Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/DYlegyxuugcrHdLCVkPaKjiFwIA.roa
File: DYlegyxuugcrHdLCVkPaKjiFwIA.roa (raw, json)
Hash identifier: ZmFhBg5sskdoXlqUSzUPJuG9Erq+ftlETUSEq7NYxR0=
Subject key identifier: 0D:89:5E:83:2C:6E:BA:07:2B:1D:D2:C2:56:43:DA:2A:38:85:C0:80
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 019958DDD0106E8A36E13794EFB5F8CDBD8B
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/DYlegyxuugcrHdLCVkPaKjiFwIA.roa
Signing time: Wed 17 Sep 2025 18:09:15 +0000
ROA not before: Wed 17 Sep 2025 18:09:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62005
IP address blocks: 45.66.248.0/24 maxlen: 24
45.66.249.0/24 maxlen: 24
45.150.108.0/24 maxlen: 24
45.150.109.0/24 maxlen: 24
62.204.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:58:dd:d0:10:6e:8a:36:e1:37:94:ef:b5:f8:cd:bd:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Sep 17 18:09:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d895e832c6eba072b1dd2c25643da2a3885c080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5e:12:d1:64:82:db:ce:a0:14:96:8c:20:d3:
e6:d0:4e:a3:24:46:71:16:ef:a9:1b:80:29:17:60:
d8:bc:ff:ff:f6:2d:d3:84:40:3e:aa:eb:d8:ba:b9:
91:f8:74:b7:76:c7:4f:dc:0c:21:cb:74:30:e7:1a:
3d:65:0d:3a:42:0f:54:3f:66:50:85:cc:30:fa:14:
6f:b5:1b:5b:80:dd:da:7f:a4:98:77:8e:6f:53:34:
3d:cc:dd:58:e7:06:64:89:bc:a9:52:74:95:bc:ca:
25:5a:25:dd:cc:0b:31:e4:b2:77:21:52:e9:95:d8:
50:11:6a:9a:50:48:ab:d3:06:7b:a2:63:d0:3a:ca:
60:3e:a5:07:42:c3:db:7c:e7:c0:c9:28:bf:e1:26:
01:cc:5e:9f:e1:a5:40:f3:37:18:7f:21:41:04:49:
84:bd:de:bd:5b:3e:73:e5:96:48:8e:35:d0:51:9a:
2f:6c:c7:f0:02:d3:cb:96:b3:3e:e7:81:b2:0a:f2:
ca:b3:29:40:9e:fb:1a:07:47:74:27:87:57:27:c6:
86:77:04:34:f7:28:bc:aa:84:a5:b3:c6:c3:5e:9b:
e6:43:e7:ec:1c:c4:bf:c5:c8:14:95:06:f4:45:1c:
a7:1a:e5:fc:45:a5:fb:7b:1d:4b:af:3b:b5:31:61:
b5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:89:5E:83:2C:6E:BA:07:2B:1D:D2:C2:56:43:DA:2A:38:85:C0:80
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/DYlegyxuugcrHdLCVkPaKjiFwIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.248.0/23
45.150.108.0/23
62.204.35.0/24
Signature Algorithm: sha256WithRSAEncryption
52:4e:e5:5c:86:cf:ff:56:79:b6:f1:d7:bc:2f:92:54:1e:05:
d5:09:ef:0e:a8:a7:84:06:3d:5d:83:50:0f:83:cb:6b:aa:c7:
2e:2a:47:c1:6c:e6:7b:58:bd:d6:8a:42:2b:1c:84:30:f0:dd:
43:60:5a:c3:eb:e0:a1:56:b7:f7:7d:97:10:cd:d0:b5:bb:ff:
1e:ad:17:b3:56:5c:21:89:3e:17:88:17:34:62:e5:e8:1b:30:
0a:db:ec:78:ce:80:2a:93:43:0d:1e:d6:d2:31:60:42:dc:8d:
c3:00:44:f1:bb:39:6d:8e:27:eb:50:f0:67:ce:f5:72:7d:5e:
87:08:b1:ca:e9:95:5f:4e:a6:3f:8b:30:12:ef:82:fd:49:62:
45:65:d4:35:08:6b:3e:68:41:f8:9e:7a:06:4b:69:1a:8e:49:
a7:7b:10:73:f0:e3:bc:51:b7:6e:9b:ba:22:21:ef:3f:02:a4:
9e:e8:04:eb:8e:9a:39:55:f5:41:f8:9c:44:d8:3e:36:49:ae:
d6:1f:73:06:df:18:26:e3:98:d3:50:77:95:87:0d:2a:b7:ff:
0a:5f:15:f4:f4:21:cb:a8:b7:ca:89:df:cf:aa:2c:5b:3c:77:
b3:a4:ff:ae:1e:58:85:0e:5a:9f:c5:b4:52:90:5a:41:d2:ca:
27:9e:d6:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZlY3dAQboo24TeU77X4zb2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjUwOTE3MTgwOTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDg5NWU4MzJjNmViYTA3MmIxZGQyYzI1NjQzZGEyYTM4ODVjMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoF4S0WSC286gFJaMINPm0E6jJEZx
Fu+pG4ApF2DYvP//9i3ThEA+quvYurmR+HS3dsdP3Awhy3Qw5xo9ZQ06Qg9UP2ZQ
hcww+hRvtRtbgN3af6SYd45vUzQ9zN1Y5wZkibypUnSVvMolWiXdzAsx5LJ3IVLp
ldhQEWqaUEir0wZ7omPQOspgPqUHQsPbfOfAySi/4SYBzF6f4aVA8zcYfyFBBEmE
vd69Wz5z5ZZIjjXQUZovbMfwAtPLlrM+54GyCvLKsylAnvsaB0d0J4dXJ8aGdwQ0
9yi8qoSls8bDXpvmQ+fsHMS/xcgUlQb0RRynGuX8RaX7ex1Lrzu1MWG1nQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA2JXoMsbroHKx3SwlZD2io4hcCAMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvRFlsZWd5eHV1Z2NySGRMQ1ZrUGFLamlGd0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLUL4AwQB
LZZsAwQAPswjMA0GCSqGSIb3DQEBCwUAA4IBAQBSTuVchs//Vnm28de8L5JUHgXV
Ce8OqKeEBj1dg1APg8trqscuKkfBbOZ7WL3WikIrHIQw8N1DYFrD6+ChVrf3fZcQ
zdC1u/8erRezVlwhiT4XiBc0YuXoGzAK2+x4zoAqk0MNHtbSMWBC3I3DAETxuzlt
jifrUPBnzvVyfV6HCLHK6ZVfTqY/izAS74L9SWJFZdQ1CGs+aEH4nnoGS2kajkmn
exBz8OO8Ubdum7oiIe8/AqSe6ATrjpo5VfVB+JxE2D42Sa7WH3MG3xgm45jTUHeV
hw0qt/8KXxX09CHLqLfKid/PqixbPHezpP+uHliFDlqfxbRSkFpB0sonntbU
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:46:47 2025 by rpki-client