Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/ya7mSjgbQNkjSkwREdHvHfCPb0I.roa
File: ya7mSjgbQNkjSkwREdHvHfCPb0I.roa (raw, json)
Hash identifier: qGz6FzpRmDdb9Ho0LXX5sUlrsbd9atIt02hL0IbJ65M=
Subject key identifier: C9:AE:E6:4A:38:1B:40:D9:23:4A:4C:11:11:D1:EF:1D:F0:8F:6F:42
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0199F18796A5D777F743BF3282F1265CA649
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/ya7mSjgbQNkjSkwREdHvHfCPb0I.roa
Signing time: Fri 17 Oct 2025 09:36:58 +0000
ROA not before: Fri 17 Oct 2025 09:36:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208185
IP address blocks: 45.143.96.0/24 maxlen: 24
185.148.243.0/24 maxlen: 24
185.174.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f1:87:96:a5:d7:77:f7:43:bf:32:82:f1:26:5c:a6:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Oct 17 09:36:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9aee64a381b40d9234a4c1111d1ef1df08f6f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c5:3a:18:2a:56:bc:f1:c3:27:f6:b0:2d:f3:
76:a6:b9:bc:f2:9d:d3:69:0d:6a:60:48:90:7f:7e:
c1:50:4c:3d:2c:2a:6a:f7:59:c3:ad:51:36:7a:28:
2e:b9:8d:80:f1:52:76:75:62:a2:0a:aa:78:9c:34:
c5:b0:0d:8f:90:7d:db:6b:fe:16:03:06:60:89:59:
be:fd:23:6d:4a:d5:c9:f7:6e:42:a6:c1:ba:a0:ad:
2c:c1:f2:3a:67:c4:a9:a5:63:e5:82:8e:c1:4d:04:
50:a8:a6:95:c2:f7:fe:84:f2:a9:ee:ee:be:68:74:
86:c7:f8:23:26:bc:0e:09:12:a9:29:d6:2c:77:e5:
53:de:c2:79:e6:ab:71:67:b2:50:3b:74:b4:58:65:
5f:df:18:ba:cc:0f:58:9f:62:cf:33:5b:98:58:5f:
f0:b0:14:d9:dc:af:6d:40:84:83:3e:b9:1f:29:0d:
cf:96:29:0b:a4:0f:40:fa:01:75:5f:81:37:fc:5a:
c6:f7:04:3e:04:64:27:89:19:3e:dd:4a:c8:a9:3d:
30:65:53:f7:59:55:1b:d6:36:d6:63:4d:1c:4b:94:
c5:2d:d0:d0:d7:9a:bc:9c:6a:85:6e:c6:69:c0:8d:
08:1b:18:bc:eb:9c:9c:e3:ce:cc:ef:a8:e2:8c:77:
5f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AE:E6:4A:38:1B:40:D9:23:4A:4C:11:11:D1:EF:1D:F0:8F:6F:42
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/ya7mSjgbQNkjSkwREdHvHfCPb0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.96.0/24
185.148.243.0/24
185.174.23.0/24
Signature Algorithm: sha256WithRSAEncryption
13:69:a7:1a:b5:e3:fb:16:ac:9c:de:23:9c:66:12:19:40:20:
a5:d1:81:8e:bb:ea:8d:46:ba:88:1b:99:22:df:68:23:dc:f5:
d4:ab:b5:85:53:57:14:41:f7:38:95:b3:42:6d:dd:4a:18:bc:
e1:a2:75:40:3c:80:28:bd:41:60:33:73:7f:89:75:57:01:9c:
0f:f3:52:ed:5f:98:1f:00:00:ab:b6:f5:fd:ed:8d:d2:04:5b:
46:a5:9e:c5:7d:0f:4c:b1:d8:b8:b1:af:57:52:4e:60:4c:e9:
78:f2:50:a0:be:33:e6:6e:22:1c:c8:95:8a:3d:10:d3:3d:f0:
5e:df:3c:61:c0:a0:71:ba:c2:22:94:b5:3d:35:17:d8:f4:bd:
78:4b:29:f1:80:84:46:3e:87:0e:40:d8:d7:d9:1e:d5:27:66:
d5:05:dc:ca:8c:01:54:4b:10:d5:5e:01:7a:e0:b2:ba:6c:02:
65:91:74:d2:73:63:58:71:db:09:c0:c9:af:59:49:10:77:c6:
4b:02:8a:e7:19:4d:66:f5:fa:bb:44:c7:41:e1:64:1a:67:73:
2f:79:23:49:e1:07:de:53:4f:9c:4c:6f:83:e0:4c:07:9d:98:
73:26:9a:a7:fa:a4:1f:58:46:0e:46:7e:03:3c:cf:c5:4e:8e:
dc:0c:c3:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnxh5al13f3Q78ygvEmXKZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjUxMDE3MDkzNjU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFlZTY0YTM4MWI0MGQ5MjM0YTRjMTExMWQxZWYxZGYwOGY2ZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cU6GCpWvPHDJ/awLfN2prm88p3T
aQ1qYEiQf37BUEw9LCpq91nDrVE2eiguuY2A8VJ2dWKiCqp4nDTFsA2PkH3ba/4W
AwZgiVm+/SNtStXJ925CpsG6oK0swfI6Z8SppWPlgo7BTQRQqKaVwvf+hPKp7u6+
aHSGx/gjJrwOCRKpKdYsd+VT3sJ55qtxZ7JQO3S0WGVf3xi6zA9Yn2LPM1uYWF/w
sBTZ3K9tQISDPrkfKQ3PlikLpA9A+gF1X4E3/FrG9wQ+BGQniRk+3UrIqT0wZVP3
WVUb1jbWY00cS5TFLdDQ15q8nGqFbsZpwI0IGxi865yc487M76jijHdfSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMmu5ko4G0DZI0pMERHR7x3wj29CMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEveWE3bVNqZ2JRTmtqU2t3UkVkSHZIZkNQYjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY9gAwQA
uZTzAwQAua4XMA0GCSqGSIb3DQEBCwUAA4IBAQATaacateP7Fqyc3iOcZhIZQCCl
0YGOu+qNRrqIG5ki32gj3PXUq7WFU1cUQfc4lbNCbd1KGLzhonVAPIAovUFgM3N/
iXVXAZwP81LtX5gfAACrtvX97Y3SBFtGpZ7FfQ9Msdi4sa9XUk5gTOl48lCgvjPm
biIcyJWKPRDTPfBe3zxhwKBxusIilLU9NRfY9L14SynxgIRGPocOQNjX2R7VJ2bV
BdzKjAFUSxDVXgF64LK6bAJlkXTSc2NYcdsJwMmvWUkQd8ZLAornGU1m9fq7RMdB
4WQaZ3MveSNJ4QfeU0+cTG+D4EwHnZhzJpqn+qQfWEYORn4DPM/FTo7cDMNJ
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:03 2025 by rpki-client