
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/ysAe9gPPhCsZkqGLoH8Nd4f8kFU.roa
File: ysAe9gPPhCsZkqGLoH8Nd4f8kFU.roa (raw, json)
Hash identifier: fpsD9ECkrPIFTg+vtTdi/ySXoJt5P42w1onB70hUeiw=
Subject key identifier: CA:C0:1E:F6:03:CF:84:2B:19:92:A1:8B:A0:7F:0D:77:87:FC:90:55
Certificate issuer: /CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Certificate serial: 0199296537CDE415BA595828422828C6ED27
Authority key identifier: 10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/ysAe9gPPhCsZkqGLoH8Nd4f8kFU.roa
Signing time: Mon 08 Sep 2025 12:55:23 +0000
ROA not before: Mon 08 Sep 2025 12:55:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2110
IP address blocks: 78.16.0.0/14 maxlen: 14
78.16.0.0/16 maxlen: 16
78.17.0.0/16 maxlen: 16
78.18.0.0/15 maxlen: 15
185.146.180.0/22 maxlen: 22
185.146.180.0/24 maxlen: 24
192.111.39.0/24 maxlen: 24
193.95.128.0/18 maxlen: 24
193.120.0.0/16 maxlen: 16
193.120.52.0/24 maxlen: 24
193.120.216.0/24 maxlen: 24
193.203.128.0/19 maxlen: 19
194.46.192.0/18 maxlen: 18
194.125.0.0/17 maxlen: 17
194.145.128.0/21 maxlen: 21
194.165.160.0/19 maxlen: 19
212.2.160.0/19 maxlen: 19
213.202.128.0/18 maxlen: 18
2001:7c8::/29 maxlen: 29
2001:7c8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:29:65:37:cd:e4:15:ba:59:58:28:42:28:28:c6:ed:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10543a5197eb2544447e9d36b3ebf14452c777eb
Validity
Not Before: Sep 8 12:55:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cac01ef603cf842b1992a18ba07f0d7787fc9055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:62:30:1f:7b:12:71:2f:92:75:7c:7b:c5:2f:
15:e1:c2:f3:4f:f9:54:1e:7a:73:67:68:52:bc:3d:
a1:aa:74:47:60:9f:6b:17:ea:ef:79:5f:53:cc:c0:
7a:72:ef:d3:15:18:58:51:f3:90:5c:b7:3c:f1:85:
4d:a3:b0:06:70:2f:7c:e5:ed:b0:1e:39:3c:16:b3:
0a:d3:f9:39:2d:9d:69:81:aa:97:3d:e1:27:ff:26:
f9:2b:b1:3d:53:13:c0:45:49:d0:8c:81:94:93:cf:
ed:f0:9d:60:3b:0d:d7:96:39:fe:36:e7:54:13:ec:
ca:4e:b1:67:5c:7d:8b:99:e7:ab:87:1b:64:cc:54:
e0:35:6c:21:58:5c:12:42:01:c8:96:74:54:92:88:
f2:2a:55:93:47:cf:6a:c5:0c:7c:3f:f2:6e:d5:f2:
f2:1c:7d:03:f4:37:20:ca:a2:c0:8a:ce:49:cf:ce:
5e:2a:e2:3f:81:3d:8e:7a:85:33:ea:98:8c:2c:18:
ad:15:16:00:ee:38:82:fc:b6:b7:4f:33:c9:a3:b1:
48:4c:8c:cb:67:77:f4:3c:16:ca:a6:4c:f7:19:4e:
61:61:c0:bf:ec:b7:40:60:9e:37:ef:53:b0:ec:6a:
66:51:ea:e7:dc:3c:52:8f:99:bf:3f:3a:6b:cd:05:
c6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C0:1E:F6:03:CF:84:2B:19:92:A1:8B:A0:7F:0D:77:87:FC:90:55
X509v3 Authority Key Identifier:
keyid:10:54:3A:51:97:EB:25:44:44:7E:9D:36:B3:EB:F1:44:52:C7:77:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFQ6UZfrJUREfp02s-vxRFLHd-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/ysAe9gPPhCsZkqGLoH8Nd4f8kFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1be7bc-b642-4a0d-8e6b-f7e0c5e2702e/1/EFQ6UZfrJUREfp02s-vxRFLHd-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.16.0.0/14
