:1b:b5:99:c8:32:94:ab:49:21:92:69:02:
11:2a:ac:f5:33:ec:d7:9b:ec:9e:e9:fe:42:70:88:99:50:fb:
fd:2a:5d:fd:a7:82:dc:36:06:07:0b:3d:b2:1d:c0:92:90:c0:
8f:e5:e6:5f:95:73:b5:e4:eb:fb:f0:53:f4:d2:e2:3b:7c:16:
93:64:59:9a:b5:02:aa:77:d7:7b:5e:af:e0:95:d7:b3:92:4e:
3f:f8:cf:ee:1c:a2:31:b2:5c:f0:98:e4:5b:81:1b:59:51:86:
d0:7a:bd:54:59:ba:4d:53:6d:63:12:c4:a0:6d:40:22:68:1c:
bb:3b:11:19:ce:2a:0e:57:55:8e:54:b6:11:7d:66:33:e0:05:
9a:c2:24:fd:0d:a4:ea:fd:bb:4e:cd:11:5e:0f:9e:5b:8e:a8:
ee:27:ce:1c:fe:9c:d6:73:24:b0:4a:2e:42:84:90:10:42:ab:
70:e4:52:f7:b5:ba:83:15:32:74:e0:41:fb:49:ca:f1:a7:fd:
ca:43:a7:81:d8:e7:87:be:10:7f:36:63:80:6c:3c:fc:a8:19:
88:3d:d4:d5:b2:57:d9:5d:38:2b:c7:45:e9:34:6c:da:6a:7f:
a6:c6:87:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZpTTFa4py5Y6asvo9Warg/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWEyYTJkYjRkNzQxOGU5YmY0ZjkzYzhjMDQ2YTAxNjE2
NjNjNjIwHhcNMjUxMTA1MDkxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU3NTU1ZjYwNWJkNWZjM2Q0MDc3ODQyZmI2OGNjZmU3YTIwYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SalypnxcQZkc/4ahc8K5S8WWyZK
KF1zkb2s53x8i7eoHCxHZQAvLuefGRgv0N1hcxoCf8fJvPT+0q9hQo7VnOWZeW4o
TPgzxEZ2J5XuKkqgqwXhh5VNnv24sT8W4y4UqBW9QDk4WZM8D3eYpPJuajF1Pc/4
etbWFI8pcu0VABfJdOex0gelq2zambiTqB2f4n7Abo5JC91bJFERkR7JVEbo3ljM
xT0IZqo8qvF9e+jxpjDX32q9kQD9CRdsRShKPUQ7KlV0JjYS3T3mplXogo0CM1xM
MoZMEdYGtdpZhDFJVhGVg5/az3zifyPdfctac2v6F7KGe06tutLreF92JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnnVV9gW9X8PUB3hC+2jM/nogwXMB8GA1UdIwQY
MBaAFKcaKi2010GOm/T5PIwEagFhZjxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2Ut
ZjFmMGI5NTk4ZjMyLzEveWVkVlgyQmIxZnc5UUhlRUw3YU16LWVpREJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9iN2FiZGYtM2JlMS00NjQyLTlmM2UtZjFmMGI5NTk4ZjMy
LzEvcHhvcUxiVFhRWTZiOVBrOGpBUnFBV0ZtUEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ0zMA0G
CSqGSIb3DQEBCwUAA4IBAQBRJd5to8gbI6fWSyq6ms2XIp09jv53tNkbtZnIMpSr
SSGSaQIRKqz1M+zXm+ye6f5CcIiZUPv9Kl39p4LcNgYHCz2yHcCSkMCP5eZflXO1
5Ov78FP00uI7fBaTZFmatQKqd9d7Xq/gldezkk4/+M/uHKIxslzwmORbgRtZUYbQ
er1UWbpNU21jEsSgbUAiaBy7OxEZzioOV1WOVLYRfWYz4AWawiT9DaTq/btOzRFe
D55bjqjuJ84c/pzWcySwSi5ChJAQQqtw5FL3tbqDFTJ04EH7Scrxp/3KQ6eB2OeH
vhB/NmOAbDz8qBmIPdTVslfZXTgrx0XpNGzaan+mxofl
-----END CERTIFICATE-----
Generated at Fri Nov 7 11:42:42 2025 by rpki-client