Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/YNj6jBY1WWdwBM-l9h2oiKXTYmA.roa
File: YNj6jBY1WWdwBM-l9h2oiKXTYmA.roa (raw, json)
Hash identifier: koHDOBOLhPLlqLo5UxyVmvsrhs2UPLUKAfoxF2eIjW8=
Subject key identifier: 60:D8:FA:8C:16:35:59:67:70:04:CF:A5:F6:1D:A8:88:A5:D3:62:60
Certificate issuer: /CN=e9c3d42f3b2921ba7418f382032d6b35c7159b88
Certificate serial: 01999E78868C5DE05E32BAF31A73DD28FC37
Authority key identifier: E9:C3:D4:2F:3B:29:21:BA:74:18:F3:82:03:2D:6B:35:C7:15:9B:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/YNj6jBY1WWdwBM-l9h2oiKXTYmA.roa
Signing time: Wed 01 Oct 2025 06:32:02 +0000
ROA not before: Wed 01 Oct 2025 06:32:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206882
IP address blocks: 91.205.4.0/22 maxlen: 22
91.206.194.0/23 maxlen: 24
91.206.194.0/24 maxlen: 24
91.206.195.0/24 maxlen: 24
103.198.80.0/23 maxlen: 24
193.135.112.0/22 maxlen: 24
193.238.120.0/22 maxlen: 24
194.187.128.0/22 maxlen: 24
194.187.128.0/23 maxlen: 23
194.187.130.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/6cPULzspIbp0GPOCAy1rNccVm4g.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/6cPULzspIbp0GPOCAy1rNccVm4g.mft
rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9e:78:86:8c:5d:e0:5e:32:ba:f3:1a:73:dd:28:fc:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9c3d42f3b2921ba7418f382032d6b35c7159b88
Validity
Not Before: Oct 1 06:32:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60d8fa8c163559677004cfa5f61da888a5d36260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9e:14:71:1b:e6:5d:e1:4a:59:63:c5:9e:70:
9e:4b:15:c3:a4:29:15:1c:c6:be:47:25:24:ce:d6:
84:6f:87:22:63:97:31:d8:9d:cb:fe:33:39:6a:73:
07:13:e1:d3:78:92:c2:79:ce:bd:d5:e3:bf:63:8b:
f9:6b:47:14:8a:13:7e:5c:49:5c:c2:c9:47:8d:1d:
be:1d:70:d5:ac:d2:8f:3c:48:6c:37:94:8e:c9:60:
e8:00:d2:ff:95:de:f1:45:78:89:f4:16:08:57:a6:
f5:af:51:a8:20:cb:8b:fd:30:90:74:6a:95:02:c9:
35:96:57:86:3d:23:20:14:d8:fc:89:84:14:fd:e9:
39:1b:c6:e7:74:b7:06:61:df:3e:e5:0d:33:ab:69:
8d:d2:11:2e:6b:df:63:24:eb:0d:11:59:6e:8f:d3:
7c:d3:23:d1:50:b3:de:5a:15:47:51:a9:d6:2c:76:
1b:55:f7:59:8f:59:62:eb:7e:94:b7:71:3f:d7:91:
3f:4c:a4:01:fd:b5:c8:a8:3f:d0:8b:d4:60:cd:2f:
bd:de:5e:fc:95:0b:a0:ac:8f:41:dc:b8:12:f1:00:
c2:6d:00:e8:a8:52:51:57:72:52:9c:31:5e:9f:ff:
a5:20:71:54:b5:2b:ad:53:f7:84:bd:f3:cc:24:f9:
8e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D8:FA:8C:16:35:59:67:70:04:CF:A5:F6:1D:A8:88:A5:D3:62:60
X509v3 Authority Key Identifier:
keyid:E9:C3:D4:2F:3B:29:21:BA:74:18:F3:82:03:2D:6B:35:C7:15:9B:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6cPULzspIbp0GPOCAy1rNccVm4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/YNj6jBY1WWdwBM-l9h2oiKXTYmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/bdc45b-096a-493a-92d2-1a1ead2cd2b1/1/6cPULzspIbp0GPOCAy1rNccVm4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.4.0/22
