Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YwHn8uQwPJepZJAzzIRWp7dKrc4.roa
File: YwHn8uQwPJepZJAzzIRWp7dKrc4.roa (raw, json)
Hash identifier: odSOlNWz5/902Dtvod3riGYI7PcVm/s1Oc31vrfBTRc=
Subject key identifier: 63:01:E7:F2:E4:30:3C:97:A9:64:90:33:CC:84:56:A7:B7:4A:AD:CE
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01975F37DF2AE7D9D69C551D29E3336BA1AB
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YwHn8uQwPJepZJAzzIRWp7dKrc4.roa
Signing time: Wed 11 Jun 2025 13:39:46 +0000
ROA not before: Wed 11 Jun 2025 13:39:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 265753
IP address blocks: 91.242.71.0/24 maxlen: 24
91.242.81.0/24 maxlen: 24
91.242.107.0/24 maxlen: 24
95.214.152.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5f:37:df:2a:e7:d9:d6:9c:55:1d:29:e3:33:6b:a1:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 11 13:39:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6301e7f2e4303c97a9649033cc8456a7b74aadce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:46:61:0e:9e:34:7a:9b:df:3c:a6:ed:4f:40:
fe:a7:c1:41:ba:c2:95:a1:c7:bd:0e:21:b3:3d:bb:
30:94:34:76:7a:f7:4b:8c:87:8c:9d:de:09:a6:d1:
6b:50:3d:96:b4:7d:19:72:bc:ed:21:27:d6:72:0c:
e2:e6:c0:32:12:0b:d2:64:1b:53:a6:2a:cf:38:4b:
97:67:33:a0:5f:ee:58:c0:d2:88:b0:fd:ab:9d:37:
0e:d0:85:05:66:4a:e4:82:fc:61:e2:f1:17:e3:3b:
ca:67:21:39:9b:6e:78:42:b6:f3:ff:21:f3:38:15:
69:86:d9:d6:3c:6e:93:24:b7:47:35:62:7a:28:fc:
69:f9:75:36:9a:76:cd:c8:f3:89:22:0b:b6:86:e7:
9e:41:9c:68:f3:09:a1:e3:7c:ff:5e:cb:92:b1:72:
f7:41:54:40:79:bf:a3:50:98:16:be:00:d3:4f:19:
e5:b0:61:89:f6:f0:1a:c1:01:f4:5e:b2:aa:2b:a9:
b8:41:45:54:db:51:48:78:1b:8f:0a:78:19:78:b6:
a4:56:88:6d:fb:1a:c2:f1:fb:a7:8d:2c:56:f5:d0:
2e:d7:d8:dc:eb:8f:3c:73:f2:dd:fc:64:15:83:6e:
c4:59:16:aa:32:dc:f3:a5:41:c3:96:c1:b0:b6:c4:
73:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:01:E7:F2:E4:30:3C:97:A9:64:90:33:CC:84:56:A7:B7:4A:AD:CE
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YwHn8uQwPJepZJAzzIRWp7dKrc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.71.0/24
91.242.81.0/24
91.242.107.0/24
95.214.152.0/22
Signature Algorithm: sha256WithRSAEncryption
94:c8:1e:50:bf:6b:0e:9e:e2:38:35:35:6e:2c:b3:73:0c:e9:
df:3f:4c:b3:9b:98:e0:ba:4c:9b:b1:0e:6f:a2:aa:13:2b:68:
16:c8:77:7c:ed:36:69:d0:f8:07:b0:44:95:f0:33:83:74:11:
7f:26:4c:38:af:0f:74:a0:db:9c:54:da:ee:ea:45:be:58:b3:
7e:e0:bb:f8:95:48:0a:e8:32:3b:74:3a:cb:6c:62:49:7a:17:
8e:b5:5f:db:b1:6b:c9:7f:70:96:4c:7a:a4:8b:6d:ca:d2:45:
bb:9d:79:c1:55:49:89:f7:d5:56:17:5e:76:31:c4:fa:31:41:
92:e3:92:52:47:f3:25:7b:ef:89:22:83:8f:4c:f2:44:09:d8:
89:b4:a8:af:69:c5:76:27:3f:22:58:0f:17:23:3f:37:a2:2e:
59:44:e9:e1:a8:7a:e9:48:5c:54:a3:17:e8:6e:9e:bd:9d:29:
d9:64:8b:dc:6c:4f:d4:8f:81:56:6c:5a:f6:92:24:43:e0:b7:
de:9f:5b:cc:6c:6b:10:39:f4:7d:14:ef:e5:be:6d:8c:ff:b1:
bc:1d:2b:6e:34:ad:64:14:0e:5f:69:55:78:bf:e0:af:41:91:
6c:1c:55:a7:4a:f9:97:39:6f:46:e9:81:2a:a3:9c:f6:44:50:
f3:c3:03:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdfN98q59nWnFUdKeMza6GrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwNjExMTMzOTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzAxZTdmMmU0MzAzYzk3YTk2NDkwMzNjYzg0NTZhN2I3NGFhZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0ZhDp40epvfPKbtT0D+p8FBusKV
oce9DiGzPbswlDR2evdLjIeMnd4JptFrUD2WtH0ZcrztISfWcgzi5sAyEgvSZBtT
pirPOEuXZzOgX+5YwNKIsP2rnTcO0IUFZkrkgvxh4vEX4zvKZyE5m254Qrbz/yHz
OBVphtnWPG6TJLdHNWJ6KPxp+XU2mnbNyPOJIgu2hueeQZxo8wmh43z/XsuSsXL3
QVRAeb+jUJgWvgDTTxnlsGGJ9vAawQH0XrKqK6m4QUVU21FIeBuPCngZeLakVoht
+xrC8funjSxW9dAu19jc6488c/Ld/GQVg27EWRaqMtzzpUHDlsGwtsRzpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGMB5/LkMDyXqWSQM8yEVqe3Sq3OMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWXdIbjh1UXdQSmVwWkpBenpJUldwN2RLcmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW/JHAwQA
W/JRAwQAW/JrAwQCX9aYMA0GCSqGSIb3DQEBCwUAA4IBAQCUyB5Qv2sOnuI4NTVu
LLNzDOnfP0yzm5jgukybsQ5voqoTK2gWyHd87TZp0PgHsESV8DODdBF/Jkw4rw90
oNucVNru6kW+WLN+4Lv4lUgK6DI7dDrLbGJJeheOtV/bsWvJf3CWTHqki23K0kW7
nXnBVUmJ99VWF152McT6MUGS45JSR/Mle++JIoOPTPJECdiJtKivacV2Jz8iWA8X
Iz83oi5ZROnhqHrpSFxUoxfobp69nSnZZIvcbE/Uj4FWbFr2kiRD4Lfen1vMbGsQ
OfR9FO/lvm2M/7G8HStuNK1kFA5faVV4v+CvQZFsHFWnSvmXOW9G6YEqo5z2RFDz
wwMI
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:51:35 2025 by rpki-client