Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Ymqi0xcsUjA1NVqUcqHxwJzAdDI.roa
File: Ymqi0xcsUjA1NVqUcqHxwJzAdDI.roa (raw, json)
Hash identifier: y57fT+m+RkYde5FDxohXKnixkU+DodRkb0lEQr+x3zE=
Subject key identifier: 62:6A:A2:D3:17:2C:52:30:35:35:5A:94:72:A1:F1:C0:9C:C0:74:32
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019A358A3C6E560EAF96560B4FC5A2F66E4A
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Ymqi0xcsUjA1NVqUcqHxwJzAdDI.roa
Signing time: Thu 30 Oct 2025 14:34:03 +0000
ROA not before: Thu 30 Oct 2025 14:34:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200740
IP address blocks: 89.44.84.0/23 maxlen: 23
95.81.77.0/24 maxlen: 24
95.81.93.0/24 maxlen: 24
95.81.94.0/23 maxlen: 23
95.81.112.0/24 maxlen: 24
95.81.113.0/24 maxlen: 24
95.81.119.0/24 maxlen: 24
95.81.120.0/24 maxlen: 24
103.85.112.0/24 maxlen: 24
103.85.113.0/24 maxlen: 24
109.69.56.0/23 maxlen: 23
109.69.58.0/23 maxlen: 23
185.103.252.0/23 maxlen: 23
185.103.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:35:8a:3c:6e:56:0e:af:96:56:0b:4f:c5:a2:f6:6e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Oct 30 14:34:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=626aa2d3172c523035355a9472a1f1c09cc07432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:bd:a6:db:cf:3d:39:42:56:64:ce:c5:be:52:
c2:12:31:ba:86:92:de:bc:a2:de:f4:1e:e4:e4:75:
40:f1:74:b6:c8:58:27:64:34:23:69:97:34:20:b8:
09:e0:7f:a5:2a:c3:f7:06:a6:30:0b:17:17:22:49:
6f:98:ca:5e:15:91:09:01:67:6e:68:39:30:69:2c:
d9:69:41:dd:4f:e7:9c:51:11:62:fe:52:38:67:bb:
a8:2a:86:3b:19:43:e3:5a:bc:2c:82:0e:1d:3c:db:
63:9b:f7:33:90:7c:07:81:88:5c:a6:bc:be:f6:07:
1e:ea:ab:84:f4:a1:0c:f7:65:8b:f3:10:9b:5f:da:
23:06:1e:d2:fc:20:61:6e:45:ea:3f:60:f9:6f:93:
89:8e:66:7c:5e:57:3e:98:16:38:fe:dd:1a:00:79:
63:06:02:27:8d:96:c7:a1:a3:e1:36:18:51:f4:7e:
ca:a6:62:be:60:b6:7b:17:c5:cc:a1:1c:e4:e6:7d:
20:bc:45:0f:2c:2d:46:b8:e2:1f:1b:36:34:f1:8e:
5c:26:ae:3a:d4:7b:93:80:22:9b:88:20:ef:17:e6:
ce:54:6d:e6:d4:c2:02:73:98:60:02:57:f3:34:46:
60:57:99:1f:7d:1d:43:e8:43:eb:16:19:3c:4e:4a:
77:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6A:A2:D3:17:2C:52:30:35:35:5A:94:72:A1:F1:C0:9C:C0:74:32
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Ymqi0xcsUjA1NVqUcqHxwJzAdDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.84.0/23
95.81.77.0/24
95.81.93.0-95.81.95.255
95.81.112.0/23
95.81.119.0-95.81.120.255
103.85.112.0/23
109.69.56.0/22
185.103.252.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:98:c2:1d:ab:06:87:e8:8e:fe:e5:fb:68:b6:12:3d:09:31:
cd:af:f0:b8:e5:42:52:e6:9a:af:d9:d6:40:a6:69:50:8d:e9:
2f:50:8e:ad:a3:eb:6d:b8:5a:4a:21:8f:4d:95:84:31:c6:55:
c5:2f:7d:7d:ff:84:dd:d0:0d:2b:d7:30:28:87:83:59:45:29:
68:91:ca:49:da:a6:be:49:11:d7:e4:84:96:f0:fc:0e:e7:2d:
32:06:e0:f6:be:00:07:9a:78:5e:84:f9:7f:ab:0d:6f:f0:12:
c2:ed:43:e2:9f:cf:15:97:41:8c:4b:71:dd:0d:9b:76:34:ea:
04:7b:e0:59:86:aa:5e:89:f6:5a:b0:dd:45:9d:85:06:bc:32:
0b:be:2b:cd:50:ae:20:a0:44:ff:eb:88:cc:ac:3f:65:54:44:
b2:39:c7:4c:cb:2f:29:29:8f:2e:6e:49:cc:1a:9c:cb:ed:14:
8c:ef:d5:bc:6d:fc:b0:76:37:fa:a5:59:62:fe:25:3e:ca:6c:
95:47:94:5e:6c:54:70:f2:79:94:95:b3:2b:58:28:39:59:2b:
c0:c7:46:05:71:1e:7e:ae:75:fc:00:40:5a:3e:d4:d7:1b:d8:
2b:ce:6a:59:8b:3b:eb:b3:54:ca:f3:02:94:9b:7a:bc:36:70:
94:31:e5:a9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZo1ijxuVg6vllYLT8Wi9m5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUxMDMwMTQzNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZhYTJkMzE3MmM1MjMwMzUzNTVhOTQ3MmExZjFjMDljYzA3NDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0b2m2889OUJWZM7FvlLCEjG6hpLe
vKLe9B7k5HVA8XS2yFgnZDQjaZc0ILgJ4H+lKsP3BqYwCxcXIklvmMpeFZEJAWdu
aDkwaSzZaUHdT+ecURFi/lI4Z7uoKoY7GUPjWrwsgg4dPNtjm/czkHwHgYhcpry+
9gce6quE9KEM92WL8xCbX9ojBh7S/CBhbkXqP2D5b5OJjmZ8Xlc+mBY4/t0aAHlj
BgInjZbHoaPhNhhR9H7KpmK+YLZ7F8XMoRzk5n0gvEUPLC1GuOIfGzY08Y5cJq46
1HuTgCKbiCDvF+bOVG3m1MICc5hgAlfzNEZgV5kffR1D6EPrFhk8Tkp3BQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFGJqotMXLFIwNTValHKh8cCcwHQyMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvWW1xaTB4Y3NVakExTlZxVWNxSHh3SnpBZERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBWSxUAwQA
X1FNMAwDBABfUV0DBAVfUUADBAFfUXAwDAMEAF9RdwMEAF9ReAMEAWdVcAMEAm1F
OAMEArln/DANBgkqhkiG9w0BAQsFAAOCAQEALJjCHasGh+iO/uX7aLYSPQkxza/w
uOVCUuaar9nWQKZpUI3pL1COraPrbbhaSiGPTZWEMcZVxS99ff+E3dANK9cwKIeD
WUUpaJHKSdqmvkkR1+SElvD8DuctMgbg9r4AB5p4XoT5f6sNb/ASwu1D4p/PFZdB
jEtx3Q2bdjTqBHvgWYaqXon2WrDdRZ2FBrwyC74rzVCuIKBE/+uIzKw/ZVREsjnH
TMsvKSmPLm5JzBqcy+0UjO/VvG38sHY3+qVZYv4lPspslUeUXmxUcPJ5lJWzK1go
OVkrwMdGBXEefq51/ABAWj7U1xvYK85qWYs767NUyvMClJt6vDZwlDHlqQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:13:01 2025 by rpki-client