Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CyZJN3Vn9Wx5Ku4O3sMDB-NRvmY.roa
File: CyZJN3Vn9Wx5Ku4O3sMDB-NRvmY.roa (raw, json)
Hash identifier: WcAEWKGVcfRB667aLpJo4Vp7/mtl7lzZPtVtOBGdblQ=
Subject key identifier: 0B:26:49:37:75:67:F5:6C:79:2A:EE:0E:DE:C3:03:07:E3:51:BE:66
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019A4EEE7B29A05DE593E33F11096B5429E6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CyZJN3Vn9Wx5Ku4O3sMDB-NRvmY.roa
Signing time: Tue 04 Nov 2025 12:54:03 +0000
ROA not before: Tue 04 Nov 2025 12:54:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213542
IP address blocks: 2a0f:df45:25b::/48 maxlen: 48
2a0f:df45:fe5e::/48 maxlen: 48
2a0f:e7c3:1::/48 maxlen: 48
2a0f:ea43:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:ee:7b:29:a0:5d:e5:93:e3:3f:11:09:6b:54:29:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 4 12:54:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b2649377567f56c792aee0edec30307e351be66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:12:e3:8b:b2:2c:c5:33:15:96:07:d6:61:8c:
fa:51:7e:b7:85:5b:1c:4b:b0:8d:04:58:8d:00:ed:
b1:d6:88:fc:d7:4e:56:0b:10:e9:2d:79:6e:67:91:
74:1e:e1:fa:c8:ed:6b:0d:cf:4d:9c:93:8d:d6:45:
fa:f1:fd:dd:f5:d0:56:03:27:36:45:fa:ef:22:53:
45:5d:a7:bc:45:c2:ce:d1:a6:20:b3:fb:1b:de:24:
e1:ec:3d:36:2d:ce:6f:52:5d:1f:fc:bf:15:46:e3:
f7:fe:0e:ed:ef:4c:07:9a:f3:34:46:c6:ae:f2:d5:
ce:90:13:7a:dc:9f:1a:98:e6:bf:02:b5:a9:a2:a7:
b1:34:f7:de:99:55:d7:ff:2b:59:39:d7:c5:2e:3e:
53:89:38:6a:fc:f5:96:92:91:7c:46:cc:c0:6f:c5:
d0:52:dd:fe:6d:5b:94:fd:50:c5:81:ba:c7:26:1b:
47:1a:3e:10:69:88:68:14:9a:5f:2c:7e:cf:c4:4a:
1f:11:d5:c9:2d:b5:2a:c6:db:f7:72:59:ce:82:a7:
94:d3:69:f7:2e:a0:8f:71:50:92:2b:9b:92:80:8f:
51:e5:32:d1:2f:57:e2:e0:04:3f:44:31:4b:b2:7a:
b4:7a:0c:bc:2d:9e:2d:88:16:a2:1d:4a:26:01:a7:
7b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:26:49:37:75:67:F5:6C:79:2A:EE:0E:DE:C3:03:07:E3:51:BE:66
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CyZJN3Vn9Wx5Ku4O3sMDB-NRvmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:df45:25b::/48
2a0f:df45:fe5e::/48
2a0f:e7c3:1::/48
2a0f:ea43:1::/48
Signature Algorithm: sha256WithRSAEncryption
88:d2:e2:6c:22:74:7d:a6:e7:66:2c:e9:c6:39:57:68:d7:b0:
e7:24:c0:99:86:38:2b:ce:27:73:04:25:27:ff:41:63:33:34:
07:cd:95:79:ba:d6:81:37:71:20:df:c6:72:ba:d8:84:56:c0:
05:8e:8a:86:83:fc:13:e6:25:63:a4:f1:be:a9:ca:95:21:1b:
8e:59:9c:7c:a1:88:2d:11:74:5c:ac:9e:56:e3:e4:a5:44:0d:
26:77:4c:5c:55:82:b8:41:53:cd:f1:9e:31:31:45:40:e0:ed:
a3:e2:6a:dc:00:7d:49:f4:97:8b:de:d6:d8:7f:c5:90:78:9f:
b0:d8:d0:73:fe:0a:fd:1e:d3:d1:53:37:7b:74:64:af:ba:a5:
51:2e:c0:28:87:2d:18:27:f4:f9:40:92:36:dd:7f:8c:53:ca:
4e:47:02:4a:f7:63:c5:37:3e:07:6a:c3:84:36:ab:dd:64:eb:
10:c9:c5:bf:65:76:0c:f9:04:9e:af:bd:28:55:70:08:c4:80:
c3:32:22:3f:04:42:f8:71:e8:0c:46:a4:75:fa:11:e6:49:ff:
d2:c3:e8:38:be:10:91:f6:df:6a:a9:79:00:cd:b4:02:e9:7b:
f1:66:0c:9f:ba:65:b0:b0:da:37:b6:8e:23:b6:f8:55:ff:02:
43:8a:6f:d9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZpO7nspoF3lk+M/EQlrVCnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUxMTA0MTI1NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjI2NDkzNzc1NjdmNTZjNzkyYWVlMGVkZWMzMDMwN2UzNTFiZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBLji7IsxTMVlgfWYYz6UX63hVsc
S7CNBFiNAO2x1oj8105WCxDpLXluZ5F0HuH6yO1rDc9NnJON1kX68f3d9dBWAyc2
RfrvIlNFXae8RcLO0aYgs/sb3iTh7D02Lc5vUl0f/L8VRuP3/g7t70wHmvM0Rsau
8tXOkBN63J8amOa/ArWpoqexNPfemVXX/ytZOdfFLj5TiThq/PWWkpF8RszAb8XQ
Ut3+bVuU/VDFgbrHJhtHGj4QaYhoFJpfLH7PxEofEdXJLbUqxtv3clnOgqeU02n3
LqCPcVCSK5uSgI9R5TLRL1fi4AQ/RDFLsnq0egy8LZ4tiBaiHUomAad70wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAsmSTd1Z/VseSruDt7DAwfjUb5mMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ3laSk4zVm45V3g1S3U0TzNzTURCLU5Sdm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKg/fRQJb
AwcAKg/fRf5eAwcAKg/nwwABAwcAKg/qQwABMA0GCSqGSIb3DQEBCwUAA4IBAQCI
0uJsInR9pudmLOnGOVdo17DnJMCZhjgrzidzBCUn/0FjMzQHzZV5utaBN3Eg38Zy
utiEVsAFjoqGg/wT5iVjpPG+qcqVIRuOWZx8oYgtEXRcrJ5W4+SlRA0md0xcVYK4
QVPN8Z4xMUVA4O2j4mrcAH1J9JeL3tbYf8WQeJ+w2NBz/gr9HtPRUzd7dGSvuqVR
LsAohy0YJ/T5QJI23X+MU8pORwJK92PFNz4HasOENqvdZOsQycW/ZXYM+QSer70o
VXAIxIDDMiI/BEL4cegMRqR1+hHmSf/Sw+g4vhCR9t9qqXkAzbQC6XvxZgyfumWw
sNo3to4jtvhV/wJDim/Z
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:40:42 2025 by rpki-client