
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/YmmMQQPClm4aJNcHY4nqMmKzxKo.roa
File: YmmMQQPClm4aJNcHY4nqMmKzxKo.roa (raw, json)
Hash identifier: t9N6GySKPe1l1d/1ycrJCeRhS1dtKqOZa7fj5PMZRB8=
Subject key identifier: 62:69:8C:41:03:C2:96:6E:1A:24:D7:07:63:89:EA:32:62:B3:C4:AA
Certificate issuer: /CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Certificate serial: 01990A3A99174343FECF9D8D9C4F3998E259
Authority key identifier: ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/YmmMQQPClm4aJNcHY4nqMmKzxKo.roa
Signing time: Tue 02 Sep 2025 11:40:36 +0000
ROA not before: Tue 02 Sep 2025 11:40:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.89.128.0/22 maxlen: 22
2a0b:a200::/48 maxlen: 48
2a0b:a200:1::/48 maxlen: 48
2a0b:a200:2::/48 maxlen: 48
2a0b:a200:3::/48 maxlen: 48
2a0b:a200:4::/48 maxlen: 48
2a0b:a200:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0a:3a:99:17:43:43:fe:cf:9d:8d:9c:4f:39:98:e2:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Validity
Not Before: Sep 2 11:40:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62698c4103c2966e1a24d7076389ea3262b3c4aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c8:2b:4c:48:7a:21:21:24:1a:0c:1f:5f:e8:
1a:f1:3d:38:07:18:53:ae:b5:7a:9d:8f:6c:03:83:
6d:05:ec:26:05:6d:ed:83:27:42:1b:a7:ee:85:5b:
cc:de:08:a0:5e:52:5d:15:00:97:e9:a6:2a:76:94:
22:be:72:66:4b:0e:ad:02:32:1e:cb:84:1c:9a:dd:
77:ab:60:b4:e8:00:a7:0c:5a:51:b8:5e:29:81:6a:
3f:8a:43:de:6d:1a:7a:67:0e:c7:8e:19:f6:2b:2d:
2d:58:6c:0d:2d:b2:c9:72:31:99:cc:ef:49:3a:21:
82:5e:0f:87:50:fa:4e:73:8c:a2:00:71:c7:ef:9f:
50:c5:32:20:6e:dd:fd:a1:b8:dd:39:b3:7d:0b:9f:
f0:74:86:82:3b:6e:db:12:b6:e2:4d:13:fc:9a:7f:
19:cf:74:00:f2:52:29:6b:9f:dd:83:77:ab:34:c9:
47:df:5c:a6:e3:6c:ff:c4:0a:68:ac:34:88:da:ef:
96:0c:df:4d:4a:e7:1e:80:81:8f:f3:cc:c2:78:b2:
1d:fb:2d:5d:69:55:4e:ac:da:4b:5d:fe:67:fe:b8:
a0:ff:a5:2c:52:32:52:e8:68:48:5b:6f:bf:f7:45:
25:2c:0a:53:8f:c1:bd:d2:b2:bd:21:4a:f4:ec:e8:
5c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:69:8C:41:03:C2:96:6E:1A:24:D7:07:63:89:EA:32:62:B3:C4:AA
X509v3 Authority Key Identifier:
keyid:ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/YmmMQQPClm4aJNcHY4nqMmKzxKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.128.0/22
IPv6:
2a0b:a200::-2a0b:a200:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
53:58:84:4b:fc:ac:7b:a6:ea:bb:85:29:e9:6c:a4:0a:02:b0:
05:b3:e2:a3:87:b1:ce:89:ee:96:99:44:35:25:d2:71:26:0a:
b0:42:c6:b4:da:69:30:3f:82:d8:74:bf:16:b5:5d:ba:2c:2a:
5f:f8:d7:b6:ee:39:f9:a1:1f:aa:4e:6f:5c:35:83:00:ff:57:
dd:ca:34:32:df:f7:70:d6:1b:98:5c:4a:e9:69:b3:e7:dd:cf:
7e:6e:da:0c:27:4f:59:de:46:58:18:fa:4c:c4:2d:87:6e:5c:
b8:d4:6a:e3:8d:aa:d5:16:e9:db:b6:9c:72:3e:72:ba:5f:3b:
5b:6d:13:8e:a0:ac:da:62:75:76:5a:02:8b:fe:56:72:cb:ad:
73:e7:a2:4f:9c:06:dc:93:ca:08:f4:81:ce:6a:bb:da:f6:e3:
e9:59:b6:95:c5:ba:b3:1b:13:6b:73:b3:8c:90:78:4d:20:36:
b3:3c:78:df:84:e6:ce:e0:24:31:9d:fd:c9:6e:b7:f4:7c:cf:
85:25:82:3e:ec:97:1f:a7:be:5b:95:0d:0b:f7:85:80:11:92:
5f:bc:24:5c:2b:bd:4a:5a:dd:eb:a1:70:b3:dc:f8:17:aa:c6:
e1:11:11:89:69:a8:e7:08:66:15:87:f8:4b:c9:44:34:80:da:
77:50:87:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkKOpkXQ0P+z52NnE85mOJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjI0YzU5MDAyN2E1YThjOWVlYjM2OTcyNmU0YTYzMGNk
ZjQxNGMwHhcNMjUwOTAyMTE0MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjY5OGM0MTAzYzI5NjZlMWEyNGQ3MDc2Mzg5ZWEzMjYyYjNjNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsgrTEh6ISEkGgwfX+ga8T04BxhT
rrV6nY9sA4NtBewmBW3tgydCG6fuhVvM3gigXlJdFQCX6aYqdpQivnJmSw6tAjIe
y4Qcmt13q2C06ACnDFpRuF4pgWo/ikPebRp6Zw7Hjhn2Ky0tWGwNLbLJcjGZzO9J
OiGCXg+HUPpOc4yiAHHH759QxTIgbt39objdObN9C5/wdIaCO27bErbiTRP8mn8Z
z3QA8lIpa5/dg3erNMlH31ym42z/xAporDSI2u+WDN9NSucegIGP88zCeLId+y1d
aVVOrNpLXf5n/rig/6UsUjJS6GhIW2+/90UlLApTj8G90rK9IUr07OhclwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJpjEEDwpZuGiTXB2OJ6jJis8SqMB8GA1UdIwQY
MBaAFO1iTFkAJ6Woye6zaXJuSmMM30FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5Nzgt
YTdiZTVmYTBmZjY1LzEvWW1tTVFRUENsbTRhSk5jSFk0bnFNbUt6eEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5NzgtYTdiZTVmYTBmZjY1
LzEvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQCLVmAMBcE
AgACMBEwDwMEASoLogMHASoLogAABDANBgkqhkiG9w0BAQsFAAOCAQEAU1iES/ys
e6bqu4Up6WykCgKwBbPio4exzonulplENSXScSYKsELGtNppMD+C2HS/FrVduiwq
X/jXtu45+aEfqk5vXDWDAP9X3co0Mt/3cNYbmFxK6Wmz593Pfm7aDCdPWd5GWBj6
TMQth25cuNRq442q1Rbp27accj5yul87W20TjqCs2mJ1dloCi/5Wcsutc+eiT5wG
3JPKCPSBzmq72vbj6Vm2lcW6sxsTa3OzjJB4TSA2szx434TmzuAkMZ39yW639HzP
hSWCPuyXH6e+W5UNC/eFgBGSX7wkXCu9Slrd66Fws9z4F6rG4RERiWmo5whmFYf4
S8lENIDad1CHOA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:52 2025 by rpki-client