
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/YqDxs-OvuVQHWefybCF_NO3X2LQ.roa
File: YqDxs-OvuVQHWefybCF_NO3X2LQ.roa (raw, json)
Hash identifier: T8m4+98qGxOiuFkFF1AHlHH+ajIR7QgNJlfbjXDXJ94=
Subject key identifier: 62:A0:F1:B3:E3:AF:B9:54:07:59:E7:F2:6C:21:7F:34:ED:D7:D8:B4
Certificate issuer: /CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Certificate serial: 0199CE67DFFF47AB302AB4B7567C371680BB
Authority key identifier: 42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/YqDxs-OvuVQHWefybCF_NO3X2LQ.roa
Signing time: Fri 10 Oct 2025 13:55:38 +0000
ROA not before: Fri 10 Oct 2025 13:55:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197580
IP address blocks: 46.245.136.0/21 maxlen: 21
83.174.148.0/23 maxlen: 23
83.174.151.0/24 maxlen: 24
83.174.152.0/23 maxlen: 23
83.174.154.0/24 maxlen: 24
83.174.156.0/22 maxlen: 22
185.42.208.0/24 maxlen: 24
185.254.216.0/23 maxlen: 23
185.254.219.0/24 maxlen: 24
2a01:6320::/32 maxlen: 32
2a05:dec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ce:67:df:ff:47:ab:30:2a:b4:b7:56:7c:37:16:80:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Validity
Not Before: Oct 10 13:55:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62a0f1b3e3afb9540759e7f26c217f34edd7d8b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:90:8e:57:2e:b8:d1:92:f6:5c:68:16:ea:95:
21:f8:91:03:7a:f1:85:de:10:c4:e1:87:a3:0e:60:
24:72:6d:c6:0d:45:e5:05:9f:24:72:f9:f3:94:9e:
2f:08:b0:d5:5c:11:c4:c8:0b:11:14:52:0d:5e:4d:
5e:2e:9b:40:a2:a2:66:c3:d1:fe:2c:fe:f0:67:d2:
1a:30:1e:57:93:0c:0a:f6:fb:f1:60:35:ac:d9:a0:
1a:a6:f8:fd:6b:7f:cb:f0:13:f2:aa:38:46:f1:c4:
85:44:fb:db:30:6b:cf:80:fd:2c:b3:d9:ee:6c:6e:
18:ff:3f:2d:ff:7a:2e:51:d6:4b:ec:e7:92:55:d7:
f1:44:03:7a:ff:9d:89:86:4e:37:20:10:0c:47:46:
92:6e:93:3b:cc:af:0e:28:c8:5c:19:dd:fe:bf:c7:
f9:16:0f:0b:49:fd:37:0f:40:89:6a:cf:f6:08:d4:
2d:bc:b3:16:86:7d:17:d8:49:64:c2:3d:de:fb:31:
09:ff:95:0e:7a:b9:b5:33:69:d0:16:fd:ca:ab:ee:
72:1c:eb:6f:91:28:e9:41:23:5e:43:9b:83:27:e6:
71:fa:94:45:70:21:84:cc:b8:90:4a:81:b6:66:bb:
a4:74:34:1d:73:f5:39:50:19:39:dd:f6:5a:4f:c1:
64:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A0:F1:B3:E3:AF:B9:54:07:59:E7:F2:6C:21:7F:34:ED:D7:D8:B4
X509v3 Authority Key Identifier:
keyid:42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/YqDxs-OvuVQHWefybCF_NO3X2LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.136.0/21
83.174.148.0/23
83.174.151.0-83.174.154.255
83.174.156.0/22
185.42.208.0/24
185.254.216.0/23
185.254.219.0/24
