
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YVCFtTMPNszjEbvjq-ny3tBCqOA.roa
File: YVCFtTMPNszjEbvjq-ny3tBCqOA.roa (raw, json)
Hash identifier: 7CEhN6mtKGqVgp4iusVjUUyIwPOn6WoVIthZyb2HjXk=
Subject key identifier: 61:50:85:B5:33:0F:36:CC:E3:11:BB:E3:AB:E9:F2:DE:D0:42:A8:E0
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019958EE4B3872DAA8234966FE33150EC15E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YVCFtTMPNszjEbvjq-ny3tBCqOA.roa
Signing time: Wed 17 Sep 2025 18:27:15 +0000
ROA not before: Wed 17 Sep 2025 18:27:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.144.102.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:58:ee:4b:38:72:da:a8:23:49:66:fe:33:15:0e:c1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Sep 17 18:27:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=615085b5330f36cce311bbe3abe9f2ded042a8e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:01:04:ef:e4:22:98:52:e4:e4:8a:6a:31:cf:
07:fb:3c:2d:02:56:65:31:7f:01:43:a4:4e:0c:19:
86:62:64:e7:b0:07:da:21:ac:75:cc:5d:89:9e:d9:
f5:a4:31:2b:88:8c:b9:4e:d9:b2:3c:cd:02:fc:2c:
f2:e1:2e:9a:1a:95:c0:e5:e7:f0:fd:b8:66:28:e8:
01:b8:6a:f6:f1:69:81:ee:fc:ca:50:ef:43:cf:17:
f6:f9:03:1f:3c:72:dd:e0:3d:63:63:61:65:07:99:
24:82:72:79:35:1b:c2:ac:db:6d:28:ab:ce:c3:b1:
c7:dc:29:9a:f2:2a:76:68:6c:69:ce:ad:24:33:f0:
ef:36:5e:8c:44:06:fc:4a:8b:bb:c5:d5:fa:13:bc:
67:12:c0:5a:f0:b1:b5:a3:34:c0:86:30:b4:6d:c3:
e2:46:b3:f4:76:e0:24:d6:5a:11:a4:7f:0c:9c:26:
62:8c:87:2a:7f:3b:38:64:37:0f:69:34:4d:4b:d9:
52:fc:4f:9d:95:d8:36:5a:46:bd:0c:36:60:a4:e0:
21:32:0a:62:ca:e2:73:0d:1a:a6:72:a9:1d:c2:af:
eb:62:78:f8:e5:a0:3c:4a:bc:1f:3f:f8:ca:91:c2:
4b:34:b4:d6:09:cc:e8:73:76:c7:2a:fc:d9:71:1f:
b8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:50:85:B5:33:0F:36:CC:E3:11:BB:E3:AB:E9:F2:DE:D0:42:A8:E0
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YVCFtTMPNszjEbvjq-ny3tBCqOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
45.136.2.0/23
128.0.119.0/24
185.117.23.0/24
185.144.100.0/24
185.144.102.0/24
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.208.0/22
194.36.102.0/23
194.124.64.0/22
195.85.68.0-195.85.70.255
Signature Algorithm: sha256WithRSAEncryption
b6:c5:e7:35:04:da:cd:1e:29:6a:b0:95:71:6a:60:4a:42:26:
98:f5:13:63:bd:15:b5:3e:67:c8:90:60:72:17:33:7d:6c:0e:
02:c9:e5:43:7a:56:b1:3a:11:0e:0c:09:9e:5c:72:15:90:84:
8d:65:0a:41:83:f7:20:20:07:ae:83:7e:43:b2:09:ce:bc:80:
fe:a5:11:b4:33:02:75:15:b3:71:f4:7b:ee:63:7e:22:12:54:
70:d4:86:19:02:b2:5f:eb:db:1c:b9:e4:cc:05:4f:ea:38:ac:
f2:03:4c:c6:8b:93:92:a7:f2:d4:19:a7:87:ae:1e:74:e1:92:
72:af:6e:e2:40:ab:f6:75:11:bf:47:c0:66:e1:36:ab:4e:38:
53:23:80:33:85:30:7c:3a:4b:0a:4c:1b:5f:20:55:f6:7d:b3:
f2:85:36:8e:a7:e3:35:6d:2f:b8:72:54:be:fe:f7:28:02:2a:
48:31:7f:8d:c4:bc:ad:29:59:89:cb:72:01:23:22:d7:79:d2:
cb:10:69:4a:df:cf:94:7e:b1:f9:86:4e:53:3d:66:7a:6d:0f:
62:07:4d:f7:97:1d:0a:7a:3d:2e:d8:e5:94:92:9f:bc:b8:3c:
33:af:98:ff:fc:d3:2e:bc:f8:c8:b0:fc:80:29:73:cc:7c:5a:
92:51:72:00
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZlY7ks4ctqoI0lm/jMVDsFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwOTE3MTgyNzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTUwODViNTMzMGYzNmNjZTMxMWJiZTNhYmU5ZjJkZWQwNDJhOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswEE7+QimFLk5IpqMc8H+zwtAlZl
MX8BQ6RODBmGYmTnsAfaIax1zF2Jntn1pDEriIy5TtmyPM0C/Czy4S6aGpXA5efw
/bhmKOgBuGr28WmB7vzKUO9Dzxf2+QMfPHLd4D1jY2FlB5kkgnJ5NRvCrNttKKvO
w7HH3Cma8ip2aGxpzq0kM/DvNl6MRAb8Sou7xdX6E7xnEsBa8LG1ozTAhjC0bcPi
RrP0duAk1loRpH8MnCZijIcqfzs4ZDcPaTRNS9lS/E+dldg2Wka9DDZgpOAhMgpi
yuJzDRqmcqkdwq/rYnj45aA8SrwfP/jKkcJLNLTWCczoc3bHKvzZcR+4hwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFGFQhbUzDzbM4xG746vp8t7QQqjgMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvWVZDRnRUTVBOc3pqRWJ2anEtbnkzdEJDcU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQALYgAAwQB
LYgCAwQAgAB3AwQAuXUXAwQAuZBkAwQAuZBmMAwDBAS50zADBAC50zIDBAK54/AD
BALBydADBAHCJGYDBALCfEAwDAMEAsNVRAMEAMNVRjANBgkqhkiG9w0BAQsFAAOC
AQEAtsXnNQTazR4parCVcWpgSkImmPUTY70VtT5nyJBgchczfWwOAsnlQ3pWsToR
DgwJnlxyFZCEjWUKQYP3ICAHroN+Q7IJzryA/qURtDMCdRWzcfR77mN+IhJUcNSG
GQKyX+vbHLnkzAVP6jis8gNMxouTkqfy1Bmnh64edOGScq9u4kCr9nURv0fAZuE2
q044UyOAM4UwfDpLCkwbXyBV9n2z8oU2jqfjNW0vuHJUvv73KAIqSDF/jcS8rSlZ
ictyASMi13nSyxBpSt/PlH6x+YZOUz1mem0PYgdN95cdCno9LtjllJKfvLg8M6+Y
//zTLrz4yLD8gClzzHxaklFyAA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:44 2025 by rpki-client