185.146.180.0/22
192.111.39.0/24
193.95.128.0/18
193.120.0.0/16
193.203.128.0/19
194.46.192.0/18
194.125.0.0/17
194.145.128.0/21
194.165.160.0/19
212.2.160.0/19
213.202.128.0/18
IPv6:
2001:7c8::/29
Signature Algorithm: sha256WithRSAEncryption
6f:dd:c5:d3:03:7e:2e:c7:78:12:82:d8:3a:5a:fb:08:82:f6:
ac:70:fc:f1:2c:00:f7:1e:9d:47:f5:0c:83:3d:fa:ca:0a:74:
e2:b8:d8:ae:47:e8:0f:05:9d:cc:32:7b:3b:b4:d9:fe:6f:2d:
78:db:87:81:29:01:3a:f9:32:ad:5a:e3:02:0e:18:b7:62:3d:
12:5f:ee:63:3e:da:36:59:73:0c:d6:7f:13:8f:7b:bb:ac:73:
03:6b:17:72:0f:a6:44:42:93:0d:09:01:71:87:ab:f1:01:61:
44:33:47:04:69:ca:b1:f2:32:c0:41:83:66:e5:03:7c:7b:1a:
b7:4f:24:d4:81:3a:19:29:27:d7:67:f3:bf:a2:25:03:2c:c9:
ae:52:f0:d2:e8:e0:60:e2:3a:69:9d:01:d6:68:8e:1d:c0:c8:
cb:10:ea:26:cb:aa:7b:cd:1f:ff:25:37:52:3a:7c:17:b1:cb:
02:ed:2f:f3:ea:be:bb:f2:f4:cb:08:b6:2c:93:03:e2:a2:af:
55:9e:dd:46:99:83:86:3b:d2:d1:31:7b:7c:9f:fc:e2:02:2c:
15:bc:03:24:17:36:55:e2:29:f8:e6:d1:f5:5a:a3:2a:23:40:
76:2f:c1:9d:13:03:61:83:f2:70:f9:e0:95:7c:af:fe:5a:94:
1c:03:a2:09
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZkpZTfN5BW6WVgoQigoxu0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTQzYTUxOTdlYjI1NDQ0NDdlOWQzNmIzZWJmMTQ0NTJj
Nzc3ZWIwHhcNMjUwOTA4MTI1NTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWMwMWVmNjAzY2Y4NDJiMTk5MmExOGJhMDdmMGQ3Nzg3ZmM5MDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGIwH3sScS+SdXx7xS8V4cLzT/lU
HnpzZ2hSvD2hqnRHYJ9rF+rveV9TzMB6cu/TFRhYUfOQXLc88YVNo7AGcC985e2w
Hjk8FrMK0/k5LZ1pgaqXPeEn/yb5K7E9UxPARUnQjIGUk8/t8J1gOw3Xljn+NudU
E+zKTrFnXH2LmeerhxtkzFTgNWwhWFwSQgHIlnRUkojyKlWTR89qxQx8P/Ju1fLy
HH0D9DcgyqLAis5Jz85eKuI/gT2OeoUz6piMLBitFRYA7jiC/La3TzPJo7FITIzL
Z3f0PBbKpkz3GU5hYcC/7LdAYJ4371Ow7GpmUern3DxSj5m/PzprzQXGnwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFMrAHvYDz4QrGZKhi6B/DXeH/JBVMB8GA1UdIwQY
MBaAFBBUOlGX6yVERH6dNrPr8URSx3frMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmIt
ZjdlMGM1ZTI3MDJlLzEveXNBZTlnUFBoQ3Naa3FHTG9IOE5kNGY4a0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xYmU3YmMtYjY0Mi00YTBkLThlNmItZjdlMGM1ZTI3MDJl
LzEvRUZRNlVaZnJKVVJFZnAwMnMtdnhSRkxIZC1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwMCThADBAK5
krQDBADAbycDBAbBX4ADAwDBeAMEBcHLgAMEBsIuwAMEB8J9AAMEA8KRgAMEBcKl
oAMEBdQCoAMEBtXKgDANBAIAAjAHAwUDIAEHyDANBgkqhkiG9w0BAQsFAAOCAQEA
b93F0wN+Lsd4EoLYOlr7CIL2rHD88SwA9x6dR/UMgz36ygp04rjYrkfoDwWdzDJ7
O7TZ/m8teNuHgSkBOvkyrVrjAg4Yt2I9El/uYz7aNllzDNZ/E497u6xzA2sXcg+m
REKTDQkBcYer8QFhRDNHBGnKsfIywEGDZuUDfHsat08k1IE6GSkn12fzv6IlAyzJ
rlLw0ujgYOI6aZ0B1miOHcDIyxDqJsuqe80f/yU3Ujp8F7HLAu0v8+q+u/L0ywi2
LJMD4qKvVZ7dRpmDhjvS0TF7fJ/84gIsFbwDJBc2VeIp+ObR9VqjKiNAdi/BnRMD
YYPycPnglXyv/lqUHAOiCQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:20:38 2025 by rpki-client