91.206.194.0/23
103.198.80.0/23
193.135.112.0/22
193.238.120.0/22
194.187.128.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:1c:f7:75:78:71:70:06:26:98:b2:4c:93:36:07:80:9d:bd:
1a:00:59:35:89:5b:a7:77:28:98:2d:10:0c:ea:00:fc:ba:00:
02:2e:26:62:b0:83:15:4f:6d:2d:1a:7d:d4:7a:0d:8e:2b:43:
22:40:3b:fb:97:aa:d6:f0:35:4e:f0:a4:07:65:92:e6:11:ed:
f1:7a:a4:af:5a:1d:16:4d:71:a9:97:9f:1b:e6:20:da:bf:f1:
01:7b:27:ab:6e:e5:79:a7:86:44:12:61:31:b5:0d:b3:1e:f7:
be:8f:14:1b:f1:6d:84:3d:a8:5d:75:98:c3:84:bb:5d:ef:3b:
4e:7e:4d:38:43:cf:4c:ec:52:f0:95:69:dd:74:cb:39:52:4c:
23:94:e5:21:0d:63:fe:36:39:5b:40:5a:6c:3f:6a:7b:b2:88:
44:cc:26:96:50:50:27:ba:a0:72:f3:b5:ce:66:25:21:8e:eb:
ce:7a:0a:a5:a8:83:aa:36:92:8c:4e:7c:11:00:2d:1b:8b:d7:
f3:89:98:bd:c4:7b:67:5b:b4:77:61:62:c8:97:00:5c:1a:3d:
80:a7:ea:21:c6:59:2b:e3:f2:83:90:87:c8:e3:42:68:20:e3:
e7:14:74:64:3e:00:4f:d1:3c:6c:f9:02:00:59:9e:4e:5f:7e:
4f:4a:c2:b3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZmeeIaMXeBeMrrzGnPdKPw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YzNkNDJmM2IyOTIxYmE3NDE4ZjM4MjAzMmQ2YjM1Yzcx
NTliODgwHhcNMjUxMDAxMDYzMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGQ4ZmE4YzE2MzU1OTY3NzAwNGNmYTVmNjFkYTg4OGE1ZDM2MjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsp4UcRvmXeFKWWPFnnCeSxXDpCkV
HMa+RyUkztaEb4ciY5cx2J3L/jM5anMHE+HTeJLCec691eO/Y4v5a0cUihN+XElc
wslHjR2+HXDVrNKPPEhsN5SOyWDoANL/ld7xRXiJ9BYIV6b1r1GoIMuL/TCQdGqV
Ask1lleGPSMgFNj8iYQU/ek5G8bndLcGYd8+5Q0zq2mN0hEua99jJOsNEVluj9N8
0yPRULPeWhVHUanWLHYbVfdZj1li636Ut3E/15E/TKQB/bXIqD/Qi9RgzS+93l78
lQugrI9B3LgS8QDCbQDoqFJRV3JSnDFen/+lIHFUtSutU/eEvfPMJPmOkwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGDY+owWNVlncATPpfYdqIil02JgMB8GA1UdIwQY
MBaAFOnD1C87KSG6dBjzggMtazXHFZuIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmNQVUx6c3BJYnAwR1BPQ0F5MXJOY2NWbTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9iZGM0NWItMDk2YS00OTNhLTkyZDIt
MWExZWFkMmNkMmIxLzEvWU5qNmpCWTFXV2R3Qk0tbDloMm9pS1hUWW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9iZGM0NWItMDk2YS00OTNhLTkyZDItMWExZWFkMmNkMmIx
LzEvNmNQVUx6c3BJYnAwR1BPQ0F5MXJOY2NWbTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCW80EAwQB
W87CAwQBZ8ZQAwQCwYdwAwQCwe54AwQCwruAMA0GCSqGSIb3DQEBCwUAA4IBAQCg
HPd1eHFwBiaYskyTNgeAnb0aAFk1iVundyiYLRAM6gD8ugACLiZisIMVT20tGn3U
eg2OK0MiQDv7l6rW8DVO8KQHZZLmEe3xeqSvWh0WTXGpl58b5iDav/EBeyerbuV5
p4ZEEmExtQ2zHve+jxQb8W2EPahddZjDhLtd7ztOfk04Q89M7FLwlWnddMs5Ukwj
lOUhDWP+NjlbQFpsP2p7sohEzCaWUFAnuqBy87XOZiUhjuvOegqlqIOqNpKMTnwR
AC0bi9fziZi9xHtnW7R3YWLIlwBcGj2Ap+ohxlkr4/KDkIfI40JoIOPnFHRkPgBP
0Txs+QIAWZ5OX35PSsKz
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:42:30 2025 by rpki-client