Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/yc0pX0Fb7PPhG8TPyoyu-5mMklc.roa
File: yc0pX0Fb7PPhG8TPyoyu-5mMklc.roa (raw, json)
Hash identifier: Zn5+vWlcQFPTjSf1Ejk0oLrtrIbVuhYDnpKmLmvFNb4=
Subject key identifier: C9:CD:29:5F:41:5B:EC:F3:E1:1B:C4:CF:CA:8C:AE:FB:99:8C:92:57
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 0199949A9650F79DFF9A6630B4583FC72F4C
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/yc0pX0Fb7PPhG8TPyoyu-5mMklc.roa
Signing time: Mon 29 Sep 2025 08:33:02 +0000
ROA not before: Mon 29 Sep 2025 08:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25186
IP address blocks: 81.80.17.0/24 maxlen: 24
81.80.72.0/24 maxlen: 24
90.82.88.0/24 maxlen: 24
194.2.39.0/27 maxlen: 27
194.2.78.0/27 maxlen: 27
194.2.78.32/27 maxlen: 27
194.3.255.0/24 maxlen: 24
195.6.9.0/24 maxlen: 24
195.6.20.0/24 maxlen: 24
195.6.66.0/24 maxlen: 24
195.6.67.0/24 maxlen: 24
195.6.171.0/24 maxlen: 24
195.6.174.0/24 maxlen: 24
195.6.230.0/24 maxlen: 24
217.167.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:94:9a:96:50:f7:9d:ff:9a:66:30:b4:58:3f:c7:2f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Sep 29 08:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9cd295f415becf3e11bc4cfca8caefb998c9257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8f:bf:27:78:32:70:a3:ef:b3:19:f3:2d:b5:
15:7c:63:9f:fa:a6:ac:a3:46:db:80:d2:24:41:d8:
2d:bb:09:b0:de:3a:23:d9:8f:d8:8d:50:ee:3a:e4:
7d:14:99:d9:59:bd:5f:f5:e0:8c:ec:66:13:94:ab:
08:74:44:a1:87:a8:2c:a3:f2:1a:8b:73:40:48:7f:
a0:a7:c9:0c:3f:6e:b2:fd:53:32:e5:36:c7:bc:47:
92:62:a2:6d:e7:7a:dd:53:e7:54:06:3a:e8:89:58:
70:ec:f9:ea:f7:cd:6c:ed:f7:e9:00:7b:b7:75:09:
8c:f2:0b:1b:75:75:10:65:fc:1f:e9:ed:fe:2f:81:
87:ed:2b:d5:d3:77:e4:75:94:6e:82:c2:46:da:9d:
29:52:fb:3b:01:20:54:78:c3:97:c8:c1:30:4c:64:
2e:5b:5e:1a:fd:c5:c8:7f:b1:7d:33:24:dd:5c:65:
a9:7c:24:c0:28:46:69:83:6b:08:a6:f2:b9:d5:de:
c5:bb:62:bc:9d:4e:5e:05:4e:63:e9:66:4a:95:64:
93:23:67:c8:49:dd:c0:99:fb:2f:06:0d:28:4e:86:
64:e5:46:bc:6c:08:31:5c:3f:39:dd:9b:ed:89:4e:
30:58:4b:20:08:51:af:1c:8b:ab:25:8e:89:e8:8a:
dd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:CD:29:5F:41:5B:EC:F3:E1:1B:C4:CF:CA:8C:AE:FB:99:8C:92:57
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/yc0pX0Fb7PPhG8TPyoyu-5mMklc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.80.17.0/24
81.80.72.0/24
90.82.88.0/24
194.2.39.0/27
194.2.78.0/26
