Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/f91a85-e93c-4a49-8215-8497717a4f61/1/YbfoRvGB_vLnIiGu5d4QBy03fUs.roa
File: YbfoRvGB_vLnIiGu5d4QBy03fUs.roa (raw, json)
Hash identifier: UvEPZK7xofSgVv8ge9vEI+2VGrLY8zhMDKE0qp4Mylo=
Subject key identifier: 61:B7:E8:46:F1:81:FE:F2:E7:22:21:AE:E5:DE:10:07:2D:37:7D:4B
Certificate issuer: /CN=e3106ac3ea760b2d0242a9efba2c2116b626f824
Certificate serial: 0199DE4F3A46A25117C238F8D49358DF758D
Authority key identifier: E3:10:6A:C3:EA:76:0B:2D:02:42:A9:EF:BA:2C:21:16:B6:26:F8:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xBqw-p2Cy0CQqnvuiwhFrYm-CQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/f91a85-e93c-4a49-8215-8497717a4f61/1/YbfoRvGB_vLnIiGu5d4QBy03fUs.roa
Signing time: Mon 13 Oct 2025 16:02:38 +0000
ROA not before: Mon 13 Oct 2025 16:02:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204934
IP address blocks: 2a0a:f480::/32 maxlen: 48
2a0a:f487::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/f91a85-e93c-4a49-8215-8497717a4f61/1/4xBqw-p2Cy0CQqnvuiwhFrYm-CQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/f91a85-e93c-4a49-8215-8497717a4f61/1/4xBqw-p2Cy0CQqnvuiwhFrYm-CQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/4xBqw-p2Cy0CQqnvuiwhFrYm-CQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:de:4f:3a:46:a2:51:17:c2:38:f8:d4:93:58:df:75:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3106ac3ea760b2d0242a9efba2c2116b626f824
Validity
Not Before: Oct 13 16:02:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61b7e846f181fef2e72221aee5de10072d377d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4f:2b:a4:7e:62:d1:40:d1:f9:0b:bd:ea:b4:
77:21:78:b0:8a:de:b1:b8:59:f8:9e:99:fe:ce:d3:
39:b0:1a:6d:61:0c:80:49:3a:a0:ff:ad:6b:4f:56:
aa:e9:de:aa:e0:7a:c4:fc:25:19:25:29:cb:ec:5d:
88:6e:45:94:35:5d:9c:08:3d:c5:4f:4e:9f:fa:fd:
ff:12:87:89:ef:54:dd:f6:a4:0a:cf:ed:0d:c3:ad:
b3:0a:ca:f8:1b:83:81:2d:29:91:91:c2:fc:05:1d:
e1:96:c8:08:e4:bb:7d:06:a5:e2:39:3f:6d:aa:7e:
ba:ab:fa:a8:3f:df:83:30:4c:88:ae:c0:f9:27:bc:
24:ba:f5:e3:2b:23:6b:6c:9e:13:d1:f9:d0:68:82:
23:29:13:60:f6:76:3e:4a:01:79:c2:cf:4f:53:b1:
71:5e:28:55:b1:3d:c6:fe:31:56:f2:15:d2:d3:33:
5b:3e:81:96:f6:36:2d:cb:6d:1e:0e:12:17:ae:e8:
23:10:94:2e:93:c9:26:b3:48:4c:dc:16:a0:02:f4:
00:30:f7:8b:6a:47:fd:eb:85:1e:6a:95:5c:6d:28:
54:fe:aa:dc:a0:ea:2c:a7:16:75:2e:5c:f6:ea:bd:
4a:b3:f6:c8:42:c3:6b:cf:a3:55:8e:d6:d8:06:27:
4f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B7:E8:46:F1:81:FE:F2:E7:22:21:AE:E5:DE:10:07:2D:37:7D:4B
X509v3 Authority Key Identifier:
keyid:E3:10:6A:C3:EA:76:0B:2D:02:42:A9:EF:BA:2C:21:16:B6:26:F8:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xBqw-p2Cy0CQqnvuiwhFrYm-CQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/f91a85-e93c-4a49-8215-8497717a4f61/1/YbfoRvGB_vLnIiGu5d4QBy03fUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/f91a85-e93c-4a49-8215-8497717a4f61/1/4xBqw-p2Cy0CQqnvuiwhFrYm-CQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:f480::/32
