Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/yLJdkEmPDCu7w7rPrPQEo3MZHFg.roa
File: yLJdkEmPDCu7w7rPrPQEo3MZHFg.roa (raw, json)
Hash identifier: xjFJ/Snf5u2obk4y3YsgrqisOLoaOEpt21+cUkvIXDU=
Subject key identifier: C8:B2:5D:90:49:8F:0C:2B:BB:C3:BA:CF:AC:F4:04:A3:73:19:1C:58
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 01998566ACAD098E2200ACC818B93AB689EB
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/yLJdkEmPDCu7w7rPrPQEo3MZHFg.roa
Signing time: Fri 26 Sep 2025 09:42:02 +0000
ROA not before: Fri 26 Sep 2025 09:42:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6205
IP address blocks: 104.247.170.0/24 maxlen: 24
104.247.171.0/24 maxlen: 24
104.247.172.0/24 maxlen: 24
104.247.174.0/24 maxlen: 24
104.247.175.0/24 maxlen: 24
104.247.176.0/24 maxlen: 24
104.247.177.0/24 maxlen: 24
104.247.178.0/24 maxlen: 24
104.247.179.0/24 maxlen: 24
104.247.180.0/24 maxlen: 24
104.247.181.0/24 maxlen: 24
104.247.182.0/24 maxlen: 24
104.247.184.0/24 maxlen: 24
104.247.185.0/24 maxlen: 24
104.247.186.0/24 maxlen: 24
104.247.187.0/24 maxlen: 24
104.247.188.0/24 maxlen: 24
104.247.189.0/24 maxlen: 24
104.247.190.0/24 maxlen: 24
104.247.191.0/24 maxlen: 24
185.73.128.0/22 maxlen: 22
185.73.129.0/24 maxlen: 24
185.73.130.0/24 maxlen: 24
185.73.131.0/24 maxlen: 24
185.137.215.0/24 maxlen: 24
2a03:a5a0::/32 maxlen: 32
2a03:a5a0:4:2::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:85:66:ac:ad:09:8e:22:00:ac:c8:18:b9:3a:b6:89:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: Sep 26 09:42:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8b25d90498f0c2bbbc3bacfacf404a373191c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:23:ab:e9:b4:e9:43:cb:92:44:5d:f3:7c:24:
da:a1:44:f0:9b:df:bf:79:78:7f:fb:7a:fe:64:49:
c1:b9:98:64:8e:c6:f9:45:07:7d:6a:b6:a1:f3:4b:
ce:30:fb:fb:6e:77:ed:93:92:94:60:2f:49:4b:c0:
ba:00:44:9b:81:14:7f:9e:87:9d:5b:8e:d0:01:43:
43:07:e2:1d:ca:80:8d:a6:87:10:a4:89:88:7a:1c:
b0:3a:4c:70:fd:cb:fb:bc:dd:12:8d:a3:5e:ae:cf:
d2:df:8a:f1:55:5d:69:dd:71:b2:d4:0a:1b:63:70:
90:af:2c:ec:f1:b2:88:b2:b1:01:3b:e2:3b:ef:96:
e5:a5:4c:79:98:f3:fe:51:ce:41:03:47:5c:3e:b3:
e6:28:df:df:24:1b:54:59:cd:ff:6a:d6:9d:88:53:
51:cb:56:bb:05:a4:bc:db:a0:1b:01:1a:35:a9:a0:
64:a5:bd:ed:d2:21:45:39:18:60:91:92:b4:54:6d:
2e:bc:b9:4f:d7:7a:be:77:c3:ec:0d:3f:ab:d1:ee:
44:1b:c0:a6:0a:f3:98:a2:9d:23:bf:7a:5b:af:9c:
40:7a:aa:9b:01:06:0a:c0:75:5f:9f:48:c9:dc:48:
68:8e:a9:be:a6:79:a6:95:43:66:bd:00:7d:c1:fe:
16:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B2:5D:90:49:8F:0C:2B:BB:C3:BA:CF:AC:F4:04:A3:73:19:1C:58
