Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/yCaHWvL_AiksDwFoCiFxm6bABT8.roa
File: yCaHWvL_AiksDwFoCiFxm6bABT8.roa (raw, json)
Hash identifier: 5pG/4JjPAr+yjin6VDP+CajWtJLqJ6Va//r9XfV+zU0=
Subject key identifier: C8:26:87:5A:F2:FF:02:29:2C:0F:01:68:0A:21:71:9B:A6:C0:05:3F
Certificate issuer: /CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Certificate serial: 0199C3AC6119B1FC7935D2DDFAECFA720609
Authority key identifier: 90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/yCaHWvL_AiksDwFoCiFxm6bABT8.roa
Signing time: Wed 08 Oct 2025 11:54:38 +0000
ROA not before: Wed 08 Oct 2025 11:54:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15874
IP address blocks: 37.130.0.0/18 maxlen: 24
37.130.49.0/24 maxlen: 24
37.130.55.0/24 maxlen: 24
46.174.232.0/21 maxlen: 24
46.174.232.0/22 maxlen: 22
46.174.236.0/23 maxlen: 23
46.174.238.0/24 maxlen: 24
91.231.24.0/24 maxlen: 24
91.231.26.0/24 maxlen: 24
185.237.56.0/22 maxlen: 24
2a0c:1680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c3:ac:61:19:b1:fc:79:35:d2:dd:fa:ec:fa:72:06:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Validity
Not Before: Oct 8 11:54:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c826875af2ff02292c0f01680a21719ba6c0053f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e5:97:56:85:03:49:23:aa:2e:d4:a9:8b:09:
75:dd:e6:8d:74:cd:fa:46:b2:e8:21:c6:65:85:11:
95:fa:29:b0:0f:03:d9:9e:e4:61:de:5a:02:b6:87:
47:46:c1:5d:9e:e8:83:75:4f:19:ed:ff:61:a4:e0:
a9:5d:31:5b:39:b0:02:3b:78:f8:3a:ab:15:4e:bd:
97:90:bf:51:8e:ab:97:93:ea:87:c5:db:fa:ff:b3:
16:04:8a:e8:19:ba:c2:5a:6b:8d:6a:e7:5a:6a:f3:
8e:5f:97:8f:42:c9:78:2f:7e:25:2c:41:eb:0c:9f:
86:33:ba:da:2a:bb:f4:fb:b9:d5:0a:a3:43:66:d0:
4b:a8:9f:90:a5:fc:48:9a:e1:4a:2a:82:8b:78:3d:
ad:33:92:aa:65:15:94:30:10:aa:b1:77:bd:8c:fc:
06:53:07:8f:0e:10:97:16:ff:7d:94:13:99:34:9c:
3e:0d:d7:f9:66:55:c2:6e:75:4d:02:32:a3:d9:13:
3a:90:bd:7a:12:91:41:b4:d5:0d:7f:f6:b8:6c:74:
38:ff:e7:f3:f4:32:07:f5:3c:88:a6:2d:90:14:22:
99:b1:12:6c:55:3e:6e:4a:34:93:24:57:be:51:14:
bc:c2:9b:fc:62:04:64:79:9f:60:d2:e0:b0:2e:70:
0f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:26:87:5A:F2:FF:02:29:2C:0F:01:68:0A:21:71:9B:A6:C0:05:3F
X509v3 Authority Key Identifier:
keyid:90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/yCaHWvL_AiksDwFoCiFxm6bABT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.0.0/18
46.174.232.0/21
91.231.24.0/24
91.231.26.0/24
185.237.56.0/22
