Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/CYUWyH08nSa-KNxWDGTjv6_KrDA.roa
File: CYUWyH08nSa-KNxWDGTjv6_KrDA.roa (raw, json)
Hash identifier: KMUhfWroZPG+FRu1BUKf7xS2B+LcV5CP3rpU9RZoiXs=
Subject key identifier: 09:85:16:C8:7D:3C:9D:26:BE:28:DC:56:0C:64:E3:BF:AF:CA:AC:30
Certificate issuer: /CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123
Certificate serial: 019863ECA1B1D6940A55D606F63FE0D2C769
Authority key identifier: 29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/CYUWyH08nSa-KNxWDGTjv6_KrDA.roa
Signing time: Fri 01 Aug 2025 04:38:28 +0000
ROA not before: Fri 01 Aug 2025 04:38:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24753
IP address blocks: 62.32.32.0/19 maxlen: 24
62.32.32.0/24 maxlen: 24
81.85.52.0/22 maxlen: 22
81.85.96.0/22 maxlen: 22
81.85.100.0/24 maxlen: 24
81.85.160.0/20 maxlen: 20
89.21.160.0/19 maxlen: 19
89.21.167.0/24 maxlen: 24
89.21.173.0/24 maxlen: 24
89.21.189.0/24 maxlen: 24
213.187.128.0/19 maxlen: 19
213.187.146.0/24 maxlen: 24
2a00:df8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:63:ec:a1:b1:d6:94:0a:55:d6:06:f6:3f:e0:d2:c7:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123
Validity
Not Before: Aug 1 04:38:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=098516c87d3c9d26be28dc560c64e3bfafcaac30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cb:7e:b8:2f:b9:f9:c1:a5:14:00:bd:bc:5a:
09:de:c7:85:93:00:85:2b:0c:3e:b9:69:a7:9e:e3:
57:fe:c8:68:bb:47:5e:77:d4:05:44:3c:5b:45:8d:
24:22:b8:db:20:1c:ef:a9:a3:6b:57:a3:7d:42:f1:
06:b5:eb:52:b0:5a:78:44:99:56:0f:86:f3:16:f7:
3b:88:f9:ef:44:1f:3c:d7:a6:41:35:5c:e2:8b:ef:
87:5f:ec:2c:10:0c:e2:46:ff:76:57:93:be:76:15:
62:a7:7e:53:7b:9a:b6:bc:02:75:0b:44:0c:ac:f4:
8c:2e:bc:21:11:b2:e6:2a:e8:ce:28:26:02:0f:ac:
fd:35:10:28:cd:73:34:26:66:6c:a7:6c:ae:5b:5b:
a9:9a:6e:a0:91:fb:24:02:f2:15:01:06:a0:a9:84:
61:ec:a8:c1:f5:e5:b9:37:23:99:02:2f:7c:f7:f7:
db:b5:f6:92:ff:f1:ac:3f:b5:fe:de:87:08:0b:bf:
43:17:46:6b:db:d7:95:6e:78:0d:5d:ff:ee:54:df:
2b:07:d3:32:d8:74:14:98:a9:e0:23:ae:36:56:80:
3c:04:62:05:80:41:c5:da:b3:51:a0:37:ff:ff:8d:
11:31:19:f7:7f:d5:18:f3:53:63:76:30:28:ef:d5:
b3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:85:16:C8:7D:3C:9D:26:BE:28:DC:56:0C:64:E3:BF:AF:CA:AC:30
X509v3 Authority Key Identifier:
keyid:29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/CYUWyH08nSa-KNxWDGTjv6_KrDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.32.32.0/19
81.85.52.0/22
81.85.96.0-81.85.100.255
81.85.160.0/20
