Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/YvRVUVUo7_yU7Iq1s_PjtWUSc3E.roa
File: YvRVUVUo7_yU7Iq1s_PjtWUSc3E.roa (raw, json)
Hash identifier: 573R9YYxB5EQXEuIaiXRONNginQD8FqOnode2lo9il4=
Subject key identifier: 62:F4:55:51:55:28:EF:FC:94:EC:8A:B5:B3:F3:E3:B5:65:12:73:71
Certificate issuer: /CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Certificate serial: 01993CA1B93CE25E1D9C974C572D260059AB
Authority key identifier: BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/YvRVUVUo7_yU7Iq1s_PjtWUSc3E.roa
Signing time: Fri 12 Sep 2025 06:34:15 +0000
ROA not before: Fri 12 Sep 2025 06:34:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35485
IP address blocks: 46.254.176.0/21 maxlen: 24
93.94.32.0/21 maxlen: 24
93.94.32.0/24 maxlen: 24
93.94.33.0/24 maxlen: 24
93.94.34.0/24 maxlen: 24
93.94.35.0/24 maxlen: 24
93.94.37.0/24 maxlen: 24
93.94.38.0/24 maxlen: 24
93.174.64.0/21 maxlen: 24
158.58.136.0/21 maxlen: 24
185.84.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3c:a1:b9:3c:e2:5e:1d:9c:97:4c:57:2d:26:00:59:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Validity
Not Before: Sep 12 06:34:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62f455515528effc94ec8ab5b3f3e3b565127371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:37:47:aa:60:d4:d6:90:07:85:63:30:b8:3f:
dc:10:fb:df:b2:84:9f:6d:50:d2:f9:2c:14:8e:3c:
2c:ca:10:d7:b0:ef:84:21:d4:d3:57:d9:22:bb:7c:
15:79:43:b3:b3:e7:bd:93:1c:55:de:ef:39:f6:f2:
06:41:b5:02:6e:df:4f:2b:69:96:f2:52:d9:c9:77:
98:fb:a5:43:f5:dc:17:a1:40:46:49:45:fa:73:4b:
df:08:bb:c4:e3:1c:97:1d:19:7c:3d:4b:50:7e:6a:
9c:0c:2d:20:4e:7e:3b:23:ad:ca:8a:05:54:34:58:
c2:c6:dc:19:21:86:c4:c8:ad:d7:b4:10:c8:15:5a:
d9:d0:69:8a:57:40:da:53:2b:0e:46:f7:44:b8:7c:
36:c8:73:0f:ee:78:62:23:31:e6:e8:10:75:fd:0f:
bc:97:db:ce:54:d9:75:88:25:7c:72:5e:41:22:76:
ef:d3:0a:62:b8:83:fc:9f:81:2d:88:05:2b:dd:dd:
c5:f1:39:fb:53:24:2d:40:1b:6b:9f:57:1a:fd:76:
58:9a:fa:f8:15:f0:c0:f6:b5:35:7d:9a:b8:20:b0:
b7:12:6e:87:7a:3c:11:46:1e:cf:27:3f:79:e7:1a:
9d:48:93:22:46:22:f7:76:14:db:1a:28:b6:08:50:
b5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F4:55:51:55:28:EF:FC:94:EC:8A:B5:B3:F3:E3:B5:65:12:73:71
X509v3 Authority Key Identifier:
keyid:BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/YvRVUVUo7_yU7Iq1s_PjtWUSc3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.176.0/21
93.94.32.0/21
93.174.64.0/21
158.58.136.0/21