IPv6:
2a0c:1680::/29
Signature Algorithm: sha256WithRSAEncryption
8b:4e:ff:03:d5:ec:68:21:08:d8:8a:63:dd:02:a8:61:30:5d:
1b:78:1b:5e:f3:31:52:1f:ad:75:6a:2e:aa:0b:75:9b:d2:54:
1b:d0:96:98:a5:87:4c:ed:98:c9:af:14:c6:02:64:78:cf:be:
88:3d:64:55:e0:aa:75:23:c6:95:fb:54:7b:24:4d:4f:e3:1d:
a9:e6:46:77:62:fe:c0:93:57:f3:96:80:4c:6f:fd:33:53:3c:
a6:f0:ee:3d:e1:08:fc:96:54:d4:dc:3d:f1:87:40:a6:2e:65:
8f:9c:7e:ee:07:5b:28:e6:fd:77:ba:10:6d:68:d9:6b:79:66:
d0:29:7c:12:62:f4:fe:84:c5:49:1c:5b:08:31:a0:53:89:ce:
b1:1b:58:42:fa:11:38:c3:2a:bb:86:f2:d6:d1:18:6c:f9:4d:
8b:20:9b:c4:50:fc:d0:ad:f0:7c:31:0f:4e:0b:2c:ed:e6:53:
6b:65:f8:3c:73:79:fa:2e:f0:31:55:ea:39:2b:7c:7c:f2:19:
c4:1d:90:24:fa:36:c0:b8:46:01:ad:71:d7:7f:96:c4:33:97:
14:3e:71:ce:ee:dc:b5:bc:37:a5:13:67:f0:fc:d7:c7:25:4c:
ef:c9:c7:c2:f6:b5:42:2d:1a:08:50:27:21:d4:7d:a9:1e:79:
e3:be:5d:79
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZnDrGEZsfx5NdLd+uz6cgYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjhhMTU0NjZjM2ZmMWU5MTVkNzgwYTEwYjBiYWE5YWQ2
OTQ4NjAwHhcNMjUxMDA4MTE1NDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODI2ODc1YWYyZmYwMjI5MmMwZjAxNjgwYTIxNzE5YmE2YzAwNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+WXVoUDSSOqLtSpiwl13eaNdM36
RrLoIcZlhRGV+imwDwPZnuRh3loCtodHRsFdnuiDdU8Z7f9hpOCpXTFbObACO3j4
OqsVTr2XkL9RjquXk+qHxdv6/7MWBIroGbrCWmuNaudaavOOX5ePQsl4L34lLEHr
DJ+GM7raKrv0+7nVCqNDZtBLqJ+QpfxImuFKKoKLeD2tM5KqZRWUMBCqsXe9jPwG
UwePDhCXFv99lBOZNJw+Ddf5ZlXCbnVNAjKj2RM6kL16EpFBtNUNf/a4bHQ4/+fz
9DIH9TyIpi2QFCKZsRJsVT5uSjSTJFe+URS8wpv8YgRkeZ9g0uCwLnAPgwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMgmh1ry/wIpLA8BaAohcZumwAU/MB8GA1UdIwQY
MBaAFJC4oVRmw/8ekV14ChCwuqmtaUhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDct
NzhlOTk3ODY5OTUyLzEveUNhSFd2TF9BaWtzRHdGb0NpRnhtNmJBQlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDctNzhlOTk3ODY5OTUy
LzEva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGJYIAAwQD
Lq7oAwQAW+cYAwQAW+caAwQCue04MA0EAgACMAcDBQMqDBaAMA0GCSqGSIb3DQEB
CwUAA4IBAQCLTv8D1exoIQjYimPdAqhhMF0beBte8zFSH611ai6qC3Wb0lQb0JaY
pYdM7ZjJrxTGAmR4z76IPWRV4Kp1I8aV+1R7JE1P4x2p5kZ3Yv7Ak1fzloBMb/0z
Uzym8O494Qj8llTU3D3xh0CmLmWPnH7uB1so5v13uhBtaNlreWbQKXwSYvT+hMVJ
HFsIMaBTic6xG1hC+hE4wyq7hvLW0Rhs+U2LIJvEUPzQrfB8MQ9OCyzt5lNrZfg8
c3n6LvAxVeo5K3x88hnEHZAk+jbAuEYBrXHXf5bEM5cUPnHO7ty1vDelE2fw/NfH
JUzvycfC9rVCLRoIUCch1H2pHnnjvl15
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:09 2025 by rpki-client