Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/cyBS3fAo042cEWYq-ULKBfWmEYM.roa
File: cyBS3fAo042cEWYq-ULKBfWmEYM.roa (raw, json)
Hash identifier: lGLWllBey91le8GZeS3K6F+EddIaYMAhM6BNqVcxruc=
Subject key identifier: 73:20:52:DD:F0:28:D3:8D:9C:11:66:2A:F9:42:CA:05:F5:A6:11:83
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0197F1707585574BB2A3F11B184B416F1F1B
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/cyBS3fAo042cEWYq-ULKBfWmEYM.roa
Signing time: Wed 09 Jul 2025 23:06:08 +0000
ROA not before: Wed 09 Jul 2025 23:06:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202635
IP address blocks: 86.110.32.0/24 maxlen: 24
86.110.35.0/24 maxlen: 24
86.110.38.0/24 maxlen: 24
86.110.39.0/24 maxlen: 24
86.110.43.0/24 maxlen: 24
86.110.45.0/24 maxlen: 24
185.158.176.0/22 maxlen: 24
185.193.60.0/22 maxlen: 24
185.244.100.0/22 maxlen: 24
2a13:ca40::/32 maxlen: 32
2a13:ca41::/32 maxlen: 32
2a13:ca42::/32 maxlen: 32
2a13:ca43::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f1:70:75:85:57:4b:b2:a3:f1:1b:18:4b:41:6f:1f:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Jul 9 23:06:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=732052ddf028d38d9c11662af942ca05f5a61183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:04:d7:94:db:c4:d1:74:44:eb:32:be:fa:95:
ec:5b:dc:06:74:52:aa:7b:75:c6:e8:e3:fe:33:54:
dd:e7:99:e8:35:eb:78:0e:41:98:ae:50:95:ca:d4:
1d:99:fd:e8:46:9a:79:d5:97:3d:38:26:f4:83:70:
d1:dc:ff:f3:b5:2e:fd:f3:7a:6a:b8:93:f8:e2:4c:
6d:16:01:50:03:8d:b2:6a:c0:08:4d:a3:96:00:c8:
9e:e5:fd:4c:dd:f1:7b:f1:1d:0c:17:05:7a:35:15:
80:6e:a9:4e:30:73:2a:bc:36:37:2d:50:39:1b:d3:
79:79:fe:4f:95:7d:09:4e:85:4d:e5:fc:00:cd:35:
6b:61:dd:74:19:fe:d6:ee:3a:aa:57:79:0d:a6:d0:
ef:c3:d8:e5:74:1b:13:8a:7e:65:a4:4c:29:65:b9:
3d:0c:b9:39:29:43:49:7d:62:10:4e:c4:ff:3d:b1:
e0:ff:cd:b8:23:ab:29:2f:4d:17:7e:f2:80:ed:55:
9f:b7:f3:28:10:d6:81:f0:2e:80:3d:bf:df:9a:6a:
e6:8e:32:15:21:a0:eb:c2:75:77:64:5e:05:f9:9c:
77:f3:a1:0d:d8:5c:a2:61:d5:b5:41:8d:73:f2:ee:
d0:71:63:36:9b:38:5c:d7:aa:63:c7:ec:e9:33:25:
85:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:20:52:DD:F0:28:D3:8D:9C:11:66:2A:F9:42:CA:05:F5:A6:11:83
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/cyBS3fAo042cEWYq-ULKBfWmEYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.32.0/24
86.110.35.0/24
86.110.38.0/23
86.110.43.0/24
86.110.45.0/24
185.158.176.0/22
185.193.60.0/22
185.244.100.0/22
IPv6:
2a13:ca40::/30
Signature Algorithm: sha256WithRSAEncryption
3c:ed:d8:e9:54:5e:5d:55:ef:bc:35:35:be:fe:5a:b5:c2:8f:
e7:2a:52:ea:f8:39:48:98:7a:56:c6:fb:28:bc:ae:38:dd:95:
be:a2:98:40:df:9d:7c:3f:ad:e7:29:c3:18:5c:3c:ba:75:63:
27:11:7a:73:cf:8d:58:74:a7:f5:9f:cc:04:22:53:31:ed:5f:
63:a1:a3:fe:eb:dd:a8:bd:94:6a:3f:77:c3:37:af:ec:bb:11:
9b:ea:a8:29:22:3d:e4:9e:ae:77:21:ce:0a:90:d4:46:ef:9c:
ff:58:1d:f5:b3:10:55:89:86:16:26:99:8a:ce:d8:66:1e:d5:
2f:53:bb:8a:5d:ea:44:3c:d3:75:60:38:f8:fe:3b:c7:d5:9d:
4e:28:0c:42:7d:04:6e:07:ff:1a:e0:25:bb:cf:32:00:ac:68:
6d:f5:92:15:94:4c:a3:ef:2b:1d:dc:7e:56:40:bc:e3:20:1e:
d6:da:c9:38:dc:d7:9c:c8:93:a2:30:f8:10:99:3a:a2:c0:7c:
99:1f:8a:c9:da:f8:de:d7:00:22:5a:ff:38:13:06:4c:fb:e1:
a9:83:e3:f4:3b:ab:55:7a:d6:c3:a2:47:01:7b:cb:2a:75:08:
a3:6e:f0:ed:cf:04:81:4f:1d:52:93:92:5c:09:9b:62:6b:55:
e7:5a:d8:62
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZfxcHWFV0uyo/EbGEtBbx8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjUwNzA5MjMwNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzIwNTJkZGYwMjhkMzhkOWMxMTY2MmFmOTQyY2EwNWY1YTYxMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoATXlNvE0XRE6zK++pXsW9wGdFKq
e3XG6OP+M1Td55noNet4DkGYrlCVytQdmf3oRpp51Zc9OCb0g3DR3P/ztS7983pq
uJP44kxtFgFQA42yasAITaOWAMie5f1M3fF78R0MFwV6NRWAbqlOMHMqvDY3LVA5
G9N5ef5PlX0JToVN5fwAzTVrYd10Gf7W7jqqV3kNptDvw9jldBsTin5lpEwpZbk9
DLk5KUNJfWIQTsT/PbHg/824I6spL00XfvKA7VWft/MoENaB8C6APb/fmmrmjjIV
IaDrwnV3ZF4F+Zx386EN2FyiYdW1QY1z8u7QcWM2mzhc16pjx+zpMyWFSwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHMgUt3wKNONnBFmKvlCygX1phGDMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvY3lCUzNmQW8wNDJjRVdZcS1VTEtCZldtRVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAVm4gAwQA
Vm4jAwQBVm4mAwQAVm4rAwQAVm4tAwQCuZ6wAwQCucE8AwQCufRkMA0EAgACMAcD
BQIqE8pAMA0GCSqGSIb3DQEBCwUAA4IBAQA87djpVF5dVe+8NTW+/lq1wo/nKlLq
+DlImHpWxvsovK443ZW+ophA3518P63nKcMYXDy6dWMnEXpzz41YdKf1n8wEIlMx
7V9joaP+692ovZRqP3fDN6/suxGb6qgpIj3knq53Ic4KkNRG75z/WB31sxBViYYW
JpmKzthmHtUvU7uKXepEPNN1YDj4/jvH1Z1OKAxCfQRuB/8a4CW7zzIArGht9ZIV
lEyj7ysd3H5WQLzjIB7W2sk43NecyJOiMPgQmTqiwHyZH4rJ2vje1wAiWv84EwZM
++Gpg+P0O6tVetbDokcBe8sqdQijbvDtzwSBTx1Sk5JcCZtia1XnWthi
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:55:35 2025 by rpki-client