Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/yWlbkrEj2-GR1WBLh_nb3kwtTP4.roa
File: yWlbkrEj2-GR1WBLh_nb3kwtTP4.roa (raw, json)
Hash identifier: M9mG3BDKpakDn8xVlL2w2ltK4fDQEQSGSLniQRr2b/4=
Subject key identifier: C9:69:5B:92:B1:23:DB:E1:91:D5:60:4B:87:F9:DB:DE:4C:2D:4C:FE
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0199D2D6373B9BB41A4DF93674DF8F4D2920
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/yWlbkrEj2-GR1WBLh_nb3kwtTP4.roa
Signing time: Sat 11 Oct 2025 10:34:38 +0000
ROA not before: Sat 11 Oct 2025 10:34:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55201
IP address blocks: 2a02:afc1::/32 maxlen: 40
2a06:da41::/32 maxlen: 40
2a0b:1f01::/32 maxlen: 40
2a0e:31c1::/32 maxlen: 40
2a0f:22c1::/32 maxlen: 40
2a0f:cf41::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d2:d6:37:3b:9b:b4:1a:4d:f9:36:74:df:8f:4d:29:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Oct 11 10:34:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9695b92b123dbe191d5604b87f9dbde4c2d4cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7b:25:26:91:fa:2c:5d:89:82:0e:e0:02:95:
2e:ba:41:79:9c:74:0f:aa:34:7d:a0:ae:40:44:14:
ed:5c:d5:03:cc:c0:7c:09:52:d8:dc:07:4e:b1:92:
01:f7:ef:86:43:91:b4:ac:30:35:9f:87:ba:39:5a:
ec:fa:53:46:9e:56:1f:23:3b:73:e6:04:55:80:2c:
25:eb:05:85:37:fa:08:c1:20:8f:98:76:9e:4f:a5:
05:f7:fa:c7:9b:d1:67:63:25:dd:eb:8f:60:b9:a8:
a4:68:aa:18:f3:f1:23:fe:20:cd:ca:5f:e7:e9:49:
bb:b7:5c:31:dc:9c:71:01:29:4d:d9:7c:4b:fa:ee:
c7:0f:fe:06:7c:0e:80:7d:14:30:6f:7c:68:37:23:
7d:fa:7f:03:87:29:ad:62:70:2d:ef:df:ff:14:3a:
bd:c3:a2:7b:59:a0:f1:42:4b:94:e8:b6:ac:08:83:
02:c9:ce:9c:75:01:63:c4:98:65:00:d1:2b:d8:00:
a0:0a:3f:a4:78:3b:19:97:6e:73:e6:2e:e4:36:78:
2a:5f:24:73:8f:cf:2a:47:8f:03:9c:e1:ce:6b:79:
50:82:ff:4a:32:22:c5:94:1f:6d:3d:0f:44:34:cd:
03:48:fb:82:96:59:f8:9f:83:7b:a7:15:5e:6c:9e:
24:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:69:5B:92:B1:23:DB:E1:91:D5:60:4B:87:F9:DB:DE:4C:2D:4C:FE
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/yWlbkrEj2-GR1WBLh_nb3kwtTP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:afc1::/32
2a06:da41::/32
2a0b:1f01::/32
2a0e:31c1::/32
2a0f:22c1::/32
2a0f:cf41::/32
Signature Algorithm: sha256WithRSAEncryption
47:55:21:75:0c:36:dd:a9:31:fc:75:84:ec:1e:6a:19:ef:a6:
77:74:33:e0:6e:4f:c8:b6:e0:77:cc:72:b4:f2:25:6e:8d:3c:
e8:b6:b6:46:4c:dc:e0:f1:46:13:4a:56:3b:82:8e:a4:3f:f1:
6a:b4:29:a7:1e:d8:5c:c5:d9:72:7f:44:8d:dd:f2:00:66:7c:
09:d4:2e:2a:8c:15:2f:88:5a:c6:5b:cd:01:f6:37:e5:70:ec:
a2:5e:fc:69:ac:f9:3b:f1:50:e0:a0:a4:e9:e2:c9:ba:f6:13:
be:8c:1b:83:d6:29:21:d0:0b:8b:4b:db:80:18:e1:17:e3:9c:
77:ad:e7:10:d7:53:bc:49:b0:a4:fd:49:32:c7:ea:f1:61:a1:
d4:00:0b:71:da:39:ab:49:7a:d8:40:8e:62:97:f9:97:5a:44:
34:c2:32:1c:1e:70:b1:ca:8a:69:20:48:76:6f:43:8e:5c:3a:
2b:16:c2:7a:74:bf:c4:78:c5:e7:48:51:ec:e9:a6:ed:94:2b:
05:5f:78:94:ff:83:e1:51:04:c5:f3:64:e7:5d:4a:16:e0:be:
3e:f1:7d:55:58:91:19:87:d6:d4:1c:83:ee:24:d1:8f:bd:f4:
b3:6c:fa:91:ba:4b:26:e6:50:96:8b:a5:c3:03:5e:76:9a:54:
b6:66:df:c7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZnS1jc7m7QaTfk2dN+PTSkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUxMDExMTAzNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTY5NWI5MmIxMjNkYmUxOTFkNTYwNGI4N2Y5ZGJkZTRjMmQ0Y2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHslJpH6LF2Jgg7gApUuukF5nHQP
qjR9oK5ARBTtXNUDzMB8CVLY3AdOsZIB9++GQ5G0rDA1n4e6OVrs+lNGnlYfIztz
5gRVgCwl6wWFN/oIwSCPmHaeT6UF9/rHm9FnYyXd649guaikaKoY8/Ej/iDNyl/n
6Um7t1wx3JxxASlN2XxL+u7HD/4GfA6AfRQwb3xoNyN9+n8DhymtYnAt79//FDq9
w6J7WaDxQkuU6LasCIMCyc6cdQFjxJhlANEr2ACgCj+keDsZl25z5i7kNngqXyRz
j88qR48DnOHOa3lQgv9KMiLFlB9tPQ9ENM0DSPuClln4n4N7pxVebJ4kMQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMlpW5KxI9vhkdVgS4f5295MLUz+MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEveVdsYmtyRWoyLUdSMVdCTGhfbmIza3d0VFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgKvwQMF
ACoG2kEDBQAqCx8BAwUAKg4xwQMFACoPIsEDBQAqD89BMA0GCSqGSIb3DQEBCwUA
A4IBAQBHVSF1DDbdqTH8dYTsHmoZ76Z3dDPgbk/ItuB3zHK08iVujTzotrZGTNzg
8UYTSlY7go6kP/FqtCmnHthcxdlyf0SN3fIAZnwJ1C4qjBUviFrGW80B9jflcOyi
XvxprPk78VDgoKTp4sm69hO+jBuD1ikh0AuLS9uAGOEX45x3recQ11O8SbCk/Uky
x+rxYaHUAAtx2jmrSXrYQI5il/mXWkQ0wjIcHnCxyoppIEh2b0OOXDorFsJ6dL/E
eMXnSFHs6abtlCsFX3iU/4PhUQTF82TnXUoW4L4+8X1VWJEZh9bUHIPuJNGPvfSz
bPqRuksm5lCWi6XDA152mlS2Zt/H
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:13:20 2025 by rpki-client