
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/kYpZLQ-AuudDB2VaPbw0Spka5lg.roa
File: kYpZLQ-AuudDB2VaPbw0Spka5lg.roa (raw, json)
Hash identifier: 5naLUifPbVvyChqmHEXOpfanoJmyL4cI6dCLv8ZRPLk=
Subject key identifier: 91:8A:59:2D:0F:80:BA:E7:43:07:65:5A:3D:BC:34:4A:99:1A:E6:58
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 01997717E90E07253C6DF926EE35AAFC5B99
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/kYpZLQ-AuudDB2VaPbw0Spka5lg.roa
Signing time: Tue 23 Sep 2025 15:01:19 +0000
ROA not before: Tue 23 Sep 2025 15:01:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 2a10:aa40::/32 maxlen: 32
2a10:aa41::/32 maxlen: 32
2a10:aa42::/32 maxlen: 32
2a10:aa43::/32 maxlen: 32
2a10:aa44::/32 maxlen: 32
2a10:aa45::/32 maxlen: 32
2a10:aa46::/32 maxlen: 32
2a10:aa47::/32 maxlen: 32
2a13:b440::/32 maxlen: 32
2a13:b441::/32 maxlen: 32
2a13:b442::/32 maxlen: 32
2a13:b443::/32 maxlen: 32
2a13:b444::/32 maxlen: 32
2a13:b445::/32 maxlen: 32
2a13:b446::/32 maxlen: 32
2a13:b447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:77:17:e9:0e:07:25:3c:6d:f9:26:ee:35:aa:fc:5b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Sep 23 15:01:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=918a592d0f80bae74307655a3dbc344a991ae658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b2:43:84:4b:01:6d:42:a4:27:b8:89:3e:8b:
df:58:90:e8:1a:4d:6c:35:31:ac:aa:2c:2c:ce:3a:
28:87:1c:1d:30:93:3c:40:5e:0f:43:7e:e7:04:01:
e9:51:fb:11:78:a3:23:30:6b:24:98:60:c2:f2:f7:
ca:e7:34:84:4d:e5:8e:1b:25:3e:20:59:cb:7e:5c:
58:7e:3f:e9:da:19:a9:ce:4a:27:5f:07:38:ee:6c:
d1:f6:d5:f3:85:1c:44:7c:ee:ef:34:01:db:bb:fc:
ac:c6:51:02:ca:53:5a:9f:c3:b0:7e:de:d9:f0:7b:
79:79:b2:0a:aa:b6:b1:9b:99:0b:00:56:c6:ed:29:
02:ee:e9:42:e9:73:58:bb:14:5f:81:d3:2c:a0:9b:
84:5a:3d:8b:8d:65:57:5a:60:97:61:e3:79:11:0a:
51:03:5a:d3:3e:9f:02:54:6a:cd:99:63:74:b4:b9:
20:44:83:ab:a0:1b:d2:a0:b6:d3:df:80:36:d6:73:
a1:0d:09:74:91:47:a9:af:84:7b:74:b5:b7:fa:85:
3e:52:d0:1d:ef:b4:55:a7:98:b7:4f:6f:aa:82:1e:
7a:90:70:67:c9:f7:52:7a:4b:77:d1:75:be:e1:f2:
19:b1:7b:28:72:7f:60:0b:59:5d:24:05:38:89:83:
cc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8A:59:2D:0F:80:BA:E7:43:07:65:5A:3D:BC:34:4A:99:1A:E6:58
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/kYpZLQ-AuudDB2VaPbw0Spka5lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:aa40::/29
2a13:b440::/29
Signature Algorithm: sha256WithRSAEncryption
4a:63:65:7c:42:62:ec:9b:33:78:e7:98:0f:5e:79:4e:3c:79:
7c:da:66:6c:aa:e2:e0:49:57:a0:a8:ab:69:2a:1a:b4:9b:74:
59:1c:94:32:06:fe:23:a6:8d:f7:82:a9:12:59:1f:53:58:27:
73:03:61:e6:cd:47:00:28:25:34:85:34:33:23:8d:17:94:fc:
94:25:76:a8:09:8e:3a:1f:a8:5e:27:23:fc:9f:b2:3c:0d:6a:
67:bf:aa:cd:32:e4:40:e8:90:9e:20:46:d4:17:fe:bb:15:b4:
7a:99:e1:29:55:99:fd:c1:ce:9b:53:07:46:98:63:d4:46:20:
b8:95:94:8c:05:6c:a6:55:bc:4c:a4:42:75:da:15:64:fb:73:
fe:86:2a:3e:4d:89:61:c2:e5:eb:a2:6d:97:01:cb:c9:30:24:
6d:94:e7:71:d3:c2:89:40:7c:87:55:39:7a:58:85:36:96:e7:
2f:f8:77:09:7a:eb:0f:ae:7e:62:23:4d:70:e9:e4:2c:58:97:
57:85:42:e0:a3:2c:37:12:c9:da:e2:e3:4c:98:11:18:87:3d:
80:3f:91:50:a2:67:03:8e:9a:e9:11:29:48:62:51:8e:92:50:
80:42:15:de:bb:4d:a7:4f:a0:06:91:e0:c9:c0:b0:6c:7c:82:
34:3d:6b:c6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZl3F+kOByU8bfkm7jWq/FuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwOTIzMTUwMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MThhNTkyZDBmODBiYWU3NDMwNzY1NWEzZGJjMzQ0YTk5MWFlNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrJDhEsBbUKkJ7iJPovfWJDoGk1s
NTGsqiwszjoohxwdMJM8QF4PQ37nBAHpUfsReKMjMGskmGDC8vfK5zSETeWOGyU+
IFnLflxYfj/p2hmpzkonXwc47mzR9tXzhRxEfO7vNAHbu/ysxlECylNan8Owft7Z
8Ht5ebIKqraxm5kLAFbG7SkC7ulC6XNYuxRfgdMsoJuEWj2LjWVXWmCXYeN5EQpR
A1rTPp8CVGrNmWN0tLkgRIOroBvSoLbT34A21nOhDQl0kUepr4R7dLW3+oU+UtAd
77RVp5i3T2+qgh56kHBnyfdSekt30XW+4fIZsXsocn9gC1ldJAU4iYPMcQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJGKWS0PgLrnQwdlWj28NEqZGuZYMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEva1lwWkxRLUF1dWREQjJWYVBidzBTcGthNWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhCqQAMF
AyoTtEAwDQYJKoZIhvcNAQELBQADggEBAEpjZXxCYuybM3jnmA9eeU48eXzaZmyq
4uBJV6Coq2kqGrSbdFkclDIG/iOmjfeCqRJZH1NYJ3MDYebNRwAoJTSFNDMjjReU
/JQldqgJjjofqF4nI/yfsjwName/qs0y5EDokJ4gRtQX/rsVtHqZ4SlVmf3BzptT
B0aYY9RGILiVlIwFbKZVvEykQnXaFWT7c/6GKj5NiWHC5euibZcBy8kwJG2U53HT
wolAfIdVOXpYhTaW5y/4dwl66w+ufmIjTXDp5CxYl1eFQuCjLDcSydri40yYERiH
PYA/kVCiZwOOmukRKUhiUY6SUIBCFd67TadPoAaR4MnAsGx8gjQ9a8Y=
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:05 2025 by rpki-client