Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Y9dsLFqisNxUPX71m3LtAeDtLIk.roa
File: Y9dsLFqisNxUPX71m3LtAeDtLIk.roa (raw, json)
Hash identifier: reNcduh09ERErdZziIpW/z7aUXSWr9VEJ9+IRQL0fMA=
Subject key identifier: 63:D7:6C:2C:5A:A2:B0:DC:54:3D:7E:F5:9B:72:ED:01:E0:ED:2C:89
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 01979C32C930C45CDA3D9E24A0C68332D21E
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Y9dsLFqisNxUPX71m3LtAeDtLIk.roa
Signing time: Mon 23 Jun 2025 09:51:03 +0000
ROA not before: Mon 23 Jun 2025 09:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8881
IP address blocks: 84.55.0.0/24 maxlen: 24
84.55.2.0/24 maxlen: 24
84.55.4.0/24 maxlen: 24
84.55.5.0/24 maxlen: 24
84.55.6.0/24 maxlen: 24
84.55.7.0/24 maxlen: 24
88.223.172.0/24 maxlen: 24
88.223.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:32:c9:30:c4:5c:da:3d:9e:24:a0:c6:83:32:d2:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Jun 23 09:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63d76c2c5aa2b0dc543d7ef59b72ed01e0ed2c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c7:a8:fc:c2:94:c5:21:0d:03:f8:94:78:1b:
52:b1:6e:7e:fd:56:69:2e:3b:aa:82:08:67:4f:64:
b9:cc:ea:75:56:73:29:e3:a6:62:24:fb:53:a5:a1:
6b:c9:90:ca:28:49:88:d9:01:c3:bf:67:5d:c9:30:
75:6a:e6:1f:57:0a:79:8f:c1:40:08:7c:bc:f4:f2:
a0:9d:10:92:5c:1e:5d:fd:27:27:a7:da:5f:31:0d:
da:42:e0:a0:f2:de:70:7f:de:8b:72:47:e7:1d:45:
e0:6d:bc:20:0f:ce:6f:6e:59:8a:08:4d:a4:2a:db:
b4:52:97:34:2e:bb:99:79:0b:0f:0c:92:89:4d:99:
5c:8a:90:7f:f2:8f:72:42:a2:36:d5:12:1a:92:2f:
f0:cc:d8:96:04:96:a5:24:a6:a0:61:eb:3b:81:34:
92:e3:8a:dd:de:b1:df:b3:8d:ad:50:3d:08:a9:39:
13:37:87:11:68:da:8f:03:3e:1a:0f:86:dc:6b:9b:
29:ff:1a:dc:09:d5:07:9e:f0:38:ee:02:4a:e8:04:
94:91:6e:e8:c0:1d:5f:97:b8:1d:c4:eb:9f:08:f7:
09:41:d3:1a:bc:4b:83:a5:86:13:12:41:a6:7a:09:
18:f6:2c:b1:e6:c9:9c:ae:06:e8:73:19:38:ef:23:
82:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D7:6C:2C:5A:A2:B0:DC:54:3D:7E:F5:9B:72:ED:01:E0:ED:2C:89
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Y9dsLFqisNxUPX71m3LtAeDtLIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.0.0/24
84.55.2.0/24
84.55.4.0/22
88.223.172.0/23
Signature Algorithm: sha256WithRSAEncryption
34:02:5d:9e:5e:08:8b:40:db:a2:1c:33:a9:ab:a6:0b:81:bd:
ac:b1:fe:bc:cd:6a:6c:ab:f6:06:fa:b9:2d:14:bf:2e:33:c7:
dd:42:15:60:a2:5b:b1:59:f0:ac:49:1e:cc:4b:e9:e6:f0:b6:
09:9b:bb:76:f0:a0:ed:f7:34:93:e8:73:bc:bf:d4:ed:7d:cf:
29:17:b9:16:28:93:24:6a:84:c8:eb:de:b2:35:8d:c3:b3:df:
8d:34:db:b0:b8:a9:ed:0b:ee:c0:9f:80:d1:91:c2:d1:2c:a5:
bb:aa:69:5d:19:25:19:39:38:a6:d7:53:3e:f1:8d:d3:20:7d:
f1:42:8a:8f:5b:af:55:fc:f1:27:e9:c4:33:7f:8b:04:c4:19:
39:3a:15:3d:a4:04:fe:7c:4a:31:0a:da:18:30:0c:aa:d5:30:
06:7f:b2:9d:e9:b2:b6:1c:e0:73:1a:fd:97:b7:55:b7:cb:30:
97:b7:da:6a:a9:d4:3f:c0:93:e5:ec:6a:10:74:54:ea:f5:0c:
2d:22:71:e6:2d:78:fb:73:42:b5:06:e4:c7:9c:5d:c7:ab:a0:
c4:1f:2b:0c:87:ff:a2:f2:b0:5b:5a:59:a4:df:1d:cb:85:89:
c2:30:e3:06:86:4b:15:c8:ef:ce:aa:b5:68:1b:80:da:90:85:
41:81:2a:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZecMskwxFzaPZ4koMaDMtIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwNjIzMDk1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Q3NmMyYzVhYTJiMGRjNTQzZDdlZjU5YjcyZWQwMWUwZWQyYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8eo/MKUxSENA/iUeBtSsW5+/VZp
LjuqgghnT2S5zOp1VnMp46ZiJPtTpaFryZDKKEmI2QHDv2ddyTB1auYfVwp5j8FA
CHy89PKgnRCSXB5d/Scnp9pfMQ3aQuCg8t5wf96LckfnHUXgbbwgD85vblmKCE2k
Ktu0Upc0LruZeQsPDJKJTZlcipB/8o9yQqI21RIaki/wzNiWBJalJKagYes7gTSS
44rd3rHfs42tUD0IqTkTN4cRaNqPAz4aD4bca5sp/xrcCdUHnvA47gJK6ASUkW7o
wB1fl7gdxOufCPcJQdMavEuDpYYTEkGmegkY9iyx5smcrgbocxk47yOC2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGPXbCxaorDcVD1+9Zty7QHg7SyJMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvWTlkc0xGcWlzTnhVUFg3MW0zTHRBZUR0TElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVDcAAwQA
VDcCAwQCVDcEAwQBWN+sMA0GCSqGSIb3DQEBCwUAA4IBAQA0Al2eXgiLQNuiHDOp
q6YLgb2ssf68zWpsq/YG+rktFL8uM8fdQhVgoluxWfCsSR7MS+nm8LYJm7t28KDt
9zST6HO8v9Ttfc8pF7kWKJMkaoTI696yNY3Ds9+NNNuwuKntC+7An4DRkcLRLKW7
qmldGSUZOTim11M+8Y3TIH3xQoqPW69V/PEn6cQzf4sExBk5OhU9pAT+fEoxCtoY
MAyq1TAGf7Kd6bK2HOBzGv2Xt1W3yzCXt9pqqdQ/wJPl7GoQdFTq9QwtInHmLXj7
c0K1BuTHnF3Hq6DEHysMh/+i8rBbWlmk3x3LhYnCMOMGhksVyO/OqrVoG4DakIVB
gSqk
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:57:09 2025 by rpki-client