IPv6:
2a01:6320::/32
2a05:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
70:4a:16:f9:d5:aa:0b:b4:9c:5b:72:42:2a:9b:51:3a:04:2a:
67:7d:76:ba:2e:7a:31:66:dd:52:15:b9:54:39:45:a6:41:39:
6d:3e:14:d3:32:90:9a:64:88:0c:8b:f5:83:45:39:de:88:da:
73:82:84:bb:3b:4d:7f:68:25:36:f6:25:3b:64:43:bc:55:fe:
45:1f:2f:1e:6f:43:5c:c8:60:05:b7:b1:9c:74:28:b8:c5:de:
f5:ca:02:6e:1e:6f:52:08:1d:78:35:e4:bb:12:c6:af:05:bf:
ae:38:f3:12:74:0a:8d:d3:e2:21:37:d8:58:01:7b:19:0b:3d:
69:40:58:46:39:c4:bd:59:26:43:11:b0:3d:b9:f4:c5:66:c1:
c4:7a:3c:9d:31:52:12:40:44:c9:7d:cf:73:10:17:ef:af:ec:
96:9b:37:9a:35:cd:10:98:79:c9:e1:ae:f3:a4:68:8c:cf:8b:
e3:e6:16:04:58:58:71:66:be:c4:f2:04:c3:fe:c3:c4:4c:2d:
18:1d:e7:4f:55:94:e0:90:51:e8:8c:1d:8c:8d:dc:9c:be:8c:
e3:0c:67:e3:a5:15:0f:6d:5a:1b:59:25:2d:ac:3e:2e:5f:04:
34:da:62:c9:54:31:a9:56:6d:6a:bc:28:5b:d8:8f:ce:ad:3a:
19:0e:ed:8a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZnOZ9//R6swKrS3Vnw3FoC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWJhZTk4OTg5OGQ5NDAyNDI0YWFkYWZiYjQ3YzNhNmQ0
YzI1YjMwHhcNMjUxMDEwMTM1NTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmEwZjFiM2UzYWZiOTU0MDc1OWU3ZjI2YzIxN2YzNGVkZDdkOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypCOVy640ZL2XGgW6pUh+JEDevGF
3hDE4YejDmAkcm3GDUXlBZ8kcvnzlJ4vCLDVXBHEyAsRFFINXk1eLptAoqJmw9H+
LP7wZ9IaMB5XkwwK9vvxYDWs2aAapvj9a3/L8BPyqjhG8cSFRPvbMGvPgP0ss9nu
bG4Y/z8t/3ouUdZL7OeSVdfxRAN6/52Jhk43IBAMR0aSbpM7zK8OKMhcGd3+v8f5
Fg8LSf03D0CJas/2CNQtvLMWhn0X2Elkwj3e+zEJ/5UOerm1M2nQFv3Kq+5yHOtv
kSjpQSNeQ5uDJ+Zx+pRFcCGEzLiQSoG2ZrukdDQdc/U5UBk53fZaT8FkfwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGKg8bPjr7lUB1nn8mwhfzTt19i0MB8GA1UdIwQY
MBaAFEIbrpiYmNlAJCSq2vu0fDptTCWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUt
NjdlZmNiM2Q4NmZlLzEvWXFEeHMtT3Z1VlFIV2VmeWJDRl9OTzNYMkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUtNjdlZmNiM2Q4NmZl
LzEvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA4BAIAATAyAwQDLvWIAwQB
U66UMAwDBABTrpcDBABTrpoDBAJTrpwDBAC5KtADBAG5/tgDBAC5/tswFAQCAAIw
DgMFACoBYyADBQMqBd7AMA0GCSqGSIb3DQEBCwUAA4IBAQBwShb51aoLtJxbckIq
m1E6BCpnfXa6LnoxZt1SFblUOUWmQTltPhTTMpCaZIgMi/WDRTneiNpzgoS7O01/
aCU29iU7ZEO8Vf5FHy8eb0NcyGAFt7GcdCi4xd71ygJuHm9SCB14NeS7EsavBb+u
OPMSdAqN0+IhN9hYAXsZCz1pQFhGOcS9WSZDEbA9ufTFZsHEejydMVISQETJfc9z
EBfvr+yWmzeaNc0QmHnJ4a7zpGiMz4vj5hYEWFhxZr7E8gTD/sPETC0YHedPVZTg
kFHojB2MjdycvozjDGfjpRUPbVobWSUtrD4uXwQ02mLJVDGpVm1qvChb2I/OrToZ
Du2K
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:24:54 2025 by rpki-client