Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/951b18-5244-4b2b-a22d-ed5f00c95067/1/efy5oJUo9vlNOp71j63zeVEmmxU.roa
File: efy5oJUo9vlNOp71j63zeVEmmxU.roa (raw, json)
Hash identifier: CC82OGeCqrXuJ1H3eqUShF4IKs0H5muAyFZDrElp2iw=
Subject key identifier: 79:FC:B9:A0:95:28:F6:F9:4D:3A:9E:F5:8F:AD:F3:79:51:26:9B:15
Certificate issuer: /CN=20fa4eddb21f0901923c189f41e8f5c749a65829
Certificate serial: 01994DA6E14CE0E0F066F61ACE95971EDB34
Authority key identifier: 20:FA:4E:DD:B2:1F:09:01:92:3C:18:9F:41:E8:F5:C7:49:A6:58:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPpO3bIfCQGSPBifQej1x0mmWCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/951b18-5244-4b2b-a22d-ed5f00c95067/1/efy5oJUo9vlNOp71j63zeVEmmxU.roa
Signing time: Mon 15 Sep 2025 13:53:26 +0000
ROA not before: Mon 15 Sep 2025 13:53:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200302
IP address blocks: 94.242.0.0/19 maxlen: 19
94.242.32.0/20 maxlen: 20
2a00:1838:aaaa::/48 maxlen: 48
2a00:1838:cccc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/951b18-5244-4b2b-a22d-ed5f00c95067/1/IPpO3bIfCQGSPBifQej1x0mmWCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/951b18-5244-4b2b-a22d-ed5f00c95067/1/IPpO3bIfCQGSPBifQej1x0mmWCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/IPpO3bIfCQGSPBifQej1x0mmWCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4d:a6:e1:4c:e0:e0:f0:66:f6:1a:ce:95:97:1e:db:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20fa4eddb21f0901923c189f41e8f5c749a65829
Validity
Not Before: Sep 15 13:53:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79fcb9a09528f6f94d3a9ef58fadf37951269b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:34:cc:ff:86:2f:fb:f7:18:ff:b1:6c:33:0a:
fb:d3:c0:ad:e1:d3:39:f9:9b:6a:4a:2b:2a:64:08:
3c:42:a7:81:82:04:03:f6:8c:0d:54:3d:5b:9c:09:
bf:c5:b0:5f:89:71:7a:28:7d:09:7a:0e:b3:4f:84:
69:a5:a0:0a:e5:00:10:b9:d4:79:c9:92:ef:70:9a:
f1:e5:2a:f0:fd:d5:bc:28:0a:8c:45:0e:6f:9c:94:
d3:d9:7a:51:5f:0c:76:69:79:ff:d4:e4:03:47:74:
78:b7:74:12:bd:5e:b9:b3:af:02:be:a6:23:78:98:
03:35:fe:3b:3f:21:4e:51:e3:8c:a3:f2:c0:bf:8b:
71:97:ee:52:91:1b:7c:8a:7d:8b:83:a8:00:f0:24:
0d:94:37:80:b6:f4:76:e7:42:01:92:4b:81:a3:04:
a7:10:98:ec:95:b0:a2:cb:93:72:a8:a7:1d:9b:6f:
00:9d:d4:3f:84:0d:f6:97:e9:52:49:95:ee:28:1a:
9d:16:b5:18:38:88:3f:ad:53:56:c4:4d:de:0b:4d:
62:c0:d2:be:7e:7c:b8:0f:cf:30:58:85:a4:18:d6:
89:6b:da:73:29:c6:94:01:8e:cf:0d:69:57:df:47:
33:27:a3:c0:6a:d8:9f:4b:21:3d:f3:ff:67:53:72:
d6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:FC:B9:A0:95:28:F6:F9:4D:3A:9E:F5:8F:AD:F3:79:51:26:9B:15
X509v3 Authority Key Identifier:
keyid:20:FA:4E:DD:B2:1F:09:01:92:3C:18:9F:41:E8:F5:C7:49:A6:58:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPpO3bIfCQGSPBifQej1x0mmWCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/951b18-5244-4b2b-a22d-ed5f00c95067/1/efy5oJUo9vlNOp71j63zeVEmmxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/951b18-5244-4b2b-a22d-ed5f00c95067/1/IPpO3bIfCQGSPBifQej1x0mmWCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.242.0.0-94.242.47.255