2a0a:f487::/32
Signature Algorithm: sha256WithRSAEncryption
42:fd:3c:96:16:fe:f0:7b:9c:8c:7f:e8:97:28:79:f6:a7:01:
f6:4c:39:be:8d:53:79:45:05:92:d3:fc:84:38:60:4d:bb:fd:
2b:aa:5e:a7:35:42:0a:38:20:18:02:95:68:47:3b:78:dd:ca:
fb:ba:e4:e1:9c:95:75:33:ac:fd:b0:38:92:e5:14:28:9e:fd:
91:64:99:55:a1:93:51:0f:ed:ed:5b:48:b2:7a:af:5f:a6:d2:
a0:57:3d:35:06:c6:c0:3f:2c:e7:1f:b3:7e:40:34:d9:bb:b5:
6b:7d:d0:e3:e0:41:e0:27:e1:7b:d5:b2:ff:cb:bf:9f:7c:c2:
d2:fa:e0:bb:69:29:20:07:7d:1d:a6:89:33:66:0e:bb:60:64:
4c:7e:df:7f:9a:6a:fc:8e:a9:6e:10:89:62:fe:72:00:e5:54:
3d:8b:74:92:ba:8d:e9:ee:e7:cc:ea:28:11:eb:bc:5d:68:f2:
48:d9:fe:0c:4d:80:d4:61:04:be:62:ec:ed:5f:60:dc:23:04:
a5:94:81:80:09:1e:6b:14:a5:53:5c:ba:3d:67:24:5b:00:50:
54:be:d2:e4:f0:83:33:e0:2e:34:4f:c6:4e:08:3b:91:f8:91:
21:3e:c3:9a:0d:0b:22:e2:74:d7:c8:47:fb:02:8f:ee:95:94:
f0:82:f4:ec
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZneTzpGolEXwjj41JNY33WNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTA2YWMzZWE3NjBiMmQwMjQyYTllZmJhMmMyMTE2YjYy
NmY4MjQwHhcNMjUxMDEzMTYwMjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI3ZTg0NmYxODFmZWYyZTcyMjIxYWVlNWRlMTAwNzJkMzc3ZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2E8rpH5i0UDR+Qu96rR3IXiwit6x
uFn4npn+ztM5sBptYQyASTqg/61rT1aq6d6q4HrE/CUZJSnL7F2IbkWUNV2cCD3F
T06f+v3/EoeJ71Td9qQKz+0Nw62zCsr4G4OBLSmRkcL8BR3hlsgI5Lt9BqXiOT9t
qn66q/qoP9+DMEyIrsD5J7wkuvXjKyNrbJ4T0fnQaIIjKRNg9nY+SgF5ws9PU7Fx
XihVsT3G/jFW8hXS0zNbPoGW9jYty20eDhIXrugjEJQuk8kms0hM3BagAvQAMPeL
akf964UeapVcbShU/qrcoOospxZ1Llz26r1Ks/bIQsNrz6NVjtbYBidPDwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGG36Ebxgf7y5yIhruXeEActN31LMB8GA1UdIwQY
MBaAFOMQasPqdgstAkKp77osIRa2JvgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhCcXctcDJDeTBDUXFudnVpd2hGclltLUNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9mOTFhODUtZTkzYy00YTQ5LTgyMTUt
ODQ5NzcxN2E0ZjYxLzEvWWJmb1J2R0JfdkxuSWlHdTVkNFFCeTAzZlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9mOTFhODUtZTkzYy00YTQ5LTgyMTUtODQ5NzcxN2E0ZjYx
LzEvNHhCcXctcDJDeTBDUXFudnVpd2hGclltLUNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgr0gAMF
ACoK9IcwDQYJKoZIhvcNAQELBQADggEBAEL9PJYW/vB7nIx/6JcoefanAfZMOb6N
U3lFBZLT/IQ4YE27/SuqXqc1Qgo4IBgClWhHO3jdyvu65OGclXUzrP2wOJLlFCie
/ZFkmVWhk1EP7e1bSLJ6r1+m0qBXPTUGxsA/LOcfs35ANNm7tWt90OPgQeAn4XvV
sv/Lv598wtL64LtpKSAHfR2miTNmDrtgZEx+33+aavyOqW4QiWL+cgDlVD2LdJK6
jenu58zqKBHrvF1o8kjZ/gxNgNRhBL5i7O1fYNwjBKWUgYAJHmsUpVNcuj1nJFsA
UFS+0uTwgzPgLjRPxk4IO5H4kSE+w5oNCyLidNfIR/sCj+6VlPCC9Ow=
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:24:49 2025 by rpki-client