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/yLJdkEmPDCu7w7rPrPQEo3MZHFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.170.0-104.247.172.255
104.247.174.0-104.247.182.255
104.247.184.0/21
185.73.128.0/22
185.137.215.0/24
IPv6:
2a03:a5a0::/32
Signature Algorithm: sha256WithRSAEncryption
93:b0:46:6a:43:27:9a:e0:ec:7f:07:a6:03:24:a4:9e:12:40:
73:d8:48:8c:b5:54:10:b7:5c:c2:41:d8:ce:ef:0c:6b:07:06:
d8:02:2a:e5:52:81:34:0e:c6:6e:b8:31:d5:14:db:8e:09:3c:
ae:9b:95:d2:30:48:a2:47:18:65:5d:1e:9c:be:31:b1:9a:7c:
d1:70:66:b0:ba:62:c6:50:87:6b:31:78:02:93:16:21:d3:b6:
1c:eb:75:92:56:b5:34:00:0d:80:ac:4f:de:03:4a:12:a2:d5:
7e:f5:88:d6:29:a8:3e:86:d0:24:ae:13:ff:1f:bc:42:52:50:
8e:b1:92:34:9f:3c:2b:9d:ec:63:31:c3:b4:9a:dc:94:dd:9c:
1d:c7:be:f2:84:2a:7e:0a:1a:32:e2:33:d5:9a:c4:27:f5:22:
1b:12:55:bb:c5:d6:cb:e2:c3:58:1a:be:2f:90:f0:4e:ec:5e:
84:80:13:eb:e2:79:00:46:2f:7b:c8:2c:52:09:aa:ff:64:f7:
16:b3:17:16:3b:8c:da:dc:46:c9:1b:20:13:27:1a:0c:19:09:
d9:d6:e0:5b:4a:97:95:57:44:ae:e2:95:45:92:e7:e0:ad:52:
81:fc:b8:7a:27:27:5b:3b:75:65:0b:a6:07:26:8c:56:3e:9a:
11:01:d8:05
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZmFZqytCY4iAKzIGLk6tonrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjUwOTI2MDk0MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGIyNWQ5MDQ5OGYwYzJiYmJjM2JhY2ZhY2Y0MDRhMzczMTkxYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCOr6bTpQ8uSRF3zfCTaoUTwm9+/
eXh/+3r+ZEnBuZhkjsb5RQd9arah80vOMPv7bnftk5KUYC9JS8C6AESbgRR/noed
W47QAUNDB+IdyoCNpocQpImIehywOkxw/cv7vN0SjaNers/S34rxVV1p3XGy1Aob
Y3CQryzs8bKIsrEBO+I775blpUx5mPP+Uc5BA0dcPrPmKN/fJBtUWc3/atadiFNR
y1a7BaS826AbARo1qaBkpb3t0iFFORhgkZK0VG0uvLlP13q+d8PsDT+r0e5EG8Cm
CvOYop0jv3pbr5xAeqqbAQYKwHVfn0jJ3Ehojqm+pnmmlUNmvQB9wf4W4QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFMiyXZBJjwwru8O6z6z0BKNzGRxYMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEveUxKZGtFbVBEQ3U3dzdyUHJQUUVvM01aSEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTA0BAIAATAuMAwDBAFo96oD
BABo96wwDAMEAWj3rgMEAGj3tgMEA2j3uAMEArlJgAMEALmJ1zANBAIAAjAHAwUA
KgOloDANBgkqhkiG9w0BAQsFAAOCAQEAk7BGakMnmuDsfwemAySknhJAc9hIjLVU
ELdcwkHYzu8MawcG2AIq5VKBNA7Gbrgx1RTbjgk8rpuV0jBIokcYZV0enL4xsZp8
0XBmsLpixlCHazF4ApMWIdO2HOt1kla1NAANgKxP3gNKEqLVfvWI1imoPobQJK4T
/x+8QlJQjrGSNJ88K53sYzHDtJrclN2cHce+8oQqfgoaMuIz1ZrEJ/UiGxJVu8XW
y+LDWBq+L5DwTuxehIAT6+J5AEYve8gsUgmq/2T3FrMXFjuM2txGyRsgEycaDBkJ
2dbgW0qXlVdEruKVRZLn4K1Sgfy4eicnWzt1ZQumByaMVj6aEQHYBQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:33:30 2025 by rpki-client