Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/1yffeEAlkHpCSPofwopCAZ2rRWc.roa
File: 1yffeEAlkHpCSPofwopCAZ2rRWc.roa (raw, json)
Hash identifier: oLYYyh0+bRIg5caImko3WBrhuFPOBEoNn3gpu+iT4Rs=
Subject key identifier: D7:27:DF:78:40:25:90:7A:42:48:FA:1F:C2:8A:42:01:9D:AB:45:67
Certificate issuer: /CN=e2bd9276a6f78dac1002c3783a18d45ec14b5d43
Certificate serial: 0198A7E7D29C77B46C50C47E982A2A905969
Authority key identifier: E2:BD:92:76:A6:F7:8D:AC:10:02:C3:78:3A:18:D4:5E:C1:4B:5D:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4r2Sdqb3jawQAsN4OhjUXsFLXUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/1yffeEAlkHpCSPofwopCAZ2rRWc.roa
Signing time: Thu 14 Aug 2025 09:27:24 +0000
ROA not before: Thu 14 Aug 2025 09:27:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6758
IP address blocks: 80.94.96.0/20 maxlen: 24
82.113.0.0/19 maxlen: 24
87.254.224.0/19 maxlen: 24
88.209.64.0/18 maxlen: 24
185.250.4.0/22 maxlen: 24
195.78.0.0/19 maxlen: 24
2a07:9080::/36 maxlen: 36
2a07:9080:1000::/36 maxlen: 36
2a07:9080:2000::/36 maxlen: 36
2a07:9080:3000::/36 maxlen: 36
2a07:9080:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/4r2Sdqb3jawQAsN4OhjUXsFLXUM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/4r2Sdqb3jawQAsN4OhjUXsFLXUM.mft
rsync://rpki.ripe.net/repository/DEFAULT/4r2Sdqb3jawQAsN4OhjUXsFLXUM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a7:e7:d2:9c:77:b4:6c:50:c4:7e:98:2a:2a:90:59:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2bd9276a6f78dac1002c3783a18d45ec14b5d43
Validity
Not Before: Aug 14 09:27:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d727df784025907a4248fa1fc28a42019dab4567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9e:10:9f:b3:81:f7:a9:34:22:ea:4d:f7:e5:
f5:45:bf:35:37:eb:2a:8a:fa:1f:79:18:4c:d6:6c:
da:de:23:5c:bc:84:01:c0:1e:44:19:35:12:1f:a3:
1e:3d:d2:b6:9a:a5:5e:cf:ef:07:eb:6f:53:f8:65:
2b:a7:0a:2c:ed:aa:4e:25:a1:98:a4:16:b8:d4:c8:
48:45:b5:96:4e:78:ac:5d:93:f3:76:81:76:16:51:
db:bc:5b:f7:dd:f6:de:40:99:69:0e:16:7e:92:52:
14:f4:00:eb:85:c4:ad:6b:ee:0b:de:7a:6b:ec:0c:
28:67:5e:64:24:71:2f:9d:24:c0:df:6d:87:ec:02:
7b:23:ad:2b:b1:5d:4f:0d:47:7b:d5:f1:4c:95:9a:
d8:b6:2d:33:d6:55:14:7b:13:f0:72:13:a8:3e:e8:
f7:86:bb:f8:9c:c7:ba:48:30:a4:f1:25:0e:4f:f6:
bd:71:d8:82:75:12:77:92:d5:23:2e:96:bc:96:ec:
64:48:47:0d:ed:75:34:45:8c:ee:19:30:b3:eb:1b:
c2:76:7c:0f:39:54:99:d9:6e:2e:ea:20:45:46:ec:
24:6e:62:1a:b4:28:b8:ef:1c:7c:99:5f:f6:02:27:
70:a0:08:01:61:88:9c:74:42:b2:81:c0:84:e0:7a:
87:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:27:DF:78:40:25:90:7A:42:48:FA:1F:C2:8A:42:01:9D:AB:45:67
X509v3 Authority Key Identifier:
keyid:E2:BD:92:76:A6:F7:8D:AC:10:02:C3:78:3A:18:D4:5E:C1:4B:5D:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4r2Sdqb3jawQAsN4OhjUXsFLXUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/1yffeEAlkHpCSPofwopCAZ2rRWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a5881a-98e8-4e45-bcb8-71eecf898d42/1/4r2Sdqb3jawQAsN4OhjUXsFLXUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.96.0/20