IPv6:
2a00:1838:aaaa::/48
2a00:1838:cccc::/48
Signature Algorithm: sha256WithRSAEncryption
c7:ac:c3:af:ec:b2:8f:05:a6:38:d0:f0:ac:9c:ba:b6:f0:31:
f0:35:1c:e9:40:7f:f8:09:93:2d:13:25:96:fd:79:99:a9:24:
fe:3e:41:29:2a:93:69:a0:a4:30:e6:7a:9c:73:22:2e:47:21:
21:2f:51:b2:dc:5f:75:6e:e5:0a:3a:1a:3d:c5:3b:85:dc:5a:
3b:fe:b7:7f:c4:70:e3:bf:63:1b:58:d4:28:0a:34:ac:1e:fd:
f4:31:d3:45:52:de:de:76:4d:26:58:7d:21:8e:ac:ee:49:6f:
eb:a6:19:2d:ed:ab:22:68:46:e3:dc:fc:38:58:e9:ff:df:c4:
00:65:5c:1d:e7:bc:6e:ff:9b:37:fd:fb:94:a1:37:6e:70:f3:
23:42:84:fd:15:05:bb:fc:28:35:c1:fd:40:ec:73:da:07:51:
25:a7:df:28:3d:ae:de:79:55:54:35:1e:b4:bb:03:15:6f:89:
06:95:e1:d7:62:e2:70:4c:95:38:80:35:f8:6a:b0:93:72:70:
03:7f:15:01:03:c4:4b:90:e6:41:08:56:c0:47:78:40:31:ac:
a6:79:49:8b:d3:3b:41:b9:59:20:65:f8:03:c9:28:4b:66:2f:
08:14:44:1a:b1:fb:af:0f:40:54:0e:da:b1:80:cb:e1:62:e6:
7e:56:58:f5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZlNpuFM4ODwZvYazpWXHts0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZmE0ZWRkYjIxZjA5MDE5MjNjMTg5ZjQxZThmNWM3NDlh
NjU4MjkwHhcNMjUwOTE1MTM1MzI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWZjYjlhMDk1MjhmNmY5NGQzYTllZjU4ZmFkZjM3OTUxMjY5YjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjTM/4Yv+/cY/7FsMwr708Ct4dM5
+ZtqSisqZAg8QqeBggQD9owNVD1bnAm/xbBfiXF6KH0Jeg6zT4RppaAK5QAQudR5
yZLvcJrx5Srw/dW8KAqMRQ5vnJTT2XpRXwx2aXn/1OQDR3R4t3QSvV65s68CvqYj
eJgDNf47PyFOUeOMo/LAv4txl+5SkRt8in2Lg6gA8CQNlDeAtvR250IBkkuBowSn
EJjslbCiy5NyqKcdm28AndQ/hA32l+lSSZXuKBqdFrUYOIg/rVNWxE3eC01iwNK+
fny4D88wWIWkGNaJa9pzKcaUAY7PDWlX30czJ6PAatifSyE98/9nU3LW0wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHn8uaCVKPb5TTqe9Y+t83lRJpsVMB8GA1UdIwQY
MBaAFCD6Tt2yHwkBkjwYn0Ho9cdJplgpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBwTzNiSWZDUUdTUEJpZlFlajF4MG1tV0NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85NTFiMTgtNTI0NC00YjJiLWEyMmQt
ZWQ1ZjAwYzk1MDY3LzEvZWZ5NW9KVW85dmxOT3A3MWo2M3plVkVtbXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85NTFiMTgtNTI0NC00YjJiLWEyMmQtZWQ1ZjAwYzk1MDY3
LzEvSVBwTzNiSWZDUUdTUEJpZlFlajF4MG1tV0NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzATBAIAATANMAsDAwFe8gME
BF7yIDAYBAIAAjASAwcAKgAYOKqqAwcAKgAYOMzMMA0GCSqGSIb3DQEBCwUAA4IB
AQDHrMOv7LKPBaY40PCsnLq28DHwNRzpQH/4CZMtEyWW/XmZqST+PkEpKpNpoKQw
5nqccyIuRyEhL1Gy3F91buUKOho9xTuF3Fo7/rd/xHDjv2MbWNQoCjSsHv30MdNF
Ut7edk0mWH0hjqzuSW/rphkt7asiaEbj3Pw4WOn/38QAZVwd57xu/5s3/fuUoTdu
cPMjQoT9FQW7/Cg1wf1A7HPaB1Elp98oPa7eeVVUNR60uwMVb4kGleHXYuJwTJU4
gDX4arCTcnADfxUBA8RLkOZBCFbAR3hAMaymeUmL0ztBuVkgZfgDyShLZi8IFEQa
sfuvD0BUDtqxgMvhYuZ+Vlj1
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:36:31 2025 by rpki-client