194.3.255.0/24
195.6.9.0/24
195.6.20.0/24
195.6.66.0/23
195.6.171.0/24
195.6.174.0/24
195.6.230.0/24
217.167.104.0/24
Signature Algorithm: sha256WithRSAEncryption
81:23:cd:3c:e6:7a:94:ed:72:71:98:f9:35:3d:e6:e7:e1:36:
e8:a5:f3:da:1a:28:0d:07:b0:09:14:ba:18:0a:4d:c4:96:e7:
00:66:34:c6:58:98:ed:86:09:74:1d:60:5f:a4:b0:4f:07:3a:
71:b5:9d:eb:3f:be:b3:3c:34:5f:ed:4d:40:a7:8e:7c:21:42:
d6:ec:8f:b4:fe:d4:4b:ad:4c:95:c7:a1:ab:96:4a:a8:f2:d0:
a3:89:84:16:72:24:8a:e9:ee:0e:db:16:44:e0:39:27:44:a5:
08:05:c5:d4:20:e3:11:34:94:1f:70:dd:7e:4e:04:6c:01:25:
fe:46:cb:78:ec:f4:b2:09:50:c2:3a:33:a6:a7:74:54:4d:48:
68:0c:bb:23:ee:4d:31:c3:7c:10:d6:d4:79:3a:01:06:48:f5:
af:96:9b:8a:76:d0:6c:56:9a:4a:07:08:41:2d:6e:1a:61:fd:
18:e2:9e:de:3c:c4:2f:10:1c:ae:ab:58:9e:53:33:5e:41:51:
5e:aa:d6:3d:8f:69:76:54:4d:a4:8e:98:41:6b:99:89:90:0e:
83:84:58:2b:2a:eb:c5:2b:2a:22:4c:e2:41:83:9d:97:06:10:
ce:4b:5e:b4:c0:6d:df:c5:10:a5:42:1a:de:ae:73:ed:df:3c:
2f:98:de:56
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZmUmpZQ953/mmYwtFg/xy9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwOTI5MDgzMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWNkMjk1ZjQxNWJlY2YzZTExYmM0Y2ZjYThjYWVmYjk5OGM5MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1I+/J3gycKPvsxnzLbUVfGOf+qas
o0bbgNIkQdgtuwmw3joj2Y/YjVDuOuR9FJnZWb1f9eCM7GYTlKsIdEShh6gso/Ia
i3NASH+gp8kMP26y/VMy5TbHvEeSYqJt53rdU+dUBjroiVhw7Pnq981s7ffpAHu3
dQmM8gsbdXUQZfwf6e3+L4GH7SvV03fkdZRugsJG2p0pUvs7ASBUeMOXyMEwTGQu
W14a/cXIf7F9MyTdXGWpfCTAKEZpg2sIpvK51d7Fu2K8nU5eBU5j6WZKlWSTI2fI
Sd3AmfsvBg0oToZk5Ua8bAgxXD853ZvtiU4wWEsgCFGvHIurJY6J6IrdrQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFMnNKV9BW+zz4RvEz8qMrvuZjJJXMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEveWMwcFgwRmI3UFBoRzhUUHlveXUtNW1Na2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUVARAwQA
UVBIAwQAWlJYAwUFwgInAAMFBsICTgADBADCA/8DBADDBgkDBADDBhQDBAHDBkID
BADDBqsDBADDBq4DBADDBuYDBADZp2gwDQYJKoZIhvcNAQELBQADggEBAIEjzTzm
epTtcnGY+TU95ufhNuil89oaKA0HsAkUuhgKTcSW5wBmNMZYmO2GCXQdYF+ksE8H
OnG1nes/vrM8NF/tTUCnjnwhQtbsj7T+1EutTJXHoauWSqjy0KOJhBZyJIrp7g7b
FkTgOSdEpQgFxdQg4xE0lB9w3X5OBGwBJf5Gy3js9LIJUMI6M6andFRNSGgMuyPu
TTHDfBDW1Hk6AQZI9a+Wm4p20GxWmkoHCEEtbhph/Rjint48xC8QHK6rWJ5TM15B
UV6q1j2PaXZUTaSOmEFrmYmQDoOEWCsq68UrKiJM4kGDnZcGEM5LXrTAbd/FEKVC
Gt6uc+3fPC+Y3lY=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:20 2025 by rpki-client