89.21.160.0/19
213.187.128.0/19
IPv6:
2a00:df8::/32
Signature Algorithm: sha256WithRSAEncryption
6a:0b:48:4f:ee:84:07:98:e9:be:d6:55:64:a0:f4:2d:f3:b2:
b7:8c:0b:ed:50:70:4c:b4:6a:f8:fc:1a:7a:f0:ad:2e:f0:6b:
bf:6f:23:bb:80:15:f4:f3:9d:b4:fb:a2:cd:82:31:38:d1:49:
67:56:ba:66:19:14:f2:1b:93:27:e0:e5:f6:fe:a4:68:28:ee:
d3:68:d4:bb:50:68:5b:17:8f:55:92:06:7e:4c:ec:79:90:9e:
af:0b:d8:43:66:96:ee:40:5a:09:ef:20:f4:17:27:76:5a:5c:
08:58:23:d7:b2:08:65:52:e8:1b:32:8e:cf:20:95:4d:99:ee:
8c:b3:81:11:15:0a:9e:22:d8:33:02:19:f6:05:37:1d:05:b6:
b3:02:79:c0:b8:02:69:1a:57:40:c3:e0:8b:2d:01:75:ca:bb:
7e:04:d0:5a:44:2a:17:0a:bb:59:65:c6:0e:93:be:03:ed:a7:
2e:96:8b:c3:0d:a3:33:65:ac:b5:a3:84:e5:24:b5:89:74:49:
ca:74:f0:3e:84:7a:2d:97:cf:a0:ed:7f:97:5e:36:5c:cd:79:
28:b8:92:5d:90:4f:f6:87:ae:ea:23:e6:14:21:5f:6f:a8:20:
87:c5:e7:7b:df:f2:96:e1:70:7d:70:cc:e7:ea:0e:aa:ef:a3:
85:87:f7:81
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZhj7KGx1pQKVdYG9j/g0sdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjZhMzAwYmY3ZDQwYjdmOGQ2MTgxYzViOGE3ZGJjNzFi
N2QxMjMwHhcNMjUwODAxMDQzODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg1MTZjODdkM2M5ZDI2YmUyOGRjNTYwYzY0ZTNiZmFmY2FhYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMt+uC+5+cGlFAC9vFoJ3seFkwCF
Kww+uWmnnuNX/shou0ded9QFRDxbRY0kIrjbIBzvqaNrV6N9QvEGtetSsFp4RJlW
D4bzFvc7iPnvRB8816ZBNVzii++HX+wsEAziRv92V5O+dhVip35Te5q2vAJ1C0QM
rPSMLrwhEbLmKujOKCYCD6z9NRAozXM0JmZsp2yuW1upmm6gkfskAvIVAQagqYRh
7KjB9eW5NyOZAi989/fbtfaS//GsP7X+3ocIC79DF0Zr29eVbngNXf/uVN8rB9My
2HQUmKngI642VoA8BGIFgEHF2rNRoDf//40RMRn3f9UY81NjdjAo79WzfQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAmFFsh9PJ0mvijcVgxk47+vyqwwMB8GA1UdIwQY
MBaAFCn2owC/fUC3+NYYHFuKfbxxt9EjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTct
Yjg0YzQxM2RmYWE0LzEvQ1lVV3lIMDhuU2EtS054V0RHVGp2Nl9LckRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTctYjg0YzQxM2RmYWE0
LzEvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQFPiAgAwQC
UVU0MAwDBAVRVWADBABRVWQDBARRVaADBAVZFaADBAXVu4AwDQQCAAIwBwMFACoA
DfgwDQYJKoZIhvcNAQELBQADggEBAGoLSE/uhAeY6b7WVWSg9C3zsreMC+1QcEy0
avj8GnrwrS7wa79vI7uAFfTznbT7os2CMTjRSWdWumYZFPIbkyfg5fb+pGgo7tNo
1LtQaFsXj1WSBn5M7HmQnq8L2ENmlu5AWgnvIPQXJ3ZaXAhYI9eyCGVS6Bsyjs8g
lU2Z7oyzgREVCp4i2DMCGfYFNx0FtrMCecC4AmkaV0DD4IstAXXKu34E0FpEKhcK
u1llxg6TvgPtpy6Wi8MNozNlrLWjhOUktYl0Scp08D6Eei2Xz6Dtf5deNlzNeSi4
kl2QT/aHruoj5hQhX2+oIIfF53vf8pbhcH1wzOfqDqrvo4WH94E=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:09:19 2025 by rpki-client