Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/yK9I_Dq0dnDtl5O0ucRUFXoP4aE.roa
File: yK9I_Dq0dnDtl5O0ucRUFXoP4aE.roa (raw, json)
Hash identifier: PGylBrCxpXUuJKJIZQYtMcn+wp1/7qgRRy5jjVM0Q3I=
Subject key identifier: C8:AF:48:FC:3A:B4:76:70:ED:97:93:B4:B9:C4:54:15:7A:0F:E1:A1
Certificate issuer: /CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Certificate serial: 0198D2371EAFBD856EF073479D8D537F530C
Authority key identifier: 55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/yK9I_Dq0dnDtl5O0ucRUFXoP4aE.roa
Signing time: Fri 22 Aug 2025 14:38:04 +0000
ROA not before: Fri 22 Aug 2025 14:38:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 91.186.194.0/23 maxlen: 24
94.241.160.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d2:37:1e:af:bd:85:6e:f0:73:47:9d:8d:53:7f:53:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Validity
Not Before: Aug 22 14:38:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8af48fc3ab47670ed9793b4b9c454157a0fe1a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:80:7e:60:e4:e1:75:9b:58:04:58:88:b6:2f:
b8:49:87:ae:e7:a1:0c:db:c4:26:70:ce:d4:11:3c:
d6:28:07:47:7a:52:0a:43:72:e8:ab:fb:35:56:9a:
37:8c:7b:89:5a:cf:d7:9d:75:f3:5e:ed:d8:b6:a8:
95:12:4e:93:da:1a:6c:71:a3:da:a5:a3:01:b6:bd:
40:a7:2c:9c:2d:a6:47:12:20:33:87:b1:77:b1:ef:
1d:98:95:b7:bb:a2:87:f4:c4:81:bf:72:32:53:06:
9e:a5:49:45:23:a4:22:47:72:0b:2c:12:4a:d8:10:
dc:da:5b:32:67:71:3a:5a:e4:83:41:f7:22:82:4d:
42:26:95:63:67:44:ed:cc:56:bb:81:20:0f:3a:a3:
3e:ae:69:be:d0:34:98:73:b7:d4:3c:0d:0b:f0:b0:
45:3d:42:19:07:f8:5f:b5:00:fb:a4:83:42:86:59:
b2:b8:fd:ff:0e:a7:59:01:94:f8:38:29:f8:d5:45:
48:55:07:20:43:22:64:ad:02:6d:5c:98:7e:0e:56:
f8:62:80:a8:c8:d6:1c:e9:43:97:fd:f3:0a:7b:b7:
a8:08:42:18:ce:25:28:93:2d:f2:e3:fe:e6:11:cb:
7b:73:7b:89:45:01:02:62:6c:0d:47:ef:8f:e3:da:
c7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:AF:48:FC:3A:B4:76:70:ED:97:93:B4:B9:C4:54:15:7A:0F:E1:A1
X509v3 Authority Key Identifier:
keyid:55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/yK9I_Dq0dnDtl5O0ucRUFXoP4aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.186.194.0/23
94.241.160.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:c7:99:60:e4:8a:fa:69:5c:b3:04:b1:97:60:bf:78:d7:9e:
d9:b3:90:66:8c:c6:99:f0:25:05:64:55:b5:b2:10:2a:38:ca:
eb:7e:99:e0:31:9e:d6:be:79:02:b4:dc:14:a7:f1:63:19:07:
db:5b:15:ed:64:af:8f:93:2f:b0:93:88:0e:86:eb:fc:44:f5:
e4:41:8a:29:dd:93:0c:34:38:f8:42:79:81:ad:1d:d8:67:72:
d6:38:c4:a6:d1:4c:c7:bf:df:ce:54:a4:63:e9:85:61:95:5a:
7f:2a:d1:44:19:a0:15:b0:34:63:3b:bb:fb:02:a0:f4:c3:7c:
37:17:61:db:a8:5e:9b:21:ca:99:f3:81:b0:34:61:1f:76:49:
fa:22:cb:47:91:5c:e8:55:58:be:0f:2f:20:27:a4:29:37:12:
b0:d3:15:b3:39:ea:50:bc:97:40:45:2d:9c:6e:7a:74:9b:b7:
fd:8b:20:d8:46:50:a8:22:72:77:60:8d:57:7a:2e:b0:a0:45:
0f:ce:d2:64:09:53:9b:af:0b:f9:0b:7e:bf:c6:1d:05:74:2a:
4d:03:23:96:6e:e4:76:68:3c:63:fc:e5:9c:3c:a5:51:56:37:
53:6f:bb:aa:8b:96:c8:c2:f5:6f:4a:a4:09:2d:61:60:a8:d2:
21:fb:51:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjSNx6vvYVu8HNHnY1Tf1MMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YmFmMjY5Njc1MTBiM2M1MmU0NmQxZGM1OTM5NjdjZGYy
OWY5YzkwHhcNMjUwODIyMTQzODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGFmNDhmYzNhYjQ3NjcwZWQ5NzkzYjRiOWM0NTQxNTdhMGZlMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4B+YOThdZtYBFiIti+4SYeu56EM
28QmcM7UETzWKAdHelIKQ3Loq/s1Vpo3jHuJWs/XnXXzXu3YtqiVEk6T2hpscaPa
paMBtr1ApyycLaZHEiAzh7F3se8dmJW3u6KH9MSBv3IyUwaepUlFI6QiR3ILLBJK
2BDc2lsyZ3E6WuSDQfcigk1CJpVjZ0TtzFa7gSAPOqM+rmm+0DSYc7fUPA0L8LBF
PUIZB/hftQD7pINChlmyuP3/DqdZAZT4OCn41UVIVQcgQyJkrQJtXJh+Dlb4YoCo
yNYc6UOX/fMKe7eoCEIYziUoky3y4/7mEct7c3uJRQECYmwNR++P49rHtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMivSPw6tHZw7ZeTtLnEVBV6D+GhMB8GA1UdIwQY
MBaAFFW68mlnUQs8UuRtHcWTlnzfKfnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAt
NDlmOTgxZWU1OTgxLzEveUs5SV9EcTBkbkR0bDVPMHVjUlVGWG9QNGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAtNDlmOTgxZWU1OTgx
LzEvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW7rCAwQB
XvGgMA0GCSqGSIb3DQEBCwUAA4IBAQCwx5lg5Ir6aVyzBLGXYL94157Zs5BmjMaZ
8CUFZFW1shAqOMrrfpngMZ7WvnkCtNwUp/FjGQfbWxXtZK+Pky+wk4gOhuv8RPXk
QYop3ZMMNDj4QnmBrR3YZ3LWOMSm0UzHv9/OVKRj6YVhlVp/KtFEGaAVsDRjO7v7
AqD0w3w3F2HbqF6bIcqZ84GwNGEfdkn6IstHkVzoVVi+Dy8gJ6QpNxKw0xWzOepQ
vJdARS2cbnp0m7f9iyDYRlCoInJ3YI1Xei6woEUPztJkCVObrwv5C36/xh0FdCpN
AyOWbuR2aDxj/OWcPKVRVjdTb7uqi5bIwvVvSqQJLWFgqNIh+1Ff
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:13:49 2025 by rpki-client