Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/YC4l494MMi7jTGcWqfTEBZhM2VY.roa
File: YC4l494MMi7jTGcWqfTEBZhM2VY.roa (raw, json)
Hash identifier: DmaVqTngLmKv88xcCzv/bh/3DcOXypOgid+RGqcY+/k=
Subject key identifier: 60:2E:25:E3:DE:0C:32:2E:E3:4C:67:16:A9:F4:C4:05:98:4C:D9:56
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0199A0979AC284D7BC9D0BA6040F379629A1
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/YC4l494MMi7jTGcWqfTEBZhM2VY.roa
Signing time: Wed 01 Oct 2025 16:25:14 +0000
ROA not before: Wed 01 Oct 2025 16:25:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 2.58.124.0/22 maxlen: 24
5.252.20.0/24 maxlen: 24
5.252.21.0/24 maxlen: 24
5.252.22.0/24 maxlen: 24
5.252.23.0/24 maxlen: 24
45.83.180.0/22 maxlen: 24
45.150.110.0/23 maxlen: 24
92.118.124.0/24 maxlen: 24
92.118.125.0/24 maxlen: 24
92.118.126.0/24 maxlen: 24
92.118.127.0/24 maxlen: 24
146.19.233.0/24 maxlen: 24
2a0b:ec82::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a0:97:9a:c2:84:d7:bc:9d:0b:a6:04:0f:37:96:29:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Oct 1 16:25:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=602e25e3de0c322ee34c6716a9f4c405984cd956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:61:c6:fe:af:18:66:07:24:af:c0:a4:9a:a7:
f8:76:11:43:20:f3:44:3b:8d:2e:2b:ce:8d:08:ca:
15:30:11:09:55:09:ac:8a:6b:c3:b7:6c:b3:b4:f3:
a1:81:ed:4e:1f:9a:bc:7c:6d:76:09:26:30:7f:11:
88:1f:eb:59:91:d6:5b:5e:09:5b:b6:10:cf:a1:79:
50:b4:b7:19:f1:ae:29:68:73:a4:55:89:27:6d:03:
45:ac:56:98:44:06:b1:4a:11:8b:60:bd:5e:c8:4a:
1e:8e:a4:ef:4e:5a:a6:fa:e2:be:81:9c:d5:c3:c9:
d8:b9:0c:5f:ca:95:f9:44:37:27:c9:95:e5:68:8d:
2e:5f:a7:15:a7:f4:40:9d:5d:24:fb:41:06:01:5d:
3d:82:b5:25:df:9d:ac:59:9c:7f:a0:5b:82:f0:5d:
54:2f:bc:57:fe:1e:6b:ff:06:33:64:3c:7a:1a:96:
b1:74:0f:a5:c5:85:ce:de:bb:cf:0a:98:bd:71:7d:
1c:cc:e7:65:9a:40:b4:f8:f7:ba:a8:93:bb:24:bf:
be:a0:65:b2:ea:54:5f:61:e7:2e:09:48:e6:71:f6:
b3:42:0b:61:18:45:d5:ed:fc:9f:a0:86:59:e7:8d:
fb:d3:88:4a:84:c9:1e:f1:97:aa:73:9b:b8:e2:5b:
53:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:2E:25:E3:DE:0C:32:2E:E3:4C:67:16:A9:F4:C4:05:98:4C:D9:56
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/YC4l494MMi7jTGcWqfTEBZhM2VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
5.252.20.0/22
45.83.180.0/22
45.150.110.0/23
92.118.124.0/22
146.19.233.0/24
IPv6:
2a0b:ec82::/32
Signature Algorithm: sha256WithRSAEncryption
44:37:57:1d:f8:0a:ff:94:3b:72:21:c0:a6:fb:47:e6:07:bf:
68:67:66:1f:b0:48:7c:f8:0a:88:62:47:5d:55:5d:53:81:6a:
4b:6f:91:cd:0c:0a:87:f2:b7:8b:f4:de:e7:41:45:d4:38:d2:
5f:60:6d:42:70:e9:1c:44:5d:16:0b:db:4f:f2:9f:74:af:fe:
b1:79:cb:e0:bb:bf:75:4a:b4:69:ed:e3:2f:d6:56:f9:0e:08:
1f:6a:f0:bb:b9:0c:b2:fe:18:d9:c9:d5:d5:fc:7f:93:ad:d6:
fc:d4:18:e4:74:a4:34:78:f2:85:28:3b:bd:39:db:79:25:72:
18:0d:b6:52:5f:7a:52:d9:49:7c:90:5f:1f:e1:5d:7e:1f:54:
32:b0:93:8a:17:97:32:14:93:97:78:98:b4:df:cb:c1:ec:cb:
23:27:96:f1:0f:6d:87:2b:ce:d7:1c:02:8a:9c:17:d3:2f:0e:
07:ea:bd:ca:11:97:76:3e:a6:db:c9:ae:7b:93:83:26:4c:b9:
e1:19:71:f7:ce:1d:c6:a0:70:75:46:e2:68:65:4e:85:08:63:
80:f8:48:d3:98:20:1e:09:a0:e0:a0:80:35:a1:f0:e0:e2:5f:
52:8f:46:ce:c9:c8:53:8f:6a:70:9e:1f:66:27:01:e2:4b:c5:
21:4f:3b:f8
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZmgl5rChNe8nQumBA83limhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjUxMDAxMTYyNTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDJlMjVlM2RlMGMzMjJlZTM0YzY3MTZhOWY0YzQwNTk4NGNkOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGHG/q8YZgckr8Ckmqf4dhFDIPNE
O40uK86NCMoVMBEJVQmsimvDt2yztPOhge1OH5q8fG12CSYwfxGIH+tZkdZbXglb
thDPoXlQtLcZ8a4paHOkVYknbQNFrFaYRAaxShGLYL1eyEoejqTvTlqm+uK+gZzV
w8nYuQxfypX5RDcnyZXlaI0uX6cVp/RAnV0k+0EGAV09grUl352sWZx/oFuC8F1U
L7xX/h5r/wYzZDx6GpaxdA+lxYXO3rvPCpi9cX0czOdlmkC0+Pe6qJO7JL++oGWy
6lRfYecuCUjmcfazQgthGEXV7fyfoIZZ543704hKhMke8Zeqc5u44ltT7wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGAuJePeDDIu40xnFqn0xAWYTNlWMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvWUM0bDQ5NE1NaTdqVEdjV3FmVEVCWmhNMlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCAjp8AwQC
BfwUAwQCLVO0AwQBLZZuAwQCXHZ8AwQAkhPpMA0EAgACMAcDBQAqC+yCMA0GCSqG
SIb3DQEBCwUAA4IBAQBEN1cd+Ar/lDtyIcCm+0fmB79oZ2YfsEh8+AqIYkddVV1T
gWpLb5HNDAqH8reL9N7nQUXUONJfYG1CcOkcRF0WC9tP8p90r/6xecvgu791SrRp
7eMv1lb5DggfavC7uQyy/hjZydXV/H+Trdb81BjkdKQ0ePKFKDu9Odt5JXIYDbZS
X3pS2Ul8kF8f4V1+H1QysJOKF5cyFJOXeJi038vB7MsjJ5bxD22HK87XHAKKnBfT
Lw4H6r3KEZd2Pqbbya57k4MmTLnhGXH3zh3GoHB1RuJoZU6FCGOA+EjTmCAeCaDg
oIA1ofDg4l9Sj0bOychTj2pwnh9mJwHiS8UhTzv4
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:40 2025 by rpki-client