82.113.0.0/19
87.254.224.0/19
88.209.64.0/18
185.250.4.0/22
195.78.0.0/19
IPv6:
2a07:9080::-2a07:9080:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
97:24:be:85:42:71:e1:f1:5a:b0:d8:c3:1c:4e:41:93:30:3b:
d3:50:09:d2:44:dc:49:6e:e5:f2:32:4a:7f:b1:a3:86:90:e8:
b8:2e:3a:38:3f:58:11:2e:49:88:04:3c:80:c8:98:f0:6e:3e:
38:dc:4f:53:58:26:e2:71:67:8f:d4:e2:77:1d:2a:fa:5e:78:
4f:7c:e3:2a:d6:81:68:e0:3a:0c:8b:e3:59:b4:2e:57:96:d4:
07:7b:22:94:bb:fe:49:99:56:e1:d5:af:9e:d6:e7:4e:51:d2:
32:19:f4:c4:5e:ed:3b:9f:7f:26:d6:a5:f4:09:25:33:90:72:
2e:05:b4:45:07:73:4c:09:aa:54:92:68:b5:81:dd:42:c0:2d:
05:d3:23:32:64:8e:0b:bf:63:f2:3c:89:a8:8a:d9:9a:fd:31:
77:f5:3b:14:84:b6:fd:28:e7:65:61:d5:53:64:53:58:24:70:
b5:e4:b3:d5:6f:aa:cf:51:2c:9b:9c:65:7e:08:c8:b9:c2:5a:
69:e6:ac:3c:f6:b2:20:41:84:1b:17:65:a3:85:67:57:16:62:
d0:62:29:b6:6e:66:82:c5:37:a6:16:db:5f:bc:90:e9:3f:1d:
46:d7:dd:a3:95:54:a0:4d:b2:4f:48:96:4a:7e:36:9a:46:df:
21:5a:b1:78
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZin59Kcd7RsUMR+mCoqkFlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYmQ5Mjc2YTZmNzhkYWMxMDAyYzM3ODNhMThkNDVlYzE0
YjVkNDMwHhcNMjUwODE0MDkyNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzI3ZGY3ODQwMjU5MDdhNDI0OGZhMWZjMjhhNDIwMTlkYWI0NTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1p4Qn7OB96k0IupN9+X1Rb81N+sq
ivofeRhM1mza3iNcvIQBwB5EGTUSH6MePdK2mqVez+8H629T+GUrpwos7apOJaGY
pBa41MhIRbWWTnisXZPzdoF2FlHbvFv33fbeQJlpDhZ+klIU9ADrhcSta+4L3npr
7AwoZ15kJHEvnSTA322H7AJ7I60rsV1PDUd71fFMlZrYti0z1lUUexPwchOoPuj3
hrv4nMe6SDCk8SUOT/a9cdiCdRJ3ktUjLpa8luxkSEcN7XU0RYzuGTCz6xvCdnwP
OVSZ2W4u6iBFRuwkbmIatCi47xx8mV/2AidwoAgBYYicdEKygcCE4HqH1QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFNcn33hAJZB6Qkj6H8KKQgGdq0VnMB8GA1UdIwQY
MBaAFOK9knam942sEALDeDoY1F7BS11DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHIyU2RxYjNqYXdRQXNONE9oalVYc0ZMWFVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9hNTg4MWEtOThlOC00ZTQ1LWJjYjgt
NzFlZWNmODk4ZDQyLzEvMXlmZmVFQWxrSHBDU1BvZndvcENBWjJyUldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9hNTg4MWEtOThlOC00ZTQ1LWJjYjgtNzFlZWNmODk4ZDQy
LzEvNHIyU2RxYjNqYXdRQXNONE9oalVYc0ZMWFVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAqBAIAATAkAwQEUF5gAwQF
UnEAAwQFV/7gAwQGWNFAAwQCufoEAwQFw04AMBcEAgACMBEwDwMFByoHkIADBgQq
B5CAQDANBgkqhkiG9w0BAQsFAAOCAQEAlyS+hUJx4fFasNjDHE5BkzA701AJ0kTc
SW7l8jJKf7GjhpDouC46OD9YES5JiAQ8gMiY8G4+ONxPU1gm4nFnj9Tidx0q+l54
T3zjKtaBaOA6DIvjWbQuV5bUB3silLv+SZlW4dWvntbnTlHSMhn0xF7tO59/Jtal
9AklM5ByLgW0RQdzTAmqVJJotYHdQsAtBdMjMmSOC79j8jyJqIrZmv0xd/U7FIS2
/SjnZWHVU2RTWCRwteSz1W+qz1Esm5xlfgjIucJaaeasPPayIEGEGxdlo4VnVxZi
0GIptm5mgsU3phbbX7yQ6T8dRtfdo5VUoE2yT0iWSn42mkbfIVqxeA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:31:07 2025 by rpki-client