Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/y6CjvWQerUp0Mv77KMhz5spMEWA.roa
File: y6CjvWQerUp0Mv77KMhz5spMEWA.roa (raw, json)
Hash identifier: BRh0sxRN6LJqe+S+C32b8EMbRfEqAVHqJDsn1Jnu7HU=
Subject key identifier: CB:A0:A3:BD:64:1E:AD:4A:74:32:FE:FB:28:C8:73:E6:CA:4C:11:60
Certificate issuer: /CN=6977a3116ecc9d7a429f13651613e8ad149ff324
Certificate serial: 0198510DF1BD3A378ED4BE23F2D2C58E1EB2
Authority key identifier: 69:77:A3:11:6E:CC:9D:7A:42:9F:13:65:16:13:E8:AD:14:9F:F3:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aXejEW7MnXpCnxNlFhPorRSf8yQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/y6CjvWQerUp0Mv77KMhz5spMEWA.roa
Signing time: Mon 28 Jul 2025 12:42:04 +0000
ROA not before: Mon 28 Jul 2025 12:42:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58051
IP address blocks: 45.154.196.0/24 maxlen: 24
185.221.63.0/24 maxlen: 24
193.105.207.0/24 maxlen: 24
2a01:fdc1::/32 maxlen: 32
2a01:fdc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/aXejEW7MnXpCnxNlFhPorRSf8yQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/aXejEW7MnXpCnxNlFhPorRSf8yQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aXejEW7MnXpCnxNlFhPorRSf8yQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 06:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:51:0d:f1:bd:3a:37:8e:d4:be:23:f2:d2:c5:8e:1e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6977a3116ecc9d7a429f13651613e8ad149ff324
Validity
Not Before: Jul 28 12:42:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cba0a3bd641ead4a7432fefb28c873e6ca4c1160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:c8:c3:d0:60:71:85:82:71:0a:79:2a:61:ab:
02:fd:c9:e8:6c:fc:a6:a6:ce:b0:8a:59:d0:48:03:
35:0e:74:29:53:1b:10:81:9d:11:f8:96:c9:14:46:
31:3b:3e:db:03:6f:82:f0:57:97:04:0e:a2:f6:05:
9e:e4:4e:d4:22:96:c4:ef:6d:39:46:fc:61:da:f8:
9b:a4:28:f9:27:ec:bb:82:67:16:5b:fd:75:bd:58:
21:69:31:37:15:d3:9b:be:e6:94:b6:1e:b7:35:79:
32:6f:61:2b:07:48:0e:a1:16:42:9a:a4:fb:22:0c:
7f:34:fc:48:7b:cd:57:c7:07:88:67:43:23:34:6f:
e5:3d:0d:16:48:4c:94:52:9c:7b:d0:55:98:8d:64:
80:a8:c0:f2:9d:eb:4a:1d:2a:77:65:8c:d4:3d:3e:
06:76:7b:11:22:d4:47:40:42:82:09:9a:60:b3:1b:
a5:e5:3f:a9:ee:fb:da:1f:74:d7:27:6d:b5:7a:e2:
44:02:2a:7f:80:f0:3b:f9:04:17:9c:3f:38:9f:4e:
a2:05:0b:f6:ca:40:f4:1f:58:74:2f:bb:cc:c6:7d:
08:af:ae:7b:2a:f0:68:8b:f8:d2:e1:93:86:26:9b:
c9:a1:bb:38:e0:d2:ec:96:af:b7:6b:d0:38:f1:34:
2c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A0:A3:BD:64:1E:AD:4A:74:32:FE:FB:28:C8:73:E6:CA:4C:11:60
X509v3 Authority Key Identifier:
keyid:69:77:A3:11:6E:CC:9D:7A:42:9F:13:65:16:13:E8:AD:14:9F:F3:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXejEW7MnXpCnxNlFhPorRSf8yQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/y6CjvWQerUp0Mv77KMhz5spMEWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/aXejEW7MnXpCnxNlFhPorRSf8yQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.196.0/24
