Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YQ9Y8mt0ihX-1hkt028wgnIveVM.roa
File: YQ9Y8mt0ihX-1hkt028wgnIveVM.roa (raw, json)
Hash identifier: 2Za3dQMpt5hHnoKCpKq9CmdrcwegpUJWhl7wmxiI9U0=
Subject key identifier: 61:0F:58:F2:6B:74:8A:15:FE:D6:19:2D:D3:6F:30:82:72:2F:79:53
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0198A28335F43A02B096CE2BF6B22057BC30
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YQ9Y8mt0ihX-1hkt028wgnIveVM.roa
Signing time: Wed 13 Aug 2025 08:19:24 +0000
ROA not before: Wed 13 Aug 2025 08:19:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401838
IP address blocks: 84.55.6.0/24 maxlen: 24
84.55.16.0/24 maxlen: 24
84.55.19.0/24 maxlen: 24
84.55.21.0/24 maxlen: 24
84.55.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:83:35:f4:3a:02:b0:96:ce:2b:f6:b2:20:57:bc:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Aug 13 08:19:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=610f58f26b748a15fed6192dd36f3082722f7953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:78:bf:36:9f:03:ee:1c:ba:23:ea:ac:a5:37:
0d:ea:92:56:90:53:65:0e:dd:b0:10:1c:a7:9d:dc:
b4:f5:08:de:de:6e:43:49:4e:b3:67:4e:19:14:fe:
e3:09:4a:4d:44:33:0d:9d:c9:72:91:e9:36:c3:67:
1d:66:4f:87:df:0c:35:f6:0b:03:3c:cd:bf:28:59:
7b:1b:00:59:22:e7:f7:1e:98:80:8a:99:e8:a8:59:
81:47:b4:a8:3b:1f:fa:eb:4a:fc:63:3c:e7:9b:ab:
d2:cc:3d:7e:eb:70:7d:88:dc:5d:4b:0f:06:65:5d:
9d:d6:f5:1f:40:44:b0:50:55:f0:3d:93:39:fc:a0:
b0:0d:07:f9:f1:bb:94:01:57:b1:c6:c0:3e:4e:03:
24:cf:64:90:64:98:de:31:ac:03:e4:ae:66:0d:db:
a6:e3:cd:fd:b8:c9:95:9e:d3:43:1b:69:fd:e1:70:
27:fd:a0:ce:3d:4c:e7:3b:4c:00:52:3f:bf:d6:de:
54:74:8f:81:db:4f:c8:d9:a6:fa:79:57:c6:30:81:
76:09:a5:9e:f9:eb:80:2a:ec:3e:ff:33:fa:c6:bd:
f0:9f:be:f2:60:8c:23:d0:e8:7a:2e:82:d3:2d:8a:
22:b9:1b:a1:65:66:1d:0d:57:61:7a:8c:8a:68:54:
e3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:0F:58:F2:6B:74:8A:15:FE:D6:19:2D:D3:6F:30:82:72:2F:79:53
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YQ9Y8mt0ihX-1hkt028wgnIveVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.6.0/24
84.55.16.0/24
84.55.19.0/24
84.55.21.0/24
84.55.23.0/24
Signature Algorithm: sha256WithRSAEncryption
82:ae:2b:cb:2b:91:f6:d5:d7:82:01:50:36:43:f8:4c:2f:e8:
25:29:ce:47:70:50:64:b6:d4:7f:5d:fa:4b:1e:3d:1b:a5:b9:
5c:d3:dd:46:d0:5b:70:cf:b9:25:bf:a3:d0:94:46:c8:c1:13:
66:77:f8:60:ee:a3:0f:96:ca:93:ec:f0:3e:dc:fc:0e:c9:61:
97:01:ce:3d:45:64:ed:c3:3b:d4:4d:88:0a:6c:02:08:9b:22:
53:fd:5d:c8:a8:ee:63:29:6b:8c:7b:41:83:f0:03:26:9b:18:
b4:bd:74:5a:87:42:8f:a6:f7:7d:bf:d9:e3:6d:d2:ad:f4:f8:
f0:7a:49:d1:8f:83:4d:a7:d3:dd:29:8f:66:83:57:d3:43:b5:
5a:50:6c:d2:1e:09:5e:af:d4:f1:d0:a0:5e:52:16:66:19:da:
5e:c6:72:11:4a:fb:29:75:bd:ba:ba:34:51:fc:bc:a8:68:f7:
5b:69:2d:a4:a4:36:63:6b:02:aa:d1:cc:6b:ec:ed:29:64:44:
49:40:f5:91:20:82:70:76:d9:9c:03:c0:1e:6b:1a:c5:c7:d3:
07:38:5d:d4:ec:5f:af:9d:f0:7a:8e:a2:73:26:f8:a7:c1:50:
50:89:f4:d1:f5:2a:40:6c:92:53:b8:32:87:67:37:46:82:5d:
7a:40:02:bc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZiigzX0OgKwls4r9rIgV7wwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwODEzMDgxOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTBmNThmMjZiNzQ4YTE1ZmVkNjE5MmRkMzZmMzA4MjcyMmY3OTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Xi/Np8D7hy6I+qspTcN6pJWkFNl
Dt2wEBynndy09Qje3m5DSU6zZ04ZFP7jCUpNRDMNnclykek2w2cdZk+H3ww19gsD
PM2/KFl7GwBZIuf3HpiAipnoqFmBR7SoOx/660r8Yzznm6vSzD1+63B9iNxdSw8G
ZV2d1vUfQESwUFXwPZM5/KCwDQf58buUAVexxsA+TgMkz2SQZJjeMawD5K5mDdum
4839uMmVntNDG2n94XAn/aDOPUznO0wAUj+/1t5UdI+B20/I2ab6eVfGMIF2CaWe
+euAKuw+/zP6xr3wn77yYIwj0Oh6LoLTLYoiuRuhZWYdDVdheoyKaFTjJQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGEPWPJrdIoV/tYZLdNvMIJyL3lTMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvWVE5WThtdDBpaFgtMWhrdDAyOHdnbkl2ZVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVDcGAwQA
VDcQAwQAVDcTAwQAVDcVAwQAVDcXMA0GCSqGSIb3DQEBCwUAA4IBAQCCrivLK5H2
1deCAVA2Q/hML+glKc5HcFBkttR/XfpLHj0bpblc091G0Ftwz7klv6PQlEbIwRNm
d/hg7qMPlsqT7PA+3PwOyWGXAc49RWTtwzvUTYgKbAIImyJT/V3IqO5jKWuMe0GD
8AMmmxi0vXRah0KPpvd9v9njbdKt9PjweknRj4NNp9PdKY9mg1fTQ7VaUGzSHgle
r9Tx0KBeUhZmGdpexnIRSvspdb26ujRR/LyoaPdbaS2kpDZjawKq0cxr7O0pZERJ
QPWRIIJwdtmcA8AeaxrFx9MHOF3U7F+vnfB6jqJzJvinwVBQifTR9SpAbJJTuDKH
ZzdGgl16QAK8
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:18:25 2025 by rpki-client