Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ylSfTAUfI4jq3E_GvRUO-dg-wIg.roa
File: ylSfTAUfI4jq3E_GvRUO-dg-wIg.roa (raw, json)
Hash identifier: rnuPeh2WfLUmG0eGWULTr2rgNd69zgmEyFhLYUs8xHc=
Subject key identifier: CA:54:9F:4C:05:1F:23:88:EA:DC:4F:C6:BD:15:0E:F9:D8:3E:C0:88
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 01992F00C158193857778AA32CA042E541DA
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ylSfTAUfI4jq3E_GvRUO-dg-wIg.roa
Signing time: Tue 09 Sep 2025 15:03:22 +0000
ROA not before: Tue 09 Sep 2025 15:03:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205634
IP address blocks: 2a0a:79c0:f00::/40 maxlen: 40
2a0a:79c0:f00::/48 maxlen: 48
2a0a:79c0:f01::/48 maxlen: 48
2a0a:79c0:f02::/48 maxlen: 48
2a0a:79c0:f03::/48 maxlen: 48
2a0a:79c0:f04::/48 maxlen: 48
2a0a:79c0:f05::/48 maxlen: 48
2a0a:79c0:f06::/48 maxlen: 48
2a0a:79c0:f07::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2f:00:c1:58:19:38:57:77:8a:a3:2c:a0:42:e5:41:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Sep 9 15:03:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca549f4c051f2388eadc4fc6bd150ef9d83ec088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cb:ce:de:33:4e:3a:03:f4:c9:ce:db:12:d5:
49:b5:f3:de:de:50:30:76:5a:08:6c:34:df:66:06:
91:ed:1e:b7:ca:2b:f6:a5:09:be:4e:bc:4f:12:97:
49:c8:6d:df:a2:7e:ce:b5:33:1a:07:c4:13:73:e4:
0f:e1:9e:09:37:e9:b8:7e:4a:fe:4d:01:2b:e5:37:
ab:57:33:0b:b1:e6:7b:15:9c:7a:20:44:66:db:f6:
de:a4:70:50:08:75:3b:0f:ad:d1:83:f5:e5:ea:d1:
21:36:93:ca:1c:25:91:49:d2:51:a0:ab:13:37:fa:
1f:68:4c:8b:cd:8f:73:fc:e0:79:3e:70:62:2a:05:
4d:f5:80:20:84:89:85:25:e3:04:37:bf:f1:bb:11:
1d:1f:ea:52:8f:56:78:17:b3:5d:47:1e:45:46:ed:
2a:88:23:4d:75:aa:ac:d8:dc:44:95:73:33:12:cd:
ff:c8:dc:12:00:f8:f1:10:d8:62:cf:54:9c:f9:88:
82:e9:8b:56:28:5a:59:bb:69:db:f1:58:31:7d:78:
40:06:87:4d:69:5d:bc:bd:9f:23:ce:0f:8c:72:6a:
bb:f1:8f:23:f5:e2:87:12:c5:f6:ab:ea:4f:40:ac:
5f:60:ec:fb:de:db:9b:19:a5:70:49:f9:6b:5f:b0:
c0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:54:9F:4C:05:1F:23:88:EA:DC:4F:C6:BD:15:0E:F9:D8:3E:C0:88
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ylSfTAUfI4jq3E_GvRUO-dg-wIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c0:f00::/40
Signature Algorithm: sha256WithRSAEncryption
d6:7d:d2:16:52:bf:29:5e:42:38:eb:e7:b9:57:2b:47:76:4f:
a8:9e:d6:2d:d6:d3:2b:5d:aa:8b:2a:8b:0b:07:ee:6f:51:36:
bc:ab:ed:2f:d3:22:52:02:47:f0:f2:c1:13:ce:54:37:36:f2:
1f:2d:55:b6:9f:27:6c:d3:da:23:37:0e:e4:27:e9:65:91:42:
9d:39:63:75:a1:c0:83:c9:97:16:9f:64:be:43:5b:3b:89:27:
95:c5:49:9d:87:4c:77:98:d9:69:86:0c:a5:ff:5c:f4:1e:ac:
8c:cf:c9:ec:9a:e1:ce:52:ba:1d:b5:98:be:79:7d:47:7b:be:
71:e0:96:d4:c8:16:b8:0d:65:27:2f:c3:d1:fb:91:00:34:d9:
76:8b:1c:89:99:db:a5:2e:29:a0:a5:f5:2b:ba:c6:b6:66:19:
11:49:b2:bd:af:e8:9d:b8:97:d3:54:60:81:fd:13:85:5c:e7:
c7:eb:d5:de:3b:e5:b9:f0:5a:c0:3b:c4:0a:78:ce:ff:77:c3:
95:3b:9f:fb:09:8d:3e:02:48:1e:c7:b8:70:f8:9a:28:0a:79:
6a:c0:62:42:e8:77:d0:ce:98:e4:d6:55:42:72:17:64:fc:b4:
29:8c:e1:5a:03:3c:76:84:2e:a7:e2:1b:bf:5c:41:e4:63:73:
a8:1a:0f:e9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZkvAMFYGThXd4qjLKBC5UHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjUwOTA5MTUwMzIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTU0OWY0YzA1MWYyMzg4ZWFkYzRmYzZiZDE1MGVmOWQ4M2VjMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8vO3jNOOgP0yc7bEtVJtfPe3lAw
dloIbDTfZgaR7R63yiv2pQm+TrxPEpdJyG3fon7OtTMaB8QTc+QP4Z4JN+m4fkr+
TQEr5TerVzMLseZ7FZx6IERm2/bepHBQCHU7D63Rg/Xl6tEhNpPKHCWRSdJRoKsT
N/ofaEyLzY9z/OB5PnBiKgVN9YAghImFJeMEN7/xuxEdH+pSj1Z4F7NdRx5FRu0q
iCNNdaqs2NxElXMzEs3/yNwSAPjxENhiz1Sc+YiC6YtWKFpZu2nb8VgxfXhABodN
aV28vZ8jzg+Mcmq78Y8j9eKHEsX2q+pPQKxfYOz73tubGaVwSflrX7DA2QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMpUn0wFHyOI6txPxr0VDvnYPsCIMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEveWxTZlRBVWZJNGpxM0VfR3ZSVU8tZGctd0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgp5wA8w
DQYJKoZIhvcNAQELBQADggEBANZ90hZSvyleQjjr57lXK0d2T6ie1i3W0ytdqosq
iwsH7m9RNryr7S/TIlICR/DywRPOVDc28h8tVbafJ2zT2iM3DuQn6WWRQp05Y3Wh
wIPJlxafZL5DWzuJJ5XFSZ2HTHeY2WmGDKX/XPQerIzPyeya4c5Suh21mL55fUd7
vnHgltTIFrgNZScvw9H7kQA02XaLHImZ26UuKaCl9Su6xrZmGRFJsr2v6J24l9NU
YIH9E4Vc58fr1d475bnwWsA7xAp4zv93w5U7n/sJjT4CSB7HuHD4migKeWrAYkLo
d9DOmOTWVUJyF2T8tCmM4VoDPHaELqfiG79cQeRjc6gaD+k=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:09 2025 by rpki-client