185.221.63.0/24
193.105.207.0/24
IPv6:
2a01:fdc1::-2a01:fdc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4e:ed:5a:1f:5e:7d:c0:25:a6:2e:93:ba:f3:d1:e8:8d:64:b4:
e2:ad:d8:31:4a:4a:b6:f1:d9:8a:7d:ca:08:6e:e5:04:82:33:
b0:02:ec:5a:21:d1:ab:58:77:66:61:2c:87:c2:fc:2f:1b:d3:
f3:53:6c:a8:9c:b9:f9:82:46:4a:71:fa:8b:ca:90:35:db:6f:
7f:fe:87:02:63:06:0f:40:7e:6c:78:20:40:07:e8:6a:52:7d:
53:4d:4c:9b:94:8e:bf:39:30:56:58:f0:06:03:05:f0:e5:7c:
a1:74:1b:68:d6:44:23:f7:ac:cd:b6:c6:18:7d:25:42:9c:69:
a5:95:9f:a9:d8:bc:69:da:bf:04:40:03:ea:4a:c2:cb:26:63:
30:4a:d0:0e:17:fb:a7:98:81:99:32:2e:ed:2a:51:16:68:ac:
5b:80:75:26:24:9f:77:5a:f9:2e:32:39:fb:2e:5c:da:a5:cd:
8d:50:51:d5:f9:b2:ea:6e:0c:81:12:bd:e1:e6:81:e5:f0:f1:
ca:37:e1:9f:c5:93:2f:03:a5:43:c0:ea:0c:07:a4:4d:8c:fa:
03:d3:25:73:97:84:60:42:9e:6b:fc:f7:e2:3b:8d:c5:8e:08:
0e:69:b2:60:bb:1f:fe:00:cf:08:6d:ea:a0:07:9f:24:47:50:
35:36:b8:fe
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZhRDfG9OjeO1L4j8tLFjh6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzdhMzExNmVjYzlkN2E0MjlmMTM2NTE2MTNlOGFkMTQ5
ZmYzMjQwHhcNMjUwNzI4MTI0MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmEwYTNiZDY0MWVhZDRhNzQzMmZlZmIyOGM4NzNlNmNhNGMxMTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7cjD0GBxhYJxCnkqYasC/cnobPym
ps6wilnQSAM1DnQpUxsQgZ0R+JbJFEYxOz7bA2+C8FeXBA6i9gWe5E7UIpbE7205
Rvxh2vibpCj5J+y7gmcWW/11vVghaTE3FdObvuaUth63NXkyb2ErB0gOoRZCmqT7
Igx/NPxIe81XxweIZ0MjNG/lPQ0WSEyUUpx70FWYjWSAqMDynetKHSp3ZYzUPT4G
dnsRItRHQEKCCZpgsxul5T+p7vvaH3TXJ221euJEAip/gPA7+QQXnD84n06iBQv2
ykD0H1h0L7vMxn0Ir657KvBoi/jS4ZOGJpvJobs44NLslq+3a9A48TQsFwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMugo71kHq1KdDL++yjIc+bKTBFgMB8GA1UdIwQY
MBaAFGl3oxFuzJ16Qp8TZRYT6K0Un/MkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhlakVXN01uWHBDbnhObEZoUG9yUlNmOHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85YzY2OTEtYWRhYy00MWU1LThjZTkt
ZjRiN2IzOThjNjM0LzEveTZDanZXUWVyVXAwTXY3N0tNaHo1c3BNRVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85YzY2OTEtYWRhYy00MWU1LThjZTktZjRiN2IzOThjNjM0
LzEvYVhlakVXN01uWHBDbnhObEZoUG9yUlNmOHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQALZrEAwQA
ud0/AwQAwWnPMBYEAgACMBAwDgMFACoB/cEDBQAqAf3CMA0GCSqGSIb3DQEBCwUA
A4IBAQBO7VofXn3AJaYuk7rz0eiNZLTirdgxSkq28dmKfcoIbuUEgjOwAuxaIdGr
WHdmYSyHwvwvG9PzU2yonLn5gkZKcfqLypA1229//ocCYwYPQH5seCBAB+hqUn1T
TUyblI6/OTBWWPAGAwXw5XyhdBto1kQj96zNtsYYfSVCnGmllZ+p2Lxp2r8EQAPq
SsLLJmMwStAOF/unmIGZMi7tKlEWaKxbgHUmJJ93WvkuMjn7Llzapc2NUFHV+bLq
bgyBEr3h5oHl8PHKN+GfxZMvA6VDwOoMB6RNjPoD0yVzl4RgQp5r/PfiO43FjggO
abJgux/+AM8IbeqgB58kR1A1Nrj+
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:00:21 2025 by rpki-client