
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/yLICF7LxPJqKW0bXadmbwJKdAUs.roa
File: yLICF7LxPJqKW0bXadmbwJKdAUs.roa (raw, json)
Hash identifier: N1HQgyFphv945BF0xwHybuVM2LsGQ66M8rtUi6w9zMc=
Subject key identifier: C8:B2:02:17:B2:F1:3C:9A:8A:5B:46:D7:69:D9:9B:C0:92:9D:01:4B
Certificate issuer: /CN=7ca598322a69905a5c6e0295a0ca1fb55666c14b
Certificate serial: 0199F9C509682AE54DB1D72847C9FFAF7508
Authority key identifier: 7C:A5:98:32:2A:69:90:5A:5C:6E:02:95:A0:CA:1F:B5:56:66:C1:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKWYMippkFpcbgKVoMoftVZmwUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/yLICF7LxPJqKW0bXadmbwJKdAUs.roa
Signing time: Sun 19 Oct 2025 00:01:03 +0000
ROA not before: Sun 19 Oct 2025 00:01:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215946
IP address blocks: 185.204.154.0/24 maxlen: 24
2a14:7100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/fKWYMippkFpcbgKVoMoftVZmwUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f9:c5:09:68:2a:e5:4d:b1:d7:28:47:c9:ff:af:75:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca598322a69905a5c6e0295a0ca1fb55666c14b
Validity
Not Before: Oct 19 00:01:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8b20217b2f13c9a8a5b46d769d99bc0929d014b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:55:91:08:92:19:3b:61:4d:84:a4:79:f2:b9:
32:1e:99:1f:77:e2:a1:52:bb:92:48:b3:55:1f:e8:
4e:81:33:f4:ad:d4:16:34:a3:79:72:f4:0e:77:75:
de:90:d7:99:96:13:50:79:3a:e3:dc:74:f1:b9:10:
98:4a:83:13:38:2d:18:08:22:54:e1:68:c6:2f:9f:
8e:ad:b9:d1:c5:71:58:5e:89:a7:b9:c1:79:47:1a:
cd:da:e2:89:b7:0e:aa:c3:97:d5:2b:07:bd:2f:a5:
5f:6d:90:7e:aa:a1:46:91:0f:f9:51:1e:ba:50:73:
ce:44:2c:a8:03:bb:94:48:25:6e:9d:93:fb:0e:8a:
4e:09:2f:50:2a:44:97:14:0a:3f:e7:ca:b4:21:69:
6d:12:fa:08:fd:20:35:e6:5c:9b:6f:f4:a8:bb:e4:
78:65:12:d5:dd:79:ba:75:e9:30:21:8c:5d:05:9a:
ce:bb:2d:87:bf:43:ec:90:ab:cf:45:47:83:84:2c:
1f:65:d2:1e:ee:15:37:27:8f:69:2e:79:f9:6e:f3:
8b:f4:23:29:95:2e:36:11:db:37:f1:21:97:12:a5:
35:92:fd:0f:8b:8b:24:a6:81:30:44:b6:0f:83:c3:
bc:a4:6c:04:1e:16:f1:06:d9:97:5b:27:e8:c4:30:
5b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B2:02:17:B2:F1:3C:9A:8A:5B:46:D7:69:D9:9B:C0:92:9D:01:4B
X509v3 Authority Key Identifier:
keyid:7C:A5:98:32:2A:69:90:5A:5C:6E:02:95:A0:CA:1F:B5:56:66:C1:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKWYMippkFpcbgKVoMoftVZmwUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/yLICF7LxPJqKW0bXadmbwJKdAUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/da66c0-b9f8-4094-a935-580d876885a1/1/fKWYMippkFpcbgKVoMoftVZmwUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.154.0/24