185.84.176.0/22
Signature Algorithm: sha256WithRSAEncryption
09:88:25:f3:43:d1:c5:df:c2:2b:36:cd:19:6f:82:22:4f:ec:
dc:97:4a:e8:86:30:25:0b:36:a7:62:ba:8f:b1:f3:c4:31:0d:
66:1e:10:a2:74:ec:72:66:cc:5e:11:35:08:d5:7b:8a:bc:fc:
41:79:15:bf:ae:34:d6:4a:eb:80:0a:f3:26:ad:d9:16:b8:85:
fc:67:f5:e6:14:df:17:36:0b:ce:41:73:a9:0c:24:68:c1:ba:
d0:99:be:c3:e2:ce:4f:14:e4:10:10:68:f9:53:c0:8b:80:19:
f1:6e:19:7a:7f:6a:54:d8:4e:61:22:b7:25:0b:65:d9:4e:f9:
78:87:6a:2a:a4:c6:92:d7:2c:e2:85:ae:38:4f:1f:c6:69:c3:
60:1f:7e:69:38:f9:f6:d0:8f:83:3c:37:fc:8f:ba:e2:86:eb:
6c:22:46:f7:78:d7:c6:05:59:e2:44:88:3c:e2:bb:d0:f3:72:
41:86:2c:0e:69:27:20:6c:71:86:a6:40:ef:35:be:5c:40:d6:
42:5b:c7:0f:a8:9d:3a:69:aa:a8:d8:e8:85:99:ee:4c:69:1d:
e1:e8:08:db:d7:e0:ba:8a:70:c7:ce:a4:c0:d1:ed:1b:eb:80:
58:48:14:6e:97:fa:6e:19:c6:4e:41:85:fa:72:cb:e0:9b:53:
04:f8:21:28
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZk8obk84l4dnJdMVy0mAFmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODg4NDlhMmViNWU5ZGQ1NzFhOGU3NDNiZWQ3Yjk1MTNk
N2ExMjEwHhcNMjUwOTEyMDYzNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmY0NTU1MTU1MjhlZmZjOTRlYzhhYjViM2YzZTNiNTY1MTI3MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDdHqmDU1pAHhWMwuD/cEPvfsoSf
bVDS+SwUjjwsyhDXsO+EIdTTV9kiu3wVeUOzs+e9kxxV3u859vIGQbUCbt9PK2mW
8lLZyXeY+6VD9dwXoUBGSUX6c0vfCLvE4xyXHRl8PUtQfmqcDC0gTn47I63KigVU
NFjCxtwZIYbEyK3XtBDIFVrZ0GmKV0DaUysORvdEuHw2yHMP7nhiIzHm6BB1/Q+8
l9vOVNl1iCV8cl5BInbv0wpiuIP8n4EtiAUr3d3F8Tn7UyQtQBtrn1ca/XZYmvr4
FfDA9rU1fZq4ILC3Em6HejwRRh7PJz955xqdSJMiRiL3dhTbGii2CFC1VwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGL0VVFVKO/8lOyKtbPz47VlEnNxMB8GA1UdIwQY
MBaAFL+IhJoutendVxqOdDvte5UT16EhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYt
MjM3MzliNWZkODRjLzEvWXZSVlVWVW83X3lVN0lxMXNfUGp0V1VTYzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYtMjM3MzliNWZkODRj
LzEvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDLv6wAwQD
XV4gAwQDXa5AAwQDnjqIAwQCuVSwMA0GCSqGSIb3DQEBCwUAA4IBAQAJiCXzQ9HF
38IrNs0Zb4IiT+zcl0rohjAlCzanYrqPsfPEMQ1mHhCidOxyZsxeETUI1XuKvPxB
eRW/rjTWSuuACvMmrdkWuIX8Z/XmFN8XNgvOQXOpDCRowbrQmb7D4s5PFOQQEGj5
U8CLgBnxbhl6f2pU2E5hIrclC2XZTvl4h2oqpMaS1yziha44Tx/GacNgH35pOPn2
0I+DPDf8j7rihutsIkb3eNfGBVniRIg84rvQ83JBhiwOaScgbHGGpkDvNb5cQNZC
W8cPqJ06aaqo2OiFme5MaR3h6Ajb1+C6inDHzqTA0e0b64BYSBRul/puGcZOQYX6
csvgm1ME+CEo
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:58:59 2025 by rpki-client