Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/YLggX1zVSuzWscKfrJDHnrsh8ls.roa
File: YLggX1zVSuzWscKfrJDHnrsh8ls.roa (raw, json)
Hash identifier: 7Jlfup6Pw3zmGnZu3LgfRRcWJ28VWesMcyWjGhyh+m8=
Subject key identifier: 60:B8:20:5F:5C:D5:4A:EC:D6:B1:C2:9F:AC:90:C7:9E:BB:21:F2:5B
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 01978CF9626BA9C255EB229A97DE514E4D37
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/YLggX1zVSuzWscKfrJDHnrsh8ls.roa
Signing time: Fri 20 Jun 2025 10:54:03 +0000
ROA not before: Fri 20 Jun 2025 10:54:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48732
IP address blocks: 195.200.235.0/24 maxlen: 24
2a11:600:150::/48 maxlen: 48
2a11:600:151::/48 maxlen: 48
2a11:601:d000::/36 maxlen: 36
2a11:601:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 13:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:f9:62:6b:a9:c2:55:eb:22:9a:97:de:51:4e:4d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Jun 20 10:54:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60b8205f5cd54aecd6b1c29fac90c79ebb21f25b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:04:28:67:8b:5c:73:7d:de:0a:b2:5e:71:bf:
8d:8c:f0:c6:61:dc:80:61:8d:02:bb:e3:19:e6:a9:
df:0a:36:0d:d8:bf:04:cf:4e:92:45:71:46:13:47:
21:7e:a5:94:a0:df:57:6d:39:4e:09:97:fe:8d:bc:
fe:06:27:6c:1a:c4:6a:ff:67:93:bd:b9:19:28:eb:
3c:be:5f:7a:97:b8:28:f5:c1:f4:8d:6b:61:bc:66:
e8:88:c3:ee:4a:95:26:0b:8d:29:dc:66:c1:13:c2:
d4:11:05:80:7e:37:44:5d:cf:d0:df:66:38:19:71:
7a:0f:39:88:ea:49:fc:3d:2e:01:a0:7e:de:07:dc:
ff:8e:62:37:14:b8:2c:be:05:bd:9d:ad:08:5c:21:
28:37:74:9b:9b:54:3a:3d:c5:85:b2:71:c5:75:de:
27:6b:d8:bd:c5:23:f5:c3:5b:a7:57:8c:17:04:b8:
76:5a:96:1c:ce:a6:ce:7e:fa:19:64:f0:6b:5f:24:
2d:b2:62:7a:52:25:3f:87:72:f6:b9:ae:dc:e3:e1:
7f:46:95:0d:9b:d4:e6:93:69:5d:38:9d:c8:a6:4e:
02:78:2c:44:3f:17:f7:97:e9:2b:e1:95:ed:4e:40:
a9:13:67:36:ab:7c:29:65:19:97:86:ca:5b:b8:48:
fe:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B8:20:5F:5C:D5:4A:EC:D6:B1:C2:9F:AC:90:C7:9E:BB:21:F2:5B
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/YLggX1zVSuzWscKfrJDHnrsh8ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.235.0/24
IPv6:
2a11:600:150::/47
2a11:601:d000::/36
2a11:601:f000::/36
Signature Algorithm: sha256WithRSAEncryption
4b:bc:12:f4:76:ba:85:3f:6d:df:ed:0c:9a:db:4b:6f:0d:d2:
cc:2b:2c:5c:99:8b:16:63:23:3c:7c:bb:30:d7:e2:3b:a0:fa:
ec:50:9b:54:07:fd:63:b0:28:a0:b5:ab:b9:7b:85:2f:13:5b:
23:62:91:8b:77:fe:ea:9c:74:59:c0:9e:1f:b2:09:13:19:91:
41:5f:68:cd:93:05:72:93:b5:0c:6c:08:8b:ce:71:80:95:6b:
3a:5f:8c:a1:30:91:0b:f6:95:e1:af:14:c1:1c:7d:11:8d:1d:
a3:b3:22:8e:50:a7:71:66:50:0f:4b:c3:f6:fa:c2:1a:23:20:
fc:95:79:07:39:bf:67:66:c3:43:ac:2d:68:b7:ab:a9:e1:fa:
ed:3c:bb:87:11:f1:96:c7:49:e0:c5:c7:84:da:d6:57:8b:47:
ff:38:70:ea:90:aa:d2:41:c3:d6:f2:ed:96:e3:ff:1f:1b:bb:
24:d7:a6:77:b6:3c:1f:f4:83:8e:d3:e1:25:57:23:93:e6:c8:
26:07:7e:a7:c2:06:e5:c1:9e:40:c7:b3:a7:c9:5f:53:13:55:
10:4b:9e:0c:eb:4d:d9:18:40:72:96:7c:d1:db:dc:d3:81:34:
30:f6:60:0c:57:47:a5:dc:3a:09:c0:c8:13:0e:ef:88:9f:83:
c4:5a:9c:dc
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZeM+WJrqcJV6yKal95RTk03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjUwNjIwMTA1NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGI4MjA1ZjVjZDU0YWVjZDZiMWMyOWZhYzkwYzc5ZWJiMjFmMjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQQoZ4tcc33eCrJecb+NjPDGYdyA
YY0Cu+MZ5qnfCjYN2L8Ez06SRXFGE0chfqWUoN9XbTlOCZf+jbz+BidsGsRq/2eT
vbkZKOs8vl96l7go9cH0jWthvGboiMPuSpUmC40p3GbBE8LUEQWAfjdEXc/Q32Y4
GXF6DzmI6kn8PS4BoH7eB9z/jmI3FLgsvgW9na0IXCEoN3Sbm1Q6PcWFsnHFdd4n
a9i9xSP1w1unV4wXBLh2WpYczqbOfvoZZPBrXyQtsmJ6UiU/h3L2ua7c4+F/RpUN
m9Tmk2ldOJ3Ipk4CeCxEPxf3l+kr4ZXtTkCpE2c2q3wpZRmXhspbuEj+oQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGC4IF9c1Urs1rHCn6yQx567IfJbMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvWUxnZ1gxelZTdXpXc2NLZnJKREhucnNoOGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQAw8jrMB8E
AgACMBkDBwEqEQYAAVADBgQqEQYB0AMGBCoRBgHwMA0GCSqGSIb3DQEBCwUAA4IB
AQBLvBL0drqFP23f7Qya20tvDdLMKyxcmYsWYyM8fLsw1+I7oPrsUJtUB/1jsCig
tau5e4UvE1sjYpGLd/7qnHRZwJ4fsgkTGZFBX2jNkwVyk7UMbAiLznGAlWs6X4yh
MJEL9pXhrxTBHH0RjR2jsyKOUKdxZlAPS8P2+sIaIyD8lXkHOb9nZsNDrC1ot6up
4frtPLuHEfGWx0ngxceE2tZXi0f/OHDqkKrSQcPW8u2W4/8fG7sk16Z3tjwf9IOO
0+ElVyOT5sgmB36nwgblwZ5Ax7OnyV9TE1UQS54M603ZGEBylnzR29zTgTQw9mAM
V0el3DoJwMgTDu+In4PEWpzc
-----END CERTIFICATE-----
Generated at Thu Jul 3 22:52:19 2025 by rpki-client