Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YXgU_rntcNw21ln86OT_hE-baC4.roa
File: YXgU_rntcNw21ln86OT_hE-baC4.roa (raw, json)
Hash identifier: Zfz6wwu/xRjdBTBaC0Uu8DehxoVZAk/DKVlT5B4P8OY=
Subject key identifier: 61:78:14:FE:B9:ED:70:DC:36:D6:59:FC:E8:E4:FF:84:4F:9B:68:2E
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01994DA08C263DCE64C4AB4A6B91FC198D1A
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YXgU_rntcNw21ln86OT_hE-baC4.roa
Signing time: Mon 15 Sep 2025 13:46:31 +0000
ROA not before: Mon 15 Sep 2025 13:46:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210639
IP address blocks: 94.74.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4d:a0:8c:26:3d:ce:64:c4:ab:4a:6b:91:fc:19:8d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 15 13:46:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=617814feb9ed70dc36d659fce8e4ff844f9b682e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:89:9f:62:d8:d9:58:6c:fc:58:eb:a9:76:45:
71:96:fb:93:36:e9:b6:54:4a:bc:97:d4:80:da:5c:
7a:77:6a:0e:90:d4:56:88:2b:c7:fa:12:de:1a:46:
e7:ed:95:e5:6e:08:4b:93:a1:d1:c6:c5:35:4d:c1:
e5:ff:87:e7:44:bb:2a:72:fa:fe:df:f0:03:15:75:
55:be:07:34:ee:8c:63:1d:a6:b9:dc:6b:1f:d1:9d:
7d:bb:c1:9e:67:4b:cb:ce:8d:71:22:65:29:55:86:
2a:1b:24:4c:5b:12:4f:d2:de:2b:77:5b:13:23:c6:
cb:d7:20:89:d1:65:e3:d6:77:ed:81:eb:8c:cf:8c:
0d:de:14:05:d3:3e:e7:2a:0d:1e:04:3f:8a:f0:9e:
d4:b3:9b:79:dc:61:03:26:9f:0f:16:53:77:13:df:
7a:b8:40:41:62:a0:f1:ef:8f:4d:79:69:14:31:ee:
25:c1:4c:04:09:94:5f:6f:52:dd:10:3b:d7:f1:b5:
2d:46:c2:02:d7:fe:63:a9:53:b1:6d:40:01:4f:fe:
82:c6:e0:d3:3a:f3:d9:7a:86:6a:53:ec:5d:0d:1e:
db:da:f0:99:4a:4a:c1:ba:18:46:86:6a:7e:d4:95:
a1:34:59:99:a8:d8:6a:19:2c:ce:60:85:1d:c3:e2:
7b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:78:14:FE:B9:ED:70:DC:36:D6:59:FC:E8:E4:FF:84:4F:9B:68:2E
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YXgU_rntcNw21ln86OT_hE-baC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.158.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:0d:c1:24:ff:53:a5:9e:2f:db:e4:2a:da:7e:5e:ce:9c:c5:
ef:b6:5f:c6:ba:2e:3a:a6:88:ab:6d:db:de:4a:d8:6b:12:6e:
7d:41:c9:b2:6a:29:df:ba:c7:17:32:98:24:f6:2d:04:a5:18:
2d:9d:71:16:e8:47:50:c5:37:38:99:e1:20:71:91:e7:16:c5:
56:47:6b:aa:d1:25:3e:ca:06:86:5c:c1:45:55:b2:5a:5d:68:
49:69:d2:24:97:4f:e5:2b:cf:1c:4d:07:ff:2a:4f:ef:fa:0c:
7b:8a:7f:a8:f8:cf:82:90:3d:30:ee:9d:bc:b0:ce:29:e9:61:
b1:fe:01:9b:9b:c0:a0:c3:13:48:8c:d5:f4:c2:33:6d:39:90:
22:a9:54:96:45:f9:10:92:33:76:8c:b9:ab:f5:b1:a9:6d:7c:
3f:3e:fb:ff:20:a3:70:ce:e6:4f:46:76:bd:c4:02:0b:06:62:
ca:e5:e2:8f:3e:8d:51:cc:33:6a:87:90:e3:70:e3:bb:bd:0d:
7b:5f:45:27:8d:a5:dc:4e:3e:d3:d9:04:50:e3:d3:57:0b:bc:
0f:24:b6:c3:a3:fc:8e:41:54:7e:89:da:61:33:3c:b3:3f:43:
79:37:a4:bb:0f:c5:0a:14:a4:86:c8:f1:88:50:16:53:2b:42:
94:b4:57:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZlNoIwmPc5kxKtKa5H8GY0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwOTE1MTM0NjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTc4MTRmZWI5ZWQ3MGRjMzZkNjU5ZmNlOGU0ZmY4NDRmOWI2ODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqImfYtjZWGz8WOupdkVxlvuTNum2
VEq8l9SA2lx6d2oOkNRWiCvH+hLeGkbn7ZXlbghLk6HRxsU1TcHl/4fnRLsqcvr+
3/ADFXVVvgc07oxjHaa53Gsf0Z19u8GeZ0vLzo1xImUpVYYqGyRMWxJP0t4rd1sT
I8bL1yCJ0WXj1nftgeuMz4wN3hQF0z7nKg0eBD+K8J7Us5t53GEDJp8PFlN3E996
uEBBYqDx749NeWkUMe4lwUwECZRfb1LdEDvX8bUtRsIC1/5jqVOxbUABT/6CxuDT
OvPZeoZqU+xdDR7b2vCZSkrBuhhGhmp+1JWhNFmZqNhqGSzOYIUdw+J7kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGF4FP657XDcNtZZ/Ojk/4RPm2guMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvWVhnVV9ybnRjTncyMWxuODZPVF9oRS1iYUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXkqeMA0G
CSqGSIb3DQEBCwUAA4IBAQBqDcEk/1Olni/b5Crafl7OnMXvtl/Gui46poirbdve
SthrEm59QcmyainfuscXMpgk9i0EpRgtnXEW6EdQxTc4meEgcZHnFsVWR2uq0SU+
ygaGXMFFVbJaXWhJadIkl0/lK88cTQf/Kk/v+gx7in+o+M+CkD0w7p28sM4p6WGx
/gGbm8CgwxNIjNX0wjNtOZAiqVSWRfkQkjN2jLmr9bGpbXw/Pvv/IKNwzuZPRna9
xAILBmLK5eKPPo1RzDNqh5DjcOO7vQ17X0UnjaXcTj7T2QRQ49NXC7wPJLbDo/yO
QVR+idphMzyzP0N5N6S7D8UKFKSGyPGIUBZTK0KUtFcL
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:29:10 2025 by rpki-client