IPv6:
2a14:7100::/29
Signature Algorithm: sha256WithRSAEncryption
91:d1:ad:64:89:52:ed:f3:d2:4f:28:c8:11:ab:fc:d0:94:d5:
46:b6:fe:ff:b2:68:07:dc:05:56:71:a9:06:71:ca:1b:f2:e5:
a5:5b:e0:f1:1b:d8:a8:c6:7c:89:c1:ca:f8:05:30:77:b0:6b:
37:8e:d4:3b:d5:38:6b:d8:9c:54:c8:9d:e6:56:2a:25:7e:37:
04:9f:9c:97:ad:53:24:b8:99:e2:db:ad:b2:cd:f8:77:12:38:
fe:32:f6:2e:65:03:84:c4:01:1a:11:76:69:15:f0:24:14:a7:
16:20:00:5e:1d:78:6b:a9:99:f9:7c:e7:52:90:85:73:5b:e5:
97:9b:2a:15:ae:03:fa:ba:44:cd:43:f3:c4:7a:ad:56:18:ca:
cf:d4:7c:59:42:a6:0d:65:11:28:e1:28:cc:9e:5a:c5:d8:7f:
93:22:d9:fb:9e:99:26:af:9b:3d:53:97:08:eb:e2:0e:a9:fe:
a9:24:28:7f:fc:ec:06:6e:4f:44:6e:1e:80:39:0b:6f:c7:68:
3a:9b:26:ec:c6:37:0c:4b:1d:cb:64:66:f9:36:f4:03:79:14:
66:ad:49:a4:f8:e3:e0:f5:9c:cb:ef:a2:86:c7:07:df:84:91:
61:34:9d:ff:2c:f2:b5:61:27:99:0e:09:34:99:94:27:51:b3:
d5:d7:e2:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZn5xQloKuVNsdcoR8n/r3UIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTU5ODMyMmE2OTkwNWE1YzZlMDI5NWEwY2ExZmI1NTY2
NmMxNGIwHhcNMjUxMDE5MDAwMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGIyMDIxN2IyZjEzYzlhOGE1YjQ2ZDc2OWQ5OWJjMDkyOWQwMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lWRCJIZO2FNhKR58rkyHpkfd+Kh
UruSSLNVH+hOgTP0rdQWNKN5cvQOd3XekNeZlhNQeTrj3HTxuRCYSoMTOC0YCCJU
4WjGL5+OrbnRxXFYXomnucF5RxrN2uKJtw6qw5fVKwe9L6VfbZB+qqFGkQ/5UR66
UHPORCyoA7uUSCVunZP7DopOCS9QKkSXFAo/58q0IWltEvoI/SA15lybb/Sou+R4
ZRLV3Xm6dekwIYxdBZrOuy2Hv0PskKvPRUeDhCwfZdIe7hU3J49pLnn5bvOL9CMp
lS42Eds38SGXEqU1kv0Pi4skpoEwRLYPg8O8pGwEHhbxBtmXWyfoxDBbHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMiyAhey8TyailtG12nZm8CSnQFLMB8GA1UdIwQY
MBaAFHylmDIqaZBaXG4ClaDKH7VWZsFLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktXWU1pcHBrRnBjYmdLVm9Nb2Z0Vlptd1VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kYTY2YzAtYjlmOC00MDk0LWE5MzUt
NTgwZDg3Njg4NWExLzEveUxJQ0Y3THhQSnFLVzBiWGFkbWJ3SktkQVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kYTY2YzAtYjlmOC00MDk0LWE5MzUtNTgwZDg3Njg4NWEx
LzEvZktXWU1pcHBrRnBjYmdLVm9Nb2Z0Vlptd1VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucyaMA0E
AgACMAcDBQMqFHEAMA0GCSqGSIb3DQEBCwUAA4IBAQCR0a1kiVLt89JPKMgRq/zQ
lNVGtv7/smgH3AVWcakGccob8uWlW+DxG9ioxnyJwcr4BTB3sGs3jtQ71Thr2JxU
yJ3mViolfjcEn5yXrVMkuJni262yzfh3Ejj+MvYuZQOExAEaEXZpFfAkFKcWIABe
HXhrqZn5fOdSkIVzW+WXmyoVrgP6ukTNQ/PEeq1WGMrP1HxZQqYNZREo4SjMnlrF
2H+TItn7npkmr5s9U5cI6+IOqf6pJCh//OwGbk9Ebh6AOQtvx2g6mybsxjcMSx3L
ZGb5NvQDeRRmrUmk+OPg9ZzL76KGxwffhJFhNJ3/LPK1YSeZDgk0mZQnUbPV1+Ko
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:24 2025 by rpki-client