Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/ypFsEEGfd4O6J1p0mZ1RbqGav-M.roa
File: ypFsEEGfd4O6J1p0mZ1RbqGav-M.roa (raw, json)
Hash identifier: g61lW89AaUIOw5VOlu2FfGAQF1zl2FJ+pmT3aU1q7R4=
Subject key identifier: CA:91:6C:10:41:9F:77:83:BA:27:5A:74:99:9D:51:6E:A1:9A:BF:E3
Certificate issuer: /CN=7031374eb9679109e91a38e28b17bf260ab9d3ab
Certificate serial: 019A49627E99F29545020C7659050443EDA7
Authority key identifier: 70:31:37:4E:B9:67:91:09:E9:1A:38:E2:8B:17:BF:26:0A:B9:D3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cDE3TrlnkQnpGjjiixe_Jgq506s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/ypFsEEGfd4O6J1p0mZ1RbqGav-M.roa
Signing time: Mon 03 Nov 2025 11:03:02 +0000
ROA not before: Mon 03 Nov 2025 11:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51681
IP address blocks: 185.223.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/cDE3TrlnkQnpGjjiixe_Jgq506s.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/cDE3TrlnkQnpGjjiixe_Jgq506s.mft
rsync://rpki.ripe.net/repository/DEFAULT/cDE3TrlnkQnpGjjiixe_Jgq506s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:49:62:7e:99:f2:95:45:02:0c:76:59:05:04:43:ed:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7031374eb9679109e91a38e28b17bf260ab9d3ab
Validity
Not Before: Nov 3 11:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca916c10419f7783ba275a74999d516ea19abfe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3e:fe:7e:15:80:84:0a:34:09:af:ce:ca:c6:
fc:64:da:6a:8e:5f:c8:7e:7b:97:2d:52:07:6d:02:
d6:46:72:d7:ba:18:c0:5a:7c:4d:f9:f2:c5:3e:d5:
b4:10:d5:de:a1:f1:e8:96:b3:be:2b:fc:b9:d6:df:
b2:2e:8d:f1:db:3b:68:3a:00:43:62:26:17:82:df:
07:61:9b:1a:77:f0:56:d4:00:3c:cd:24:02:09:d7:
97:ec:16:57:cd:8f:ad:39:bb:6a:25:59:6a:cd:16:
65:2d:89:29:11:c5:cf:46:1c:8a:d7:c7:fc:7d:cb:
13:6a:18:77:ba:9b:76:39:a2:64:ab:34:79:de:bb:
eb:f8:e9:f6:ea:ce:6b:34:66:a6:38:4c:d6:8b:ee:
97:08:f1:6b:d8:fb:36:55:d7:78:22:43:39:53:6e:
b3:9c:99:fd:2f:df:12:6c:87:b1:19:0d:c9:45:b6:
36:e5:f9:97:a6:31:29:30:81:4c:3b:09:d6:47:98:
1f:c3:63:32:3a:52:05:65:bf:ca:b8:58:3d:2e:2d:
32:18:92:ce:95:20:e6:c0:d9:c9:f7:be:75:14:fa:
31:6b:be:b5:a5:a5:44:56:4e:a4:d7:ef:2b:e4:bd:
1e:bc:a0:c3:c9:2a:f9:eb:34:ee:08:e6:f5:48:d0:
3d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:91:6C:10:41:9F:77:83:BA:27:5A:74:99:9D:51:6E:A1:9A:BF:E3
X509v3 Authority Key Identifier:
keyid:70:31:37:4E:B9:67:91:09:E9:1A:38:E2:8B:17:BF:26:0A:B9:D3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cDE3TrlnkQnpGjjiixe_Jgq506s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/ypFsEEGfd4O6J1p0mZ1RbqGav-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d8b73b-5013-43cd-ba2b-2c2180714e71/1/cDE3TrlnkQnpGjjiixe_Jgq506s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.138.0/24
