Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/YDrJUaM078njYLujsFOLBuJi-Ak.roa
File: YDrJUaM078njYLujsFOLBuJi-Ak.roa (raw, json)
Hash identifier: ynnnM4zonEkcKprGHH1eGlvVH9BFKbrOufYcESLz12A=
Subject key identifier: 60:3A:C9:51:A3:34:EF:C9:E3:60:BB:A3:B0:53:8B:06:E2:62:F8:09
Certificate issuer: /CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Certificate serial: 0198A3FF26EFAAB1EC86CAC206889BA22679
Authority key identifier: 04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/YDrJUaM078njYLujsFOLBuJi-Ak.roa
Signing time: Wed 13 Aug 2025 15:14:24 +0000
ROA not before: Wed 13 Aug 2025 15:14:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 185.116.53.0/24 maxlen: 24
185.116.54.0/24 maxlen: 24
185.116.55.0/24 maxlen: 24
2a06:7a40:1::/48 maxlen: 48
2a06:7a40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:ff:26:ef:aa:b1:ec:86:ca:c2:06:88:9b:a2:26:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0471881778a1e12f6d97c5288efd4cb9563d1d49
Validity
Not Before: Aug 13 15:14:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=603ac951a334efc9e360bba3b0538b06e262f809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9c:6b:77:a6:08:a0:03:d7:bc:21:e4:b6:e1:
87:d5:a6:98:e3:2e:f1:94:9b:09:b5:fa:c9:53:ec:
17:c6:c6:6f:86:3a:d7:1d:be:68:a7:6b:24:e5:b7:
4c:9f:cc:01:2b:24:2b:4b:c7:b0:36:e4:2e:b1:e7:
42:8d:69:30:34:53:cb:c1:ab:49:8c:08:65:00:b1:
84:ce:de:ee:f0:9a:a9:41:e2:69:2c:f6:b4:dc:b9:
5d:92:a7:17:90:94:e3:fb:41:ec:be:fa:c8:69:e9:
2d:8d:f0:10:1b:ab:3f:67:8a:1c:25:03:b1:f6:25:
69:4c:a3:37:eb:c5:50:6f:d3:5c:7e:90:13:8c:52:
a5:65:85:ff:94:62:ca:73:d6:35:12:6c:bd:07:90:
6a:70:d3:14:94:ed:34:86:6b:c9:76:9d:18:4a:a4:
31:56:c5:57:2f:fc:06:a2:71:8d:c7:92:45:ec:fa:
10:b8:b8:98:f3:36:a3:89:0b:f4:ec:32:56:be:d9:
f3:24:d1:1f:7b:39:3c:7b:ae:e3:f2:5b:10:6b:59:
aa:be:4c:9b:86:3b:ad:8a:4f:c8:cc:08:c3:6b:2c:
e0:80:2a:69:33:45:0e:61:fb:23:dd:0f:14:c8:a2:
2c:3d:24:9e:2e:6c:20:da:75:79:5f:eb:9e:48:f4:
6b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3A:C9:51:A3:34:EF:C9:E3:60:BB:A3:B0:53:8B:06:E2:62:F8:09
X509v3 Authority Key Identifier:
keyid:04:71:88:17:78:A1:E1:2F:6D:97:C5:28:8E:FD:4C:B9:56:3D:1D:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHGIF3ih4S9tl8Uojv1MuVY9HUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/YDrJUaM078njYLujsFOLBuJi-Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4a8cfa-542b-40b2-8a08-42ea47b12537/1/BHGIF3ih4S9tl8Uojv1MuVY9HUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.53.0-185.116.55.255
IPv6:
2a06:7a40:1::-2a06:7a40:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c4:33:61:ca:63:4b:33:0f:74:0f:0f:d1:b2:4c:09:f6:dc:93:
2c:f9:97:db:68:e5:70:e5:66:11:2c:9c:bc:2e:60:ed:03:e9:
a3:13:08:3c:8f:25:b3:8b:0b:b1:c1:6b:26:d4:0b:30:74:44:
74:ae:22:d3:e3:c2:69:33:77:51:b9:c3:72:5b:cc:14:f8:36:
9a:cb:4d:f8:ce:a0:57:5e:e9:ad:f4:16:2d:d3:4d:de:0e:f4:
ef:cf:cc:7d:8c:10:96:6e:48:e9:99:c8:e3:03:09:52:b5:c2:
72:2f:8f:e9:55:70:a9:58:86:ab:2c:db:9d:0b:45:08:3a:4e:
31:29:db:2e:55:51:5e:2e:a6:fe:82:ec:35:10:68:86:4a:92:
cf:aa:91:22:c4:b5:52:69:d4:14:78:09:a5:f4:b9:15:01:2c:
29:6d:63:ae:9c:00:52:b8:3f:30:c2:51:7e:5c:d7:1f:a4:f7:
25:f7:f3:c4:36:21:88:62:b9:9e:3e:e9:79:ac:7b:f6:23:98:
43:92:99:6c:fe:43:07:03:5e:3a:e4:94:a9:be:c6:8f:cc:3d:
82:0f:a0:c9:40:d5:e5:e9:8c:bb:10:49:ef:33:f2:1e:7b:5e:
73:36:ce:08:d6:70:72:ab:09:7f:8a:25:36:ca:6f:87:91:95:
74:87:21:48
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZij/ybvqrHshsrCBoiboiZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzE4ODE3NzhhMWUxMmY2ZDk3YzUyODhlZmQ0Y2I5NTYz
ZDFkNDkwHhcNMjUwODEzMTUxNDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDNhYzk1MWEzMzRlZmM5ZTM2MGJiYTNiMDUzOGIwNmUyNjJmODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZxrd6YIoAPXvCHktuGH1aaY4y7x
lJsJtfrJU+wXxsZvhjrXHb5op2sk5bdMn8wBKyQrS8ewNuQusedCjWkwNFPLwatJ
jAhlALGEzt7u8JqpQeJpLPa03LldkqcXkJTj+0HsvvrIaektjfAQG6s/Z4ocJQOx
9iVpTKM368VQb9NcfpATjFKlZYX/lGLKc9Y1Emy9B5BqcNMUlO00hmvJdp0YSqQx
VsVXL/wGonGNx5JF7PoQuLiY8zajiQv07DJWvtnzJNEfezk8e67j8lsQa1mqvkyb
hjutik/IzAjDayzggCppM0UOYfsj3Q8UyKIsPSSeLmwg2nV5X+ueSPRrnQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGA6yVGjNO/J42C7o7BTiwbiYvgJMB8GA1UdIwQY
MBaAFARxiBd4oeEvbZfFKI79TLlWPR1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgt
NDJlYTQ3YjEyNTM3LzEvWURySlVhTTA3OG5qWUx1anNGT0xCdUppLUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80YThjZmEtNTQyYi00MGIyLThhMDgtNDJlYTQ3YjEyNTM3
LzEvQkhHSUYzaWg0Uzl0bDhVb2p2MU11Vlk5SFVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBAC5dDUD
BAO5dDAwGgQCAAIwFDASAwcAKgZ6QAABAwcAKgZ6QAACMA0GCSqGSIb3DQEBCwUA
A4IBAQDEM2HKY0szD3QPD9GyTAn23JMs+ZfbaOVw5WYRLJy8LmDtA+mjEwg8jyWz
iwuxwWsm1AswdER0riLT48JpM3dRucNyW8wU+Daay034zqBXXumt9BYt003eDvTv
z8x9jBCWbkjpmcjjAwlStcJyL4/pVXCpWIarLNudC0UIOk4xKdsuVVFeLqb+guw1
EGiGSpLPqpEixLVSadQUeAml9LkVASwpbWOunABSuD8wwlF+XNcfpPcl9/PENiGI
YrmePul5rHv2I5hDkpls/kMHA1465JSpvsaPzD2CD6DJQNXl6Yy7EEnvM/Iee15z
Ns4I1nByqwl/iiU2ym+HkZV0hyFI
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:23:50 2025 by rpki-client