Signature Algorithm: sha256WithRSAEncryption
50:79:3e:e4:70:70:6f:7f:4e:55:07:93:50:ae:b6:10:61:4d:
33:0a:0b:91:a2:2d:b5:85:04:ca:72:5f:12:70:5d:25:ff:4d:
ec:68:4d:28:bb:1c:f3:c4:b1:1e:3b:38:fe:d0:ac:01:92:5c:
d0:1d:10:a7:4f:14:f3:56:18:b8:24:df:75:d8:55:22:7c:33:
0d:31:21:90:35:bc:7e:12:4d:50:d4:7c:f6:32:56:a9:cd:d5:
7b:60:1b:e6:12:5c:ee:c0:30:06:6a:f5:99:85:12:3c:e4:3d:
f5:49:20:88:d3:60:16:9a:fa:7c:32:cd:4c:5c:d7:83:cd:08:
43:9d:f2:af:ea:b2:d3:eb:9d:2a:d3:01:e9:d3:0f:75:e5:aa:
d1:f0:c3:f5:24:d6:e1:14:4e:b6:a1:d2:8a:12:21:02:13:52:
c8:1e:ac:d0:9e:08:3f:a4:d7:44:a3:5e:89:21:a6:5e:09:b0:
44:d1:5b:91:0b:49:54:b0:42:00:e7:05:fe:6b:4e:a1:69:4b:
96:77:5e:dd:35:12:36:33:25:d0:5f:55:12:bb:bf:35:89:1c:
00:97:ec:8d:e1:0d:f9:61:b1:4b:81:28:69:94:ac:8a:7a:f9:
48:4f:04:67:5b:ae:eb:b7:2d:f1:76:10:b0:38:58:e4:fc:88:
7d:0a:28:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZpJYn6Z8pVFAgx2WQUEQ+2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMzEzNzRlYjk2NzkxMDllOTFhMzhlMjhiMTdiZjI2MGFi
OWQzYWIwHhcNMjUxMTAzMTEwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTkxNmMxMDQxOWY3NzgzYmEyNzVhNzQ5OTlkNTE2ZWExOWFiZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj7+fhWAhAo0Ca/Oysb8ZNpqjl/I
fnuXLVIHbQLWRnLXuhjAWnxN+fLFPtW0ENXeofHolrO+K/y51t+yLo3x2ztoOgBD
YiYXgt8HYZsad/BW1AA8zSQCCdeX7BZXzY+tObtqJVlqzRZlLYkpEcXPRhyK18f8
fcsTahh3upt2OaJkqzR53rvr+On26s5rNGamOEzWi+6XCPFr2Ps2Vdd4IkM5U26z
nJn9L98SbIexGQ3JRbY25fmXpjEpMIFMOwnWR5gfw2MyOlIFZb/KuFg9Li0yGJLO
lSDmwNnJ9751FPoxa761paVEVk6k1+8r5L0evKDDySr56zTuCOb1SNA9vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqRbBBBn3eDuidadJmdUW6hmr/jMB8GA1UdIwQY
MBaAFHAxN065Z5EJ6Ro44osXvyYKudOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0RFM1RybG5rUW5wR2pqaWl4ZV9KZ3E1MDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9kOGI3M2ItNTAxMy00M2NkLWJhMmIt
MmMyMTgwNzE0ZTcxLzEveXBGc0VFR2ZkNE82SjFwMG1aMVJicUdhdi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9kOGI3M2ItNTAxMy00M2NkLWJhMmItMmMyMTgwNzE0ZTcx
LzEvY0RFM1RybG5rUW5wR2pqaWl4ZV9KZ3E1MDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud+KMA0G
CSqGSIb3DQEBCwUAA4IBAQBQeT7kcHBvf05VB5NQrrYQYU0zCguRoi21hQTKcl8S
cF0l/03saE0ouxzzxLEeOzj+0KwBklzQHRCnTxTzVhi4JN912FUifDMNMSGQNbx+
Ek1Q1Hz2MlapzdV7YBvmElzuwDAGavWZhRI85D31SSCI02AWmvp8Ms1MXNeDzQhD
nfKv6rLT650q0wHp0w915arR8MP1JNbhFE62odKKEiECE1LIHqzQngg/pNdEo16J
IaZeCbBE0VuRC0lUsEIA5wX+a06haUuWd17dNRI2MyXQX1USu781iRwAl+yN4Q35
YbFLgShplKyKevlITwRnW67rty3xdhCwOFjk/Ih9Ciib
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:22:19 2025 by rpki-client